';
echo __('Refresh').':';
echo html_print_select(
@@ -187,7 +188,7 @@ $ignored_params['refr'] = '';
var controls = document.getElementById('vc-controls');
autoHideElement(controls, 1000);
- $('select#refr').change(function (event) {
+ $('#vc-controls').change(function (event) {
refr = Number.parseInt(event.target.value, 10);
startCountDown(refr, false);
});
diff --git a/pandora_console/pandora_console.redhat.spec b/pandora_console/pandora_console.redhat.spec
index 7a54e6069d..573a742276 100644
--- a/pandora_console/pandora_console.redhat.spec
+++ b/pandora_console/pandora_console.redhat.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.738
-%define release 190905
+%define release 190923
# User and Group under which Apache is running
%define httpd_name httpd
diff --git a/pandora_console/pandora_console.rhel7.spec b/pandora_console/pandora_console.rhel7.spec
index 08a7875cf1..7e44602da4 100644
--- a/pandora_console/pandora_console.rhel7.spec
+++ b/pandora_console/pandora_console.rhel7.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.738
-%define release 190905
+%define release 190923
# User and Group under which Apache is running
%define httpd_name httpd
diff --git a/pandora_console/pandora_console.spec b/pandora_console/pandora_console.spec
index 96873768d8..659938b9aa 100644
--- a/pandora_console/pandora_console.spec
+++ b/pandora_console/pandora_console.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.738
-%define release 190905
+%define release 190923
%define httpd_name httpd
# User and Group under which Apache is running
%define httpd_name apache2
diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql
index d1de66ab07..3786c4dad3 100644
--- a/pandora_console/pandoradb.sql
+++ b/pandora_console/pandoradb.sql
@@ -1455,6 +1455,7 @@ CREATE TABLE IF NOT EXISTS `treport_content` (
`current_month` TINYINT(1) DEFAULT '1',
`failover_mode` tinyint(1) DEFAULT '1',
`failover_type` tinyint(1) DEFAULT '1',
+ `uncompressed_module` TINYINT DEFAULT '0',
PRIMARY KEY(`id_rc`),
FOREIGN KEY (`id_report`) REFERENCES treport(`id_report`)
ON UPDATE CASCADE ON DELETE CASCADE
@@ -2438,14 +2439,17 @@ CREATE TABLE IF NOT EXISTS `tdashboard` (
-- Table `tdatabase`
-- ---------------------------------------------------------------------
CREATE TABLE IF NOT EXISTS `tdatabase` (
- `id` int(10) unsigned NOT NULL auto_increment,
- `host` varchar(100) default '',
- `os_port` int(4) unsigned default '22',
- `os_user` varchar(100) default '',
- `db_port` int(4) unsigned default '3306',
+ `id` INT(10) unsigned NOT NULL auto_increment,
+ `host` VARCHAR(255) default '',
+ `label` VARCHAR(255) default '',
+ `os_port` INT UNSIGNED NOT NULL DEFAULT 22,
+ `os_user` VARCHAR(255) default '',
+ `db_port` INT UNSIGNED NOT NULL DEFAULT 3306,
`status` tinyint(1) unsigned default '0',
`action` tinyint(1) unsigned default '0',
- `last_error` varchar(255) default '',
+ `ssh_key` TEXT,
+ `ssh_pubkey` TEXT,
+ `last_error` TEXT,
PRIMARY KEY (`id`)
) ENGINE = InnoDB DEFAULT CHARSET=utf8 ;
@@ -2998,6 +3002,7 @@ CREATE TABLE IF NOT EXISTS `treport_content_template` (
`current_month` TINYINT(1) DEFAULT '1',
`failover_mode` tinyint(1) DEFAULT '1',
`failover_type` tinyint(1) DEFAULT '1',
+ `uncompressed_module` TINYINT DEFAULT '0',
PRIMARY KEY(`id_rc`)
) ENGINE = InnoDB DEFAULT CHARSET=utf8;
diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql
index a02f88fe5f..01f069b8b6 100644
--- a/pandora_console/pandoradb_data.sql
+++ b/pandora_console/pandoradb_data.sql
@@ -1317,7 +1317,8 @@ UPDATE `tnotification_source` SET `enabled`=1 WHERE `description` = 'System
--
INSERT INTO `tlayout`
VALUES
- (1, 'Demo visual console', 0, 'fondo.jpg', 1080, 1920, 'white', 0);
+ (1, 'Demo visual console', 0, 'fondo.jpg', 1080, 1920, 'white', 0),
+ (2,'Demo visual console 2',0,'fondo-keep-alive.jpg',1080,1920,'#FFF',0);
--
-- Dumping data for table `tlayout_data`
@@ -1420,5 +1421,20 @@ VALUES
(94,1,580,904,0,0,'<p style="text-align: center; overflow: hidden;"><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;"><strong><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;">Office 7 - </span></strong></span><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;">Rack 2</span></p>','white',4,3600,1,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,'0.000','0.000',0,0,'analogic_1','time','Europe/Madrid',0,0),
(95,1,132,907,0,0,'<p style="text-align: center; overflow: hidden;"><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;"><strong><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;">Office 7 - </span></strong></span><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;">Rack 1</span></p>','white',4,3600,1,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,'0.000','0.000',0,0,'analogic_1','time','Europe/Madrid',0,0),
