From 92303d400ba83eaf150054d2cf5ce4906578bed0 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 17 Apr 2008 14:33:43 +0200 Subject: added new "netstrm" class (not yet implemented) --- runtime/Makefile.am | 11 +- runtime/net.c | 1 - runtime/netstrm.c | 284 ++++++++++++++++++++++++++++++++++++++++++++++++++++ runtime/netstrm.h | 44 ++++++++ runtime/rsyslog.h | 3 +- 5 files changed, 338 insertions(+), 5 deletions(-) create mode 100644 runtime/netstrm.c create mode 100644 runtime/netstrm.h (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 73418fdf..400d78c0 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -75,18 +75,23 @@ if ENABLE_REGEXP pkglib_LTLIBRARIES += lmregexp.la lmregexp_la_SOURCES = regexp.c regexp.h lmregexp_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) -lmregexp_la_LDFLAGS = -module -avoid-version $(rsrt_libs) +lmregexp_la_LDFLAGS = -module -avoid-version lmregexp_la_LIBADD = endif if ENABLE_INET -pkglib_LTLIBRARIES += lmnet.la +pkglib_LTLIBRARIES += lmnet.la lmnetstrm.la # # network support # lmnet_la_SOURCES = net.c net.h lmnet_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) -lmnet_la_LDFLAGS = -module -avoid-version $(rsrt_libs) +lmnet_la_LDFLAGS = -module -avoid-version lmnet_la_LIBADD = +# network streams +lmnetstrm_la_SOURCES = netstrm.c netstrm.h +lmnetstrm_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnetstrm_la_LDFLAGS = -module -avoid-version +lmnetstrm_la_LIBADD = endif # if ENABLE_INET diff --git a/runtime/net.c b/runtime/net.c index 0c02eed4..1d085290 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -666,7 +666,6 @@ gethname(struct sockaddr_storage *f, uchar *pszHostFQDN) if (error == 0) { memset (&hints, 0, sizeof (struct addrinfo)); hints.ai_flags = AI_NUMERICHOST; - hints.ai_socktype = SOCK_DGRAM; /* we now do a lookup once again. This one should fail, * because we should not have obtained a non-numeric address. If diff --git a/runtime/netstrm.c b/runtime/netstrm.c new file mode 100644 index 00000000..0afb4a5e --- /dev/null +++ b/runtime/netstrm.c @@ -0,0 +1,284 @@ +/* netstrmstrm.c + * + * This class implements a generic netstrmwork stream class. It supports + * sending and receiving data streams over a netstrmwork. The class abstracts + * the transport, though it is a safe assumption that TCP is being used. + * The class has a number of properties, among which are also ones to + * select privacy settings, eg by enabling TLS and/or GSSAPI. In the + * long run, this class shall provide all stream-oriented netstrmwork + * functionality inside rsyslog. + * + * It is a high-level class, which uses a number of helper objects + * to carry out its work (including, and most importantly, transport + * drivers). + * + * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +#include "rsyslog.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "syslogd-types.h" +#include "module-template.h" +#include "parse.h" +#include "srUtils.h" +#include "obj.h" +#include "errmsg.h" +#include "netstrm.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +DEFobjCurrIf(errmsg) +DEFobjCurrIf(glbl) + + +/* The following #ifdef sequence is a small compatibility + * layer. It tries to work around the different availality + * levels of SO_BSDCOMPAT on linuxes... + * I borrowed this code from + * http://www.erlang.org/ml-archive/erlang-questions/200307/msg00037.html + * It still needs to be a bit better adapted to rsyslog. + * rgerhards 2005-09-19 + */ +#include +static int +should_use_so_bsdcompat(void) +{ +#ifndef OS_BSD + static int init_done; + static int so_bsdcompat_is_obsolete; + + if (!init_done) { + struct utsname myutsname; + unsigned int version, patchlevel; + + init_done = 1; + if (uname(&myutsname) < 0) { + char errStr[1024]; + dbgprintf("uname: %s\r\n", rs_strerror_r(errno, errStr, sizeof(errStr))); + return 1; + } + /* Format is .. + where the first three are unsigned integers and the last + is an arbitrary string. We only care about the first two. */ + if (sscanf(myutsname.release, "%u.%u", &version, &patchlevel) != 2) { + dbgprintf("uname: unexpected release '%s'\r\n", + myutsname.release); + return 1; + } + /* SO_BSCOMPAT is deprecated and triggers warnings in 2.5 + kernels. It is a no-op in 2.4 but not in 2.2 kernels. */ + if (version > 2 || (version == 2 && patchlevel >= 5)) + so_bsdcompat_is_obsolete = 1; + } + return !so_bsdcompat_is_obsolete; +#else /* #ifndef OS_BSD */ + return 1; +#endif /* #ifndef OS_BSD */ +} +#ifndef SO_BSDCOMPAT +/* this shall prevent compiler errors due to undfined name */ +#define SO_BSDCOMPAT 0 +#endif + + +/* get the hostname of the message source. This was originally in cvthname() + * but has been moved out of it because of clarity and fuctional separation. + * It must be provided by the socket we received the message on as well as + * a NI_MAXHOST size large character buffer for the FQDN. + * + * Please see http://www.hmug.org/man/3/getnameinfo.php (under Caveats) + * for some explanation of the code found below. We do by default not + * discard message where we detected malicouos DNS PTR records. However, + * there is a user-configurabel option that will tell us if + * we should abort. For this, the return value tells the caller if the + * message should be processed (1) or discarded (0). + */ +static rsRetVal +gethname(struct sockaddr_storage *f, uchar *pszHostFQDN) +{ + DEFiRet; + int error; + sigset_t omask, nmask; + char ip[NI_MAXHOST]; + struct addrinfo hints, *res; + + assert(f != NULL); + assert(pszHostFQDN != NULL); + + error = getnameinfo((struct sockaddr *)f, SALEN((struct sockaddr *)f), + ip, sizeof ip, NULL, 0, NI_NUMERICHOST); + + if (error) { + dbgprintf("Malformed from address %s\n", gai_strerror(error)); + strcpy((char*) pszHostFQDN, "???"); + ABORT_FINALIZE(RS_RET_INVALID_SOURCE); + } + + if(!glbl.GetDisableDNS()) { + sigemptyset(&nmask); + sigaddset(&nmask, SIGHUP); + pthread_sigmask(SIG_BLOCK, &nmask, &omask); + + error = getnameinfo((struct sockaddr *)f, SALEN((struct sockaddr *) f), + (char*)pszHostFQDN, NI_MAXHOST, NULL, 0, NI_NAMEREQD); + + if (error == 0) { + memset (&hints, 0, sizeof (struct addrinfo)); + hints.ai_flags = AI_NUMERICHOST; + hints.ai_socktype = SOCK_STREAM; + + /* we now do a lookup once again. This one should fail, + * because we should not have obtained a non-numeric address. If + * we got a numeric one, someone messed with DNS! + */ + if (getaddrinfo ((char*)pszHostFQDN, NULL, &hints, &res) == 0) { + uchar szErrMsg[1024]; + freeaddrinfo (res); + /* OK, we know we have evil. The question now is what to do about + * it. One the one hand, the message might probably be intended + * to harm us. On the other hand, losing the message may also harm us. + * Thus, the behaviour is controlled by the $DropMsgsWithMaliciousDnsPTRRecords + * option. If it tells us we should discard, we do so, else we proceed, + * but log an error message together with it. + * time being, we simply drop the name we obtained and use the IP - that one + * is OK in any way. We do also log the error message. rgerhards, 2007-07-16 + */ + if(glbl.GetDropMalPTRMsgs() == 1) { + snprintf((char*)szErrMsg, sizeof(szErrMsg) / sizeof(uchar), + "Malicious PTR record, message dropped " + "IP = \"%s\" HOST = \"%s\"", + ip, pszHostFQDN); + errmsg.LogError(NO_ERRCODE, "%s", szErrMsg); + pthread_sigmask(SIG_SETMASK, &omask, NULL); + ABORT_FINALIZE(RS_RET_MALICIOUS_ENTITY); + } + + /* Please note: we deal with a malicous entry. Thus, we have crafted + * the snprintf() below so that all text is in front of the entry - maybe + * it contains characters that make the message unreadable + * (OK, I admit this is more or less impossible, but I am paranoid...) + * rgerhards, 2007-07-16 + */ + snprintf((char*)szErrMsg, sizeof(szErrMsg) / sizeof(uchar), + "Malicious PTR record (message accepted, but used IP " + "instead of PTR name: IP = \"%s\" HOST = \"%s\"", + ip, pszHostFQDN); + errmsg.LogError(NO_ERRCODE, "%s", szErrMsg); + + error = 1; /* that will trigger using IP address below. */ + } + } + pthread_sigmask(SIG_SETMASK, &omask, NULL); + } + + if(error || glbl.GetDisableDNS()) { + dbgprintf("Host name for your address (%s) unknown\n", ip); + strcpy((char*) pszHostFQDN, ip); + ABORT_FINALIZE(RS_RET_ADDRESS_UNKNOWN); + } + +finalize_it: + RETiRet; +} + + +/* queryInterface function + * rgerhards, 2008-03-05 + */ +BEGINobjQueryInterface(netstrm) +CODESTARTobjQueryInterface(netstrm) + if(pIf->ifVersion != netstrmCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + //pIf->cvthname = cvthname; +finalize_it: +ENDobjQueryInterface(netstrm) + + +/* exit our class + * rgerhards, 2008-03-10 + */ +BEGINObjClassExit(netstrm, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(netstrm) + /* release objects we no longer need */ + objRelease(glbl, CORE_COMPONENT); + objRelease(errmsg, CORE_COMPONENT); +ENDObjClassExit(netstrm) + + +/* Initialize the netstrm class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINAbstractObjClassInit(netstrm, 1, OBJ_IS_CORE_MODULE) /* class, version */ + /* request objects we use */ + CHKiRet(objUse(errmsg, CORE_COMPONENT)); + CHKiRet(objUse(glbl, CORE_COMPONENT)); + + /* set our own handlers */ +ENDObjClassInit(netstrm) + + +/* --------------- here now comes the plumbing that makes as a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + netstrmClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(netstrmClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/netstrm.h b/runtime/netstrm.h new file mode 100644 index 00000000..7afce969 --- /dev/null +++ b/runtime/netstrm.h @@ -0,0 +1,44 @@ +/* Definitions for the stream-based netstrmworking class. + * + * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NETSTRM_H +#define INCLUDED_NETSTRM_H + +/* the netstrm object */ +struct netstrm_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + int sock; /* underlying socket */ +}; + +/* interfaces */ +BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ +ENDinterface(netstrm) +#define netstrmCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ + +/* prototypes */ +PROTOTYPEObj(netstrm); + +/* the name of our library binary */ +#define LM_NETSTRM_FILENAME "lmnetstrm" + +#endif /* #ifndef INCLUDED_NETSTRM_H */ diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 868bb564..3a81d67b 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -61,8 +61,9 @@ /* define some base data types */ typedef unsigned char uchar;/* get rid of the unhandy "unsigned char" */ typedef struct thrdInfo thrdInfo_t; -typedef struct filed selector_t; /* TODO: this so far resides in syslogd.c, think about modularization */ +typedef struct filed selector_t;/* TODO: this so far resides in syslogd.c, think about modularization */ typedef struct NetAddr netAddr_t; +typedef struct netstrm_s netstrm_t; typedef struct msg msg_t; typedef struct interface_s interface_t; typedef struct objInfo_s objInfo_t; -- cgit v1.2.3 From ccf3b533c698d323cafb01d32f35edaeaf8e8daa Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 17 Apr 2008 15:40:28 +0200 Subject: imported tcp module from librelp as basis for new stream class we got permission to include the tcp module from librelp copyright holders --- runtime/netstrm.c | 550 +++++++++++++++++++++++++++++++++++++++++++----------- runtime/netstrm.h | 22 ++- runtime/rsyslog.h | 5 + 3 files changed, 463 insertions(+), 114 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 0afb4a5e..67611aa0 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -12,6 +12,11 @@ * to carry out its work (including, and most importantly, transport * drivers). * + * Work on this module begun 2008-04-17 by Rainer Gerhards. This code + * borrows from librelp's tcp.c/.h code. librelp is dual licensed and + * Rainer Gerhards and Adiscon GmbH have agreed to permit using the code + * under the terms of the GNU Lesser General Public License. + * * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. @@ -54,6 +59,7 @@ #include "srUtils.h" #include "obj.h" #include "errmsg.h" +#include "net.h" #include "netstrm.h" MODULE_TYPE_LIB @@ -62,155 +68,464 @@ MODULE_TYPE_LIB DEFobjStaticHelpers DEFobjCurrIf(errmsg) DEFobjCurrIf(glbl) +DEFobjCurrIf(net) + +#define DFLT_PORT "514" +#warning "urgent TODO: default port!" + +/* Standard-Constructor + */ +BEGINobjConstruct(netstrm) /* be sure to specify the object type also in END macro! */ + pThis->sock = -1; + pThis->iSessMax = 500; /* default max nbr of sessions -TODO:make configurable--rgerhards, 2008-04-17*/ +ENDobjConstruct(netstrm) -/* The following #ifdef sequence is a small compatibility - * layer. It tries to work around the different availality - * levels of SO_BSDCOMPAT on linuxes... - * I borrowed this code from - * http://www.erlang.org/ml-archive/erlang-questions/200307/msg00037.html - * It still needs to be a bit better adapted to rsyslog. - * rgerhards 2005-09-19 +/* ConstructionFinalizer */ -#include -static int -should_use_so_bsdcompat(void) +static rsRetVal +netstrmConstructFinalize(netstrm_t __attribute__((unused)) *pThis) { -#ifndef OS_BSD - static int init_done; - static int so_bsdcompat_is_obsolete; - - if (!init_done) { - struct utsname myutsname; - unsigned int version, patchlevel; - - init_done = 1; - if (uname(&myutsname) < 0) { - char errStr[1024]; - dbgprintf("uname: %s\r\n", rs_strerror_r(errno, errStr, sizeof(errStr))); - return 1; + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + RETiRet; +} + + +/* destructor for the netstrm object */ +BEGINobjDestruct(netstrm) /* be sure to specify the object type also in END and CODESTART macros! */ + int i; +CODESTARTobjDestruct(netstrm) + if(pThis->sock != -1) { + close(pThis->sock); + pThis->sock = -1; } - /* Format is .. - where the first three are unsigned integers and the last - is an arbitrary string. We only care about the first two. */ - if (sscanf(myutsname.release, "%u.%u", &version, &patchlevel) != 2) { - dbgprintf("uname: unexpected release '%s'\r\n", - myutsname.release); - return 1; + + if(pThis->socks != NULL) { + /* if we have some sockets at this stage, we need to close them */ + for(i = 1 ; i <= pThis->socks[0] ; ++i) + close(pThis->socks[i]); + free(pThis->socks); } - /* SO_BSCOMPAT is deprecated and triggers warnings in 2.5 - kernels. It is a no-op in 2.4 but not in 2.2 kernels. */ - if (version > 2 || (version == 2 && patchlevel >= 5)) - so_bsdcompat_is_obsolete = 1; - } - return !so_bsdcompat_is_obsolete; -#else /* #ifndef OS_BSD */ - return 1; -#endif /* #ifndef OS_BSD */ + + if(pThis->pRemHostIP != NULL) + free(pThis->pRemHostIP); + if(pThis->pRemHostName != NULL) + free(pThis->pRemHostName); +ENDobjDestruct(netstrm) + + +/* abort a connection. This is much like Destruct(), but tries + * to discard any unsent data. -- rgerhards, 2008-03-24 + */ +rsRetVal +AbortDestruct(netstrm_t **ppThis) +{ + struct linger ling; + + DEFiRet; + assert(ppThis != NULL); + ISOBJ_TYPE_assert((*ppThis), netstrm); + + if((*ppThis)->sock != -1) { + ling.l_onoff = 1; + ling.l_linger = 0; + if(setsockopt((*ppThis)->sock, SOL_SOCKET, SO_LINGER, &ling, sizeof(ling)) < 0 ) { + dbgprintf("could not set SO_LINGER, errno %d\n", errno); + } + } + + iRet = netstrmDestruct(ppThis); + + RETiRet; } -#ifndef SO_BSDCOMPAT -/* this shall prevent compiler errors due to undfined name */ -#define SO_BSDCOMPAT 0 -#endif -/* get the hostname of the message source. This was originally in cvthname() - * but has been moved out of it because of clarity and fuctional separation. - * It must be provided by the socket we received the message on as well as - * a NI_MAXHOST size large character buffer for the FQDN. - * +/* Set pRemHost based on the address provided. This is to be called upon accept()ing + * a connection request. It must be provided by the socket we received the + * message on as well as a NI_MAXHOST size large character buffer for the FQDN. * Please see http://www.hmug.org/man/3/getnameinfo.php (under Caveats) - * for some explanation of the code found below. We do by default not - * discard message where we detected malicouos DNS PTR records. However, - * there is a user-configurabel option that will tell us if - * we should abort. For this, the return value tells the caller if the - * message should be processed (1) or discarded (0). + * for some explanation of the code found below. If we detect a malicious + * hostname, we return RS_RET_MALICIOUS_HNAME and let the caller decide + * on how to deal with that. + * rgerhards, 2008-03-31 */ static rsRetVal -gethname(struct sockaddr_storage *f, uchar *pszHostFQDN) +SetRemHost(netstrm_t *pThis, struct sockaddr *pAddr) { - DEFiRet; int error; - sigset_t omask, nmask; - char ip[NI_MAXHOST]; + uchar szIP[NI_MAXHOST] = ""; + uchar szHname[NI_MAXHOST] = ""; struct addrinfo hints, *res; + size_t len; - assert(f != NULL); - assert(pszHostFQDN != NULL); + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + assert(pAddr != NULL); - error = getnameinfo((struct sockaddr *)f, SALEN((struct sockaddr *)f), - ip, sizeof ip, NULL, 0, NI_NUMERICHOST); + error = getnameinfo(pAddr, SALEN(pAddr), (char*)szIP, sizeof(szIP), NULL, 0, NI_NUMERICHOST); - if (error) { + if(error) { dbgprintf("Malformed from address %s\n", gai_strerror(error)); - strcpy((char*) pszHostFQDN, "???"); - ABORT_FINALIZE(RS_RET_INVALID_SOURCE); + strcpy((char*)szHname, "???"); + strcpy((char*)szIP, "???"); + ABORT_FINALIZE(RS_RET_INVALID_HNAME); } if(!glbl.GetDisableDNS()) { - sigemptyset(&nmask); - sigaddset(&nmask, SIGHUP); - pthread_sigmask(SIG_BLOCK, &nmask, &omask); - - error = getnameinfo((struct sockaddr *)f, SALEN((struct sockaddr *) f), - (char*)pszHostFQDN, NI_MAXHOST, NULL, 0, NI_NAMEREQD); - - if (error == 0) { + error = getnameinfo(pAddr, SALEN(pAddr), (char*)szHname, NI_MAXHOST, NULL, 0, NI_NAMEREQD); + if(error == 0) { memset (&hints, 0, sizeof (struct addrinfo)); hints.ai_flags = AI_NUMERICHOST; hints.ai_socktype = SOCK_STREAM; - /* we now do a lookup once again. This one should fail, * because we should not have obtained a non-numeric address. If * we got a numeric one, someone