diff options
-rwxr-xr-x | server/scireserver.pl | 80 |
1 files changed, 47 insertions, 33 deletions
diff --git a/server/scireserver.pl b/server/scireserver.pl index 93c5f8e..6e0d593 100755 --- a/server/scireserver.pl +++ b/server/scireserver.pl @@ -6,6 +6,7 @@ use strict; use warnings; use DBI; use Data::Dumper; +use Digest::MD5 qw(md5 md5_hex ); $| = 1; @@ -43,8 +44,8 @@ sub debug { #Connect to the Database. my $connect_string = "DBI:$conf{db_type}:$conf{db_name};host=$conf{db_host}"; debug("Connecting to $connect_string"); -#my $dbh = DBI->connect($connect_string, $conf{db_user}, $conf{db_passwd}, { RaiseError => 1 } ) -# or die "Could not connect to database: $DBI::errstr"; +my $dbh = DBI->connect($connect_string, $conf{db_user}, $conf{db_passwd}, { RaiseError => 1 } ) + or die "Could not connect to database: $DBI::errstr"; while(<>) { my ($command, @args) = parse_command($_); @@ -57,8 +58,8 @@ while(<>) { } if($command eq "REGISTER") { - my ($mac,$ip) = @args; - register_client($mac, $ip); + my ($mac,$ip,$hostname) = @args; + register_client($mac, $ip, $hostname); next; #End switch here. You can go no further. } @@ -109,18 +110,23 @@ sub read_config_file { #New clients must be registered so they can be given a key to use (perhaps for job file transfers?) for authentication. This must be allowed before identifying. sub register_client { - my ($mac,$ip) = @_; + my ($mac,$ip, $hostname) = @_; #Validate your inputs! $mac =~ /^[a-zA-Z0-9\:]+$/ or print "ERROR invalid mac $mac!\n"; $ip =~ /^[a-zA-Z0-9\.\:]+$/ or print "ERROR invalid ip $ip!\n"; my ($query, $status_id, $id, $sth); + + #Generate the digest + my $digest = md5_hex(time()."${mac}${ip}${hostname}"); + eval { $query = 'SELECT statusid FROM client_status WHERE statusname = "Pending"'; debug("Query is $query"); - $status_id = "4"; #db.conn.GetRow($query) - #$sth = $dbh->prepare($query); - #$status_id = $sth->fetchrow_hashref->{'statusid'}; +# $status_id = "4"; #db.conn.GetRow($query) + $sth = $dbh->prepare($query); + $sth->execute(); + $status_id = $sth->fetchrow_hashref->{'statusid'}; }; ($@) and print "ERROR Could not get status id: $DBI::errstr\n"; @@ -128,59 +134,67 @@ sub register_client { $query = 'LOCK TABLES `gacl_axo_seq` WRITE'; debug("Query is $query"); #execute it - #$dbh->do($query); + $dbh->do($query); $query = 'SELECT id FROM `gacl_axo_seq`'; debug("Query is $query"); - $id = "56"; #execute $query - #$sth = $dbh->prepare($query); - #$id = $sth->fetchrow_hashref->{'id'}; - + #$id = "56"; #execute $query + $sth = $dbh->prepare($query); + $sth->execute(); + $id = $sth->fetchrow_hashref->{'id'}; + $id += 1; $query = 'UPDATE `gacl_axo_seq` SET id=?'; debug("Query is $query"); #execute with $id - #$sth = $dbh->prepare($query); - #$sth->execute($id); + $sth = $dbh->prepare($query); + $sth->execute($id); $query = 'UNLOCK TABLES'; debug("Query is $query"); - #$dbh->do($query); + $dbh->do($query); }; ($@) and print "ERROR during fetching of id sequence: $DBI::errstr\n"; - + eval { - $query = 'INSERT INFO `gacl_axo` (id,section_value,value,order_value,name,hidden VALUES (?,"clients",?,1,?,0)'; + $query = 'INSERT INTO `gacl_axo` (id,section_value,value,order_value,name,hidden) VALUES (?,"clients",?,"1",?,"0")'; debug("Query is $query"); - #$sth = $dbh->prepare($query); - #$sth->execute($id, $hostname, $hostname); + $sth = $dbh->prepare($query); + $sth->execute($id, $hostname, $hostname); #execute with $id, $hostname, $hostname #NOTE: not sure if this query is still valid. may be using id instead of hostname for one of those two now. - $query = 'INSERT INTO clients (clientid,digest,cert,hostname,mac,ip,status) VALUES (?,?,?,?,?,?,?)'; + $query = 'INSERT INTO clients (clientid,digest,hostname,mac,ip,status) VALUES (?,?,?,?,?,?)'; debug("Query is $query"); #execute with $id, client_cert.digest("sha1"),crypto.dump_certificate(crypto.FILETYPE_PEM,client_cert),$hostname,$mac,$ip,$status_id)) - #$sth = $dbh->prepare($query); - #$sth->execute($id,$digest,$hostname,$mac,$ip,$status_id); + $sth = $dbh->prepare($query); + $sth->execute($id,$digest,$hostname,$mac,$ip,$status_id); }; ($@) and print "ERROR Could not insert client with $query: $DBI::errstr\n"; + #FIXME look for "duplicate key" and if found fail and notify admin. - print "OK\n"; + print "OK $digest\n"; } #Identify the client by looking up the fingerprint in the database, and matching it up. sub identify_client { - my $fingerprint = shift; + my $digest = shift; #Validate your inputs! - $fingerprint =~ s/"//g; #Clear the quotes. - $fingerprint =~ /^[A-Za-z0-9]+$/ or print "ERROR invalid fingerprint!\n"; + $digest =~ s/"//g; #Clear the quotes. + $digest =~ /^[A-Za-z0-9]+$/ or print "ERROR invalid digest!\n"; my $query = 'SELECT client_status.statusname, clients.clientid FROM clients JOIN client_status on (clients.status = client_status.statusid) WHERE clients.digest=?'; debug("Query is $query"); - #$sth = $dbh->prepare($query); - #$sth->execute($digest); - #my $status_name = $sth->fetchrow_hashref->{'client_status.statusname'}; - #$client_id = $sth->fetchrow_hashref->{'clients.clientid'}; - $identified = 1; - print "OK\n"; + my $sth = $dbh->prepare($query); + $sth->execute($digest); + my $hashref = $sth->fetchrow_hashref(); + debug(Dumper($hashref)); + my $status_name = $hashref->{'statusname'}; + $client_id = $hashref->{'clientid'}; + if ($client_id > 0) { #and ($status_name eq 'Active') { + $identified = 1; + print "OK\n"; + } else { + print "ERROR Client could not be identified. Status was $status_name\n"; + } } |