(96,1,733,20,0,0,'<p style="overflow: hidden;"><span class="visual_font_size_48pt"><strong><span style="color: #ffffff; font-family: opensans;">OFFICE RACKS</span></strong></span></p>','white',4,3600,1,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,'0.000','0.000',0,0,'analogic_1','time','Europe/Madrid',0,0),
- (97,1,1479,260,174,29,'','rack_server_rack',0,3600,1,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,'0.000','0.000',0,0,'analogic_1','time','Europe/Madrid',0,60)
-;
\ No newline at end of file
+ (97,1,1479,260,174,29,'','rack_server_rack',0,3600,1,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,'0.000','0.000',0,0,'analogic_1','time','Europe/Madrid',0,60),
+ (98,2,709,103,0,400,'','white',19,3600,0,0,0,0,1,0,0,0,0,'line','down','','#FFFFFF',0,0,'default',0,0.000,0.000,0,0,'digital_1','timedate','Europe/Madrid',0,0),
+ (99,2,178,481,111,111,'','status',0,3600,11556,430,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (100,2,542,481,111,111,'','status',0,3600,13,2,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (101,2,905,481,111,111,'','status',0,3600,114,11,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (102,2,1276,481,111,111,'','status',0,3600,7,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (103,2,1631,482,111,111,'','status',0,3600,11547,1,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (104,2,157,393,0,0,'
Backups
\n
','white',
+4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (105,2,512,382,96,172,'<p style="overflow: hidden;"><span class="visual_font_size_28pt" style="font-family: opensans; color: #ffffff;">DB Status</span></p>
<p style="overflow: hidden;"> </p>','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (106,2,886,382,0,0,'
Disk slave
\n
','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (107,2,1251,382,0,0,'
Disk /var
\n
','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (108,2,1547,382,0,0,'<p style="line-height: 18px; overflow: hidden;"><span class="visual_font_size_28pt" style="color: #ffffff; font-family: opensans;">Authentification</span></p>','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (109,2,126,820,0,0,'<p style="line-height: 18px; overflow: hidden;"><strong><span class="visual_font_size_36pt" style="font-family: opensans; color: #ffffff;">Processing</span></strong></p>','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (110,2,755,820,0,0,'<p style="line-height: 18px; overflow: hidden;"><strong><span class="visual_font_size_36pt" style="font-family: opensans; color: #ffffff;">Network</span></strong></p>','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0),
+ (111,2,1281,820,0,0,'<p style="line-height: 18px; overflow: hidden;"><strong><span class="visual_font_size_36pt" style="color: #ffffff; font-family: opensans;">Storage</span></strong></p>','white',4,3600,0,0,0,0,1,0,0,0,0,'line','down','','',0,0,'default',0,0.000,0.000,0,0,'analogic_1','time','Europe/Madrid',0,0)
+;
diff --git a/pandora_server/DEBIAN/control b/pandora_server/DEBIAN/control
index 17aa3441d9..cdf6610772 100644
--- a/pandora_server/DEBIAN/control
+++ b/pandora_server/DEBIAN/control
@@ -1,10 +1,10 @@
package: pandorafms-server
-Version: 7.0NG.738-190905
+Version: 7.0NG.738-190923
Architecture: all
Priority: optional
Section: admin
Installed-Size: 640
Maintainer: ÁRTICA ST
Homepage: http://pandorafms.org/
-Depends: perl (>= 5.8), libdbi-perl, libdbd-mysql-perl, libtime-format-perl, libnetaddr-ip-perl, libtime-format-perl, libxml-simple-perl, libxml-twig-perl, libhtml-parser-perl, snmp, snmpd, traceroute, xprobe2, nmap, sudo, libwww-perl, libsocket6-perl, libio-socket-inet6-perl, snmp-mibs-downloader, libjson-perl, libnet-telnet-perl, libencode-locale-perl, libgeo-ip-perl
+Depends: perl (>= 5.8), libdbi-perl, libdbd-mysql-perl, libtime-format-perl, libnetaddr-ip-perl, libtime-format-perl, libxml-simple-perl, libxml-twig-perl, libhtml-parser-perl, snmp, snmpd, traceroute, xprobe2, nmap, sudo, libwww-perl, libsocket6-perl, libio-socket-inet6-perl, libio-socket-ssl-perl, snmp-mibs-downloader, libjson-perl, libnet-telnet-perl, libencode-locale-perl, libgeo-ip-perl
Description: Pandora FMS is a monitoring system for big IT environments. It uses remote tests, or local agents to grab information. Pandora supports all standard OS (Linux, AIX, HP-UX, Solaris and Windows XP,2000/2003), and support multiple setups in HA enviroments. This is the server package. Server makes the remote checks and process information transfer by Pandora FMS agents to the server.