messed with DNS! */ - if (getaddrinfo ((char*)pszHostFQDN, NULL, &hints, &res) == 0) { - uchar szErrMsg[1024]; + if(getaddrinfo((char*)szHname, NULL, &hints, &res) == 0) { freeaddrinfo (res); - /* OK, we know we have evil. The question now is what to do about - * it. One the one hand, the message might probably be intended - * to harm us. On the other hand, losing the message may also harm us. - * Thus, the behaviour is controlled by the $DropMsgsWithMaliciousDnsPTRRecords - * option. If it tells us we should discard, we do so, else we proceed, - * but log an error message together with it. - * time being, we simply drop the name we obtained and use the IP - that one - * is OK in any way. We do also log the error message. rgerhards, 2007-07-16 - */ - if(glbl.GetDropMalPTRMsgs() == 1) { - snprintf((char*)szErrMsg, sizeof(szErrMsg) / sizeof(uchar), - "Malicious PTR record, message dropped " - "IP = \"%s\" HOST = \"%s\"", - ip, pszHostFQDN); - errmsg.LogError(NO_ERRCODE, "%s", szErrMsg); - pthread_sigmask(SIG_SETMASK, &omask, NULL); - ABORT_FINALIZE(RS_RET_MALICIOUS_ENTITY); - } - - /* Please note: we deal with a malicous entry. Thus, we have crafted - * the snprintf() below so that all text is in front of the entry - maybe - * it contains characters that make the message unreadable - * (OK, I admit this is more or less impossible, but I am paranoid...) - * rgerhards, 2007-07-16 + /* OK, we know we have evil, so let's indicate this to our caller */ + snprintf((char*)szHname, NI_MAXHOST, "[MALICIOUS:IP=%s]", szIP); + dbgprintf("Malicious PTR record, IP = \"%s\" HOST = \"%s\"", szIP, szHname); + iRet = RS_RET_MALICIOUS_HNAME; + } + } else { + strcpy((char*)szHname, (char*)szIP); + } + } else { + strcpy((char*)szHname, (char*)szIP); + } + + /* We now have the names, so now let's allocate memory and store them permanently. + * (side note: we may hold on to these values for quite a while, thus we trim their + * memory consumption) + */ + len = strlen((char*)szIP) + 1; /* +1 for \0 byte */ + if((pThis->pRemHostIP = malloc(len)) == NULL) + ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); + memcpy(pThis->pRemHostIP, szIP, len); + + len = strlen((char*)szHname) + 1; /* +1 for \0 byte */ + if((pThis->pRemHostName = malloc(len)) == NULL) { + free(pThis->pRemHostIP); /* prevent leak */ + pThis->pRemHostIP = NULL; + ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); + } + memcpy(pThis->pRemHostName, szHname, len); + +finalize_it: + RETiRet; +} + + + +/* accept an incoming connection request, sock provides the socket on which we can + * accept the new session. + * rgerhards, 2008-03-17 + */ +rsRetVal +AcceptConnReq(netstrm_t **ppThis, int sock) +{ + netstrm_t *pThis = NULL; + int sockflags; + struct sockaddr_storage addr; + socklen_t addrlen = sizeof(addr); + int iNewSock = -1; + + DEFiRet; + assert(ppThis != NULL); + + iNewSock = accept(sock, (struct sockaddr*) &addr, &addrlen); + if(iNewSock < 0) { + ABORT_FINALIZE(RS_RET_ACCEPT_ERR); + } + + /* construct our object so that we can use it... */ + CHKiRet(netstrmConstruct(&pThis)); + + /* TODO: obtain hostname, normalize (callback?), save it */ + CHKiRet(SetRemHost(pThis, (struct sockaddr*) &addr)); + + /* set the new socket to non-blocking IO */ + if((sockflags = fcntl(iNewSock, F_GETFL)) != -1) { + sockflags |= O_NONBLOCK; + /* SETFL could fail too, so get it caught by the subsequent + * error check. + */ + sockflags = fcntl(iNewSock, F_SETFL, sockflags); + } + if(sockflags == -1) { + dbgprintf("error %d setting fcntl(O_NONBLOCK) on relp socket %d", errno, iNewSock); + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + + pThis->sock = iNewSock; + + *ppThis = pThis; + +finalize_it: + if(iRet != RS_RET_OK) { + if(pThis != NULL) + netstrmDestruct(&pThis); + /* the close may be redundant, but that doesn't hurt... */ + if(iNewSock >= 0) + close(iNewSock); + } + + RETiRet; +} + + +/* initialize the tcp socket for a listner + * pLstnPort is either a pointer to a port name or NULL, in which case the + * default is used. + * gerhards, 2008-03-17 + */ +rsRetVal +LstnInit(netstrm_t *pThis, uchar *pLstnPort) +{ + struct addrinfo hints, *res, *r; + int error, maxs, *s, on = 1; + int sockflags; + uchar *pLstnPt; + + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + + pLstnPt = (pLstnPort == NULL) ? (uchar*) DFLT_PORT : pLstnPort; + dbgprintf("creating relp tcp listen socket on port %s\n", pLstnPt); + + memset(&hints, 0, sizeof(hints)); + hints.ai_flags = AI_PASSIVE; + hints.ai_family = PF_UNSPEC; /* TODO: permit to configure IPv4/v6 only! */ + hints.ai_socktype = SOCK_STREAM; + + error = getaddrinfo(NULL, (char*) pLstnPt, &hints, &res); + if(error) { + dbgprintf("error %d querying port '%s'\n", error, pLstnPt); + ABORT_FINALIZE(RS_RET_INVALID_PORT); + } + + /* Count max number of sockets we may open */ + for(maxs = 0, r = res; r != NULL ; r = r->ai_next, maxs++) + /* EMPTY */; + pThis->socks = malloc((maxs+1) * sizeof(int)); + if (pThis->socks == NULL) { + dbgprintf("couldn't allocate memory for TCP listen sockets, suspending RELP message reception."); + freeaddrinfo(res); + ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); + } + + *pThis->socks = 0; /* num of sockets counter at start of array */ + s = pThis->socks + 1; + for(r = res; r != NULL ; r = r->ai_next) { + *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); + if (*s < 0) { + if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) + dbgprintf("creating relp tcp listen socket"); + /* it is debatable if PF_INET with EAFNOSUPPORT should + * also be ignored... */ - snprintf((char*)szErrMsg, sizeof(szErrMsg) / sizeof(uchar), - "Malicious PTR record (message accepted, but used IP " - "instead of PTR name: IP = \"%s\" HOST = \"%s\"", - ip, pszHostFQDN); - errmsg.LogError(NO_ERRCODE, "%s", szErrMsg); + continue; + } + +#ifdef IPV6_V6ONLY + if (r->ai_family == AF_INET6) { + int iOn = 1; + if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, + (char *)&iOn, sizeof (iOn)) < 0) { + close(*s); + *s = -1; + continue; + } + } +#endif + if(setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)) < 0 ) { + dbgprintf("error %d setting relp/tcp socket option\n", errno); + close(*s); + *s = -1; + continue; + } + + /* We use non-blocking IO! */ + if((sockflags = fcntl(*s, F_GETFL)) != -1) { + sockflags |= O_NONBLOCK; + /* SETFL could fail too, so get it caught by the subsequent + * error check. + */ + sockflags = fcntl(*s, F_SETFL, sockflags); + } + if(sockflags == -1) { + dbgprintf("error %d setting fcntl(O_NONBLOCK) on relp socket", errno); + close(*s); + *s = -1; + continue; + } + + + + /* We need to enable BSD compatibility. Otherwise an attacker + * could flood our log files by sending us tons of ICMP errors. + */ +#ifndef BSD + if(net.should_use_so_bsdcompat()) { + if (setsockopt(*s, SOL_SOCKET, SO_BSDCOMPAT, + (char *) &on, sizeof(on)) < 0) { + errmsg.LogError(NO_ERRCODE, "TCP setsockopt(BSDCOMPAT)"); + close(*s); + *s = -1; + continue; + } + } +#endif - error = 1; /* that will trigger using IP address below. */ + if( (bind(*s, r->ai_addr, r->ai_addrlen) < 0) +#ifndef IPV6_V6ONLY + && (errno != EADDRINUSE) +#endif + ) { + dbgprintf("error %d while binding relp tcp socket", errno); + close(*s); + *s = -1; + continue; + } + + if(listen(*s,pThis->iSessMax / 10 + 5) < 0) { + /* If the listen fails, it most probably fails because we ask + * for a too-large backlog. So in this case we first set back + * to a fixed, reasonable, limit that should work. Only if + * that fails, too, we give up. + */ + dbgprintf("listen with a backlog of %d failed - retrying with default of 32.", + pThis->iSessMax / 10 + 5); + if(listen(*s, 32) < 0) { + dbgprintf("relp listen error %d, suspending\n", errno); + close(*s); + *s = -1; + continue; } - } - pthread_sigmask(SIG_SETMASK, &omask, NULL); + } + + (*pThis->socks)++; + s++; } - if(error || glbl.GetDisableDNS()) { - dbgprintf("Host name for your address (%s) unknown\n", ip); - strcpy((char*) pszHostFQDN, ip); - ABORT_FINALIZE(RS_RET_ADDRESS_UNKNOWN); - } + if(res != NULL) + freeaddrinfo(res); + + if(*pThis->socks != maxs) + dbgprintf("We could initialize %d RELP TCP listen sockets out of %d we received " + "- this may or may not be an error indication.\n", *pThis->socks, maxs); + + if(*pThis->socks == 0) { + dbgprintf("No RELP TCP listen socket could successfully be initialized, " + "message reception via RELP disabled.\n"); + free(pThis->socks); + ABORT_FINALIZE(RS_RET_COULD_NOT_BIND); + } + +finalize_it: + RETiRet; +} + + +/* receive data from a tcp socket + * The lenBuf parameter must contain the max buffer size on entry and contains + * the number of octets read (or -1 in case of error) on exit. This function + * never blocks, not even when called on a blocking socket. That is important + * for client sockets, which are set to block during send, but should not + * block when trying to read data. If *pLenBuf is -1, an error occured and + * errno holds the exact error cause. + * rgerhards, 2008-03-17 + */ +rsRetVal +Rcv(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + + *pLenBuf = recv(pThis->sock, pRcvBuf, *pLenBuf, MSG_DONTWAIT); + + RETiRet; +} + + +/* send a buffer. On entry, pLenBuf contains the number of octets to + * write. On exit, it contains the number of octets actually written. + * If this number is lower than on entry, only a partial buffer has + * been written. + * rgerhards, 2008-03-19 + */ +rsRetVal +Send(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf) +{ + ssize_t written; + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + + written = send(pThis->sock, pBuf, *pLenBuf, 0); + + if(written == -1) { + switch(errno) { + case EAGAIN: + case EINTR: + /* this is fine, just retry... */ + written = 0; + break; + default: + ABORT_FINALIZE(RS_RET_IO_ERROR); + break; + } + } + + *pLenBuf = written; +finalize_it: + RETiRet; +} + + +/* open a connection to a remote host (server). + * rgerhards, 2008-03-19 + */ +rsRetVal +Connect(netstrm_t *pThis, int family, uchar *port, uchar *host) +{ + struct addrinfo *res = NULL; + struct addrinfo hints; + + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + assert(port != NULL); + assert(host != NULL); + assert(pThis->sock == -1); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = family; + hints.ai_socktype = SOCK_STREAM; + if(getaddrinfo((char*)host, (char*)port, &hints, &res) != 0) { + dbgprintf("error %d in getaddrinfo\n", errno); + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + + if((pThis->sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) == -1) { + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + + if(connect(pThis->sock, res->ai_addr, res->ai_addrlen) != 0) { + ABORT_FINALIZE(RS_RET_IO_ERROR); + } finalize_it: + if(res != NULL) + freeaddrinfo(res); + + if(iRet != RS_RET_OK) { + if(pThis->sock != -1) { + close(pThis->sock); + pThis->sock = -1; + } + } + RETiRet; } @@ -229,7 +544,14 @@ CODESTARTobjQueryInterface(netstrm) * work here (if we can support an older interface version - that, * of course, also affects the "if" above). */ - //pIf->cvthname = cvthname; + pIf->Construct = netstrmConstruct; + pIf->ConstructFinalize = netstrmConstructFinalize; + pIf->Destruct = netstrmDestruct; + pIf->LstnInit = LstnInit; + pIf->AcceptConnReq = AcceptConnReq; + pIf->Rcv = Rcv; + pIf->Send = Send; + pIf->Connect = Connect; finalize_it: ENDobjQueryInterface(netstrm) @@ -240,6 +562,7 @@ ENDobjQueryInterface(netstrm) BEGINObjClassExit(netstrm, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ CODESTARTObjClassExit(netstrm) /* release objects we no longer need */ + objRelease(net, CORE_COMPONENT); objRelease(glbl, CORE_COMPONENT); objRelease(errmsg, CORE_COMPONENT); ENDObjClassExit(netstrm) @@ -253,6 +576,7 @@ BEGINAbstractObjClassInit(netstrm, 1, OBJ_IS_CORE_MODULE) /* class, version */ /* request objects we use */ CHKiRet(objUse(errmsg, CORE_COMPONENT)); CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(net, CORE_COMPONENT)); /* set our own handlers */ ENDObjClassInit(netstrm) diff --git a/runtime/netstrm.h b/runtime/netstrm.h index 7afce969..73d9c274 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -27,11 +27,31 @@ /* the netstrm object */ struct netstrm_s { BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ - int sock; /* underlying socket */ + uchar *pRemHostIP; /**< IP address of remote peer (currently used in server mode, only) */ + uchar *pRemHostName; /**< host name of remote peer (currently used in server mode, only) */ + int sock; /**< the socket we use for regular, single-socket, operations */ + int *socks; /**< the socket(s) we use for listeners, element 0 has nbr of socks */ + int iSessMax; /**< maximum number of sessions permitted */ }; +/* macros for quick member access */ +#warning "do we need the macros?" +#define relpTcpGetNumSocks(pThis) ((pThis)->socks[0]) +#define relpTcpGetLstnSock(pThis, i) ((pThis)->socks[i]) +#define relpTcpGetSock(pThis) ((pThis)->sock) + + /* interfaces */ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ +//??relpRetVal relpTcpAbortDestruct(relpTcp_t **ppThis); + rsRetVal (*Construct)(netstrm_t **ppThis); + rsRetVal (*ConstructFinalize)(netstrm_t __attribute__((unused)) *pThis); + rsRetVal (*Destruct)(netstrm_t **ppThis); + rsRetVal (*LstnInit)(netstrm_t *pThis, unsigned char *pLstnPort); + rsRetVal (*AcceptConnReq)(netstrm_t **ppThis, int sock); + rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); + rsRetVal (*Send)(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf); + rsRetVal (*Connect)(netstrm_t *pThis, int family, unsigned char *port, unsigned char *host); ENDinterface(netstrm) #define netstrmCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 3a81d67b..7ed989c5 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -198,6 +198,11 @@ enum rsRetVal_ /** return value. All methods return this if not specified oth RS_RET_MAIL_NO_TO = -2071, /**< recipient for mail destination is missing */ RS_RET_MAIL_NO_FROM = -2072, /**< sender for mail destination is missing */ RS_RET_INVALID_PRI = -2073, /**< PRI value is invalid */ + RS_RET_MALICIOUS_HNAME = -2074, /**< remote peer is trying malicious things with its hostname */ + RS_RET_ACCEPT_ERR = -2074, /**< error during accept() system call */ + RS_RET_INVALID_HNAME = -2075, /**< remote peer's hostname invalid or unobtainable */ + RS_RET_INVALID_PORT = -2076, /**< invalid port value */ + RS_RET_COULD_NOT_BIND = -2077, /**< could not bind socket, defunct */ /* RainerScript error messages (range 1000.. 1999) */ RS_RET_SYSVAR_NOT_FOUND = 1001, /**< system variable could not be found (maybe misspelled) */ -- cgit v1.2.3 From 665ac5df67b6613dfe338396d6cec91e678a0394 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 17 Apr 2008 16:00:07 +0200 Subject: brought netstrm to a (hopefully) somewhat usable state --- runtime/netstrm.c | 48 +++++++++++++++++++++++------------------------- runtime/netstrm.h | 8 +------- 2 files changed, 24 insertions(+), 32 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 67611aa0..c27d5f4d 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -70,8 +70,6 @@ DEFobjCurrIf(errmsg) DEFobjCurrIf(glbl) DEFobjCurrIf(net) -#define DFLT_PORT "514" -#warning "urgent TODO: default port!" /* Standard-Constructor */ @@ -118,7 +116,7 @@ ENDobjDestruct(netstrm) /* abort a connection. This is much like Destruct(), but tries * to discard any unsent data. -- rgerhards, 2008-03-24 */ -rsRetVal +static rsRetVal AbortDestruct(netstrm_t **ppThis) { struct linger ling; @@ -151,7 +149,7 @@ AbortDestruct(netstrm_t **ppThis) * rgerhards, 2008-03-31 */ static rsRetVal -SetRemHost(netstrm_t *pThis, struct sockaddr *pAddr) +FillRemHost(netstrm_t *pThis, struct sockaddr *pAddr) { int error; uchar szIP[NI_MAXHOST] = ""; @@ -223,7 +221,7 @@ finalize_it: * accept the new session. * rgerhards, 2008-03-17 */ -rsRetVal +static rsRetVal AcceptConnReq(netstrm_t **ppThis, int sock) { netstrm_t *pThis = NULL; @@ -244,7 +242,7 @@ AcceptConnReq(netstrm_t **ppThis, int sock) CHKiRet(netstrmConstruct(&pThis)); /* TODO: obtain hostname, normalize (callback?), save it */ - CHKiRet(SetRemHost(pThis, (struct sockaddr*) &addr)); + CHKiRet(FillRemHost(pThis, (struct sockaddr*) &addr)); /* set the new socket to non-blocking IO */ if((sockflags = fcntl(iNewSock, F_GETFL)) != -1) { @@ -255,7 +253,7 @@ AcceptConnReq(netstrm_t **ppThis, int sock) sockflags = fcntl(iNewSock, F_SETFL, sockflags); } if(sockflags == -1) { - dbgprintf("error %d setting fcntl(O_NONBLOCK) on relp socket %d", errno, iNewSock); + dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket %d", errno, iNewSock); ABORT_FINALIZE(RS_RET_IO_ERROR); } @@ -277,32 +275,33 @@ finalize_it: /* initialize the tcp socket for a listner - * pLstnPort is either a pointer to a port name or NULL, in which case the + * pLstnPort must point to a port name or number. NULL is NOT permitted + * (hint: we need to be careful when we use this module together with librelp, + * there NULL indicates the default port * default is used. * gerhards, 2008-03-17 */ -rsRetVal +static rsRetVal LstnInit(netstrm_t *pThis, uchar *pLstnPort) { struct addrinfo hints, *res, *r; int error, maxs, *s, on = 1; int sockflags; - uchar *pLstnPt; DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); + assert(pLstnPort != NULL); - pLstnPt = (pLstnPort == NULL) ? (uchar*) DFLT_PORT : pLstnPort; - dbgprintf("creating relp tcp listen socket on port %s\n", pLstnPt); + dbgprintf("creating tcp listen socket on port %s\n", pLstnPort); memset(&hints, 0, sizeof(hints)); hints.ai_flags = AI_PASSIVE; - hints.ai_family = PF_UNSPEC; /* TODO: permit to configure IPv4/v6 only! */ + hints.ai_family = glbl.GetDefPFFamily(); hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(NULL, (char*) pLstnPt, &hints, &res); + error = getaddrinfo(NULL, (char*) pLstnPort, &hints, &res); if(error) { - dbgprintf("error %d querying port '%s'\n", error, pLstnPt); + dbgprintf("error %d querying port '%s'\n", error, pLstnPort); ABORT_FINALIZE(RS_RET_INVALID_PORT); } @@ -322,7 +321,7 @@ LstnInit(netstrm_t *pThis, uchar *pLstnPort) *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); if (*s < 0) { if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) - dbgprintf("creating relp tcp listen socket"); + dbgprintf("creating tcp listen socket"); /* it is debatable if PF_INET with EAFNOSUPPORT should * also be ignored... */ @@ -341,7 +340,7 @@ LstnInit(netstrm_t *pThis, uchar *pLstnPort) } #endif if(setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)) < 0 ) { - dbgprintf("error %d setting relp/tcp socket option\n", errno); + dbgprintf("error %d setting tcp socket option\n", errno); close(*s); *s = -1; continue; @@ -356,7 +355,7 @@ LstnInit(netstrm_t *pThis, uchar *pLstnPort) sockflags = fcntl(*s, F_SETFL, sockflags); } if(sockflags == -1) { - dbgprintf("error %d setting fcntl(O_NONBLOCK) on relp socket", errno); + dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket", errno); close(*s); *s = -1; continue; @@ -384,7 +383,7 @@ LstnInit(netstrm_t *pThis, uchar *pLstnPort) && (errno != EADDRINUSE) #endif ) { - dbgprintf("error %d while binding relp tcp socket", errno); + dbgprintf("error %d while binding tcp socket", errno); close(*s); *s = -1; continue; @@ -399,7 +398,7 @@ LstnInit(netstrm_t *pThis, uchar *pLstnPort) dbgprintf("listen with a backlog of %d failed - retrying with default of 32.", pThis->iSessMax / 10 + 5); if(listen(*s, 32) < 0) { - dbgprintf("relp listen error %d, suspending\n", errno); + dbgprintf("tcp listen error %d, suspending\n", errno); close(*s); *s = -1; continue; @@ -438,7 +437,7 @@ finalize_it: * errno holds the exact error cause. * rgerhards, 2008-03-17 */ -rsRetVal +static rsRetVal Rcv(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf) { DEFiRet; @@ -456,7 +455,7 @@ Rcv(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf) * been written. * rgerhards, 2008-03-19 */ -rsRetVal +static rsRetVal Send(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf) { ssize_t written; @@ -487,7 +486,7 @@ finalize_it: /* open a connection to a remote host (server). * rgerhards, 2008-03-19 */ -rsRetVal +static rsRetVal Connect(netstrm_t *pThis, int family, uchar *port, uchar *host) { struct addrinfo *res = NULL; @@ -531,7 +530,6 @@ finalize_it: /* queryInterface function - * rgerhards, 2008-03-05 */ BEGINobjQueryInterface(netstrm) CODESTARTobjQueryInterface(netstrm) @@ -547,6 +545,7 @@ CODESTARTobjQueryInterface(netstrm) pIf->Construct = netstrmConstruct; pIf->ConstructFinalize = netstrmConstructFinalize; pIf->Destruct = netstrmDestruct; + pIf->AbortDestruct = AbortDestruct; pIf->LstnInit = LstnInit; pIf->AcceptConnReq = AcceptConnReq; pIf->Rcv = Rcv; @@ -557,7 +556,6 @@ ENDobjQueryInterface(netstrm) /* exit our class - * rgerhards, 2008-03-10 */ BEGINObjClassExit(netstrm, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ CODESTARTObjClassExit(netstrm) diff --git a/runtime/netstrm.h b/runtime/netstrm.h index 73d9c274..7f267a36 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -34,19 +34,13 @@ struct netstrm_s { int iSessMax; /**< maximum number of sessions permitted */ }; -/* macros for quick member access */ -#warning "do we need the macros?" -#define relpTcpGetNumSocks(pThis) ((pThis)->socks[0]) -#define relpTcpGetLstnSock(pThis, i) ((pThis)->socks[i]) -#define relpTcpGetSock(pThis) ((pThis)->sock) - /* interfaces */ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ -//??relpRetVal relpTcpAbortDestruct(relpTcp_t **ppThis); rsRetVal (*Construct)(netstrm_t **ppThis); rsRetVal (*ConstructFinalize)(netstrm_t __attribute__((unused)) *pThis); rsRetVal (*Destruct)(netstrm_t **ppThis); + rsRetVal (*AbortDestruct)(netstrm_t **ppThis); rsRetVal (*LstnInit)(netstrm_t *pThis, unsigned char *pLstnPort); rsRetVal (*AcceptConnReq)(netstrm_t **ppThis, int sock); rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); -- cgit v1.2.3 From 1daf8d492f932739b6fcde732812116c7666b2bc Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 18 Apr 2008 11:40:15 +0200 Subject: converted netstrm into generic netstrm and the nsd_pctp driver --- runtime/Makefile.am | 10 + runtime/glbl.c | 25 ++- runtime/glbl.h | 1 + runtime/netstrm.c | 374 +++++---------------------------- runtime/netstrm.h | 14 +- runtime/nsd.h | 48 +++++ runtime/nsd_ptcp.c | 579 ++++++++++++++++++++++++++++++++++++++++++++++++++++ runtime/nsd_ptcp.h | 48 +++++ runtime/obj-types.h | 4 +- runtime/rsyslog.h | 3 + 10 files changed, 777 insertions(+), 329 deletions(-) create mode 100644 runtime/nsd.h create mode 100644 runtime/nsd_ptcp.c create mode 100644 runtime/nsd_ptcp.h (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 400d78c0..077310c6 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -11,6 +11,7 @@ librsyslog_la_SOURCES = \ syslogd-types.h \ module-template.h \ obj-types.h \ + nsd.h \ glbl.h \ glbl.c \ msg.c \ @@ -94,4 +95,13 @@ lmnetstrm_la_SOURCES = netstrm.c netstrm.h lmnetstrm_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnetstrm_la_LDFLAGS = -module -avoid-version lmnetstrm_la_LIBADD = + +# netstream drivers + +# plain tcp driver +pkglib_LTLIBRARIES += lmnsd_ptcp.la +lmnsd_ptcp_la_SOURCES = nsd_ptcp.c nsd_ptcp.h +lmnsd_ptcp_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnsd_ptcp_la_LDFLAGS = -module -avoid-version +lmnsd_ptcp_la_LIBADD = endif # if ENABLE_INET diff --git a/runtime/glbl.c b/runtime/glbl.c index 047fd611..1e51b0e0 100644 --- a/runtime/glbl.c +++ b/runtime/glbl.c @@ -38,6 +38,11 @@ #include "cfsysline.h" #include "glbl.h" +/* some defaults */ +#ifndef DFLT_NETSTRM_DRVR +# define DFLT_NETSTRM_DRVR ((uchar*)"lmnsd_ptcp") +#endif + /* static data */ DEFobjStaticHelpers @@ -54,6 +59,7 @@ static uchar *LocalHostName = NULL;/* our hostname - read-only after startup */ static uchar *LocalDomain; /* our local domain name - read-only after startup */ static char **StripDomains = NULL;/* these domains may be stripped before writing logs - r/o after s.u., never touched by init */ static char **LocalHosts = NULL;/* these hosts are logged with their hostname - read-only after startup, never touched by init */ +static uchar *pszDfltNetstrmDrvr = NULL; /* module name of default netstream driver */ /* define a macro for the simple properties' set and get functions @@ -84,6 +90,7 @@ SIMP_PROP(StripDomains, StripDomains, char**) SIMP_PROP(LocalHosts, LocalHosts, char**) SIMP_PROP_SET(LocalHostName, LocalHostName, uchar*) +SIMP_PROP_SET(DfltNetstrmDrvr, pszDfltNetstrmDrvr, uchar*) // TODO: use custom function which frees existing value #undef SIMP_PROP #undef SIMP_PROP_SET @@ -99,8 +106,7 @@ GetLocalHostName(void) } -/* return the current working directory. - */ +/* return the current working directory */ static uchar* GetWorkDir(void) { @@ -108,6 +114,14 @@ GetWorkDir(void) } +/* return the current default netstream driver */ +static uchar* +GetDfltNetstrmDrvr(void) +{ + return(pszDfltNetstrmDrvr == NULL ? DFLT_NETSTRM_DRVR : pszWorkDir); +} + + /* queryInterface function * rgerhards, 2008-02-21 */ @@ -134,6 +148,7 @@ CODESTARTobjQueryInterface(glbl) SIMP_PROP(LocalDomain) SIMP_PROP(StripDomains) SIMP_PROP(LocalHosts) + SIMP_PROP(DfltNetstrmDrvr) #undef SIMP_PROP finalize_it: ENDobjQueryInterface(glbl) @@ -144,6 +159,10 @@ ENDobjQueryInterface(glbl) */ static rsRetVal resetConfigVariables(uchar __attribute__((unused)) *pp, void __attribute__((unused)) *pVal) { + if(pszDfltNetstrmDrvr != NULL) { + free(pszDfltNetstrmDrvr); + pszDfltNetstrmDrvr = NULL; + } if(pszWorkDir != NULL) { free(pszWorkDir); pszWorkDir = NULL; @@ -172,6 +191,8 @@ ENDObjClassInit(glbl) * rgerhards, 2008-04-17 */ BEGINObjClassExit(glbl, OBJ_IS_CORE_MODULE) /* class, version */ + if(pszDfltNetstrmDrvr != NULL) + free(pszDfltNetstrmDrvr); if(pszWorkDir != NULL) free(pszWorkDir); if(LocalHostName != NULL) diff --git a/runtime/glbl.h b/runtime/glbl.h index d61f9b41..b6864f3d 100644 --- a/runtime/glbl.h +++ b/runtime/glbl.h @@ -48,6 +48,7 @@ BEGINinterface(glbl) /* name must also be changed in ENDinterface macro! */ SIMP_PROP(LocalDomain, uchar*) SIMP_PROP(StripDomains, char**) SIMP_PROP(LocalHosts, char**) + SIMP_PROP(DfltNetstrmDrvr, uchar*) #undef SIMP_PROP ENDinterface(glbl) #define glblCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/netstrm.c b/runtime/netstrm.c index c27d5f4d..274a92d7 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -60,6 +60,7 @@ #include "obj.h" #include "errmsg.h" #include "net.h" +#include "nsd.h" #include "netstrm.h" MODULE_TYPE_LIB @@ -71,172 +72,93 @@ DEFobjCurrIf(glbl) DEFobjCurrIf(net) -/* Standard-Constructor - */ -BEGINobjConstruct(netstrm) /* be sure to specify the object type also in END macro! */ - pThis->sock = -1; - pThis->iSessMax = 500; /* default max nbr of sessions -TODO:make configurable--rgerhards, 2008-04-17*/ -ENDobjConstruct(netstrm) - - -/* ConstructionFinalizer +/* load our low-level driver. This must be done before any + * driver-specific functions (allmost all...) can be carried + * out. Note that the driver's .ifIsLoaded is correctly + * initialized by calloc() and we depend on that. + * rgerhards, 2008-04-18 */ static rsRetVal -netstrmConstructFinalize(netstrm_t __attribute__((unused)) *pThis) +loadDrvr(netstrm_t *pThis) { + uchar *pDrvrName; DEFiRet; - ISOBJ_TYPE_assert(pThis, netstrm); + + pDrvrName = pThis->pDrvrName; + if(pDrvrName == NULL) /* if no drvr name is set, use system default */ + pDrvrName = glbl.GetDfltNetstrmDrvr(); + + pThis->Drvr.ifVersion = nsdCURR_IF_VERSION; + /* The pDrvrName+2 below is a hack to obtain the object name. It + * safes us to have yet another variable with the name without "lm" in + * front of it. If we change the module load interface, we may re-think + * about this hack, but for the time being it is efficient and clean + * enough. -- rgerhards, 2008-04-18 + */ + CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); +finalize_it: RETiRet; } +/* Standard-Constructor */ +BEGINobjConstruct(netstrm) /* be sure to specify the object type also in END macro! */ +ENDobjConstruct(netstrm) + + /* destructor for the netstrm object */ BEGINobjDestruct(netstrm) /* be sure to specify the object type also in END and CODESTART macros! */ - int i; CODESTARTobjDestruct(netstrm) - if(pThis->sock != -1) { - close(pThis->sock); - pThis->sock = -1; - } - - if(pThis->socks != NULL) { - /* if we have some sockets at this stage, we need to close them */ - for(i = 1 ; i <= pThis->socks[0] ; ++i) - close(pThis->socks[i]); - free(pThis->socks); - } - - if(pThis->pRemHostIP != NULL) - free(pThis->pRemHostIP); - if(pThis->pRemHostName != NULL) - free(pThis->pRemHostName); + if(pThis->pDrvrData != NULL) + iRet = pThis->Drvr.Destruct(&pThis->pDrvrData); ENDobjDestruct(netstrm) -/* abort a connection. This is much like Destruct(), but tries - * to discard any unsent data. -- rgerhards, 2008-03-24 - */ +/* ConstructionFinalizer */ static rsRetVal -AbortDestruct(netstrm_t **ppThis) +netstrmConstructFinalize(netstrm_t *pThis) { - struct linger ling; - DEFiRet; - assert(ppThis != NULL); - ISOBJ_TYPE_assert((*ppThis), netstrm); - - if((*ppThis)->sock != -1) { - ling.l_onoff = 1; - ling.l_linger = 0; - if(setsockopt((*ppThis)->sock, SOL_SOCKET, SO_LINGER, &ling, sizeof(ling)) < 0 ) { - dbgprintf("could not set SO_LINGER, errno %d\n", errno); - } - } - - iRet = netstrmDestruct(ppThis); - + ISOBJ_TYPE_assert(pThis, netstrm); + CHKiRet(loadDrvr(pThis)); + CHKiRet(pThis->Drvr.Construct(&pThis->pDrvrData)); +finalize_it: RETiRet; } - -/* Set pRemHost based on the address provided. This is to be called upon accept()ing - * a connection request. It must be provided by the socket we received the - * message on as well as a NI_MAXHOST size large character buffer for the FQDN. - * Please see http://www.hmug.org/man/3/getnameinfo.php (under Caveats) - * for some explanation of the code found below. If we detect a malicious - * hostname, we return RS_RET_MALICIOUS_HNAME and let the caller decide - * on how to deal with that. - * rgerhards, 2008-03-31 +/* abort a connection. This is much like Destruct(), but tries + * to discard any unsent data. -- rgerhards, 2008-03-24 */ static rsRetVal -FillRemHost(netstrm_t *pThis, struct sockaddr *pAddr) +AbortDestruct(netstrm_t **ppThis) { - int error; - uchar szIP[NI_MAXHOST] = ""; - uchar szHname[NI_MAXHOST] = ""; - struct addrinfo hints, *res; - size_t len; - DEFiRet; - ISOBJ_TYPE_assert(pThis, netstrm); - assert(pAddr != NULL); - - error = getnameinfo(pAddr, SALEN(pAddr), (char*)szIP, sizeof(szIP), NULL, 0, NI_NUMERICHOST); - - if(error) { - dbgprintf("Malformed from address %s\n", gai_strerror(error)); - strcpy((char*)szHname, "???"); - strcpy((char*)szIP, "???"); - ABORT_FINALIZE(RS_RET_INVALID_HNAME); - } - - if(!glbl.GetDisableDNS()) { - error = getnameinfo(pAddr, SALEN(pAddr), (char*)szHname, NI_MAXHOST, NULL, 0, NI_NAMEREQD); - if(error == 0) { - memset (&hints, 0, sizeof (struct addrinfo)); - hints.ai_flags = AI_NUMERICHOST; - hints.ai_socktype = SOCK_STREAM; - /* we now do a lookup once again. This one should fail, - * because we should not have obtained a non-numeric address. If - * we got a numeric one, someone messed with DNS! - */ - if(getaddrinfo((char*)szHname, NULL, &hints, &res) == 0) { - freeaddrinfo (res); - /* OK, we know we have evil, so let's indicate this to our caller */ - snprintf((char*)szHname, NI_MAXHOST, "[MALICIOUS:IP=%s]", szIP); - dbgprintf("Malicious PTR record, IP = \"%s\" HOST = \"%s\"", szIP, szHname); - iRet = RS_RET_MALICIOUS_HNAME; - } - } else { - strcpy((char*)szHname, (char*)szIP); - } - } else { - strcpy((char*)szHname, (char*)szIP); - } + assert(ppThis != NULL); + ISOBJ_TYPE_assert((*ppThis), netstrm); - /* We now have the names, so now let's allocate memory and store them permanently. - * (side note: we may hold on to these values for quite a while, thus we trim their - * memory consumption) - */ - len = strlen((char*)szIP) + 1; /* +1 for \0 byte */ - if((pThis->pRemHostIP = malloc(len)) == NULL) - ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); - memcpy(pThis->pRemHostIP, szIP, len); - - len = strlen((char*)szHname) + 1; /* +1 for \0 byte */ - if((pThis->pRemHostName = malloc(len)) == NULL) { - free(pThis->pRemHostIP); /* prevent leak */ - pThis->pRemHostIP = NULL; - ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); - } - memcpy(pThis->pRemHostName, szHname, len); + /* we do NOT exit on error, because that would make things worse */ + (*ppThis)->Drvr.Abort((*ppThis)->pDrvrData); + iRet = netstrmDestruct(ppThis); -finalize_it: RETiRet; } +#if 0 +This is not yet working - wait until we arrive at the receiver side (distracts too much at the moment) -/* accept an incoming connection request, sock provides the socket on which we can +/* accept an incoming connection request, pNsdLstn provides the "listen socket" on which we can * accept the new session. * rgerhards, 2008-03-17 */ static rsRetVal -AcceptConnReq(netstrm_t **ppThis, int sock) +AcceptConnReq(netstrm_t **ppThis, nsd_t *pNsdLstn) { netstrm_t *pThis = NULL; - int sockflags; - struct sockaddr_storage addr; - socklen_t addrlen = sizeof(addr); - int iNewSock = -1; - + nsd_t *pNsd; DEFiRet; - assert(ppThis != NULL); - iNewSock = accept(sock, (struct sockaddr*) &addr, &addrlen); - if(iNewSock < 0) { - ABORT_FINALIZE(RS_RET_ACCEPT_ERR); - } + assert(ppThis != NULL); /* construct our object so that we can use it... */ CHKiRet(netstrmConstruct(&pThis)); @@ -272,6 +194,7 @@ finalize_it: RETiRet; } +#endif /* initialize the tcp socket for a listner @@ -284,144 +207,10 @@ finalize_it: static rsRetVal LstnInit(netstrm_t *pThis, uchar *pLstnPort) { - struct addrinfo hints, *res, *r; - int error, maxs, *s, on = 1; - int sockflags; - DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); assert(pLstnPort != NULL); - - dbgprintf("creating tcp listen socket on port %s\n", pLstnPort); - - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_family = glbl.GetDefPFFamily(); - hints.ai_socktype = SOCK_STREAM; - - error = getaddrinfo(NULL, (char*) pLstnPort, &hints, &res); - if(error) { - dbgprintf("error %d querying port '%s'\n", error, pLstnPort); - ABORT_FINALIZE(RS_RET_INVALID_PORT); - } - - /* Count max number of sockets we may open */ - for(maxs = 0, r = res; r != NULL ; r = r->ai_next, maxs++) - /* EMPTY */; - pThis->socks = malloc((maxs+1) * sizeof(int)); - if (pThis->socks == NULL) { - dbgprintf("couldn't allocate memory for TCP listen sockets, suspending RELP message reception."); - freeaddrinfo(res); - ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); - } - - *pThis->socks = 0; /* num of sockets counter at start of array */ - s = pThis->socks + 1; - for(r = res; r != NULL ; r = r->ai_next) { - *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); - if (*s < 0) { - if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) - dbgprintf("creating tcp listen socket"); - /* it is debatable if PF_INET with EAFNOSUPPORT should - * also be ignored... - */ - continue; - } - -#ifdef IPV6_V6ONLY - if (r->ai_family == AF_INET6) { - int iOn = 1; - if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, - (char *)&iOn, sizeof (iOn)) < 0) { - close(*s); - *s = -1; - continue; - } - } -#endif - if(setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)) < 0 ) { - dbgprintf("error %d setting tcp socket option\n", errno); - close(*s); - *s = -1; - continue; - } - - /* We use non-blocking IO! */ - if((sockflags = fcntl(*s, F_GETFL)) != -1) { - sockflags |= O_NONBLOCK; - /* SETFL could fail too, so get it caught by the subsequent - * error check. - */ - sockflags = fcntl(*s, F_SETFL, sockflags); - } - if(sockflags == -1) { - dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket", errno); - close(*s); - *s = -1; - continue; - } - - - - /* We need to enable BSD compatibility. Otherwise an attacker - * could flood our log files by sending us tons of ICMP errors. - */ -#ifndef BSD - if(net.should_use_so_bsdcompat()) { - if (setsockopt(*s, SOL_SOCKET, SO_BSDCOMPAT, - (char *) &on, sizeof(on)) < 0) { - errmsg.LogError(NO_ERRCODE, "TCP setsockopt(BSDCOMPAT)"); - close(*s); - *s = -1; - continue; - } - } -#endif - - if( (bind(*s, r->ai_addr, r->ai_addrlen) < 0) -#ifndef IPV6_V6ONLY - && (errno != EADDRINUSE) -#endif - ) { - dbgprintf("error %d while binding tcp socket", errno); - close(*s); - *s = -1; - continue; - } - - if(listen(*s,pThis->iSessMax / 10 + 5) < 0) { - /* If the listen fails, it most probably fails because we ask - * for a too-large backlog. So in this case we first set back - * to a fixed, reasonable, limit that should work. Only if - * that fails, too, we give up. - */ - dbgprintf("listen with a backlog of %d failed - retrying with default of 32.", - pThis->iSessMax / 10 + 5); - if(listen(*s, 32) < 0) { - dbgprintf("tcp listen error %d, suspending\n", errno); - close(*s); - *s = -1; - continue; - } - } - - (*pThis->socks)++; - s++; - } - - if(res != NULL) - freeaddrinfo(res); - - if(*pThis->socks != maxs) - dbgprintf("We could initialize %d RELP TCP listen sockets out of %d we received " - "- this may or may not be an error indication.