FusionInventory-Agent
view release on metacpan or search on metacpan
* make PID file location configurable, through --pidfile option (warning:
default location is now in agent state directory)
netdiscovery:
* add a few H3C/HP models in sysobject.ids (#2812)
netdiscovery:
* fix fast interface speed computation (#2833)
install:
* add versioned dependencies on IO::Socket::SSL and Thread::Queue
2.3.13 Thu, 6 Nov 2014
core:
* log HTTP replies status
* log agent stop event (#61)
* better logging of task initialisation process
* fix syslog logger usage with debug level >= 2 (#2780)
* fix SNMPv1 multiple values queries
netdiscovery:
Major changes:
* large speed improvement: up to 150% for a local inventory
* better multitasking support:
- the agent use fork() to run task if needed, instead of running a new process
from scratch, avoiding the need to use a temporary file to transmit
parameters, with related security risks
- the agent only forks to run a tasks when running as a server, making tracing
and debugging easier
- the agent only use one thread for the web interface
* better SSL support:
- IO::Socket::SSL perl module is now required for certificate validation
- Crypt::SSLeay perl module still allow HTTPS support, but without
certificate validation, and the connection will be aborted unless
certificate checking is disabled
- validation is now performed by SSL library, and honours alternative subject
names, and other subtilities
* large cleanup of values returned from inventory:
- unknown values are filtered out
- strings are trimmed for trailing spaces
- irrelevant values, such as windows internal USB serial number, or
controllers type and manufacturer on AIX and HPUX, are filtered out
* Fix: Vmsystem, don't load 'version', we don't use it anymore
* Fix: Linux/ARM: drop a debug print
* Fix: Linux Storages, fix fdisk parsing
* MacOSX: use addCPU to collect cpu information
* MacOSX: the number of core of the CPU
* MacOSX: Collect all the net devices and set VIRTUALDEV=1/0
* MacOSX: collect all the drives (fixes: #119)
* MacOSX: DRIVES, swap VOLUMN and TYPE fields
* Makefile.PL, no parameter for install_share, thanks Act from GLPI
forum (http://www.glpi-project.org/forum/viewtopic.php?pid=107979#p107979)
* Network.pm: drop the dependency on Net::SSLeay and IO::Socket::SSL,
we don't need them (!)
Fix: HTTP proxy with HTTPS
* Network.pm: drop the dependency on Net::SSLeay and IO::Socket::SSL,
we don't need them (!)
Fix: HTTP proxy with HTTPS
* Makefile.PL, no parameter for install_share, thanks Act from GLPI
forum (http://www.glpi-project.org/forum/viewtopic.php?pid=107979#p107979)
* Fix: don't ignore 0 values in the XML
* MacOSX: don't use Mac::SysProfile to get memory info
* Linux/i386: Igore empty CPU socket, thanks Sébastien Prud'homme,
bug: #177
* MacOSX: USB devices inventory
* LInux/PC: Fix the core detection on multiCPU system
2.0.3 Sun, 11 Apr 2010
* Fix a syntax problem in FusionInventory::Agent::Network
2.0.2 Sat Apr 10
* fusioninventory-agent-config: Fix a typo, thank you Act
* --delaytime really read the parameter, thanks Walid NOUH
* fix --no-socket
* Fix a typo in fusioninventory-agent-config, logtotate (Girish NAVUDA)
* Fix: between two server query, really wait during a random period
still based on server PROLOG_FREQ
* Do not load Crypt::SSLeay and IO::Socket::SSL at the same
* POD doc, explain how to use more than one server
* Fix: between two server query, really wait during a random period
still based on server PROLOG_FREQ
* SNMP.pm: Correct bug when oid result is pack and put mac in right format
(David DURIEUX)
* Set 2.0.1 release date in Changes file
2.0.1 (Solarium) Sun, 28 Mar 2010
* tools/build-perl-tree.sh: clean up
* Only use thread if Perl has got thread support, thank you
* FusionInventory::Agent::RPC add POD documentation
* Network.pm: Load LWP::UserAgent and HTTP::Status in an eval to get these
dependencies loaded only when needed
* Makefile.PL add Net::CUPS is recommended
* Linux, retrieve the PCI Class
2.0beta4 Thu, 04 Mar 2010
* Drop the dependency on Net::SSLGlue::LWP because its own dependencies
are not avalaible on RHEL5.x, thank you Remi Collet for pointing
this issue.