diff --git a/pandora_server/DEBIAN/make_deb_package.sh b/pandora_server/DEBIAN/make_deb_package.sh
index fe232eda41..7bb767b956 100644
--- a/pandora_server/DEBIAN/make_deb_package.sh
+++ b/pandora_server/DEBIAN/make_deb_package.sh
@@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-pandora_version="7.0NG.738-190905"
+pandora_version="7.0NG.738-190923"
package_cpan=0
package_pandora=1
diff --git a/pandora_server/bin/pandora_server b/pandora_server/bin/pandora_server
index bb177be783..1209922537 100755
--- a/pandora_server/bin/pandora_server
+++ b/pandora_server/bin/pandora_server
@@ -365,9 +365,11 @@ sub pandora_server_tasks ($) {
# COMMON TASKS (master and non-master)
# ---------------------------------------------------------------
-
- # Rotate Log File
if (($counter % 30) == 0) {
+ # Update configuration options from the console.
+ pandora_get_sharedconfig ($pa_config, $dbh);
+
+ # Rotate the log file.
pandora_rotate_logfile($pa_config);
# Set event storm protection
diff --git a/pandora_server/conf/pandora_server.conf.new b/pandora_server/conf/pandora_server.conf.new
index 33d34082c0..6d92d7417d 100644
--- a/pandora_server/conf/pandora_server.conf.new
+++ b/pandora_server/conf/pandora_server.conf.new
@@ -226,8 +226,9 @@ recon_threads 1
dataserver_threads 1
# mta_address: External Mailer (MTA) IP Address to be used by Pandora FMS internal email capabilities
+# If not set, the MTA configuration specified in the Pandora FMS Console will be used.
-mta_address localhost
+#mta_address localhost
# mta_port, this is the mail server port (default 25)
@@ -250,6 +251,10 @@ mta_address localhost
#mta_from Pandora FMS
+# SMTP encryption protocol (none, ssl, starttls)
+
+#mta_encryption none
+
# Set 1 if want eMail deliver alert in separate mail (default).
# Set 0 if want eMail deliver shared mail by all destination.
mail_in_separate 1
diff --git a/pandora_server/conf/pandora_server.conf.windows b/pandora_server/conf/pandora_server.conf.windows
index a602f7abc4..c7c5db64b4 100644
--- a/pandora_server/conf/pandora_server.conf.windows
+++ b/pandora_server/conf/pandora_server.conf.windows
@@ -214,6 +214,7 @@ recon_threads 2
dataserver_threads 2
# mta_address: External Mailer (MTA) IP Address to be used by Pandora FMS internal email capabilities
+# If not set, the MTA configuration specified in the Pandora FMS Console will be used.
#mta_address localhost
@@ -235,6 +236,10 @@ dataserver_threads 2
# probably you need to change it to avoid problems with your antispam
#mta_from pandora@sampledomain.com
+# SMTP encryption protocol (none, ssl, starttls)
+
+#mta_encryption none
+
# xprobe2: Optional package to detect OS types using advanced TCP/IP
# fingerprinting tecniques, much more accurates than stadard nmap.
# If not provided, nmap is used insted xprobe2
diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm
index 9639dc4770..3b77520174 100644
--- a/pandora_server/lib/PandoraFMS/Config.pm
+++ b/pandora_server/lib/PandoraFMS/Config.pm
@@ -45,7 +45,7 @@ our @EXPORT = qw(
# version: Defines actual version of Pandora Server for this module only
my $pandora_version = "7.0NG.738";
-my $pandora_build = "190905";
+my $pandora_build = "190923";
our $VERSION = $pandora_version." ".$pandora_build;
# Setup hash
@@ -187,6 +187,33 @@ sub pandora_get_sharedconfig ($$) {
[$dbh]
);
$pa_config->{'rb_product_name'} = 'Pandora FMS' unless (defined ($pa_config->{'rb_product_name'}) && $pa_config->{'rb_product_name'} ne '');
+
+ # Mail transport agent configuration. Local configuration takes precedence.