\n", *pThis->socks, maxs); - - if(*pThis->socks == 0) { - dbgprintf("No RELP TCP listen socket could successfully be initialized, " - "message reception via RELP disabled.\n"); - free(pThis->socks); - ABORT_FINALIZE(RS_RET_COULD_NOT_BIND); - } + CHKiRet(pThis->Drvr.LstnInit(pThis->pDrvrData, pLstnPort)); finalize_it: RETiRet; @@ -438,13 +227,11 @@ finalize_it: * rgerhards, 2008-03-17 */ static rsRetVal -Rcv(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf) +Rcv(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf) { DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); - - *pLenBuf = recv(pThis->sock, pRcvBuf, *pLenBuf, MSG_DONTWAIT); - + iRet = pThis->Drvr.Rcv(pThis->pDrvrData, pBuf, pLenBuf); RETiRet; } @@ -458,27 +245,9 @@ Rcv(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf) static rsRetVal Send(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf) { - ssize_t written; DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); - - written = send(pThis->sock, pBuf, *pLenBuf, 0); - - if(written == -1) { - switch(errno) { - case EAGAIN: - case EINTR: - /* this is fine, just retry... */ - written = 0; - break; - default: - ABORT_FINALIZE(RS_RET_IO_ERROR); - break; - } - } - - *pLenBuf = written; -finalize_it: + iRet = pThis->Drvr.Send(pThis->pDrvrData, pBuf, pLenBuf); RETiRet; } @@ -489,42 +258,11 @@ finalize_it: static rsRetVal Connect(netstrm_t *pThis, int family, uchar *port, uchar *host) { - struct addrinfo *res = NULL; - struct addrinfo hints; - DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); assert(port != NULL); assert(host != NULL); - assert(pThis->sock == -1); - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = family; - hints.ai_socktype = SOCK_STREAM; - if(getaddrinfo((char*)host, (char*)port, &hints, &res) != 0) { - dbgprintf("error %d in getaddrinfo\n", errno); - ABORT_FINALIZE(RS_RET_IO_ERROR); - } - - if((pThis->sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) == -1) { - ABORT_FINALIZE(RS_RET_IO_ERROR); - } - - if(connect(pThis->sock, res->ai_addr, res->ai_addrlen) != 0) { - ABORT_FINALIZE(RS_RET_IO_ERROR); - } - -finalize_it: - if(res != NULL) - freeaddrinfo(res); - - if(iRet != RS_RET_OK) { - if(pThis->sock != -1) { - close(pThis->sock); - pThis->sock = -1; - } - } - + iRet = pThis->Drvr.Connect(pThis->pDrvrData, family, port, host); RETiRet; } @@ -547,7 +285,7 @@ CODESTARTobjQueryInterface(netstrm) pIf->Destruct = netstrmDestruct; pIf->AbortDestruct = AbortDestruct; pIf->LstnInit = LstnInit; - pIf->AcceptConnReq = AcceptConnReq; + // TODO: add later: pIf->AcceptConnReq = AcceptConnReq; pIf->Rcv = Rcv; pIf->Send = Send; pIf->Connect = Connect; diff --git a/runtime/netstrm.h b/runtime/netstrm.h index 7f267a36..75b7c457 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -24,21 +24,21 @@ #ifndef INCLUDED_NETSTRM_H #define INCLUDED_NETSTRM_H +#include "nsd.h" /* we need our driver interface to be defined */ + /* the netstrm object */ struct netstrm_s { BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ - uchar *pRemHostIP; /**< IP address of remote peer (currently used in server mode, only) */ - uchar *pRemHostName; /**< host name of remote peer (currently used in server mode, only) */ - int sock; /**< the socket we use for regular, single-socket, operations */ - int *socks; /**< the socket(s) we use for listeners, element 0 has nbr of socks */ - int iSessMax; /**< maximum number of sessions permitted */ + nsd_if_t Drvr; /**< our stream driver */ + nsd_t *pDrvrData; /**< the driver's data elements */ + uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ }; -/* interfaces */ +/* interface */ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Construct)(netstrm_t **ppThis); - rsRetVal (*ConstructFinalize)(netstrm_t __attribute__((unused)) *pThis); + rsRetVal (*ConstructFinalize)(netstrm_t *pThis); rsRetVal (*Destruct)(netstrm_t **ppThis); rsRetVal (*AbortDestruct)(netstrm_t **ppThis); rsRetVal (*LstnInit)(netstrm_t *pThis, unsigned char *pLstnPort); diff --git a/runtime/nsd.h b/runtime/nsd.h new file mode 100644 index 00000000..52c36dcf --- /dev/null +++ b/runtime/nsd.h @@ -0,0 +1,48 @@ +/* The interface definition for "NetStream Drivers" (nsd). + * + * This is just an abstract driver interface, which needs to be + * implemented by concrete classes. As such, no nsd data type itself + * is defined. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NSD_H +#define INCLUDED_NSD_H + +/* nsd_t is actually obj_t (which is somewhat better than void* but in essence + * much the same). + */ + +/* interface */ +BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ + rsRetVal (*Construct)(nsd_t **ppThis); + rsRetVal (*Destruct)(nsd_t **ppThis); + rsRetVal (*Abort)(nsd_t *pThis); + rsRetVal (*LstnInit)(nsd_t *pThis, unsigned char *pLstnPort); + rsRetVal (*AcceptConnReq)(nsd_t **ppThis, int sock); + rsRetVal (*Rcv)(nsd_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); + rsRetVal (*Send)(nsd_t *pThis, uchar *pBuf, ssize_t *pLenBuf); + rsRetVal (*Connect)(nsd_t *pThis, int family, unsigned char *port, unsigned char *host); +ENDinterface(nsd) +#define nsdCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ + +#endif /* #ifndef INCLUDED_NSD_H */ diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c new file mode 100644 index 00000000..98de5802 --- /dev/null +++ b/runtime/nsd_ptcp.c @@ -0,0 +1,579 @@ +/* nsd_ptcp.c + * + * An implementation of the nsd interface for plain tcp sockets. + * + * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +#include "rsyslog.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "syslogd-types.h" +#include "module-template.h" +#include "parse.h" +#include "srUtils.h" +#include "obj.h" +#include "errmsg.h" +#include "net.h" +#include "nsd_ptcp.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +DEFobjCurrIf(errmsg) +DEFobjCurrIf(glbl) +DEFobjCurrIf(net) + + +/* Standard-Constructor + */ +BEGINobjConstruct(nsd_ptcp) /* be sure to specify the object type also in END macro! */ + pThis->sock = -1; + pThis->iSessMax = 500; /* default max nbr of sessions -TODO:make configurable--rgerhards, 2008-04-17*/ +ENDobjConstruct(nsd_ptcp) + + +/* destructor for the nsd_ptcp object */ +BEGINobjDestruct(nsd_ptcp) /* be sure to specify the object type also in END and CODESTART macros! */ + int i; +CODESTARTobjDestruct(nsd_pctp) + if(pThis->sock != -1) { + close(pThis->sock); + pThis->sock = -1; + } + + if(pThis->socks != NULL) { + /* if we have some sockets at this stage, we need to close them */ + for(i = 1 ; i <= pThis->socks[0] ; ++i) + close(pThis->socks[i]); + free(pThis->socks); + } + + if(pThis->pRemHostIP != NULL) + free(pThis->pRemHostIP); + if(pThis->pRemHostName != NULL) + free(pThis->pRemHostName); +ENDobjDestruct(nsd_ptcp) + + +/* abort a connection. This is meant to be called immediately + * before the Destruct call. -- rgerhards, 2008-03-24 + */ +static rsRetVal +Abort(nsd_t *pNsd) +{ + struct linger ling; + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + + DEFiRet; + ISOBJ_TYPE_assert((pThis), nsd_ptcp); + + if((pThis)->sock != -1) { + ling.l_onoff = 1; + ling.l_linger = 0; + if(setsockopt((pThis)->sock, SOL_SOCKET, SO_LINGER, &ling, sizeof(ling)) < 0 ) { + dbgprintf("could not set SO_LINGER, errno %d\n", errno); + } + } + + RETiRet; +} + + +/* Set pRemHost based on the address provided. This is to be called upon accept()ing + * a connection request. It must be provided by the socket we received the + * message on as well as a NI_MAXHOST size large character buffer for the FQDN. + * Please see http://www.hmug.org/man/3/getnameinfo.php (under Caveats) + * for some explanation of the code found below. If we detect a malicious + * hostname, we return RS_RET_MALICIOUS_HNAME and let the caller decide + * on how to deal with that. + * rgerhards, 2008-03-31 + */ +static rsRetVal +FillRemHost(nsd_ptcp_t *pThis, struct sockaddr *pAddr) +{ + int error; + uchar szIP[NI_MAXHOST] = ""; + uchar szHname[NI_MAXHOST] = ""; + struct addrinfo hints, *res; + size_t len; + + DEFiRet; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + assert(pAddr != NULL); + + error = getnameinfo(pAddr, SALEN(pAddr), (char*)szIP, sizeof(szIP), NULL, 0, NI_NUMERICHOST); + + if(error) { + dbgprintf("Malformed from address %s\n", gai_strerror(error)); + strcpy((char*)szHname, "???"); + strcpy((char*)szIP, "???"); + ABORT_FINALIZE(RS_RET_INVALID_HNAME); + } + + if(!glbl.GetDisableDNS()) { + error = getnameinfo(pAddr, SALEN(pAddr), (char*)szHname, NI_MAXHOST, NULL, 0, NI_NAMEREQD); + if(error == 0) { + memset (&hints, 0, sizeof (struct addrinfo)); + hints.ai_flags = AI_NUMERICHOST; + hints.ai_socktype = SOCK_STREAM; + /* we now do a lookup once again. This one should fail, + * because we should not have obtained a non-numeric address. If + * we got a numeric one, someone messed with DNS! + */ + if(getaddrinfo((char*)szHname, NULL, &hints, &res) == 0) { + freeaddrinfo (res); + /* OK, we know we have evil, so let's indicate this to our caller */ + snprintf((char*)szHname, NI_MAXHOST, "[MALICIOUS:IP=%s]", szIP); + dbgprintf("Malicious PTR record, IP = \"%s\" HOST = \"%s\"", szIP, szHname); + iRet = RS_RET_MALICIOUS_HNAME; + } + } else { + strcpy((char*)szHname, (char*)szIP); + } + } else { + strcpy((char*)szHname, (char*)szIP); + } + + /* We now have the names, so now let's allocate memory and store them permanently. + * (side note: we may hold on to these values for quite a while, thus we trim their + * memory consumption) + */ + len = strlen((char*)szIP) + 1; /* +1 for \0 byte */ + if((pThis->pRemHostIP = malloc(len)) == NULL) + ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); + memcpy(pThis->pRemHostIP, szIP, len); + + len = strlen((char*)szHname) + 1; /* +1 for \0 byte */ + if((pThis->pRemHostName = malloc(len)) == NULL) { + free(pThis->pRemHostIP); /* prevent leak */ + pThis->pRemHostIP = NULL; + ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); + } + memcpy(pThis->pRemHostName, szHname, len); + +finalize_it: + RETiRet; +} + + + +/* accept an incoming connection request, sock provides the socket on which we can + * accept the new session. + * rgerhards, 2008-03-17 + */ +static rsRetVal +AcceptConnReq(nsd_t **ppThis, int sock) +{ + int sockflags; + struct sockaddr_storage addr; + socklen_t addrlen = sizeof(addr); + nsd_ptcp_t *pThis = NULL; + int iNewSock = -1; + + DEFiRet; + assert(ppThis != NULL); + + iNewSock = accept(sock, (struct sockaddr*) &addr, &addrlen); + if(iNewSock < 0) { + ABORT_FINALIZE(RS_RET_ACCEPT_ERR); + } + + /* construct our object so that we can use it... */ + CHKiRet(nsd_ptcpConstruct(&pThis)); + + CHKiRet(FillRemHost(pThis, (struct sockaddr*) &addr)); + + /* set the new socket to non-blocking IO */ + if((sockflags = fcntl(iNewSock, F_GETFL)) != -1) { + sockflags |= O_NONBLOCK; + /* SETFL could fail too, so get it caught by the subsequent + * error check. + */ + sockflags = fcntl(iNewSock, F_SETFL, sockflags); + } + if(sockflags == -1) { + dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket %d", errno, iNewSock); + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + + pThis->sock = iNewSock; + + *ppThis = (nsd_t*) pThis; + +finalize_it: + if(iRet != RS_RET_OK) { + if(pThis != NULL) + nsd_ptcpDestruct(&pThis); + /* the close may be redundant, but that doesn't hurt... */ + if(iNewSock >= 0) + close(iNewSock); + } + + RETiRet; +} + + +/* initialize the tcp socket for a listner + * pLstnPort must point to a port name or number. NULL is NOT permitted + * (hint: we need to be careful when we use this module together with librelp, + * there NULL indicates the default port + * default is used. + * gerhards, 2008-03-17 + */ +static rsRetVal +LstnInit(nsd_t *pNsd, uchar *pLstnPort) +{ + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + struct addrinfo hints, *res, *r; + int error, maxs, *s, on = 1; + int sockflags; + + DEFiRet; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + assert(pLstnPort != NULL); + + dbgprintf("creating tcp listen socket on port %s\n", pLstnPort); + + memset(&hints, 0, sizeof(hints)); + hints.ai_flags = AI_PASSIVE; + hints.ai_family = glbl.GetDefPFFamily(); + hints.ai_socktype = SOCK_STREAM; + + error = getaddrinfo(NULL, (char*) pLstnPort, &hints, &res); + if(error) { + dbgprintf("error %d querying port '%s'\n", error, pLstnPort); + ABORT_FINALIZE(RS_RET_INVALID_PORT); + } + + /* Count max number of sockets we may open */ + for(maxs = 0, r = res; r != NULL ; r = r->ai_next, maxs++) + /* EMPTY */; + pThis->socks = malloc((maxs+1) * sizeof(int)); + if (pThis->socks == NULL) { + dbgprintf("couldn't allocate memory for TCP listen sockets, suspending RELP message reception."); + freeaddrinfo(res); + ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); + } + + *pThis->socks = 0; /* num of sockets counter at start of array */ + s = pThis->socks + 1; + for(r = res; r != NULL ; r = r->ai_next) { + *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); + if (*s < 0) { + if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) + dbgprintf("creating tcp listen socket"); + /* it is debatable if PF_INET with EAFNOSUPPORT should + * also be ignored... + */ + continue; + } + +#ifdef IPV6_V6ONLY + if (r->ai_family == AF_INET6) { + int iOn = 1; + if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, + (char *)&iOn, sizeof (iOn)) < 0) { + close(*s); + *s = -1; + continue; + } + } +#endif + if(setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)) < 0 ) { + dbgprintf("error %d setting tcp socket option\n", errno); + close(*s); + *s = -1; + continue; + } + + /* We use non-blocking IO! */ + if((sockflags = fcntl(*s, F_GETFL)) != -1) { + sockflags |= O_NONBLOCK; + /* SETFL could fail too, so get it caught by the subsequent + * error check. + */ + sockflags = fcntl(*s, F_SETFL, sockflags); + } + if(sockflags == -1) { + dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket", errno); + close(*s); + *s = -1; + continue; + } + + + + /* We need to enable BSD compatibility. Otherwise an attacker + * could flood our log files by sending us tons of ICMP errors. + */ +#ifndef BSD + if(net.should_use_so_bsdcompat()) { + if (setsockopt(*s, SOL_SOCKET, SO_BSDCOMPAT, + (char *) &on, sizeof(on)) < 0) { + errmsg.LogError(NO_ERRCODE, "TCP setsockopt(BSDCOMPAT)"); + close(*s); + *s = -1; + continue; + } + } +#endif + + if( (bind(*s, r->ai_addr, r->ai_addrlen) < 0) +#ifndef IPV6_V6ONLY + && (errno != EADDRINUSE) +#endif + ) { + dbgprintf("error %d while binding tcp socket", errno); + close(*s); + *s = -1; + continue; + } + + if(listen(*s,pThis->iSessMax / 10 + 5) < 0) { + /* If the listen fails, it most probably fails because we ask + * for a too-large backlog. So in this case we first set back + * to a fixed, reasonable, limit that should work. Only if + * that fails, too, we give up. + */ + dbgprintf("listen with a backlog of %d failed - retrying with default of 32.", + pThis->iSessMax / 10 + 5); + if(listen(*s, 32) < 0) { + dbgprintf("tcp listen error %d, suspending\n", errno); + close(*s); + *s = -1; + continue; + } + } + + (*pThis->socks)++; + s++; + } + + if(res != NULL) + freeaddrinfo(res); + + if(*pThis->socks != maxs) + dbgprintf("We could initialize %d RELP TCP listen sockets out of %d we received " + "- this may or may not be an error indication.\n", *pThis->socks, maxs); + + if(*pThis->socks == 0) { + dbgprintf("No RELP TCP listen socket could successfully be initialized, " + "message reception via RELP disabled.