diff --git a/pandora_server/bin/tentacle_server b/pandora_server/bin/tentacle_server index 769713c312..ad8ccc3a6a 100755 --- a/pandora_server/bin/tentacle_server +++ b/pandora_server/bin/tentacle_server @@ -122,6 +122,9 @@ my $t_directory = ''; # Filters my @t_filters; +# Enable (1) or disable (0) insecure mode +my $t_insecure = 0; + # String containing quoted invalid file name characters my $t_invalid_chars = '\?\[\]\/\\\=\+\<\>\:\;\'\,\*\~'; @@ -215,6 +218,7 @@ sub print_help { print ("\t-e cert\t\tOpenSSL certificate file. Enables SSL.\n"); print ("\t-f ca_cert\tVerify that the peer certificate is signed by a ca.\n"); print ("\t-h\t\tShow help.\n"); + print ("\t-I\t\tEnable insecure operations (file listing and moving).\n"); print ("\t-i\t\tFilters.\n"); print ("\t-k key\t\tOpenSSL private key file.\n"); print ("\t-l log_file\t\tFile to write logs.\n"); @@ -278,7 +282,7 @@ sub parse_options { my @t_addresses_tmp; # Get options - if (getopts ('a:b:c:de:f:g:hi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { + if (getopts ('a:b:c:de:f:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { print_help (); exit 1; } @@ -356,6 +360,11 @@ sub parse_options { } } + # Insecure mode + if (defined ($opts{'I'})) { + $t_insecure = 1; + } + # Filters (regexp:dir;regexp:dir...) if (defined ($opts{'i'})) { my @filters = split (';', $opts{'i'}); @@ -850,6 +859,26 @@ sub serve_connection { print_info ("Connection closed from " . $t_client_socket->sockhost ()); last; } + # File listing. + elsif ($command =~ /^LS <(.*)>$/) { + if ($t_insecure == 0) { + print_info ("Insecure mode disabled. Rejected request to list files matched by filter $1 from " . $t_client_socket->sockhost ()); + last; + } + + print_info ("Request to list files matched by filter $1 from " . $t_client_socket->sockhost ()); + send_file_list ($1); + } + # Client wants to move a file + elsif ($command =~ /^MV <(.*)>$/) { + if ($t_insecure == 0) { + print_info ("Insecure mode disabled. Rejected request to move file $1 from " . $t_client_socket->sockhost ()); + last; + } + + print_info ("Request to move file '$1' from " . $t_client_socket->sockhost ()); + move_file ($1); + } # Unknown command else { print_log ("Unknown command '$command' from " . $t_client_socket->sockhost ()); @@ -1055,6 +1084,110 @@ sub error { die("\n"); } +################################################################################ +## SUB move_file +## Send a file to the client and delete it +################################################################################ +sub move_file { + my $base_name = $_[0]; + my $data = ''; + my $file; + my $response; + my $size; + + # Check file name + if ($base_name =~ /[$t_invalid_chars]/) { + print_log ("Requested file '$base_name' from " . $t_client_socket->sockhost () . " has an invalid file name"); + send_data ("MV ERR\n"); + return; + } + + # Apply filters + $file = "$t_directory/" . apply_filters ($base_name) . $base_name; + + # Check if file exists + if (! -f $file) { + print_log ("Requested file '$file' from " . $t_client_socket->sockhost () . " does not exist"); + send_data ("MV ERR\n"); + return; + } + + $size = -s $file; + send_data ("MV SIZE $size\n"); + + # Wait for client response + $response = recv_command ($t_block_size); + if ($response ne "MV OK") { + print_log ("Requested file '$file' from " . $t_client_socket->sockhost () . " not sent"); + return; + } + + # Send the file + open (FILE, $file) || error ("Cannot open file '$file' for reading."); + binmode (FILE); + + while ($data = ) { + send_data ($data); + } + + close (FILE); + unlink($file); + + print_log ("Requested file '$file' from " . $t_client_socket->sockhost () . " sent and deleted"); +} + +################################################################################ +## SUB send_file_list +## Send a list of files to the client after applying the given filter. +################################################################################ +sub send_file_list { + my $filter = $_[0]; + my $data = ''; + my $dir; + my $dh; + my $response; + my $size; + + # Check file name + if ($filter =~ /[$t_invalid_chars]/) { + print_log ("Invalid file listing filter '$filter' from " . $t_client_socket->sockhost ()); + send_data ("LS ERR\n"); + return; + } + + # Apply filters + $dir = "$t_directory/" . apply_filters ($filter); + + # Open the directory. + if (! opendir ($dh, $dir)) { + print_log ("Error opening directory $dir as requested from " . $t_client_socket->sockhost () . ": $!"); + send_data ("LS ERR\n"); + return; + } + + # List files. + while (my $file = readdir ($dh)) { + next if ($file =~ /[$t_invalid_chars]/); # Only list files valid for Tentacle. + next if (-d $file); # Skip directories. + $data .