+ if ($pa_config->{"mta_local"} eq 0) {
+ $pa_config->{"mta_address"} = pandora_get_tconfig_token ($dbh, 'email_smtpServer', '');
+ $pa_config->{"mta_from"} = '"' . pandora_get_tconfig_token ($dbh, 'email_from_name', 'Pandora FMS') . '" <' .
+ pandora_get_tconfig_token ($dbh, 'email_from_dir', 'pandora@pandorafms.org') . '>';
+ $pa_config->{"mta_pass"} = pandora_get_tconfig_token ($dbh, 'email_password', '');
+ $pa_config->{"mta_port"} = pandora_get_tconfig_token ($dbh, 'email_smtpPort', '');
+ $pa_config->{"mta_user"} = pandora_get_tconfig_token ($dbh, 'email_username', '');
+ $pa_config->{"mta_encryption"} = pandora_get_tconfig_token ($dbh, 'email_encryption', '');
+
+ # Auto-negotiate the auth mechanism, since it cannot be set from the console.
+ # Do not include PLAIN, it generates the following error:
+ # 451 4.5.0 SMTP protocol violation, see RFC 2821
+ $pa_config->{"mta_auth"} = 'DIGEST-MD5 CRAM-MD5 LOGIN';
+
+ # Fix the format of mta_encryption.
+ if ($pa_config->{"mta_encryption"} eq 'tls') {
+ $pa_config->{"mta_encryption"} = 'starttls';
+ }
+ elsif ($pa_config->{"mta_encryption"} =~ m/^ssl/) {
+ $pa_config->{"mta_encryption"} = 'ssl';
+ }
+ else {
+ $pa_config->{"mta_encryption"} = 'none';
+ }
+ }
}
##########################################################################
@@ -303,12 +330,14 @@ sub pandora_load_config {
$pa_config->{"dynamic_constant"} = 10; # 7.0
# Internal MTA for alerts, each server need its own config.
- $pa_config->{"mta_address"} = '127.0.0.1'; # Introduced on 2.0
- $pa_config->{"mta_port"} = '25'; # Introduced on 2.0
+ $pa_config->{"mta_address"} = ''; # Introduced on 2.0
+ $pa_config->{"mta_port"} = ''; # Introduced on 2.0
$pa_config->{"mta_user"} = ''; # Introduced on 2.0
$pa_config->{"mta_pass"} = ''; # Introduced on 2.0
$pa_config->{"mta_auth"} = 'none'; # Introduced on 2.0 (Support LOGIN PLAIN CRAM-MD5 DIGEST-MD)
$pa_config->{"mta_from"} = 'pandora@localhost'; # Introduced on 2.0
+ $pa_config->{"mta_encryption"} = 'none'; # 7.0 739
+ $pa_config->{"mta_local"} = 0; # 7.0 739
$pa_config->{"mail_in_separate"} = 1; # 1: eMail deliver alert mail in separate mails.
# 0: eMail deliver 1 mail with all destination.
@@ -582,6 +611,7 @@ sub pandora_load_config {
}
elsif ($parametro =~ m/^mta_address\s(.*)/i) {
$pa_config->{'mta_address'}= clean_blank($1);
+ $pa_config->{'mta_local'}=1;
}
elsif ($parametro =~ m/^mta_port\s(.*)/i) {
$pa_config->{'mta_port'}= clean_blank($1);
@@ -592,6 +622,9 @@ sub pandora_load_config {
elsif ($parametro =~ m/^mta_from\s(.*)/i) {
$pa_config->{'mta_from'}= clean_blank($1);
}
+ elsif ($parametro =~ m/^mta_encryption\s(.*)/i) {
+ $pa_config->{'mta_encryption'}= clean_blank($1);
+ }
elsif ($parametro =~ m/^mail_in_separate\s+([0-9]*)/i) {
$pa_config->{'mail_in_separate'}= clean_blank($1);
}
diff --git a/pandora_server/lib/PandoraFMS/PluginTools.pm b/pandora_server/lib/PandoraFMS/PluginTools.pm
index c4bb24d4b1..a45d1108f2 100644
--- a/pandora_server/lib/PandoraFMS/PluginTools.pm
+++ b/pandora_server/lib/PandoraFMS/PluginTools.pm
@@ -32,7 +32,7 @@ our @ISA = qw(Exporter);
# version: Defines actual version of Pandora Server for this module only
my $pandora_version = "7.0NG.738";
-my $pandora_build = "190905";
+my $pandora_build = "190923";
our $VERSION = $pandora_version." ".$pandora_build;
our %EXPORT_TAGS = ( 'all' => [ qw() ] );
diff --git a/pandora_server/lib/PandoraFMS/Sendmail.pm b/pandora_server/lib/PandoraFMS/Sendmail.pm
index 394add6d1f..08819c78ab 100644
--- a/pandora_server/lib/PandoraFMS/Sendmail.pm
+++ b/pandora_server/lib/PandoraFMS/Sendmail.pm
@@ -32,7 +32,9 @@ $VERSION = '0.79_16';
'tz' => '', # only to override automatic detection
'port' => 25, # change it if you always use a non-standard port
- 'debug' => 0 # prints stuff to STDERR
+ 'debug' => 0, # prints stuff to STDERR
+ 'encryption' => 'none', # no, ssl or starttls
+ 'timeout' => 5, # timeout for socket reads/writes in seconds
);
# *******************************************************************
@@ -54,7 +56,8 @@ use vars qw(
$auth_support
);
-use Socket;
+use IO::Socket::INET;
+use IO::Select;
use Time::Local; # for automatic time zone detection
use Sys::Hostname; # for use of hostname in HELO
@@ -62,6 +65,12 @@ use Sys::Hostname; # for use of hostname in HELO
$auth_support = 'DIGEST-MD5 CRAM-MD5 PLAIN LOGIN';
+# IO::Socket object.