* Makefile.PL: suggest IO::Socket::SSL for SSL
* Drop the Dependency on LWP::Simple
* RPC: Do not die if client send random data
* HP-UX: Use can_run to know if machinfo if avalaible (François MERMET)
* HP-UX: code clean up (François MERMET)
* Net::IP is now required.
* OcsDeploy: Fix 2 malformed regex, thank you Mario Gzuk
* OcsDeploy: avoid a warning if $rc in unset on Perl 5.8
* OcsDeploy: Archive::Extract is just recommended now
* Network: load HTTP::Status
* standalone.sh dropped, was deprecated with the 2.0 changes
abstract: 'FusionInventory unified Agent for UNIX, Linux, Windows and MacOSX'
author:
- 'FusionInventory Team'
build_requires:
ExtUtils::MakeMaker: 6.59
File::Copy::Recursive: 0
HTTP::Proxy: 0
HTTP::Server::Simple: 0
HTTP::Server::Simple::Authen: 0
IO::Capture::Stderr: 0
IO::Socket::SSL: 0
IPC::Run: 0
JSON::PP: 0
LWP::Protocol::https: 0
Net::SNMP: 0
Parallel::ForkManager: 0
Test::Compile: 0
Test::Deep: 0
Test::Exception: 0
Test::MockModule: 0
Test::MockObject: 0
FusionInventory::Agent:
file: lib/FusionInventory/Agent.pm
version: '2.6'
recommends:
Archive::Extract: 0
Compress::Zlib: 0
DateTime: 0
Digest::SHA: 0
File::Copy::Recursive: 0
HTTP::Daemon: 0
IO::Socket::SSL: '1.14'
JSON::PP: 0
LWP::Protocol::https: 0
Net::CUPS: 0.6
Net::NBName: 0
Net::Ping: 0
Net::SNMP: 0
Net::Write::Layer2: 0
Parallel::ForkManager: 0
Parse::EDID: 0
Proc::Daemon: 0
Makefile.PL view on Meta::CPAN
requires 'Memoize' => '0';
if ($OSNAME eq 'MSWin32') {
requires 'Win32::OLE' => '0';
requires 'Win32::Job' => '0';
requires 'Win32::TieRegistry' => '0';
}
recommends 'Compress::Zlib' => '0';
recommends 'HTTP::Daemon' => '0';
recommends 'IO::Socket::SSL' => '1.14';
recommends 'LWP::Protocol::https' => '0';
if ($OSNAME ne 'MSWin32') {
recommends 'Proc::Daemon' => '0';
} else {
recommends 'Win32::Daemon' => '0';
recommends 'Win32::Unicode::File' => '0';
}
# test dependencies
test_requires 'File::Copy::Recursive' => '0';
test_requires 'HTTP::Proxy' => '0';
test_requires 'HTTP::Server::Simple' => '0';
test_requires 'HTTP::Server::Simple::Authen' => '0';
test_requires 'IO::Socket::SSL' => '0';
test_requires 'IO::Capture::Stderr' => '0';
test_requires 'IPC::Run' => '0';
test_requires 'JSON::PP' => '0';
test_requires 'Net::SNMP' => '0';
test_requires 'LWP::Protocol::https' => '0';
test_requires 'Parallel::ForkManager' => '0';
test_requires 'Test::Compile' => '0';
test_requires 'Test::Deep' => '0';
test_requires 'Test::Exception' => '0';
test_requires 'Test::MockModule' => '0';
* LWP::UserAgent
* Net::IP
* Text::Template
* UNIVERSAL::require
* XML::TreePP
Optional Perl modules:
* Compress::Zlib, for message compression
* HTTP::Daemon, for web interface
* IO::Socket::SSL, for HTTPS support
* LWP::Protocol::https, for HTTPS support
* Proc::Daemon, for daemon mode (Unix only)
* Proc::PID::File, for daemon mode (Unix only)
### Inventory task
Optional Perl modules:
* Net::CUPS, for printers detection
* Parse::EDID, for EDID data parsing
lib/FusionInventory/Agent/HTTP/Client.pm view on Meta::CPAN
my ($self) = @_;
# SSL handling
if ($self->{no_ssl_check}) {
# LWP 6 default behaviour is to check hostname
# Fedora also backported this behaviour change in its LWP5 package, so
# just checking on LWP version is not enough
$self->{ua}->ssl_opts(verify_hostname => 0, SSL_verify_mode => 0)
if $self->{ua}->can('ssl_opts');
} else {
# only IO::Socket::SSL can perform full server certificate validation,
# Net::SSL is only able to check certification authority, and not
# certificate hostname
IO::Socket::SSL->require();
die
"IO::Socket::SSL Perl module not available, " .
