adding a whole bunch of code here.

lots taken from the original server code in python.


svn path=/branches/new-fu/; revision=267

1 files changed, 130 insertions, 18 deletions

diff --git a/server/scireserver.pl b/server/scireserver.pl
index 30251e5..0d3eb97 100755
--- a/server/scireserver.pl
+++ b/server/scireserver.pl
@@ -7,35 +7,76 @@ use Data::Dumper;
 
 $| = 1;
 
-my $SCIRE_CONFIG_FILE = '../etc/scireserver.conf'; #will be /etc/scire.conf when released.
+my $SCIRE_CONFIG_FILE = '/home/pcody/gentoo/scire-newfu/etc/scireserver.conf'; #will be /etc/scire.conf when released.
 my %conf;
 	
 my $conf_file = (defined($conf{config})) ? $conf{config} : $SCIRE_CONFIG_FILE;
 read_config_file($conf_file);
 Dumper(\%conf);
+
+my $identified = 0;  #Global variable to determine if already identified or not.
+#  Somehow this feels insecure.
+
 #Connect to the Database.
 my $connect_string = "DBI:$conf{db_type}:$conf{db_name};host=$conf{db_host}";
-#print STDERR "Connecting to $connect_string\n";
-my $dbh = DBI->connect($connect_string, $conf{db_user}, $conf{db_passwd},  { RaiseError => 1 }  )
-	or die "Could not connect to database: $DBI::errstr";
+print STDERR "Connecting to $connect_string\n";
+#my $dbh = DBI->connect($connect_string, $conf{db_user}, $conf{db_passwd},  { RaiseError => 1 }  )
+#	or die "Could not connect to database: $DBI::errstr";
 
 while(<>) {
 	chomp( my $line = $_);
-  if($line =~ /^IDENTIFY (.+)$/) {
-    my $rand_int = int(rand(3));
-    if($rand_int == 0) {
-		print "OK\n";
-	} elsif($rand_int == 1) {
-		print "ERROR Unrecognized client key. Please register\n";
-	} elsif($rand_int == 2) {
-		print "ERROR This client has not yet been authorized\n";
+	if ($line =~ /^STARTRESPONSE (.+?) (.+)$/) {  #If it's multi-line, parse accordingly.
+		print STDERR "Handling multiline response\n";
+		my ($size,$md5) = ($1,$2);
+		my $full_cmd = "";
+		while(<>) {
+			my $multi_line = $_;
+			last if $multi_line =~ /^ENDRESPONSE$/;
+			$full_cmd .= $multi_line;
+		}
+		#Verify size and md5. FIXME agaffney can you code this part?
+		#FIXME code what to do. no use yet.  will be used for returning jobs.
+
+	} else {  #Handle normal single-line commands.
+		print STDERR "Handling single-line response\n";
+		print STDERR "DEBUG: line is: $line\n";
+		if($line =~ /^QUIT$/) {
+			print "OK\n";
+			exit;
+		}
+		
+		if ($line =~ /^REGISTER "(.+?)" "(.+)"$/) {
+			my ($mac,$ip) = ($1, $2);
+			register_client($mac, $ip);
+			next; #End switch here.  You can go no further.
+		}
+
+		if($line =~ /^IDENTIFY (.+)$/) {
+			my $fingerprint = $1;
+			identify_client($fingerprint);
+			next; #End switch here.  You can go no further.
+		}
+		unless($identified == 1) {
+			print "ERROR This client has not yet been authorized.  Please identify!\n";
+			next;
+		}
+
+		if ($line =~ /^GET_JOBS(.*)$/) {
+			my @existing_jobs = split(/ /,$1) if defined($1);
+			get_jobs(@existing_jobs);
+		
+		} elsif ($line =~ /^GET_JOB (.+)$/) {
+			my $job = $1;
+			get_job($job);
+		
+		} elsif ($line =~ /^SET_JOB_STATUS (.+?) "(.+)"$/) {
+			my ($jobid,$status) = ($1, $2);
+			set_job_status($jobid,$status);
+		
+		} else {
+			print "ERROR This command $line, is unknown.  Please try again.\n";
+		}
 	}
-  } elsif($line =~ /^QUIT$/) {
-    print "OK\n";
-    exit;
-  } else {
-    print "ERROR Unknown command\n";
-  }
 }
 