+my $S;
+
+# IO::Select object.
+my $Sel;
+
# use MIME::QuotedPrint if available and configured in %mailcfg
eval("use MIME::QuotedPrint");
$mailcfg{'mime'} &&= (!$@);
@@ -178,9 +187,9 @@ sub sendmail {
local $_;
my (%mail, $k,
- $smtp, $server, $port, $connected, $localhost,
+ $smtp, $server, $port, $localhost,
$fromaddr, $recip, @recipients, $to, $header,
- %esmtp, @wanted_methods,
+ %esmtp, @wanted_methods, $encryption
);
use vars qw($server_reply);
# -------- a few internal subs ----------
@@ -191,7 +200,7 @@ sub sendmail {
$error .= "Server said: $server_reply\n";
print STDERR "Server said: $server_reply\n" if $^W;
}
- close S;
+ close $S if defined($S);
return 0;
}
@@ -200,31 +209,40 @@ sub sendmail {
for $i (0..$#_) {
# accept references, so we don't copy potentially big data
my $data = ref($_[$i]) ? $_[$i] : \$_[$i];
- if ($mailcfg{'debug'} > 5) {
+ if ($mailcfg{'debug'} > 9) {
if (length($$data) < 500) {
- print ">", $$data;
+ print STDERR ">", $$data;
}
else {
- print "> [...", length($$data), " bytes sent ...]\n";
+ print STDERR "> [...", length($$data), " bytes sent ...]\n";
}
}
- print(S $$data) || return 0;
+ my @sockets = $Sel->can_write($mailcfg{'timeout'});
+ return 0 if (!@sockets);
+ syswrite($sockets[0], $$data) || return 0;
}
1;
}
sub socket_read {
+ my $buffer;
$server_reply = "";
- do {
- $_ = ;
- $server_reply .= $_;
- #chomp $_;
- print "<$_" if $mailcfg{'debug'} > 5;
- if (/^[45]/ or !$_) {
- chomp $server_reply;
- return; # return false
- }
- } while (/^[\d]+-/);
+
+ while (my @sockets = $Sel->can_read($mailcfg{'timeout'})) {
+ return if (!@sockets);
+ # 16kByte is the maximum size of an SSL frame and because sysread
+ # returns data from only a single SSL frame you can guarantee that
+ # there are no pending data.
+ sysread($sockets[0], $buffer, 65535) || return;
+ $server_reply .= $buffer;
+ last if ($buffer =~ m/\n$/);
+ }
+
+ print STDERR "<$server_reply" if $mailcfg{'debug'} > 9;
+ if ($server_reply =~ /^[45]/) {
+ chomp $server_reply;
+ return; # return false
+ }
chomp $server_reply;
return $server_reply;
}
@@ -260,13 +278,15 @@ sub sendmail {
}
$smtp = $mail{'Smtp'} || $mail{'Server'};
- unshift @{$mailcfg{'smtp'}}, $smtp if ($smtp and $mailcfg{'smtp'}->[0] ne $smtp);
+ $mailcfg{'smtp'}->[0] = $smtp if ($smtp and $mailcfg{'smtp'}->[0] ne $smtp);
+
+ $encryption = $mail{'Encryption'} || $mail{'Encryption'};
# delete non-header keys, so we don't send them later as mail headers
# I like this syntax, but it doesn't seem to work with AS port 5.003_07:
# delete @mail{'Smtp', 'Server'};
# so instead:
- delete $mail{'Smtp'}; delete $mail{'Server'};
+ delete $mail{'Smtp'}; delete $mail{'Server'}; delete $mail{'Encryption'};
$mailcfg{'port'} = $mail{'Port'} || $mailcfg{'port'} || 25;
delete $mail{'Port'};
@@ -343,48 +363,36 @@ sub sendmail {
$localhost = hostname() || 'localhost';
foreach $server ( @{$mailcfg{'smtp'}} ) {
- # open socket needs to be inside this foreach loop on Linux,
- # otherwise all servers fail if 1st one fails !??! why?