"unable to validate SSL certificates " .
"(workaround: use 'no-ssl-check' configuration parameter)"
if $EVAL_ERROR;
# Activate SSL Debug if Stderr is in backends
my $DEBUG_SSL = 0;
$DEBUG_SSL = grep { ref($_) =~/Stderr$/ } @{$self->{logger}{backends}}
if (ref($self->{logger}{backends}) eq 'ARRAY');
if ( $DEBUG_SSL && $self->{logger}->debug_level() >= 2 ) {
$Net::SSLeay::trace = 3;
}
if ($LWP::VERSION >= 6) {
$self->{ua}->ssl_opts(SSL_ca_file => $self->{ca_cert_file})
if $self->{ca_cert_file};
$self->{ua}->ssl_opts(SSL_ca_path => $self->{ca_cert_dir})
if $self->{ca_cert_dir};
} else {
# SSL_verifycn_scheme and SSL_verifycn_name are required
die
"IO::Socket::SSL Perl module too old " .
"(available: $IO::Socket::SSL::VERSION, required: 1.14), " .
"unable to validate SSL certificates " .
"(workaround: use 'no-ssl-check' configuration parameter)"
if $IO::Socket::SSL::VERSION < 1.14;
# use a custom HTTPS handler to workaround default LWP5 behaviour
FusionInventory::Agent::HTTP::Protocol::https->use(
ca_cert_file => $self->{ca_cert_file},
ca_cert_dir => $self->{ca_cert_dir},
);
LWP::Protocol::implementor(
'https', 'FusionInventory::Agent::HTTP::Protocol::https'
);
lib/FusionInventory/Agent/HTTP/Protocol/https.pm view on Meta::CPAN
package FusionInventory::Agent::HTTP::Protocol::https;
use strict;
use warnings;
use parent qw(LWP::Protocol::https);
use IO::Socket::SSL qw(SSL_VERIFY_NONE SSL_VERIFY_PEER);
sub import {
my ($class, %params) = @_;
# set default context
IO::Socket::SSL::set_ctx_defaults(ca_file => $params{ca_cert_file})
if $params{ca_cert_file};
IO::Socket::SSL::set_ctx_defaults(ca_path => $params{ca_cert_dir})
if $params{ca_cert_dir};
}
sub _extra_sock_opts {
my ($self, $host) = @_;
return (
SSL_verify_mode => $self->{ua}->{ssl_check} ?
SSL_VERIFY_PEER : SSL_VERIFY_NONE,
SSL_verifycn_scheme => 'http',
lib/FusionInventory/Agent/HTTP/Server/SSL.pm view on Meta::CPAN
return;
}
# If key file is missing assume it is included in cert file
$self->{'key_file'} = $self->{'cert_file'}
unless $self->{'key_file'};
# Setup ports as an array ref
$self->{ports} = [ grep { defined && $_ < 65536 } split(/,/, $self->config('ports') || 0) ];
# Load IO::Socket::SSL module
IO::Socket::SSL->require();
if ($EVAL_ERROR) {
$self->error("HTTPD can't load SSL support: $EVAL_ERROR");
$self->disable();
$self->info("Plugin disabled on wrong configuration");
return;
}
$self->debug2("Certificate file: $self->{'cert_file'}");
$self->debug2("Key file: $self->{'key_file'}");
# Activate SSL Debug if Stderr is in backends
my $DEBUG_SSL = 0;
$DEBUG_SSL = grep { ref($_) =~/Stderr$/ } @{$self->{logger}{backends}}
if (ref($self->{logger}{backends}) eq 'ARRAY');
$IO::Socket::SSL::DEBUG = 2
if ( $DEBUG_SSL && $self->{logger}->debug_level() >= 2 );
}
sub upgrade_SSL {
my ($self, $client) = @_;
# try to upgrade socket to SSL
return HTTP::Daemon::ClientConn::SSL->new(
client => $client,
plugin => $self,
);
}
# We use a dedicated package to derivate from IO::Socket::SSL and HTTP::Daemon::ClientConn
# We put the package name on a new line to avoid CPAN indexing
## no critic (ProhibitMultiplePackages,ProhibitExplicitISA)
package
