From 4487a9dad97f8f004303eb74c48278fbb90e7a44 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 4 May 2015 19:12:39 +0200 Subject: Update CreateAdConfig to match new ldadp config format --- src/main/java/org/openslx/satserver/util/Exec.java | 110 ++++++++++++++++++++- .../org/openslx/taskmanager/tasks/CompileIPxe.java | 2 +- .../openslx/taskmanager/tasks/CreateAdConfig.java | 17 +++- .../openslx/taskmanager/tasks/DownloadFile.java | 2 +- .../org/openslx/taskmanager/tasks/LdapSearch.java | 4 +- .../openslx/taskmanager/tasks/LighttpdHttps.java | 10 +- 6 files changed, 128 insertions(+), 17 deletions(-) (limited to 'src/main/java/org/openslx') diff --git a/src/main/java/org/openslx/satserver/util/Exec.java b/src/main/java/org/openslx/satserver/util/Exec.java index db59b0d..b7de984 100644 --- a/src/main/java/org/openslx/satserver/util/Exec.java +++ b/src/main/java/org/openslx/satserver/util/Exec.java @@ -1,7 +1,9 @@ package org.openslx.satserver.util; +import java.io.BufferedReader; import java.io.File; import java.io.IOException; +import java.io.InputStreamReader; public class Exec { @@ -9,25 +11,123 @@ public class Exec /** * Run command, return exit status of process, or -1 on error * + * @param timeoutSec maximum time in seconds to wait for process to finish * @param command Command and arguments * @return exit code */ - public static int sync( String... command ) + public static int sync( int timeoutSec, ExecCallback callback, String... command ) { - return syncAt( "/", command ); + return syncAt( timeoutSec, callback, "/", command ); } - public static int syncAt( String cwd, String... command ) + public static int sync( int timeoutSec, String... command ) + { + return sync( timeoutSec, null, command ); + } + + public static int syncAt( int timeoutSec, ExecCallback callback, String cwd, String... command ) { ProcessBuilder pb = new ProcessBuilder( command ); pb.directory( new File( cwd ) ); - Process p; + Process p = null; + Thread[] list = null; try { p = pb.start(); - return p.waitFor(); + if ( callback != null ) { + list = setupCallback( p, callback ); + } + if ( timeoutSec <= 0 ) { + return p.waitFor(); + } else { + for ( int i = 0; i < timeoutSec * 10; ++i ) { + Thread.sleep( 100 ); + try { + return p.exitValue(); + } catch ( IllegalThreadStateException e ) { + // Wait... + } + } + return -1; + } } catch ( IOException | InterruptedException e ) { return -1; + } finally { + try { + if ( p != null ) { + Util.multiClose( p.getOutputStream(), p.getErrorStream() ); + p.destroy(); + } + } catch ( Exception e ) { + // + } + if ( list != null ) { + for ( Thread t : list ) { + try { + t.interrupt(); + } catch ( Exception e ) { + // + } + } + } } } + public static int syncAt( int timeoutSec, String cwd, String... command ) + { + return syncAt( timeoutSec, null, cwd, command ); + } + + private static Thread[] setupCallback( final Process p, final ExecCallback cb ) + { + // Read its stdout + Thread stdout = new Thread( new Runnable() { + @Override + public void run() + { + try { + BufferedReader reader = new BufferedReader( new InputStreamReader( p.getInputStream() ) ); + String line; + while ( ( line = reader.readLine() ) != null ) { + synchronized ( p ) { + cb.processStdOut( line ); + } + } + } catch ( Exception e ) { + } + } + } ); + // Read its stderr + Thread stderr = new Thread( new Runnable() { + @Override + public void run() + { + try { + BufferedReader reader = new BufferedReader( new InputStreamReader( p.getErrorStream() ) ); + String line; + while ( ( line = reader.readLine() ) != null ) { + synchronized ( p ) { + cb.processStdErr( line ); + } + } + } catch ( Exception e ) { + } + } + } ); + + stdout.start(); + stderr.start(); + + Thread[] t = new Thread[] { stdout, stderr }; + return t; + } + + /**/ + + public interface ExecCallback + { + public void processStdOut( String line ); + + public void processStdErr( String line ); + } + } diff --git a/src/main/java/org/openslx/taskmanager/tasks/CompileIPxe.java b/src/main/java/org/openslx/taskmanager/tasks/CompileIPxe.java index a5b436f..33fae6e 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/CompileIPxe.java +++ b/src/main/java/org/openslx/taskmanager/tasks/CompileIPxe.java @@ -123,7 +123,7 @@ public class CompileIPxe extends AbstractTask return false; } // Compile - if ( 0 != Exec.syncAt( "/opt/openslx/ipxe/src", "make", "EMBED=../ipxelinux.ipxe,../pxelinux.0", "bin/undionly.kkkpxe" ) ) { + if ( 0 != Exec.syncAt( 15, "/opt/openslx/ipxe/src", "make", "EMBED=../ipxelinux.ipxe,../pxelinux.0", "bin/undionly.kkkpxe" ) ) { status.error = "Compiling ipxelinux.0 failed"; return false; } diff --git a/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java b/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java index c07d337..ec34716 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java +++ b/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java @@ -36,7 +36,11 @@ public class CreateAdConfig extends AbstractTask @Expose private int proxyport = 0; @Expose + private int adport = 0; + @Expose private String home = null; + @Expose + private String fingerprint = ""; private Output status = new Output(); @@ -67,7 +71,7 @@ public class CreateAdConfig extends AbstractTask try { // Generate keys { - int ret = Exec.sync( "openssl", "req", + int ret = Exec.sync( 3, "openssl", "req", "-x509", "-new", "-newkey", "rsa:4096", "-keyout", keyFile, "-out", certFile, "-days", "5000", "-nodes", "-subj", "/C=DE/ST=Nowhere/L=Springfield/O=Dis/CN=" + this.proxyip ); if ( ret != 0 ) { @@ -81,8 +85,11 @@ public class CreateAdConfig extends AbstractTask + "binddn=%s\n" + "bindpw=%s\n" + "base=%s\n" - + "port=%s\n" + "home=%s\n" + + "port=%s\n" + + "fingerprint=%s\n" + + "[local]\n" + + "port=%s\n" + "cert=%s\n" + "privkey=%s\n" + "\n", @@ -90,8 +97,10 @@ public class CreateAdConfig extends AbstractTask this.binddn, this.bindpw, this.searchbase, - this.proxyport, this.home, + this.adport, + this.fingerprint, + this.proxyport, certFile, keyFile ); // Generic ldap config @@ -111,7 +120,7 @@ public class CreateAdConfig extends AbstractTask } try { FileUtils.writeStringToFile( new File( fileName ), ldadpConf, StandardCharsets.UTF_8 ); - if ( 0 != Exec.sync( + if ( 0 != Exec.sync( 3, "/usr/bin/sudo", "-n", "-u", "root", diff --git a/src/main/java/org/openslx/taskmanager/tasks/DownloadFile.java b/src/main/java/org/openslx/taskmanager/tasks/DownloadFile.java index 607ca9a..352aac5 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/DownloadFile.java +++ b/src/main/java/org/openslx/taskmanager/tasks/DownloadFile.java @@ -87,7 +87,7 @@ public class DownloadFile extends AbstractTask status.error = "Could not create temporary file for gpg signature"; return false; } - if ( 0 != Exec.sync( "gpg", "--verify", gpgTempFile.getAbsolutePath(), tmpFile.getAbsolutePath() ) ) { + if ( 0 != Exec.sync( 10, "gpg", "--verify", gpgTempFile.getAbsolutePath(), tmpFile.getAbsolutePath() ) ) { status.error = "GPG signature of downloaded file not valid!\n\n" + this.gpg; return false; } diff --git a/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java b/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java index e1fec55..ef0998c 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java +++ b/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java @@ -68,12 +68,14 @@ public class LdapSearch extends SystemCommandTask this.getDn = true; } + // As we don't care about the certificate here, you might want to put TLS_REQCERT never + // in /etc/ldap/ldap.conf return new String[] { "ldapsearch", "-x", // Simple auth "-LLL", // No additional stuff "-y", this.fifo, // Password from file - "-H", "ldap://" + this.server + ":3268/", // Host + "-H", this.server, // Host "-b", this.searchbase, // SB "-D", this.binddn, // DN "-l", "4", // Time limit in seconds diff --git a/src/main/java/org/openslx/taskmanager/tasks/LighttpdHttps.java b/src/main/java/org/openslx/taskmanager/tasks/LighttpdHttps.java index 6324657..2250d84 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/LighttpdHttps.java +++ b/src/main/java/org/openslx/taskmanager/tasks/LighttpdHttps.java @@ -46,7 +46,7 @@ public class LighttpdHttps extends AbstractTask private boolean createRandom() { - int ret = Exec.sync( "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--random", this.proxyip ); + int ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--random", this.proxyip ); if ( ret != 0 ) { status.error = "generator exited with code " + ret; return false; @@ -75,16 +75,16 @@ public class LighttpdHttps extends AbstractTask return false; } int ret; - ret = Exec.sync( "/opt/taskmanager/scripts/install-https", "--test", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() ); + ret = Exec.sync( 5, "/opt/taskmanager/scripts/install-https", "--test", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() ); if ( ret != 0 ) { status.error = "Given key and certificate do not match, or have invalid format (exit code: " + ret + ")"; return false; } if ( tmpChain != null ) { - ret = Exec.sync( "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath(), + ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath(), tmpChain.getAbsolutePath() ); } else { - ret = Exec.sync( "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() ); + ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() ); } if ( ret != 0 ) { status.error = "import exited with code " + ret; @@ -101,7 +101,7 @@ public class LighttpdHttps extends AbstractTask private boolean disableHttps() { - int ret = Exec.sync( "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--disable" ); + int ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--disable" ); if ( ret != 0 ) { status.error = "disable exited with code " + ret; return false; -- cgit v1.2.3-55-g7522