- unless ( socket S, AF_INET, SOCK_STREAM, scalar(getprotobyname 'tcp') ) {
- return fail("socket failed ($!)")
- }
-
- print "- trying $server\n" if $mailcfg{'debug'} > 1;
+ print STDERR "- trying $server\n" if $mailcfg{'debug'} > 9;
$server =~ s/\s+//go; # remove spaces just in case of a typo
# extract port if server name like "mail.domain.com:2525"
$port = ($server =~ s/:(\d+)$//o) ? $1 : $mailcfg{'port'};
$smtp = $server; # save $server for use outside foreach loop
- my $smtpaddr = inet_aton $server;
- unless ($smtpaddr) {
- $error .= "$server not found\n";
- next; # next server
+ # load IO::Socket SSL if needed
+ if ($encryption ne 'none') {
+ eval "require IO::Socket::SSL" || return fail("IO::Socket::SSL is not available");
}
-
my $retried = 0; # reset retries for each server
- while ( ( not $connected = connect S, pack_sockaddr_in($port, $smtpaddr) )
- and ( $retried < $mailcfg{'retries'} )
- ) {
- $retried++;
- $error .= "connect to $server failed ($!)\n";
- print "- connect to $server failed ($!)\n" if $mailcfg{'debug'} > 1;
- print "retrying in $mailcfg{'delay'} seconds...\n" if $mailcfg{'debug'} > 1;
- sleep $mailcfg{'delay'};
+ if ($encryption ne 'ssl') {
+ $S = new IO::Socket::INET(PeerPort => $port, PeerAddr => $server, Proto => 'tcp');
}
-
- if ( $connected ) {
- print "- connected to $server\n" if $mailcfg{'debug'} > 3;
+ else {
+ $S = new IO::Socket::SSL(PeerPort => $port, PeerAddr => $server, Proto => 'tcp', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), Domain => AF_INET);
+ }
+ if ( $S ) {
+ print STDERR "- connected to $server\n" if $mailcfg{'debug'} > 9;
last;
}
else {
$error .= "connect to $server failed\n";
- print "- connect to $server failed, next server...\n" if $mailcfg{'debug'} > 1;
+ print STDERR "- connect to $server failed, next server...\n" if $mailcfg{'debug'} > 9;
next; # next server
}
}
- unless ( $connected ) {
+ unless ( $S ) {
return fail("connect to $smtp failed ($!) no (more) retries!")
};
@@ -397,8 +405,9 @@ sub sendmail {
;
}
- my($oldfh) = select(S); $| = 1; select($oldfh);
-
+ $Sel = new IO::Select() || return fail("IO::Select error");
+ $Sel->add($S);
+
socket_read()
|| return fail("Connection error from $smtp on port $port ($_)");
socket_write("EHLO $localhost$CRLF")
@@ -418,8 +427,37 @@ sub sendmail {
|| return fail("send HELO error (lost connection?)");
}
- if ($auth) {
- warn "AUTH requested\n" if ($mailcfg{debug} > 4);
+ # STARTTLS
+ if ($encryption eq 'starttls') {
+ defined($esmtp{'STARTTLS'})
+ || return fail('STARTTLS not supported');
+ socket_write("STARTTLS$CRLF") || return fail("send STARTTLS error");
+ socket_read()
+ || return fail('STARTTLS error');
+ IO::Socket::SSL->start_SSL($S, SSL_hostname => $server, SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE())
+ || return fail("start_SSL failed");
+
+ # The client SHOULD send an EHLO command as the
+ # first command after a successful TLS negotiation.
+ socket_write("EHLO $localhost$CRLF")
+ || return fail("send EHLO error (lost connection?)");
+ my $ehlo = socket_read();
+ if ($ehlo) {
+ # The server MUST discard any knowledge
+ # obtained from the client.