= "$file\n"; + } + closedir $dh; + + $size = length ($data); + send_data ("LS SIZE $size\n"); + + # Wait for client response + $response = recv_command ($t_block_size); + if ($response ne "LS OK") { + print_log ("Requested directory listing from " . $t_client_socket->sockhost () . " not sent"); + return; + } + + send_data ($data); + + print_log ("Requested directory listing from " . $t_client_socket->sockhost () . " sent"); +} + ################################################################################ ## SUB recv_data_proxy ## Recv data from proxy socket. diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index a8be1b3f09..638e487912 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -259,6 +259,11 @@ sub pandora_load_config { $pa_config->{"snmpconsole_threads"} = 1; # 5.1 $pa_config->{"translate_variable_bindings"} = 0; # 5.1 $pa_config->{"translate_enterprise_strings"} = 1; # 5.1 + $pa_config->{"syncserver"} = 0; # 7.0 + $pa_config->{"sync_address"} = ''; # 7.0 + $pa_config->{"sync_port"} = '41121'; # 7.0 + $pa_config->{"sync_timeout"} = 5; # 7.0 + $pa_config->{"sync_retries"} = 2; # 7.0 # Internal MTA for alerts, each server need its own config. $pa_config->{"mta_address"} = '127.0.0.1'; # Introduced on 2.0 @@ -925,6 +930,21 @@ sub pandora_load_config { elsif ($parametro =~ m/^unknown_events\s+([0-1])/i) { $pa_config->{'unknown_events'} = clean_blank($1); } + elsif ($parametro =~ m/^syncserver\s+([0-9]*)/i) { + $pa_config->{'syncserver'}= clean_blank($1); + } + elsif ($parametro =~ m/^sync_address\s+(.*)/i) { + $pa_config->{'sync_address'}= clean_blank($1); + } + elsif ($parametro =~ m/^sync_port\s+([0-9]*)/i) { + $pa_config->{'sync_port'}= clean_blank($1); + } + elsif ($parametro =~ m/^sync_retries\s+([0-9]*)/i) { + $pa_config->{'sync_retries'}= clean_blank($1); + } + elsif ($parametro =~ m/^sync_timeout\s+([0-9]*)/i) { + $pa_config->{'sync_timeout'}= clean_blank($1); + } } # end of loop for parameter # # Set to RDBMS' standard port diff --git a/pandora_server/lib/PandoraFMS/Core.pm b/pandora_server/lib/PandoraFMS/Core.pm index c13ba3b129..aa979a5137 100644 --- a/pandora_server/lib/PandoraFMS/Core.pm +++ b/pandora_server/lib/PandoraFMS/Core.pm @@ -239,7 +239,7 @@ our @EXPORT = qw( # Some global variables our @DayNames = qw(sunday monday tuesday wednesday thursday friday saturday); -our @ServerTypes = qw (dataserver networkserver snmpconsole reconserver pluginserver predictionserver wmiserver exportserver inventoryserver webserver eventserver icmpserver snmpserver satelliteserver); +our @ServerTypes = qw (dataserver networkserver snmpconsole reconserver pluginserver predictionserver wmiserver exportserver inventoryserver webserver eventserver icmpserver snmpserver satelliteserver transactionalserver mfserver syncserver); our @AlertStatus = ('Execute the alert', 'Do not execute the alert', 'Do not execute the alert, but increment its internal counter', 'Cease the alert', 'Recover the alert', 'Reset internal counter'); # Event storm protection (no alerts or events) diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm index e445f963c4..ec48f7a0a3 100755 --- a/pandora_server/lib/PandoraFMS/Tools.pm +++ b/pandora_server/lib/PandoraFMS/Tools.pm @@ -58,6 +58,8 @@ our @EXPORT = qw( SNMPSERVER SATELLITESERVER MFSERVER + TRANSACTIONALSERVER + SYNCSERVER METACONSOLE_LICENSE $DEVNULL $OS @@ -121,6 +123,7 @@ use constant ICMPSERVER => 11; use constant SNMPSERVER => 12; use constant SATELLITESERVER => 13; use constant MFSERVER => 15; +use constant SYNCSERVER => 16; # Module statuses. use constant STATUS_NORMAL => 0;