HTTP::Daemon::ClientConn::SSL;
use vars qw(@ISA);
use English qw(-no_match_vars);
@ISA = qw(IO::Socket::SSL HTTP::Daemon::ClientConn);
sub new {
my ($class, %params) = @_;
my $client = $params{client}
or return;
my $plugin = $params{plugin}
or return;
eval {
# SSL upgrade client
IO::Socket::SSL->start_SSL($client,
SSL_server => 1,
SSL_cert_file => $plugin->{cert_file},
SSL_key_file => $plugin->{key_file},
) or die "Failed to upgrade socket to SSL: $IO::Socket::SSL::SSL_ERROR\n";
};
if ($EVAL_ERROR) {
$plugin->debug("HTTPD can't start SSL session: $EVAL_ERROR");
$client->close();
return;
}
# Disable Timeout to leave SSL session opened until we get data
$client->timeout(0);
lib/FusionInventory/Agent/Task/Inventory/Provider.pm view on Meta::CPAN
"gccversion: $Config{gccversion}",
"defines: ".join(' ',@uses)
];
$provider->{PERL_INC} = join(":",@INC);
$provider->{PERL_ARGS} = "@{$FusionInventory::Agent::Tools::ARGV}"
if @{$FusionInventory::Agent::Tools::ARGV};
my @modules = ();
foreach my $module (qw(
LWP LWP::Protocol IO::Socket IO::Socket::SSL IO::Socket::INET
Net::SSLeay Net::HTTPS HTTP::Status HTTP::Response
)) {
# Skip not reliable module loading under win32
next if ($OSNAME eq 'MSWin32' && ($module eq 'IO::Socket::SSL' || $module eq 'Net::HTTPS'));
$module->require();
if ($EVAL_ERROR) {
push @modules, "$module unavailable";
} else {
push @modules, $module . ' @ '. VERSION $module ;
if ($module eq 'Net::SSLeay') {
my $sslversion;
eval {
$sslversion = Net::SSLeay::SSLeay_version(0);
};
t/agent/http/client/ssl.t view on Meta::CPAN
plan skip_all => 'non working test on Windows';
} elsif ($OSNAME eq 'darwin') {
plan skip_all => 'non working test on MacOS';
} elsif ($LWP::VERSION < 6) {
plan skip_all => "LWP version too old, skipping";
} else {
plan tests => 11;
}
diag("LWP\@$LWP::VERSION / LWP::Protocol\@$LWP::Protocol::VERSION / ",
"IO::Socket\@$IO::Socket::VERSION / IO::Socket::SSL\@$IO::Socket::SSL::VERSION / ",
"IO::Socket::INET\@$IO::Socket::INET::VERSION / ",
"Net::SSLeay\@$Net::SSLeay::VERSION / Net::HTTPS\@$Net::HTTPS::VERSION / ",
"HTTP::Status\@$HTTP::Status::VERSION / HTTP::Response\@$HTTP::Response::VERSION");
my $ok = sub {
my ($server, $cgi) = @_;
print "HTTP/1.0 200 OK\r\n";
print "\r\n";
print "OK";
t/lib/FusionInventory/Test/Server.pm view on Meta::CPAN
package FusionInventory::Test::Server;
use warnings;
use strict;
use parent qw(HTTP::Server::Simple::CGI HTTP::Server::Simple::Authen);
use English qw(-no_match_vars);
use IO::Socket::SSL;
use FusionInventory::Test::Auth;
my $dispatch_table = {};
=head1 OVERLOADED METHODS
=cut
our $pid;
t/lib/FusionInventory/Test/Server.pm view on Meta::CPAN
}
sub accept_hook {
my $self = shift;
return unless $self->{ssl};
my $fh = $self->stdio_handle;
$self->SUPER::accept_hook(@_);
my $newfh = IO::Socket::SSL->start_SSL($fh,
SSL_server => 1,
SSL_use_cert => 1,
SSL_cert_file => $self->{crt},
SSL_key_file => $self->{key},
);
$self->stdio_handle($newfh) if $newfh;
}
=head1 METHODS UNIQUE TO TestServer
( run in 0.295 second using v1.01-cache-2.11-cpan-4d50c553e7e )