+ %esmtp = ();
+
+ # parse EHLO response
+ map {
+ s/^\d+[- ]//;
+ my ($k, $v) = split /\s+/, $_, 2;
+ $esmtp{$k} = $v || 1 if $k;
+ } split(/\n/, $ehlo);
+ }
+ }
+
+ if (defined($auth) && $auth->{'user'} ne '') {
+ warn "AUTH requested\n" if ($mailcfg{debug} > 9);
# reduce wanted methods to those supported
my @methods = grep {$esmtp{'AUTH'}=~/(^|\s)$_(\s|$)/i}
grep {$auth_support =~ /(^|\s)$_(\s|$)/i}
@@ -480,9 +518,9 @@ sub sendmail {
my $challenge = socket_read()
|| return fail("AUTH DIGEST-MD5 failed: $server_reply");
$challenge =~ s/^\d+\s+//; $challenge =~ s/[\r\n]+$//;
- warn "\nCHALLENGE=", decode_base64($challenge), "\n" if ($mailcfg{debug} > 10);
+ warn "\nCHALLENGE=", decode_base64($challenge), "\n" if ($mailcfg{debug} > 9);
my $response = _digest_md5($auth->{user}, $auth->{password}, decode_base64($challenge), $auth->{realm});
- warn "\nRESPONSE=$response\n" if ($mailcfg{debug} > 10);
+ warn "\nRESPONSE=$response\n" if ($mailcfg{debug} > 9);
socket_write(encode_base64($response, ""), $CRLF)
|| return fail("AUTH DIGEST-MD5 failed: $server_reply");
my $status = socket_read()
@@ -562,7 +600,7 @@ sub sendmail {
socket_write("QUIT$CRLF")
|| return fail("send QUIT error");
socket_read();
- close S;
+ close $S;
return 1;
} # end sub sendmail
diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm
index 36050e4275..9710913efe 100755
--- a/pandora_server/lib/PandoraFMS/Tools.pm
+++ b/pandora_server/lib/PandoraFMS/Tools.pm
@@ -140,6 +140,7 @@ our @EXPORT = qw(
generate_agent_name_hash
long_to_ip
ip_to_long
+ get_enabled_servers
);
# ID of the different servers
@@ -518,7 +519,14 @@ sub pandora_sendmail {
Smtp => $pa_config->{"mta_address"},
Port => $pa_config->{"mta_port"},
From => $pa_config->{"mta_from"},
+ Encryption => $pa_config->{"mta_encryption"},
);
+
+ # Set the timeout.
+ $PandoraFMS::Sendmail::mailcfg{'timeout'} = $pa_config->{"tcp_timeout"};
+
+ # Enable debugging.
+ $PandoraFMS::Sendmail::mailcfg{'debug'} = $pa_config->{"verbosity"};
if (defined($content_type)) {
$mail{'Content-Type'} = $content_type;
@@ -535,15 +543,12 @@ sub pandora_sendmail {
$mail{auth} = {user=>$pa_config->{"mta_user"}, password=>$pa_config->{"mta_pass"}, method=>$pa_config->{"mta_auth"}, required=>1 };
}
- if (sendmail %mail) {
- return;
- }
- else {
- logger ($pa_config, "[ERROR] Sending email to $to_address with subject $subject", 1);
- if (defined($Mail::Sendmail::error)){
- logger ($pa_config, "ERROR Code: $Mail::Sendmail::error", 5);
+ eval {
+ if (!sendmail(%mail)) {
+ logger ($pa_config, "[ERROR] Sending email to $to_address with subject $subject", 1);
+ logger ($pa_config, "ERROR Code: $Mail::Sendmail::error", 5) if (defined($Mail::Sendmail::error));
}
- }
+ };
}
##########################################################################
@@ -2049,6 +2054,25 @@ sub long_to_ip {
return inet_ntoa pack("N", ($ip_long));
}
+###############################################################################
+# Returns a list with enabled servers.