 
@@ -55,3 +96,74 @@ sub read_config_file {
 #	print "Conf file $conf_file read.\n";
 }
 
+#New clients must be registered so they can be given a key to use (perhaps for job file transfers?) for authentication.  This must be allowed before identifying.
+sub register_client {
+	my ($mac,$ip) = @_;
+	#Validate your inputs!
+	$mac =~ /^[a-zA-Z0-9\:]+$/ or print "ERROR invalid mac $mac!\n";
+	$ip =~ /^[a-zA-Z0-9\.\:]+$/ or print "ERROR invalid ip $ip!\n";
+
+	my ($query, $status_id, $id);
+	eval {
+		$query = 'SELECT statusid FROM client_status WHERE statusname = "Pending"';
+		print STDERR "DEBUG: Query is $query\n";
+        $status_id = "4"; #db.conn.GetRow($query)
+    };
+	($@) and print "ERROR Could not get status id: $DBI::errstr";
+
+	eval {
+		$query = 'LOCK TABLES `gacl_axo_seq` WRITE';
+		print STDERR "DEBUG: Query is $query\n";
+		#execute it
+		$query = 'SELECT id FROM `gacl_axo_seq`';
+		print STDERR "DEBUG: Query is $query\n";
+		$id = "56"; #execute $query
+		$query = 'UPDATE `gacl_axo_seq` SET id=%s';
+		print STDERR "DEBUG: Query is $query\n";
+		#execute with $id
+		$query = 'UNLOCK TABLES';
+		print STDERR "DEBUG: Query is $query\n";
+	};
+	($@) and print "ERROR during fetching of id sequence: $DBI::errstr";
+	
+	eval {
+		$query = 'INSERT INFO `gacl_axo` (id,section_value,value,order_value,name,hidden VALUES (%s,"clients",%s,1,%s,0)'; 
+		print STDERR "DEBUG: Query is $query\n";
+		#execute with $id, $hostname, $hostname
+		#NOTE: not sure if this query is still valid.  may be using id instead of hostname for one of those two now.
+		
+		$query = 'INSERT INTO clients (clientid,digest,cert,hostname,mac,ip,status) VALUES (%s,%s,%s,%s,%s,%s,%s)';
+		print STDERR "DEBUG: Query is $query\n";
+		#execute with $id, client_cert.digest("sha1"),crypto.dump_certificate(crypto.FILETYPE_PEM,client_cert),$hostname,$mac,$ip,$status_id))
+    };
+	($@) and print "ERROR Could not insert client with $query: $DBI::errstr";
+
+	print "OK\n";
+}
+
+
+#Identify the client by looking up the fingerprint in the database, and matching it up.
+sub identify_client {
+	my $fingerprint = shift;
+	$fingerprint =~ s/"//g;  #Clear the quotes.
+	$fingerprint =~ /^[A-Za-z0-9]+$/ or print "ERROR invalid fingerprint!\n";
+	#Validate your inputs!
+	my $query = 'SELECT client_status.statusname FROM clients JOIN client_status on (clients.status = client_status.statusid) WHERE clients.digest=%s';
+	print STDERR "Query is $query , key is $fingerprint\n";
+	$identified = 1;
+	print "OK\n";
+}
+sub get_jobs {
+	my (@existing_jobs) = (@_);
+	#Validate your inputs!
+ 
+	my $query; 
+}
+sub get_job {
+	my $job = shift;
+	#Validate your inputs!
+}
+sub set_job_status {
+	my ($jobid,$status) = @_;
+	#Validate your inputs!
+}