+###############################################################################
+sub get_enabled_servers {
+ my $conf = shift;
+
+ if (ref($conf) ne "HASH") {
+ return ();
+ }
+
+ my @server_list = map {
+ if ($_ =~ /server$/i && $conf->{$_} > 0) {
+ $_
+ } else {
+ }
+ } keys %{$conf};
+
+ return @server_list;
+}
# End of function declaration
# End of defined Code
diff --git a/pandora_server/pandora_server.redhat.spec b/pandora_server/pandora_server.redhat.spec
index ab274c7d02..f2819ac79b 100644
--- a/pandora_server/pandora_server.redhat.spec
+++ b/pandora_server/pandora_server.redhat.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_server
%define version 7.0NG.738
-%define release 190905
+%define release 190923
Summary: Pandora FMS Server
Name: %{name}
@@ -27,7 +27,7 @@ Requires: perl(DBI) perl(DBD::mysql)
Requires: perl(HTTP::Request::Common) perl(LWP::Simple) perl(LWP::UserAgent)
Requires: perl(XML::Simple) perl(XML::Twig) net-snmp-utils
Requires: perl(NetAddr::IP) net-snmp net-tools
-Requires: perl(IO::Socket::INET6) perl(Net::Telnet)
+Requires: perl(IO::Socket::INET6) perl(IO::Socket::SSL) perl(Net::Telnet)
Requires: nmap sudo perl(JSON)
Requires: perl(Time::HiRes) perl(Encode::Locale)
Requires: perl perl(Sys::Syslog) perl(HTML::Entities) perl(Geo::IP)
diff --git a/pandora_server/pandora_server.spec b/pandora_server/pandora_server.spec
index 49bd12b3b8..56cbacb03d 100644
--- a/pandora_server/pandora_server.spec
+++ b/pandora_server/pandora_server.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_server
%define version 7.0NG.738
-%define release 190905
+%define release 190923
Summary: Pandora FMS Server
Name: %{name}
@@ -24,7 +24,7 @@ Provides: %{name}-%{version}
Requires: perl-DBI perl-DBD-mysql perl-libwww-perl
Requires: perl-NetAddr-IP net-snmp net-tools perl-XML-Twig
Requires: nmap sudo perl-HTML-Tree perl-XML-Simple perl-Net-Telnet
-Requires: perl-IO-Socket-INET6 perl-Socket6 snmp-mibs perl-JSON
+Requires: perl-IO-Socket-INET6 perl-Socket6 perl-IO-Socket-SSL snmp-mibs perl-JSON
Requires: perl-Encode-Locale perl-Geo-IP
%description
diff --git a/pandora_server/pandora_server_installer b/pandora_server/pandora_server_installer
index ccecb6e6ed..158d1e9deb 100755
--- a/pandora_server/pandora_server_installer
+++ b/pandora_server/pandora_server_installer
@@ -9,7 +9,7 @@
# **********************************************************************
PI_VERSION="7.0NG.738"
-PI_BUILD="190905"
+PI_BUILD="190923"
MODE=$1
if [ $# -gt 1 ]; then
diff --git a/pandora_server/util/pandora_db.pl b/pandora_server/util/pandora_db.pl
index 9f9b0bd653..427e6817a2 100644
--- a/pandora_server/util/pandora_db.pl
+++ b/pandora_server/util/pandora_db.pl
@@ -34,7 +34,7 @@ use PandoraFMS::Config;
use PandoraFMS::DB;
# version: define current version
-my $version = "7.0NG.738 PS190905";
+my $version = "7.0NG.738 PS190923";
# Pandora server configuration
my %conf;
@@ -136,7 +136,7 @@ sub pandora_purgedb ($$) {
pandora_delete_old_export_data ($dbh, $ulimit_timestamp);
# Delete sessions data
- pandora_delete_old_session_data ($dbh, $ulimit_timestamp);
+ pandora_delete_old_session_data (\%conf, $dbh, $ulimit_timestamp);
# Delete old inventory data
@@ -678,6 +678,7 @@ sub pandora_load_config_pdb ($) {
$conf->{'_netflow_nfexpire'} = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = 'netflow_nfexpire'");
$conf->{'_netflow_path'} = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = 'netflow_path'");
$conf->{'_delete_notinit'} = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = 'delete_notinit'");
+ $conf->{'_session_timeout'} = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = 'session_timeout'");
$conf->{'_big_operation_step_datos_purge'} = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = 'big_operation_step_datos_purge'");
$conf->{'_small_operation_step_datos_purge'} = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = 'small_operation_step_datos_purge'");
@@ -990,12 +991,28 @@ sub pandora_delete_old_export_data {
# Delete old session data.
##############################################################################
sub pandora_delete_old_session_data {
- my ($dbh, $ulimit_timestamp) = @_;
+ my ($conf, $dbh, $ulimit_timestamp) = @_;
+
+ my $session_timeout = $conf->{'_session_timeout'};
+
+ if ($session_timeout ne '') {
+ if ($session_timeout == -1) {
+ # The session expires in 10 years
+ $session_timeout = 315576000;
+ } else {
+ $session_timeout *= 60;
+ }
+
+ $ulimit_timestamp = time() - $session_timeout;
+ }
log_message ('PURGE', "Deleting old session data from tsessions_php\n");
while(db_delete_limit ($dbh, 'tsessions_php', 'last_active < ?', $SMALL_OPERATION_STEP, $ulimit_timestamp) ne '0E0') {
usleep (10000);
};
+
+ db_do ($dbh, "DELETE FROM tsessions_php WHERE
+ data IS NULL OR id_session REGEXP '^cron-'");
}
###############################################################################
diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl
index ab01849bc5..974f7d06c9 100755
--- a/pandora_server/util/pandora_manage.pl
+++ b/pandora_server/util/pandora_manage.pl
@@ -36,7 +36,7 @@ use Encode::Locale;
Encode::Locale::decode_argv;
# version: define current version
-my $version = "7.0NG.738 PS190905";
+my $version = "7.0NG.738 PS190923";
# save program name for logging
my $progname = basename($0);