\n"); + free(pThis->socks); + ABORT_FINALIZE(RS_RET_COULD_NOT_BIND); + } + +finalize_it: + RETiRet; +} + + +/* receive data from a tcp socket + * The lenBuf parameter must contain the max buffer size on entry and contains + * the number of octets read (or -1 in case of error) on exit. This function + * never blocks, not even when called on a blocking socket. That is important + * for client sockets, which are set to block during send, but should not + * block when trying to read data. If *pLenBuf is -1, an error occured and + * errno holds the exact error cause. + * rgerhards, 2008-03-17 + */ +static rsRetVal +Rcv(nsd_t *pNsd, uchar *pRcvBuf, ssize_t *pLenBuf) +{ + DEFiRet; + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + + *pLenBuf = recv(pThis->sock, pRcvBuf, *pLenBuf, MSG_DONTWAIT); + + RETiRet; +} + + +/* send a buffer. On entry, pLenBuf contains the number of octets to + * write. On exit, it contains the number of octets actually written. + * If this number is lower than on entry, only a partial buffer has + * been written. + * rgerhards, 2008-03-19 + */ +static rsRetVal +Send(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) +{ + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + ssize_t written; + DEFiRet; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + + written = send(pThis->sock, pBuf, *pLenBuf, 0); + + if(written == -1) { + switch(errno) { + case EAGAIN: + case EINTR: + /* this is fine, just retry... */ + written = 0; + break; + default: + ABORT_FINALIZE(RS_RET_IO_ERROR); + break; + } + } + + *pLenBuf = written; +finalize_it: + RETiRet; +} + + +/* open a connection to a remote host (server). + * rgerhards, 2008-03-19 + */ +static rsRetVal +Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) +{ + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + struct addrinfo *res = NULL; + struct addrinfo hints; + + DEFiRet; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + assert(port != NULL); + assert(host != NULL); + assert(pThis->sock == -1); + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = family; + hints.ai_socktype = SOCK_STREAM; + if(getaddrinfo((char*)host, (char*)port, &hints, &res) != 0) { + dbgprintf("error %d in getaddrinfo\n", errno); + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + + if((pThis->sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) == -1) { + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + + if(connect(pThis->sock, res->ai_addr, res->ai_addrlen) != 0) { + ABORT_FINALIZE(RS_RET_IO_ERROR); + } + +finalize_it: + if(res != NULL) + freeaddrinfo(res); + + if(iRet != RS_RET_OK) { + if(pThis->sock != -1) { + close(pThis->sock); + pThis->sock = -1; + } + } + + RETiRet; +} + + +/* queryInterface function */ +BEGINobjQueryInterface(nsd_ptcp) +CODESTARTobjQueryInterface(nsd_ptcp) + if(pIf->ifVersion != nsdCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + pIf->Construct = (rsRetVal(*)(nsd_t**)) nsd_ptcpConstruct; + pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_ptcpDestruct; + pIf->Abort = Abort; + pIf->LstnInit = LstnInit; + pIf->AcceptConnReq = AcceptConnReq; + pIf->Rcv = Rcv; + pIf->Send = Send; + pIf->Connect = Connect; +finalize_it: +ENDobjQueryInterface(nsd_ptcp) + + +/* exit our class + */ +BEGINObjClassExit(nsd_ptcp, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(nsd_ptcp) + /* release objects we no longer need */ + objRelease(net, CORE_COMPONENT); + objRelease(glbl, CORE_COMPONENT); + objRelease(errmsg, CORE_COMPONENT); +ENDObjClassExit(nsd_ptcp) + + +/* Initialize the nsd_ptcp class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINObjClassInit(nsd_ptcp, 1, OBJ_IS_LOADABLE_MODULE) /* class, version */ + /* request objects we use */ + CHKiRet(objUse(errmsg, CORE_COMPONENT)); + CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(net, CORE_COMPONENT)); + + /* set our own handlers */ +ENDObjClassInit(nsd_ptcp) + + +/* --------------- here now comes the plumbing that makes as a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + nsd_ptcpClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(nsd_ptcpClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/nsd_ptcp.h b/runtime/nsd_ptcp.h new file mode 100644 index 00000000..d4848314 --- /dev/null +++ b/runtime/nsd_ptcp.h @@ -0,0 +1,48 @@ +/* An implementation of the nsd interface for plain tcp sockets. + * + * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NSD_PTCP_H +#define INCLUDED_NSD_PTCP_H + +#include "nsd.h" +typedef nsd_if_t nsd_ptcp_if_t; /* we just *implement* this interface */ + +/* the nsd_ptcp object */ +struct nsd_ptcp_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + uchar *pRemHostIP; /**< IP address of remote peer (currently used in server mode, only) */ + uchar *pRemHostName; /**< host name of remote peer (currently used in server mode, only) */ + int sock; /**< the socket we use for regular, single-socket, operations */ + int *socks; /**< the socket(s) we use for listeners, element 0 has nbr of socks */ + int iSessMax; /**< maximum number of sessions permitted */ +}; + +/* interface is defined in nsd.h, we just implement it! */ + +/* prototypes */ +PROTOTYPEObj(nsd_ptcp); + +/* the name of our library binary */ +#define LM_NSD_PTCP_FILENAME "lmnsd_ptcp" + +#endif /* #ifndef INCLUDED_NSD_PTCP_H */ diff --git a/runtime/obj-types.h b/runtime/obj-types.h index e245b633..e3df7239 100644 --- a/runtime/obj-types.h +++ b/runtime/obj-types.h @@ -81,13 +81,13 @@ struct objInfo_s { }; -typedef struct obj { /* the dummy struct that each derived class can be casted to */ +struct obj_s { /* the dummy struct that each derived class can be casted to */ objInfo_t *pObjInfo; #ifndef NDEBUG /* this means if debug... */ unsigned int iObjCooCKiE; /* must always be 0xBADEFEE for a valid object */ #endif uchar *pszName; /* the name of *this* specific object instance */ -} obj_t; +}; /* macros which must be gloablly-visible (because they are used during definition of diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 7ed989c5..f7824006 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -61,9 +61,12 @@ /* define some base data types */ typedef unsigned char uchar;/* get rid of the unhandy "unsigned char" */ typedef struct thrdInfo thrdInfo_t; +typedef struct obj_s obj_t; typedef struct filed selector_t;/* TODO: this so far resides in syslogd.c, think about modularization */ typedef struct NetAddr netAddr_t; typedef struct netstrm_s netstrm_t; +typedef struct nsd_ptcp_s nsd_ptcp_t; +typedef obj_t nsd_t; typedef struct msg msg_t; typedef struct interface_s interface_t; typedef struct objInfo_s objInfo_t; -- cgit v1.2.3 From 22ad77a627fe813acd286b48aaf44945c0480f49 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 18 Apr 2008 12:20:02 +0200 Subject: fixed abort on rsyslogd termination --- runtime/nsd_ptcp.c | 2 +- runtime/obj-types.h | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) (limited to 'runtime') diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 98de5802..6f7dd04d 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -67,7 +67,7 @@ ENDobjConstruct(nsd_ptcp) /* destructor for the nsd_ptcp object */ BEGINobjDestruct(nsd_ptcp) /* be sure to specify the object type also in END and CODESTART macros! */ int i; -CODESTARTobjDestruct(nsd_pctp) +CODESTARTobjDestruct(nsd_ptcp) if(pThis->sock != -1) { close(pThis->sock); pThis->sock = -1; diff --git a/runtime/obj-types.h b/runtime/obj-types.h index e3df7239..acdc757d 100644 --- a/runtime/obj-types.h +++ b/runtime/obj-types.h @@ -377,9 +377,6 @@ rsRetVal objName##ClassExit(void) \ */ #define CORE_COMPONENT NULL /* use this to indicate this is a core component */ #define DONT_LOAD_LIB NULL /* do not load a library to obtain object interface (currently same as CORE_COMPONENT) */ -/*#define objUse(objName, MYLIB, FILENAME) \ - obj.UseObj(__FILE__, (uchar*)#objName, MYLIB, (uchar*)FILENAME, (void*) &objName) -*/ #define objUse(objName, FILENAME) \ obj.UseObj(__FILE__, (uchar*)#objName, (uchar*)FILENAME, (void*) &objName) #define objRelease(objName, FILENAME) \ -- cgit v1.2.3 From fd6c3bc36a5a32f873299f7ae2dfc184e6e3c658 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 18 Apr 2008 14:25:29 +0200 Subject: set stage for TLS client implementation --- runtime/Makefile.am | 16 +++- runtime/glbl.c | 4 +- runtime/nsd.h | 1 - runtime/nsd_gtls.c | 259 ++++++++++++++++++++++++++++++++++++++++++++++++++++ runtime/nsd_gtls.h | 47 ++++++++++ runtime/nsd_ptcp.h | 3 +- runtime/rsyslog.h | 3 + 7 files changed, 327 insertions(+), 6 deletions(-) create mode 100644 runtime/nsd_gtls.c create mode 100644 runtime/nsd_gtls.h (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 077310c6..23e62deb 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -96,12 +96,22 @@ lmnetstrm_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnetstrm_la_LDFLAGS = -module -avoid-version lmnetstrm_la_LIBADD = -# netstream drivers - -# plain tcp driver +# plain tcp netstream driver pkglib_LTLIBRARIES += lmnsd_ptcp.la lmnsd_ptcp_la_SOURCES = nsd_ptcp.c nsd_ptcp.h lmnsd_ptcp_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnsd_ptcp_la_LDFLAGS = -module -avoid-version lmnsd_ptcp_la_LIBADD = endif # if ENABLE_INET + +# +# GnuTLS netstream driver +# +if ENABLE_GNUTLS +pkglib_LTLIBRARIES += lmnsd_gtls.la +lmnsd_gtls_la_SOURCES = nsd_gtls.c nsd_gtls.h +lmnsd_gtls_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnsd_gtls_la_LDFLAGS = -module -avoid-version +lmnsd_gtls_la_LIBADD = +endif + diff --git a/runtime/glbl.c b/runtime/glbl.c index 1e51b0e0..787b6ab7 100644 --- a/runtime/glbl.c +++ b/runtime/glbl.c @@ -40,7 +40,9 @@ /* some defaults */ #ifndef DFLT_NETSTRM_DRVR -# define DFLT_NETSTRM_DRVR ((uchar*)"lmnsd_ptcp") +// TESTING ONLY# define DFLT_NETSTRM_DRVR ((uchar*)"lmnsd_ptcp") +#warning "define must be restored for non-testing!" +# define DFLT_NETSTRM_DRVR ((uchar*)"lmnsd_gtls") #endif /* static data */ diff --git a/runtime/nsd.h b/runtime/nsd.h index 52c36dcf..c8bc95d0 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -24,7 +24,6 @@ * A copy of the GPL can be found in the file "COPYING" in this distribution. * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. */ - #ifndef INCLUDED_NSD_H #define INCLUDED_NSD_H diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c new file mode 100644 index 00000000..6fe0cd8a --- /dev/null +++ b/runtime/nsd_gtls.c @@ -0,0 +1,259 @@ +/* nsd_gtls.c + * + * An implementation of the nsd interface for GnuTLS. + * + * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +#include "rsyslog.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "rsyslog.h" +#include "syslogd-types.h" +#include "module-template.h" +#include "parse.h" +#include "srUtils.h" +#include "obj.h" +#include "errmsg.h" +#include "nsd_ptcp.h" +#include "nsd_gtls.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +DEFobjCurrIf(errmsg) +DEFobjCurrIf(glbl) +DEFobjCurrIf(nsd_ptcp) + + +/* Standard-Constructor */ +BEGINobjConstruct(nsd_gtls) /* be sure to specify the object type also in END macro! */ + iRet = nsd_ptcp.Construct(&pThis->pTcp); +ENDobjConstruct(nsd_gtls) + + +/* destructor for the nsd_gtls object */ +BEGINobjDestruct(nsd_gtls) /* be sure to specify the object type also in END and CODESTART macros! */ +CODESTARTobjDestruct(nsd_gtls) + if(pThis->pTcp != NULL) + nsd_ptcp.Destruct(&pThis->pTcp); +ENDobjDestruct(nsd_gtls) + + +/* abort a connection. This is meant to be called immediately + * before the Destruct call. -- rgerhards, 2008-03-24 + */ +static rsRetVal +Abort(nsd_t *pNsd) +{ + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + DEFiRet; + + ISOBJ_TYPE_assert((pThis), nsd_gtls); + + if(pThis->iMode == 0) { + nsd_ptcp.Abort(pThis->pTcp); + } + + RETiRet; +} + + + +/* initialize the tcp socket for a listner + * pLstnPort must point to a port name or number. NULL is NOT permitted + * (hint: we need to be careful when we use this module together with librelp, + * there NULL indicates the default port + * default is used. + * gerhards, 2008-03-17 + */ +static rsRetVal +LstnInit(nsd_t *pNsd, uchar *pLstnPort) +{ + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + DEFiRet; + + ISOBJ_TYPE_assert(pThis, nsd_gtls); + assert(pLstnPort != NULL); + + if(pThis->iMode == 0) { + CHKiRet(nsd_ptcp.LstnInit(pThis->pTcp, pLstnPort)); + } + +finalize_it: + RETiRet; +} + + +/* receive data from a tcp socket + * The lenBuf parameter must contain the max buffer size on entry and contains + * the number of octets read (or -1 in case of error) on exit. This function + * never blocks, not even when called on a blocking socket. That is important + * for client sockets, which are set to block during send, but should not + * block when trying to read data. If *pLenBuf is -1, an error occured and + * errno holds the exact error cause. + * rgerhards, 2008-03-17 + */ +static rsRetVal +Rcv(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) +{ + DEFiRet; + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + ISOBJ_TYPE_assert(pThis, nsd_gtls); + + if(pThis->iMode == 0) { + CHKiRet(nsd_ptcp.Rcv(pThis->pTcp, pBuf, pLenBuf)); + } + +finalize_it: + RETiRet; +} + + +/* send a buffer. On entry, pLenBuf contains the number of octets to + * write. On exit, it contains the number of octets actually written. + * If this number is lower than on entry, only a partial buffer has + * been written. + * rgerhards, 2008-03-19 + */ +static rsRetVal +Send(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) +{ + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + DEFiRet; + ISOBJ_TYPE_assert(pThis, nsd_gtls); + + if(pThis->iMode == 0) { + CHKiRet(nsd_ptcp.Send(pThis->pTcp, pBuf, pLenBuf)); + } +finalize_it: + RETiRet; +} + + +/* open a connection to a remote host (server). + * rgerhards, 2008-03-19 + */ +static rsRetVal +Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) +{ + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + DEFiRet; + + ISOBJ_TYPE_assert(pThis, nsd_gtls); + assert(port != NULL); + assert(host != NULL); + if(pThis->iMode == 0) { + CHKiRet(nsd_ptcp.Connect(pThis->pTcp, family, port, host)); + } + + +finalize_it: + RETiRet; +} + + +/* queryInterface function */ +BEGINobjQueryInterface(nsd_gtls) +CODESTARTobjQueryInterface(nsd_gtls) + if(pIf->ifVersion != nsdCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + pIf->Construct = (rsRetVal(*)(nsd_t**)) nsd_gtlsConstruct; + pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_gtlsDestruct; + pIf->Abort = Abort; + pIf->LstnInit = LstnInit; + //pIf->AcceptConnReq = AcceptConnReq; + pIf->Rcv = Rcv; + pIf->Send = Send; + pIf->Connect = Connect; +finalize_it: +ENDobjQueryInterface(nsd_gtls) + + +/* exit our class + */ +BEGINObjClassExit(nsd_gtls, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(nsd_gtls) + /* release objects we no longer need */ + objRelease(nsd_ptcp, LM_NSD_PTCP_FILENAME); + objRelease(glbl, CORE_COMPONENT); + objRelease(errmsg, CORE_COMPONENT); +ENDObjClassExit(nsd_gtls) + + +/* Initialize the nsd_gtls class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINObjClassInit(nsd_gtls, 1, OBJ_IS_LOADABLE_MODULE) /* class, version */ + /* request objects we use */ + CHKiRet(objUse(errmsg, CORE_COMPONENT)); + CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(nsd_ptcp, LM_NSD_PTCP_FILENAME)); + + /* set our own handlers */ +ENDObjClassInit(nsd_gtls) + + +/* --------------- here now comes the plumbing that makes as a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + nsd_gtlsClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(nsd_gtlsClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/nsd_gtls.h b/runtime/nsd_gtls.h new file mode 100644 index 00000000..ddd561de --- /dev/null +++ b/runtime/nsd_gtls.h @@ -0,0 +1,47 @@ +/* An implementation of the nsd interface for GnuTLS. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NSD_GTLS_H +#define INCLUDED_NSD_GTLS_H + +#include "nsd.h" + +typedef nsd_if_t nsd_gtls_if_t; /* we just *implement* this interface */ + +/* the nsd_gtls object */ +struct nsd_gtls_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + nsd_t *pTcp; /**< our aggregated nsd_ptcp data */ + int iMode; /* 0 - plain tcp, 1 - TLS */ +}; + +/* interface is defined in nsd.h, we just implement it! */ +#define nsd_gtlsCURR_IF_VERSION nsdCURR_IF_VERSION + +/* prototypes */ +PROTOTYPEObj(nsd_gtls); + +/* the name of our library binary */ +#define LM_NSD_GTLS_FILENAME "lmnsd_gtls" + +#endif /* #ifndef INCLUDED_NSD_GTLS_H */ diff --git a/runtime/nsd_ptcp.h b/runtime/nsd_ptcp.h index d4848314..36725799 100644 --- a/runtime/nsd_ptcp.h +++ b/runtime/nsd_ptcp.h @@ -29,7 +29,7 @@ typedef nsd_if_t nsd_ptcp_if_t; /* we just *implement* this interface */ /* the nsd_ptcp object */ struct nsd_ptcp_s { - BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ uchar *pRemHostIP; /**< IP address of remote peer (currently used in server mode, only) */ uchar *pRemHostName; /**< host name of remote peer (currently used in server mode, only) */ int sock; /**< the socket we use for regular, single-socket, operations */ @@ -38,6 +38,7 @@ struct nsd_ptcp_s { }; /* interface is defined in nsd.h, we just implement it! */ +#define nsd_ptcpCURR_IF_VERSION nsdCURR_IF_VERSION /* prototypes */ PROTOTYPEObj(nsd_ptcp); diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index f7824006..ad2a543a 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -66,6 +66,9 @@ typedef struct filed selector_t;/* TODO: this so far resides in syslogd.c, think typedef struct NetAddr netAddr_t; typedef struct netstrm_s netstrm_t; typedef struct nsd_ptcp_s nsd_ptcp_t; +typedef struct nsd_gtls_s nsd_gtls_t; +typedef struct nsd_gsspi_s nsd_gsspi_t; +typedef struct nsd_nss_s nsd_nss_t; typedef obj_t nsd_t; typedef struct msg msg_t; typedef struct interface_s interface_t; -- cgit v1.2.3 From 2069ab114e2aac9c243aff72042912cac7ef6126 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 18 Apr 2008 18:29:02 +0200 Subject: first working TLS-enabled plain TCP sender implemented a first working version of a TLS-enabled plain TCP sender (but, of course, the implementation is insecure as it is) --- runtime/Makefile.am | 4 +- runtime/netstrm.c | 35 ++++++++++------ runtime/nsd.h | 5 +++ runtime/nsd_gtls.c | 117 +++++++++++++++++++++++++++++++++++++++++++++++++--- runtime/nsd_gtls.h | 2 + runtime/nsd_ptcp.c | 21 ++++++++++ runtime/rsyslog.h | 1 + 7 files changed, 166 insertions(+), 19 deletions(-) (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 23e62deb..1d07e79c 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -110,8 +110,8 @@ endif # if ENABLE_INET if ENABLE_GNUTLS pkglib_LTLIBRARIES += lmnsd_gtls.la lmnsd_gtls_la_SOURCES = nsd_gtls.c nsd_gtls.h -lmnsd_gtls_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnsd_gtls_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) $(gnutls_cflags) lmnsd_gtls_la_LDFLAGS = -module -avoid-version -lmnsd_gtls_la_LIBADD = +lmnsd_gtls_la_LIBADD = $(gnutls_libs) endif diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 274a92d7..a304ada4 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -84,18 +84,22 @@ loadDrvr(netstrm_t *pThis) uchar *pDrvrName; DEFiRet; - pDrvrName = pThis->pDrvrName; - if(pDrvrName == NULL) /* if no drvr name is set, use system default */ - pDrvrName = glbl.GetDfltNetstrmDrvr(); - - pThis->Drvr.ifVersion = nsdCURR_IF_VERSION; - /* The pDrvrName+2 below is a hack to obtain the object name. It - * safes us to have yet another variable with the name without "lm" in - * front of it. If we change the module load interface, we may re-think - * about this hack, but for the time being it is efficient and clean - * enough. -- rgerhards, 2008-04-18 - */ - CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); + if(pThis->Drvr.ifIsLoaded == 0) { + pDrvrName = pThis->pDrvrName; + if(pDrvrName == NULL) { /* if no drvr name is set, use system default */ + pDrvrName = glbl.GetDfltNetstrmDrvr(); + pThis->pDrvrName = (uchar*)strdup((char*)pDrvrName); // TODO: use set method once it exists + } + + pThis->Drvr.ifVersion = nsdCURR_IF_VERSION; + /* The pDrvrName+2 below is a hack to obtain the object name. It + * safes us to have yet another variable with the name without "lm" in + * front of it. If we change the module load interface, we may re-think + * about this hack, but for the time being it is efficient and clean + * enough. -- rgerhards, 2008-04-18 + */ + CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); + } finalize_it: RETiRet; } @@ -111,6 +115,13 @@ BEGINobjDestruct(netstrm) /* be sure to specify the object type also in END and CODESTARTobjDestruct(netstrm) if(pThis->pDrvrData != NULL) iRet = pThis->Drvr.Destruct(&pThis->pDrvrData); + + /* driver can only be released after all data has been destructed */ + if(pThis->Drvr.ifIsLoaded == 1) { + obj.ReleaseObj(__FILE__, pThis->pDrvrName+2, pThis->pDrvrName, (void*) &pThis->Drvr); + } + if(pThis->pDrvrName != NULL) + free(pThis->pDrvrName); ENDobjDestruct(netstrm) diff --git a/runtime/nsd.h b/runtime/nsd.h index c8bc95d0..203a65d6 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -41,6 +41,11 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Rcv)(nsd_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(nsd_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(nsd_t *pThis, int family, unsigned char *port, unsigned char *host); + rsRetVal (*GetSock)(nsd_t *pThis, int *pSock); + /* GetSock() returns an error if the driver does not use plain + * OS sockets. This interface is primarily meant as an internal aid for + * those drivers that utilize the nsd_ptcp to do some of their work. + */ ENDinterface(nsd) #define nsdCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index 6fe0cd8a..d1b44fc5 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -37,6 +37,7 @@ #include #include #include +#include #include "rsyslog.h" #include "syslogd-types.h" @@ -57,15 +58,72 @@ DEFobjCurrIf(glbl) DEFobjCurrIf(nsd_ptcp) +/* a macro to check GnuTLS calls against unexpected errors */ +#define CHKgnutls(x) \ + if((gnuRet = (x)) != 0) { \ + dbgprintf("unexpected GnuTLS error %d in %s:%d\n", gnuRet, __FILE__, __LINE__); \ + gnutls_perror(gnuRet); /* TODO: can we do better? */ \ + ABORT_FINALIZE(RS_RET_GNUTLS_ERR); \ + } + +#define CAFILE "ca.pem" // TODO: allow to specify + +/* ------------------------------ GnuTLS specifics ------------------------------ */ +static gnutls_certificate_credentials xcred; + +/* globally initialize GnuTLS */ +static rsRetVal +gtlsGlblInit(void) +{ + int gnuRet; + DEFiRet; + + CHKgnutls(gnutls_global_init()); + + /* X509 stuff */ + CHKgnutls(gnutls_certificate_allocate_credentials(&xcred)); + + /* sets the trusted cas file */ + gnutls_certificate_set_x509_trust_file(xcred, CAFILE, GNUTLS_X509_FMT_PEM); + +finalize_it: + RETiRet; +} + + +/* globally de-initialize GnuTLS */ +static rsRetVal +gtlsGlblExit(void) +{ + DEFiRet; + /* X509 stuff */ + gnutls_certificate_free_credentials(xcred); + gnutls_global_deinit(); /* we are done... */ + RETiRet; +} + + +/* ---------------------------- end GnuTLS specifics ---------------------------- */ + + /* Standard-Constructor */ BEGINobjConstruct(nsd_gtls) /* be sure to specify the object type also in END macro! */ iRet = nsd_ptcp.Construct(&pThis->pTcp); + pThis->iMode = 1; /* TODO: must be made configurable */ ENDobjConstruct(nsd_gtls) /* destructor for the nsd_gtls object */ BEGINobjDestruct(nsd_gtls) /* be sure to specify the object type also in END and CODESTART macros! */ CODESTARTobjDestruct(nsd_gtls) + if(pThis->iMode == 1) { + if(pThis->bHaveSess) { + // TODO: Check for EAGAIN et al + gnutls_bye(pThis->sess, GNUTLS_SHUT_RDWR); + gnutls_deinit(pThis->sess); + } + } + if(pThis->pTcp != NULL) nsd_ptcp.Destruct(&pThis->pTcp); ENDobjDestruct(nsd_gtls) @@ -150,36 +208,82 @@ finalize_it: static rsRetVal Send(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) { + int iSent; nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; DEFiRet; ISOBJ_TYPE_assert(pThis, nsd_gtls); if(pThis->iMode == 0) { CHKiRet(nsd_ptcp.Send(pThis->pTcp, pBuf, pLenBuf)); + FINALIZE; + } + + /* in TLS mode now */ + while(1) { /* loop broken inside */ + iSent = gnutls_record_send(pThis->sess, pBuf, *pLenBuf); +RUNLOG_VAR("%d", iSent); + if(iSent >= 0) { + *pLenBuf = iSent; + break; + } + if(iSent != GNUTLS_E_INTERRUPTED && iSent != GNUTLS_E_AGAIN) + ABORT_FINALIZE(RS_RET_GNUTLS_ERR); } + finalize_it: RETiRet; } -/* open a connection to a remote host (server). +/* open a connection to a remote host (server). With GnuTLS, we always + * open a plain tcp socket and then, if in TLS mode, do a handshake on it. * rgerhards, 2008-03-19 */ static rsRetVal Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) { nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + int sock; + int gnuRet; +static const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; DEFiRet; ISOBJ_TYPE_assert(pThis, nsd_gtls); assert(port != NULL); assert(host != NULL); - if(pThis->iMode == 0) { - CHKiRet(nsd_ptcp.Connect(pThis->pTcp, family, port, host)); - } + CHKiRet(nsd_ptcp.Connect(pThis->pTcp, family, port, host)); + + if(pThis->iMode == 0) + FINALIZE; + + /* we reach this point if in TLS mode */ + CHKgnutls(gnutls_init(&pThis->sess, GNUTLS_CLIENT)); + pThis->bHaveSess = 1; + + /* Use default priorities */ + CHKgnutls(gnutls_set_default_priority(pThis->sess)); + CHKgnutls(gnutls_certificate_type_set_priority(pThis->sess, cert_type_priority)); + + /* put the x509 credentials to the current session */ + CHKgnutls(gnutls_credentials_set(pThis->sess, GNUTLS_CRD_CERTIFICATE, xcred)); + + /* assign the socket to GnuTls */ + CHKiRet(nsd_ptcp.GetSock(pThis->pTcp, &sock)); + gnutls_transport_set_ptr(pThis->sess, (gnutls_transport_ptr)sock); + + /* and perform the handshake */ + CHKgnutls(gnutls_handshake(pThis->sess)); + dbgprintf("GnuTLS handshake succeeded\n"); finalize_it: + if(iRet != RS_RET_OK) { + if(pThis->bHaveSess) { + gnutls_deinit(pThis->sess); + pThis->bHaveSess = 0; + } + } + RETiRet; } @@ -212,6 +316,8 @@ ENDobjQueryInterface(nsd_gtls) */ BEGINObjClassExit(nsd_gtls, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ CODESTARTObjClassExit(nsd_gtls) + gtlsGlblExit(); /* shut down GnuTLS */ + /* release objects we no longer need */ objRelease(nsd_ptcp, LM_NSD_PTCP_FILENAME); objRelease(glbl, CORE_COMPONENT); @@ -229,7 +335,8 @@ BEGINObjClassInit(nsd_gtls, 1, OBJ_IS_LOADABLE_MODULE) /* class, version */ CHKiRet(objUse(glbl, CORE_COMPONENT)); CHKiRet(objUse(nsd_ptcp, LM_NSD_PTCP_FILENAME)); - /* set our own handlers */ + /* now do global TLS init stuff */ + CHKiRet(gtlsGlblInit()); ENDObjClassInit(nsd_gtls) diff --git a/runtime/nsd_gtls.h b/runtime/nsd_gtls.h index ddd561de..c193f57c 100644 --- a/runtime/nsd_gtls.h +++ b/runtime/nsd_gtls.h @@ -33,6 +33,8 @@ struct nsd_gtls_s { BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ nsd_t *pTcp; /**< our aggregated nsd_ptcp data */ int iMode; /* 0 - plain tcp, 1 - TLS */ + gnutls_session sess; + int bHaveSess; }; /* interface is defined in nsd.h, we just implement it! */ diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 6f7dd04d..c9df8f8c 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -87,6 +87,26 @@ CODESTARTobjDestruct(nsd_ptcp) ENDobjDestruct(nsd_ptcp) +/* Provide access to the underlying OS socket. This is primarily + * useful for other drivers (like nsd_gtls) who utilize ourselfs + * for some of their functionality. -- rgerhards, 2008-04-18 + * TODO: what about the server socket structure? + */ +static rsRetVal +GetSock(nsd_t *pNsd, int *pSock) +{ + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + DEFiRet; + + ISOBJ_TYPE_assert((pThis), nsd_ptcp); + assert(pSock != NULL); + + *pSock = pThis->sock; + + RETiRet; +} + + /* abort a connection. This is meant to be called immediately * before the Destruct call. -- rgerhards, 2008-03-24 */ @@ -519,6 +539,7 @@ CODESTARTobjQueryInterface(nsd_ptcp) pIf->Construct = (rsRetVal(*)(nsd_t**)) nsd_ptcpConstruct; pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_ptcpDestruct; pIf->Abort = Abort; + pIf->GetSock = GetSock; pIf->LstnInit = LstnInit; pIf->AcceptConnReq = AcceptConnReq; pIf->Rcv = Rcv; diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 61ddd3d9..8da59089 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -209,6 +209,7 @@ enum rsRetVal_ /** return value. All methods return this if not specified oth RS_RET_INVALID_HNAME = -2075, /**< remote peer's hostname invalid or unobtainable */ RS_RET_INVALID_PORT = -2076, /**< invalid port value */ RS_RET_COULD_NOT_BIND = -2077, /**< could not bind socket, defunct */ + RS_RET_GNUTLS_ERR = -2078, /**< (unexpected) error in GnuTLS call */ /* RainerScript error messages (range 1000.. 1999) */ RS_RET_SYSVAR_NOT_FOUND = 1001, /**< system variable could not be found (maybe misspelled) */ -- cgit v1.2.3 From d3b135ba9fd390caa7a0a942dae4faf979c4ece1 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 18 Apr 2008 18:52:51 +0200 Subject: improved TLS session closure --- runtime/nsd_gtls.c | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) (limited to 'runtime') diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index d1b44fc5..648b843e 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -103,6 +103,27 @@ gtlsGlblExit(void) } +/* end a GnuTLS session + * The function checks if we have a session and ends it only if so. So it can + * always be called, even if there currently is no session. + */ +static rsRetVal +gtlsEndSess(nsd_gtls_t *pThis) +{ + int gnuRet; + DEFiRet; + + if(pThis->bHaveSess) { + gnuRet = gnutls_bye(pThis->sess, GNUTLS_SHUT_RDWR); + while(gnuRet == GNUTLS_E_INTERRUPTED || gnuRet == GNUTLS_E_AGAIN) { + gnuRet = gnutls_bye(pThis->sess, GNUTLS_SHUT_RDWR); + } + gnutls_deinit(pThis->sess); + } + RETiRet; +} + + /* ---------------------------- end GnuTLS specifics ---------------------------- */ @@ -117,11 +138,7 @@ ENDobjConstruct(nsd_gtls) BEGINobjDestruct(nsd_gtls) /* be sure to specify the object type also in END and CODESTART macros! */ CODESTARTobjDestruct(nsd_gtls) if(pThis->iMode == 1) { - if(pThis->bHaveSess) { - // TODO: Check for EAGAIN et al - gnutls_bye(pThis->sess, GNUTLS_SHUT_RDWR); - gnutls_deinit(pThis->sess); - } + gtlsEndSess(pThis); } if(pThis->pTcp != NULL) -- cgit v1.2.3 From 2be459c4d7645ad12f83723be7bb26199fe98b82 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 23 Apr 2008 09:59:01 +0200 Subject: objects for receive-side socket abstraction specified The objects for receiver-side socket abstraction have now be specified. The project as whole does not yet compile and definitely not run, but I'd like to commit some milestones along this way. --- runtime/Makefile.am | 17 +++- runtime/netstrm.c | 82 +++++++++---------- runtime/netstrm.h | 34 +++++++- runtime/nsd.h | 20 ++++- runtime/nsd_ptcp.c | 187 +++++++++++++++++++++--------------------- runtime/nsd_ptcp.h | 2 - runtime/nsdsel_ptcp.c | 216 ++++++++++++++++++++++++++++++++++++++++++++++++ runtime/nsdsel_ptcp.h | 46 +++++++++++ runtime/nssel.c | 222 ++++++++++++++++++++++++++++++++++++++++++++++++++ runtime/nssel.h | 55 +++++++++++++ runtime/rsyslog.h | 5 ++ 11 files changed, 739 insertions(+), 147 deletions(-) create mode 100644 runtime/nsdsel_ptcp.c create mode 100644 runtime/nsdsel_ptcp.h create mode 100644 runtime/nssel.c create mode 100644 runtime/nssel.h (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 077310c6..61ede1d7 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -81,7 +81,7 @@ lmregexp_la_LIBADD = endif if ENABLE_INET -pkglib_LTLIBRARIES += lmnet.la lmnetstrm.la +pkglib_LTLIBRARIES += lmnet.la lmnetstrm.la lmnssel.la # # network support # @@ -96,12 +96,25 @@ lmnetstrm_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnetstrm_la_LDFLAGS = -module -avoid-version lmnetstrm_la_LIBADD = +# network stream select support (a helper class) +lmnssel_la_SOURCES = nssel.c nssel.h +lmnssel_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnssel_la_LDFLAGS = -module -avoid-version +lmnssel_la_LIBADD = + # netstream drivers -# plain tcp driver +# plain tcp driver - main driver pkglib_LTLIBRARIES += lmnsd_ptcp.la lmnsd_ptcp_la_SOURCES = nsd_ptcp.c nsd_ptcp.h lmnsd_ptcp_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnsd_ptcp_la_LDFLAGS = -module -avoid-version lmnsd_ptcp_la_LIBADD = + +# select interface for ptcp driver +pkglib_LTLIBRARIES += lmnsdsel_ptcp.la +lmnsdsel_ptcp_la_SOURCES = nsdsel_ptcp.c nsdsel_ptcp.h +lmnsdsel_ptcp_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnsdsel_ptcp_la_LDFLAGS = -module -avoid-version +lmnsdsel_ptcp_la_LIBADD = endif # if ENABLE_INET diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 274a92d7..bdd2636c 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -144,73 +144,65 @@ AbortDestruct(netstrm_t **ppThis) } -#if 0 -This is not yet working - wait until we arrive at the receiver side (distracts too much at the moment) - -/* accept an incoming connection request, pNsdLstn provides the "listen socket" on which we can - * accept the new session. - * rgerhards, 2008-03-17 +/* accept an incoming connection request + * The netstrm instance that had the incoming request must be provided. If + * the connection request succeeds, a new netstrm object is created and + * passed back to the caller. The caller is responsible for destructing it. + * pReq is the nsd_t obj that has the accept request. + * rgerhards, 2008-04-21 */ static rsRetVal -AcceptConnReq(netstrm_t **ppThis, nsd_t *pNsdLstn) +AcceptConnReq(netstrm_t *pThis, nsd_t *pReqNsd, netstrm_t **ppNew) { - netstrm_t *pThis = NULL; - nsd_t *pNsd; + netstrm_t *pNew = NULL; + nsd_t *pNewNsd = NULL; DEFiRet; - assert(ppThis != NULL); + ISOBJ_TYPE_assert(pThis, netstrm); + assert(pReqNsd != NULL); + assert(ppNew != NULL); + + /* accept the new connection */ + CHKiRet(pThis->Drvr.AcceptConnReq(pReqNsd, &pNewNsd)); /* construct our object so that we can use it... */ - CHKiRet(netstrmConstruct(&pThis)); - - /* TODO: obtain hostname, normalize (callback?), save it */ - CHKiRet(FillRemHost(pThis, (struct sockaddr*) &addr)); - - /* set the new socket to non-blocking IO */ - if((sockflags = fcntl(iNewSock, F_GETFL)) != -1) { - sockflags |= O_NONBLOCK; - /* SETFL could fail too, so get it caught by the subsequent - * error check. - */ - sockflags = fcntl(iNewSock, F_SETFL, sockflags); - } - if(sockflags == -1) { - dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket %d", errno, iNewSock); - ABORT_FINALIZE(RS_RET_IO_ERROR); - } + CHKiRet(netstrmConstruct(&pNew)); - pThis->sock = iNewSock; + pNew->pDrvrData = pNewNsd; + if(pThis->pDrvrName == NULL) { + pNew->pDrvrName = NULL; + } else { + CHKmalloc(pNew->pDrvrName = (uchar*) strdup((char*)pThis->pDrvrName)); + } + CHKiRet(loadDrvr(pNew)); - *ppThis = pThis; + *ppNew = pNew; finalize_it: if(iRet != RS_RET_OK) { - if(pThis != NULL) - netstrmDestruct(&pThis); + if(pNew != NULL) + netstrmDestruct(&pNew); /* the close may be redundant, but that doesn't hurt... */ - if(iNewSock >= 0) - close(iNewSock); + if(pNewNsd != NULL) + pThis->Drvr.Destruct(&pNewNsd); } - RETiRet; } -#endif -/* initialize the tcp socket for a listner - * pLstnPort must point to a port name or number. NULL is NOT permitted - * (hint: we need to be careful when we use this module together with librelp, - * there NULL indicates the default port - * default is used. - * gerhards, 2008-03-17 +/* make the netstrm listen to specified port and IP. + * pLstnIP points to the port to listen to (NULL means "all"), + * iMaxSess has the maximum number of sessions permitted (this ist just a hint). + * pLstnPort must point to a port name or number. NULL is NOT permitted. + * rgerhards, 2008-04-22 */ static rsRetVal -LstnInit(netstrm_t *pThis, uchar *pLstnPort) +LstnInit(netstrm_t *pThis, uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); assert(pLstnPort != NULL); - CHKiRet(pThis->Drvr.LstnInit(pThis->pDrvrData, pLstnPort)); + CHKiRet(pThis->Drvr.LstnInit(&pThis->parrLstn, &pThis->isizeLstnArr, pLstnPort, pLstnIP, iSessMax)); finalize_it: RETiRet; @@ -284,11 +276,11 @@ CODESTARTobjQueryInterface(netstrm) pIf->ConstructFinalize = netstrmConstructFinalize; pIf->Destruct = netstrmDestruct; pIf->AbortDestruct = AbortDestruct; - pIf->LstnInit = LstnInit; - // TODO: add later: pIf->AcceptConnReq = AcceptConnReq; pIf->Rcv = Rcv; pIf->Send = Send; pIf->Connect = Connect; + pIf->LstnInit = LstnInit; + pIf->AcceptConnReq = AcceptConnReq; finalize_it: ENDobjQueryInterface(netstrm) diff --git a/runtime/netstrm.h b/runtime/netstrm.h index 75b7c457..a3719f93 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -29,11 +29,34 @@ /* the netstrm object */ struct netstrm_s { BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ - nsd_if_t Drvr; /**< our stream driver */ nsd_t *pDrvrData; /**< the driver's data elements */ uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ + nsd_if_t Drvr; /**< our stream driver */ + /* for listeners, we need to have the capablity to listen on multiple "sockets". This + * is needed to support IPv6. We do this by specifying an array of nsd_t objects to + * handle this case. + */ + int isizeLstnArr; + nsd_t **parrLstn; }; +/* a helper object enabling us to wait on a set of streams to become + * ready for IO - this is modelled after select(). We need this, because + * stream drivers may have different concepts. Consequently, + * the structure must contain nsd_t's from the same stream driver type + * only. This is implemented as a singly-linked list where every + * new element is added at the top of the list. -- rgerhards, 2008-04-22 + */ +typedef struct netstrm_iowaiter_s netstrm_iowaiter_t; +struct netstrm_iowaiter_s { + netstrm_iowaiter_t *pNext; + nsd_t *pNsd; + enum { + NETSTRM_IOWAIT_RD = 1, + NETSTRM_IOWAIT_WR = 2, + NETSTRM_IOWAIT_RDWR = 3 + } waitOp; /**< the operation we wait for */ +}; /* interface */ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ @@ -41,11 +64,16 @@ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ rsRetVal (*ConstructFinalize)(netstrm_t *pThis); rsRetVal (*Destruct)(netstrm_t **ppThis); rsRetVal (*AbortDestruct)(netstrm_t **ppThis); - rsRetVal (*LstnInit)(netstrm_t *pThis, unsigned char *pLstnPort); - rsRetVal (*AcceptConnReq)(netstrm_t **ppThis, int sock); + rsRetVal (*LstnInit)(netstrm_t *pThis, uchar *pLstnPort, uchar *pLstnIP, int iSessMax); + rsRetVal (*AcceptConnReq)(netstrm_t *pThis, nsd_t *pReqNsd, netstrm_t **ppNew); rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(netstrm_t *pThis, int family, unsigned char *port, unsigned char *host); + rsRetVal (*SelectInit)(nsdsel_t **ppSel, netstrm_t *pThis); + rsRetVal (*SelectAdd)(nsdsel_t *pSel, netstrm_t *pThis); + rsRetVal (*SelectWait)(nsdsel_t *pSel, int *piNumReady); + rsRetVal (*SelectIsReady)(nsdsel_t *pSel, int *piNumReady); + rsRetVal (*SelectExit)(nsdsel_t **ppSel); ENDinterface(netstrm) #define netstrmCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsd.h b/runtime/nsd.h index 52c36dcf..2fb883ac 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -28,6 +28,12 @@ #ifndef INCLUDED_NSD_H #define INCLUDED_NSD_H +enum nsdsel_waitOp_e { + NSDSEL_RD = 1, + NSDSEL_WR = 2, + NSDSEL_RDWR = 3 +}; /**< the operation we wait for */ + /* nsd_t is actually obj_t (which is somewhat better than void* but in essence * much the same). */ @@ -37,12 +43,22 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Construct)(nsd_t **ppThis); rsRetVal (*Destruct)(nsd_t **ppThis); rsRetVal (*Abort)(nsd_t *pThis); - rsRetVal (*LstnInit)(nsd_t *pThis, unsigned char *pLstnPort); - rsRetVal (*AcceptConnReq)(nsd_t **ppThis, int sock); rsRetVal (*Rcv)(nsd_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(nsd_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(nsd_t *pThis, int family, unsigned char *port, unsigned char *host); + rsRetVal (*LstnInit)(nsd_t ***parrLstn, int *pLstnArrSize, uchar *pLstnPort, uchar *pLstnIP, int iSessMax); + rsRetVal (*AcceptConnReq)(nsd_t *pThis, nsd_t **ppThis); ENDinterface(nsd) #define nsdCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ +/* interface for the select call */ +BEGINinterface(nsdsel) /* name must also be changed in ENDinterface macro! */ + rsRetVal (*Construct)(nsdsel_t **ppThis); + rsRetVal (*Destruct)(nsdsel_t **ppThis); + rsRetVal (*Add)(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp); + rsRetVal (*Select)(nsdsel_t *pNsdsel, int *piNumReady); + rsRetVal (*IsReady)(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp); +ENDinterface(nsdsel) +#define nsdselCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ + #endif /* #ifndef INCLUDED_NSD_H */ diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 6f7dd04d..c737c168 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -56,30 +56,29 @@ DEFobjCurrIf(glbl) DEFobjCurrIf(net) +/* a few deinit helpers */ + +/* close socket if open (may always be called) */ +static void +sockClose(int *pSock) +{ + if(*pSock >= 0) { + close(*pSock); + *pSock = -1; + } +} + /* Standard-Constructor */ BEGINobjConstruct(nsd_ptcp) /* be sure to specify the object type also in END macro! */ pThis->sock = -1; - pThis->iSessMax = 500; /* default max nbr of sessions -TODO:make configurable--rgerhards, 2008-04-17*/ ENDobjConstruct(nsd_ptcp) /* destructor for the nsd_ptcp object */ BEGINobjDestruct(nsd_ptcp) /* be sure to specify the object type also in END and CODESTART macros! */ - int i; CODESTARTobjDestruct(nsd_ptcp) - if(pThis->sock != -1) { - close(pThis->sock); - pThis->sock = -1; - } - - if(pThis->socks != NULL) { - /* if we have some sockets at this stage, we need to close them */ - for(i = 1 ; i <= pThis->socks[0] ; ++i) - close(pThis->socks[i]); - free(pThis->socks); - } - + sockClose(&pThis->sock); if(pThis->pRemHostIP != NULL) free(pThis->pRemHostIP); if(pThis->pRemHostName != NULL) @@ -189,33 +188,34 @@ finalize_it: -/* accept an incoming connection request, sock provides the socket on which we can - * accept the new session. - * rgerhards, 2008-03-17 +/* accept an incoming connection request + * rgerhards, 2008-04-22 */ static rsRetVal -AcceptConnReq(nsd_t **ppThis, int sock) +AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew) { int sockflags; + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; struct sockaddr_storage addr; socklen_t addrlen = sizeof(addr); - nsd_ptcp_t *pThis = NULL; + nsd_ptcp_t *pNew = NULL; int iNewSock = -1; DEFiRet; - assert(ppThis != NULL); + assert(ppNew != NULL); + ISOBJ_TYPE_assert(pThis, nsd_ptcp_t); - iNewSock = accept(sock, (struct sockaddr*) &addr, &addrlen); + iNewSock = accept(pThis->sock, (struct sockaddr*) &addr, &addrlen); if(iNewSock < 0) { ABORT_FINALIZE(RS_RET_ACCEPT_ERR); } /* construct our object so that we can use it... */ - CHKiRet(nsd_ptcpConstruct(&pThis)); + CHKiRet(nsd_ptcpConstruct(&pNew)); - CHKiRet(FillRemHost(pThis, (struct sockaddr*) &addr)); + CHKiRet(FillRemHost(pNew, (struct sockaddr*) &addr)); - /* set the new socket to non-blocking IO */ + /* set the new socket to non-blocking IO -TODO:do we really need to do this here? Do we always want it? */ if((sockflags = fcntl(iNewSock, F_GETFL)) != -1) { sockflags |= O_NONBLOCK; /* SETFL could fail too, so get it caught by the subsequent @@ -228,41 +228,41 @@ AcceptConnReq(nsd_t **ppThis, int sock) ABORT_FINALIZE(RS_RET_IO_ERROR); } - pThis->sock = iNewSock; - - *ppThis = (nsd_t*) pThis; + pNew->sock = iNewSock; + *ppNew = (nsd_t*) pNew; finalize_it: if(iRet != RS_RET_OK) { - if(pThis != NULL) - nsd_ptcpDestruct(&pThis); + if(pNew != NULL) + nsd_ptcpDestruct(&pNew); /* the close may be redundant, but that doesn't hurt... */ - if(iNewSock >= 0) - close(iNewSock); + sockClose(&iNewSock); } RETiRet; } -/* initialize the tcp socket for a listner - * pLstnPort must point to a port name or number. NULL is NOT permitted - * (hint: we need to be careful when we use this module together with librelp, - * there NULL indicates the default port - * default is used. - * gerhards, 2008-03-17 +/* initialize tcp sockets for a listner. This function returns an array of nds_t + * objects. The size of this array is returend in pLstnArrSize. + * pLstnPort must point to a port name or number. NULL is NOT permitted. pLstnIP + * points to the port to listen to (NULL means "all"), iMaxSess has the maximum + * number of sessions permitted. + * rgerhards, 2008-04-22 */ static rsRetVal -LstnInit(nsd_t *pNsd, uchar *pLstnPort) +LstnInit(nsd_t ***parrLstnNsd, int *pLstnArrSize, uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { - nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; - struct addrinfo hints, *res, *r; - int error, maxs, *s, on = 1; + DEFiRet; + struct addrinfo hints, *res = NULL, *r; + nsd_ptcp_t **arrLstn = NULL; + int error, maxs, on = 1; + int sock; int sockflags; - DEFiRet; - ISOBJ_TYPE_assert(pThis, nsd_ptcp); + assert(parrLstnNsd != NULL); assert(pLstnPort != NULL); + assert(iSessMax >= 0); dbgprintf("creating tcp listen socket on port %s\n", pLstnPort); @@ -271,7 +271,7 @@ LstnInit(nsd_t *pNsd, uchar *pLstnPort) hints.ai_family = glbl.GetDefPFFamily(); hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(NULL, (char*) pLstnPort, &hints, &res); + error = getaddrinfo((char*)pLstnIP, (char*) pLstnPort, &hints, &res); if(error) { dbgprintf("error %d querying port '%s'\n", error, pLstnPort); ABORT_FINALIZE(RS_RET_INVALID_PORT); @@ -280,20 +280,14 @@ LstnInit(nsd_t *pNsd, uchar *pLstnPort) /* Count max number of sockets we may open */ for(maxs = 0, r = res; r != NULL ; r = r->ai_next, maxs++) /* EMPTY */; - pThis->socks = malloc((maxs+1) * sizeof(int)); - if (pThis->socks == NULL) { - dbgprintf("couldn't allocate memory for TCP listen sockets, suspending RELP message reception."); - freeaddrinfo(res); - ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY); - } + CHKmalloc(arrLstn = (nsd_ptcp_t**) malloc((maxs+1) * sizeof(nsd_ptcp_t*))); - *pThis->socks = 0; /* num of sockets counter at start of array */ - s = pThis->socks + 1; + *pLstnArrSize = 0; /* num of sockets counter at start of array */ for(r = res; r != NULL ; r = r->ai_next) { - *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); - if (*s < 0) { + sock = socket(r->ai_family, r->ai_socktype, r->ai_protocol); + if(sock < 0) { if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) - dbgprintf("creating tcp listen socket"); + dbgprintf("error %d creating tcp listen socket", errno); /* it is debatable if PF_INET with EAFNOSUPPORT should * also be ignored... */ @@ -301,35 +295,32 @@ LstnInit(nsd_t *pNsd, uchar *pLstnPort) } #ifdef IPV6_V6ONLY - if (r->ai_family == AF_INET6) { + if(r->ai_family == AF_INET6) { int iOn = 1; - if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, + if(setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&iOn, sizeof (iOn)) < 0) { - close(*s); - *s = -1; - continue; + close(sock); + continue; } } #endif - if(setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)) < 0 ) { + if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)) < 0 ) { dbgprintf("error %d setting tcp socket option\n", errno); - close(*s); - *s = -1; + close(sock); continue; } /* We use non-blocking IO! */ - if((sockflags = fcntl(*s, F_GETFL)) != -1) { + if((sockflags = fcntl(sock, F_GETFL)) != -1) { sockflags |= O_NONBLOCK; /* SETFL could fail too, so get it caught by the subsequent * error check. */ - sockflags = fcntl(*s, F_SETFL, sockflags); + sockflags = fcntl(sock, F_SETFL, sockflags); } if(sockflags == -1) { dbgprintf("error %d setting fcntl(O_NONBLOCK) on tcp socket", errno); - close(*s); - *s = -1; + close(sock); continue; } @@ -340,62 +331,75 @@ LstnInit(nsd_t *pNsd, uchar *pLstnPort) */ #ifndef BSD if(net.should_use_so_bsdcompat()) { - if (setsockopt(*s, SOL_SOCKET, SO_BSDCOMPAT, + if (setsockopt(sock, SOL_SOCKET, SO_BSDCOMPAT, (char *) &on, sizeof(on)) < 0) { errmsg.LogError(NO_ERRCODE, "TCP setsockopt(BSDCOMPAT)"); - close(*s); - *s = -1; + close(sock); continue; } } #endif - if( (bind(*s, r->ai_addr, r->ai_addrlen) < 0) + if( (bind(sock, r->ai_addr, r->ai_addrlen) < 0) #ifndef IPV6_V6ONLY && (errno != EADDRINUSE) #endif ) { + /* TODO: check if *we* bound the socket - else we *have* an error! */ dbgprintf("error %d while binding tcp socket", errno); - close(*s); - *s = -1; + close(sock); continue; } - if(listen(*s,pThis->iSessMax / 10 + 5) < 0) { + if(listen(sock, iSessMax / 10 + 5) < 0) { /* If the listen fails, it most probably fails because we ask * for a too-large backlog. So in this case we first set back * to a fixed, reasonable, limit that should work. Only if * that fails, too, we give up. */ dbgprintf("listen with a backlog of %d failed - retrying with default of 32.", - pThis->iSessMax / 10 + 5); - if(listen(*s, 32) < 0) { + iSessMax / 10 + 5); + if(listen(sock, 32) < 0) { dbgprintf("tcp listen error %d, suspending\n", errno); - close(*s); - *s = -1; + close(sock); continue; } } - (*pThis->socks)++; - s++; + /* if we reach this point, we were able to obtain a valid socket, which we + * now can save to the array of listen sockets. -- rgerhards, 2008-04-22 + */ + CHKiRet(nsd_ptcpConstruct(arrLstn+*pLstnArrSize)); + arrLstn[*pLstnArrSize]->sock = sock; + ++(*pLstnArrSize); } if(res != NULL) freeaddrinfo(res); - if(*pThis->socks != maxs) - dbgprintf("We could initialize %d RELP TCP listen sockets out of %d we received " - "- this may or may not be an error indication.\n", *pThis->socks, maxs); + if(*pLstnArrSize != maxs) + dbgprintf("We could initialize %d TCP listen sockets out of %d we received " + "- this may or may not be an error indication.\n", *pLstnArrSize, maxs); - if(*pThis->socks == 0) { - dbgprintf("No RELP TCP listen socket could successfully be initialized, " - "message reception via RELP disabled.\n"); - free(pThis->socks); + if(*pLstnArrSize == 0) { + dbgprintf("No TCP listen sockets could successfully be initialized, " + "message reception disabled.\n"); ABORT_FINALIZE(RS_RET_COULD_NOT_BIND); } + *parrLstnNsd = (nsd_t**) arrLstn; + arrLstn = NULL; /* prevent from being freed in error handler */ + finalize_it: + if(iRet != RS_RET_OK) { + if(res != NULL) + freeaddrinfo(res); + if(arrLstn != NULL) { + for(maxs = 0 ; maxs < *pLstnArrSize ; ++maxs) + nsd_ptcpDestruct(arrLstn+*pLstnArrSize); + } + } + RETiRet; } @@ -494,10 +498,7 @@ finalize_it: freeaddrinfo(res); if(iRet != RS_RET_OK) { - if(pThis->sock != -1) { - close(pThis->sock); - pThis->sock = -1; - } + sockClose(&pThis->sock); } RETiRet; @@ -519,10 +520,10 @@ CODESTARTobjQueryInterface(nsd_ptcp) pIf->Construct = (rsRetVal(*)(nsd_t**)) nsd_ptcpConstruct; pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_ptcpDestruct; pIf->Abort = Abort; - pIf->LstnInit = LstnInit; - pIf->AcceptConnReq = AcceptConnReq; pIf->Rcv = Rcv; pIf->Send = Send; + pIf->LstnInit = LstnInit; + pIf->AcceptConnReq = AcceptConnReq; pIf->Connect = Connect; finalize_it: ENDobjQueryInterface(nsd_ptcp) diff --git a/runtime/nsd_ptcp.h b/runtime/nsd_ptcp.h index d4848314..ac11d528 100644 --- a/runtime/nsd_ptcp.h +++ b/runtime/nsd_ptcp.h @@ -33,8 +33,6 @@ struct nsd_ptcp_s { uchar *pRemHostIP; /**< IP address of remote peer (currently used in server mode, only) */ uchar *pRemHostName; /**< host name of remote peer (currently used in server mode, only) */ int sock; /**< the socket we use for regular, single-socket, operations */ - int *socks; /**< the socket(s) we use for listeners, element 0 has nbr of socks */ - int iSessMax; /**< maximum number of sessions permitted */ }; /* interface is defined in nsd.h, we just implement it! */ diff --git a/runtime/nsdsel_ptcp.c b/runtime/nsdsel_ptcp.c new file mode 100644 index 00000000..67f3c62a --- /dev/null +++ b/runtime/nsdsel_ptcp.c @@ -0,0 +1,216 @@ +/* nsdsel_ptcp.c + * + * An implementation of the nsd select() interface for plain tcp sockets. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +#include "rsyslog.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "rsyslog.h" +#include "module-template.h" +#include "obj.h" +#include "errmsg.h" +#include "nsd_ptcp.h" +#include "nsdsel_ptcp.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +DEFobjCurrIf(errmsg) +DEFobjCurrIf(glbl) + + +/* Standard-Constructor + */ +BEGINobjConstruct(nsdsel_ptcp) /* be sure to specify the object type also in END macro! */ + pThis->maxfds = 0; + FD_ZERO(&pThis->readfds); + FD_ZERO(&pThis->writefds); +ENDobjConstruct(nsdsel_ptcp) + + +/* destructor for the nsdsel_ptcp object */ +BEGINobjDestruct(nsdsel_ptcp) /* be sure to specify the object type also in END and CODESTART macros! */ +CODESTARTobjDestruct(nsdsel_ptcp) +ENDobjDestruct(nsdsel_ptcp) + + +/* Add a socket to the select set */ +static rsRetVal +Add(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) +{ + DEFiRet; + nsdsel_ptcp_t *pThis = (nsdsel_ptcp_t*) pNsdsel; + nsd_ptcp_t *pSock = (nsd_ptcp_t*) pNsd; + + ISOBJ_TYPE_assert(pSock, nsd_ptcp); + ISOBJ_TYPE_assert(pThis, nsdsel_ptcp); + + switch(waitOp) { + case NSDSEL_RD: + FD_SET(pSock->sock, &pThis->readfds); + break; + case NSDSEL_WR: + FD_SET(pSock->sock, &pThis->writefds); + break; + case NSDSEL_RDWR: + FD_SET(pSock->sock, &pThis->readfds); + FD_SET(pSock->sock, &pThis->writefds); + break; + } + + if(pSock->sock > pThis->maxfds) + pThis->maxfds = pSock->sock; + + RETiRet; +} + + +/* perform the select() piNumReady returns how many descriptors are ready for IO + * TODO: add timeout! + */ +static rsRetVal +Select(nsdsel_t *pNsdsel, int *piNumReady) +{ + DEFiRet; + int i; + nsdsel_ptcp_t *pThis = (nsdsel_ptcp_t*) pNsdsel; + + ISOBJ_TYPE_assert(pThis, nsdsel_ptcp); + assert(piNumReady != NULL); + + if(Debug) { // TODO: debug setting! + // TODO: name in dbgprintf! + dbgprintf("-------- calling select, active fds (max %d): ", pThis->maxfds); + for(i = 0; i <= pThis->maxfds; ++i) + if(FD_ISSET(i, &pThis->readfds) || FD_ISSET(i, &pThis->writefds)) + dbgprintf("%d ", i); + dbgprintf("\n"); + } + + /* now do the select */ + *piNumReady = select(pThis->maxfds+1, &pThis->readfds, &pThis->writefds, NULL, NULL); + + RETiRet; +} + + +/* check if a socket is ready for IO */ +static rsRetVal +IsReady(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) +{ + DEFiRet; + nsdsel_ptcp_t *pThis = (nsdsel_ptcp_t*) pNsdsel; + nsd_ptcp_t *pSock = (nsd_ptcp_t*) pNsd; + + ISOBJ_TYPE_assert(pThis, nsdsel_ptcp); + ISOBJ_TYPE_assert(pSock, nsd_ptcp); + RETiRet; +} + + +/* ------------------------------ end support for the select() interface ------------------------------ */ + + +/* queryInterface function */ +BEGINobjQueryInterface(nsdsel_ptcp) +CODESTARTobjQueryInterface(nsdsel_ptcp) + if(pIf->ifVersion != nsdCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + pIf->Construct = (rsRetVal(*)(nsdsel_t**)) nsdsel_ptcpConstruct; + pIf->Destruct = (rsRetVal(*)(nsdsel_t**)) nsdsel_ptcpDestruct; + pIf->Add = Add; + pIf->Select = Select; + pIf->IsReady = IsReady; +finalize_it: +ENDobjQueryInterface(nsdsel_ptcp) + + +/* exit our class + */ +BEGINObjClassExit(nsdsel_ptcp, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(nsdsel_ptcp) + /* release objects we no longer need */ + objRelease(glbl, CORE_COMPONENT); + objRelease(errmsg, CORE_COMPONENT); +ENDObjClassExit(nsdsel_ptcp) + + +/* Initialize the nsdsel_ptcp class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINObjClassInit(nsdsel_ptcp, 1, OBJ_IS_LOADABLE_MODULE) /* class, version */ + /* request objects we use */ + CHKiRet(objUse(errmsg, CORE_COMPONENT)); + CHKiRet(objUse(glbl, CORE_COMPONENT)); + + /* set our own handlers */ +ENDObjClassInit(nsdsel_ptcp) + + +/* --------------- here now comes the plumbing that makes as a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + nsdsel_ptcpClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(nsdsel_ptcpClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/nsdsel_ptcp.h b/runtime/nsdsel_ptcp.h new file mode 100644 index 00000000..39294d7d --- /dev/null +++ b/runtime/nsdsel_ptcp.h @@ -0,0 +1,46 @@ +/* An implementation of the nsd select interface for plain tcp sockets. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NSDSEL_PTCP_H +#define INCLUDED_NSDSEL_PTCP_H + +#include "nsd.h" +typedef nsdsel_if_t nsdsel_ptcp_if_t; /* we just *implement* this interface */ + +/* the nsdsel_ptcp object */ +struct nsdsel_ptcp_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + int maxfds; + fd_set readfds; + fd_set writefds; +}; + +/* interface is defined in nsd.h, we just implement it! */ + +/* prototypes */ +PROTOTYPEObj(nsdsel_ptcp); + +/* the name of our library binary */ +#define LM_NSDSEL_PTCP_FILENAME "lmnsdsel_ptcp" + +#endif /* #ifndef INCLUDED_NSDSEL_PTCP_H */ diff --git a/runtime/nssel.c b/runtime/nssel.c new file mode 100644 index 00000000..f2844872 --- /dev/null +++ b/runtime/nssel.c @@ -0,0 +1,222 @@ +/* nssel.c + * + * The io waiter is a helper object enabling us to wait on a set of streams to become + * ready for IO - this is modelled after select(). We need this, because + * stream drivers may have different concepts. Consequently, + * the structure must contain nsd_t's from the same stream driver type + * only. This is implemented as a singly-linked list where every + * new element is added at the top of the list. + * + * Work on this module begun 2008-04-22 by Rainer Gerhards. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +#include "rsyslog.h" +#include +#include +#include +#include +#include + +#include "rsyslog.h" +#include "obj.h" +#include "module-template.h" +#include "nssel.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +DEFobjCurrIf(glbl) + + +/* load our low-level driver. This must be done before any + * driver-specific functions (allmost all...) can be carried + * out. Note that the driver's .ifIsLoaded is correctly + * initialized by calloc() and we depend on that. + * rgerhards, 2008-04-18 + */ +static rsRetVal +loadDrvr(nssel_t *pThis) +{ + uchar *pDrvrName; + DEFiRet; + + pDrvrName = pThis->pDrvrName; + if(pDrvrName == NULL) /* if no drvr name is set, use system default */ + pDrvrName = glbl.GetDfltNetstrmDrvr(); + + pThis->Drvr.ifVersion = nsdCURR_IF_VERSION; + /* The pDrvrName+2 below is a hack to obtain the object name. It + * safes us to have yet another variable with the name without "lm" in + * front of it. If we change the module load interface, we may re-think + * about this hack, but for the time being it is efficient and clean + * enough. -- rgerhards, 2008-04-18 + */ + CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); +finalize_it: + RETiRet; +} + + +/* Standard-Constructor */ +BEGINobjConstruct(nssel) /* be sure to specify the object type also in END macro! */ +ENDobjConstruct(nssel) + + +/* destructor for the nssel object */ +BEGINobjDestruct(nssel) /* be sure to specify the object type also in END and CODESTART macros! */ +CODESTARTobjDestruct(nssel) +ENDobjDestruct(nssel) + + +/* ConstructionFinalizer */ +static rsRetVal +ConstructFinalize(nssel_t *pThis) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, nssel); + CHKiRet(loadDrvr(pThis)); + CHKiRet(pThis->Drvr.Construct(&pThis->pDrvrData)); +finalize_it: + RETiRet; +} + + +/* Add a stream object to the current IOW. Note that a single stream may + * have multiple "sockets" if it is a listener. If so, all of them are + * begin added. + */ +static rsRetVal +Add(nssel_t *pThis, netstrm_t *pStrm) +{ + DEFiRet; + + ISOBJ_TYPE_assert(pThis, nssel); + ISOBJ_TYPE_assert(pStrm, netstrm); + + +finalize_it: + RETiRet; +} + + +/* wait for IO to happen on one of our netstreams. iNumReady has + * the number of ready "sockets" after the call. This function blocks + * until some are ready. EAGAIN is retried. + */ +static rsRetVal +Wait(nssel_t *pThis, int *piNumReady) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, nssel); + assert(piNumReady != NULL); + RETiRet; +} + + +/* Check if a stream is ready for IO. *piNumReady contains the remaining number + * of ready streams. Note that this function may say the stream is not ready + * but still decrement *piNumReady. This can happen when (e.g. with TLS) the low + * level driver requires some IO which is hidden from the upper layer point of view. + * rgerhards, 2008-04-23 + */ +static rsRetVal +IsReady(nssel_t *pThis, netstrm_t *pStrm, int *pbIsReady, int *piNumReady) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, nssel); + ISOBJ_TYPE_assert(pStrm, netstrm); + assert(pbIsReady != NULL); + assert(piNumReady != NULL); + RETiRet; +} + + +/* queryInterface function */ +BEGINobjQueryInterface(nssel) +CODESTARTobjQueryInterface(nssel) + if(pIf->ifVersion != nsselCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + pIf->Construct = nsselConstruct; + pIf->ConstructFinalize = ConstructFinalize; + pIf->Destruct = nsselDestruct; + pIf->Add = Add; + pIf->Wait = Wait; + pIf->IsReady = IsReady; +finalize_it: +ENDobjQueryInterface(nssel) + + +/* exit our class + */ +BEGINObjClassExit(nssel, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(nssel) + /* release objects we no longer need */ + objRelease(glbl, CORE_COMPONENT); +ENDObjClassExit(nssel) + + +/* Initialize the nssel class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINObjClassInit(nssel, 1, OBJ_IS_CORE_MODULE) /* class, version */ + /* request objects we use */ + CHKiRet(objUse(glbl, CORE_COMPONENT)); + + /* set our own handlers */ +ENDObjClassInit(nssel) + + +/* --------------- here now comes the plumbing that makes us a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + nsselClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(nsselClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/nssel.h b/runtime/nssel.h new file mode 100644 index 00000000..16919b1f --- /dev/null +++ b/runtime/nssel.h @@ -0,0 +1,55 @@ +/* Definitions for the nssel IO waiter. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NSSEL_H +#define INCLUDED_NSSEL_H + +#include "nsd.h" + +/* the nssel object */ +struct nssel_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + nsd_t *pDrvrData; /**< the driver's data elements */ + uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ + nsdsel_if_t Drvr; /**< our stream driver */ +}; + + +/* interface */ +BEGINinterface(nssel) /* name must also be changed in ENDinterface macro! */ + rsRetVal (*Construct)(nssel_t **ppThis); + rsRetVal (*ConstructFinalize)(nssel_t *pThis); + rsRetVal (*Destruct)(nssel_t **ppThis); + rsRetVal (*Add)(nssel_t *pThis, netstrm_t *pStrm); + rsRetVal (*Wait)(nssel_t *pThis, int *pNumReady); + rsRetVal (*IsReady)(nssel_t *pThis, netstrm_t *pStrm, int *pbIsReady, int *pNumRead); +ENDinterface(nssel) +#define nsselCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ + +/* prototypes */ +PROTOTYPEObj(nssel); + +/* the name of our library binary */ +#define LM_NSSEL_FILENAME "lmnssel" + +#endif /* #ifndef INCLUDED_NSSEL_H */ diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index f7824006..4f62ca3c 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -65,8 +65,12 @@ typedef struct obj_s obj_t; typedef struct filed selector_t;/* TODO: this so far resides in syslogd.c, think about modularization */ typedef struct NetAddr netAddr_t; typedef struct netstrm_s netstrm_t; +typedef struct nssel_s nssel_t; +typedef enum nsdsel_waitOp_e nsdsel_waitOp_t; typedef struct nsd_ptcp_s nsd_ptcp_t; +typedef struct nsdsel_ptcp_s nsdsel_ptcp_t; typedef obj_t nsd_t; +typedef obj_t nsdsel_t; typedef struct msg msg_t; typedef struct interface_s interface_t; typedef struct objInfo_s objInfo_t; @@ -206,6 +210,7 @@ enum rsRetVal_ /** return value. All methods return this if not specified oth RS_RET_INVALID_HNAME = -2075, /**< remote peer's hostname invalid or unobtainable */ RS_RET_INVALID_PORT = -2076, /**< invalid port value */ RS_RET_COULD_NOT_BIND = -2077, /**< could not bind socket, defunct */ + RS_RET_MAX_SESS_REACHED = -2078, /**< max nbr of sessions reached, can not create more */ /* RainerScript error messages (range 1000.. 1999) */ RS_RET_SYSVAR_NOT_FOUND = 1001, /**< system variable could not be found (maybe misspelled) */ -- cgit v1.2.3 From 1892fc75f9fad0b0741b4a3eb1fc382f900b2301 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 23 Apr 2008 15:07:19 +0200 Subject: added new netstrms class netstrms is at the top layer of the socket abstraction --- runtime/Makefile.am | 10 ++- runtime/netstrm.c | 88 ++++----------------- runtime/netstrm.h | 28 ++----- runtime/netstrms.c | 206 ++++++++++++++++++++++++++++++++++++++++++++++++++ runtime/netstrms.h | 52 +++++++++++++ runtime/nsd.h | 2 +- runtime/nsdsel_ptcp.c | 17 ++++- runtime/nssel.c | 15 ++-- runtime/nssel.h | 4 +- runtime/rsyslog.h | 2 + 10 files changed, 316 insertions(+), 108 deletions(-) create mode 100644 runtime/netstrms.c create mode 100644 runtime/netstrms.h (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 61ede1d7..7cb1b9bb 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -81,7 +81,7 @@ lmregexp_la_LIBADD = endif if ENABLE_INET -pkglib_LTLIBRARIES += lmnet.la lmnetstrm.la lmnssel.la +pkglib_LTLIBRARIES += lmnet.la lmnetstrms.la lmnetstrm.la lmnssel.la # # network support # @@ -90,7 +90,13 @@ lmnet_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnet_la_LDFLAGS = -module -avoid-version lmnet_la_LIBADD = -# network streams +# network stream master class and stream factory +lmnetstrms_la_SOURCES = netstrms.c netstrms.h +lmnetstrms_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnetstrms_la_LDFLAGS = -module -avoid-version +lmnetstrms_la_LIBADD = + +# individual network streams lmnetstrm_la_SOURCES = netstrm.c netstrm.h lmnetstrm_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) lmnetstrm_la_LDFLAGS = -module -avoid-version diff --git a/runtime/netstrm.c b/runtime/netstrm.c index bdd2636c..f0bdab78 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -38,29 +38,16 @@ * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. */ #include "config.h" - -#include "rsyslog.h" -#include -#include #include #include -#include #include -#include -#include -#include -#include -#include -#include - -#include "syslogd-types.h" + +#include "rsyslog.h" #include "module-template.h" -#include "parse.h" -#include "srUtils.h" #include "obj.h" #include "errmsg.h" -#include "net.h" -#include "nsd.h" +//#include "nsd.h" +#include "netstrms.h" #include "netstrm.h" MODULE_TYPE_LIB @@ -68,37 +55,7 @@ MODULE_TYPE_LIB /* static data */ DEFobjStaticHelpers DEFobjCurrIf(errmsg) -DEFobjCurrIf(glbl) -DEFobjCurrIf(net) - - -/* load our low-level driver. This must be done before any - * driver-specific functions (allmost all...) can be carried - * out. Note that the driver's .ifIsLoaded is correctly - * initialized by calloc() and we depend on that. - * rgerhards, 2008-04-18 - */ -static rsRetVal -loadDrvr(netstrm_t *pThis) -{ - uchar *pDrvrName; - DEFiRet; - - pDrvrName = pThis->pDrvrName; - if(pDrvrName == NULL) /* if no drvr name is set, use system default */ - pDrvrName = glbl.GetDfltNetstrmDrvr(); - - pThis->Drvr.ifVersion = nsdCURR_IF_VERSION; - /* The pDrvrName+2 below is a hack to obtain the object name. It - * safes us to have yet another variable with the name without "lm" in - * front of it. If we change the module load interface, we may re-think - * about this hack, but for the time being it is efficient and clean - * enough. -- rgerhards, 2008-04-18 - */ - CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); -finalize_it: - RETiRet; -} +DEFobjCurrIf(netstrms) /* Standard-Constructor */ @@ -120,7 +77,6 @@ netstrmConstructFinalize(netstrm_t *pThis) { DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); - CHKiRet(loadDrvr(pThis)); CHKiRet(pThis->Drvr.Construct(&pThis->pDrvrData)); finalize_it: RETiRet; @@ -152,40 +108,27 @@ AbortDestruct(netstrm_t **ppThis) * rgerhards, 2008-04-21 */ static rsRetVal -AcceptConnReq(netstrm_t *pThis, nsd_t *pReqNsd, netstrm_t **ppNew) +AcceptConnReq(netstrm_t *pThis, netstrm_t **ppNew) { - netstrm_t *pNew = NULL; nsd_t *pNewNsd = NULL; DEFiRet; ISOBJ_TYPE_assert(pThis, netstrm); - assert(pReqNsd != NULL); assert(ppNew != NULL); /* accept the new connection */ - CHKiRet(pThis->Drvr.AcceptConnReq(pReqNsd, &pNewNsd)); - + CHKiRet(pThis->Drvr.AcceptConnReq(pThis->pDrvrData, &pNewNsd)); /* construct our object so that we can use it... */ - CHKiRet(netstrmConstruct(&pNew)); - - pNew->pDrvrData = pNewNsd; - if(pThis->pDrvrName == NULL) { - pNew->pDrvrName = NULL; - } else { - CHKmalloc(pNew->pDrvrName = (uchar*) strdup((char*)pThis->pDrvrName)); - } - CHKiRet(loadDrvr(pNew)); - - *ppNew = pNew; + CHKiRet(netstrms.CreateStrm(pThis->pNS, ppNew)); + (*ppNew)->pDrvrData = pNewNsd; finalize_it: if(iRet != RS_RET_OK) { - if(pNew != NULL) - netstrmDestruct(&pNew); /* the close may be redundant, but that doesn't hurt... */ if(pNewNsd != NULL) pThis->Drvr.Destruct(&pNewNsd); } + RETiRet; } @@ -197,12 +140,11 @@ finalize_it: * rgerhards, 2008-04-22 */ static rsRetVal -LstnInit(netstrm_t *pThis, uchar *pLstnPort, uchar *pLstnIP, int iSessMax) +LstnInit(void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { DEFiRet; - ISOBJ_TYPE_assert(pThis, netstrm); assert(pLstnPort != NULL); - CHKiRet(pThis->Drvr.LstnInit(&pThis->parrLstn, &pThis->isizeLstnArr, pLstnPort, pLstnIP, iSessMax)); + //CHKiRet(pThis->Drvr.LstnInit(pUsr, fAddLstn, pLstnPort, pLstnIP, iSessMax)); finalize_it: RETiRet; @@ -290,9 +232,8 @@ ENDobjQueryInterface(netstrm) BEGINObjClassExit(netstrm, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ CODESTARTObjClassExit(netstrm) /* release objects we no longer need */ - objRelease(net, CORE_COMPONENT); - objRelease(glbl, CORE_COMPONENT); objRelease(errmsg, CORE_COMPONENT); + objRelease(netstrms, LM_NETSTRMS_FILENAME); ENDObjClassExit(netstrm) @@ -303,8 +244,7 @@ ENDObjClassExit(netstrm) BEGINAbstractObjClassInit(netstrm, 1, OBJ_IS_CORE_MODULE) /* class, version */ /* request objects we use */ CHKiRet(objUse(errmsg, CORE_COMPONENT)); - CHKiRet(objUse(glbl, CORE_COMPONENT)); - CHKiRet(objUse(net, CORE_COMPONENT)); + CHKiRet(objUse(netstrms, LM_NETSTRMS_FILENAME)); /* set our own handlers */ ENDObjClassInit(netstrm) diff --git a/runtime/netstrm.h b/runtime/netstrm.h index a3719f93..b87228d2 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -29,34 +29,18 @@ /* the netstrm object */ struct netstrm_s { BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ - nsd_t *pDrvrData; /**< the driver's data elements */ + nsd_t *pDrvrData; /**< the driver's data elements (at most other places, this is called pNsd) */ uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ nsd_if_t Drvr; /**< our stream driver */ + netstrms_t *pNS; /**< pointer to our netstream subsystem object */ /* for listeners, we need to have the capablity to listen on multiple "sockets". This * is needed to support IPv6. We do this by specifying an array of nsd_t objects to * handle this case. */ - int isizeLstnArr; - nsd_t **parrLstn; + //int isizeLstnArr; + //nsd_t **parrLstn; }; -/* a helper object enabling us to wait on a set of streams to become - * ready for IO - this is modelled after select(). We need this, because - * stream drivers may have different concepts. Consequently, - * the structure must contain nsd_t's from the same stream driver type - * only. This is implemented as a singly-linked list where every - * new element is added at the top of the list. -- rgerhards, 2008-04-22 - */ -typedef struct netstrm_iowaiter_s netstrm_iowaiter_t; -struct netstrm_iowaiter_s { - netstrm_iowaiter_t *pNext; - nsd_t *pNsd; - enum { - NETSTRM_IOWAIT_RD = 1, - NETSTRM_IOWAIT_WR = 2, - NETSTRM_IOWAIT_RDWR = 3 - } waitOp; /**< the operation we wait for */ -}; /* interface */ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ @@ -64,8 +48,8 @@ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ rsRetVal (*ConstructFinalize)(netstrm_t *pThis); rsRetVal (*Destruct)(netstrm_t **ppThis); rsRetVal (*AbortDestruct)(netstrm_t **ppThis); - rsRetVal (*LstnInit)(netstrm_t *pThis, uchar *pLstnPort, uchar *pLstnIP, int iSessMax); - rsRetVal (*AcceptConnReq)(netstrm_t *pThis, nsd_t *pReqNsd, netstrm_t **ppNew); + rsRetVal (*LstnInit)(void *pUsr, rsRetVal(*)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax); + rsRetVal (*AcceptConnReq)(netstrm_t *pThis, netstrm_t **ppNew); rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(netstrm_t *pThis, int family, unsigned char *port, unsigned char *host); diff --git a/runtime/netstrms.c b/runtime/netstrms.c new file mode 100644 index 00000000..d0e11441 --- /dev/null +++ b/runtime/netstrms.c @@ -0,0 +1,206 @@ +/* netstrms.c + * + * Work on this module begung 2008-04-23 by Rainer Gerhards. + * + * Copyright 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +//#include +#include +#include +#include +//#include + +#include "rsyslog.h" +//#include "syslogd-types.h" +#include "module-template.h" +#include "obj.h" +//#include "errmsg.h" +//#include "net.h" +#include "nsd.h" +#include "netstrm.h" +#include "netstrms.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +//DEFobjCurrIf(errmsg) +DEFobjCurrIf(glbl) +DEFobjCurrIf(netstrm) +//DEFobjCurrIf(net) + + +/* load our low-level driver. This must be done before any + * driver-specific functions (allmost all...) can be carried + * out. Note that the driver's .ifIsLoaded is correctly + * initialized by calloc() and we depend on that. + * rgerhards, 2008-04-18 + */ +static rsRetVal +loadDrvr(netstrms_t *pThis) +{ + uchar *pDrvrName; + DEFiRet; + + pDrvrName = pThis->pDrvrName; + if(pDrvrName == NULL) /* if no drvr name is set, use system default */ + pDrvrName = glbl.GetDfltNetstrmDrvr(); + + pThis->Drvr.ifVersion = nsdCURR_IF_VERSION; + /* The pDrvrName+2 below is a hack to obtain the object name. It + * safes us to have yet another variable with the name without "lm" in + * front of it. If we change the module load interface, we may re-think + * about this hack, but for the time being it is efficient and clean + * enough. -- rgerhards, 2008-04-18 + */ + CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); +finalize_it: + RETiRet; +} + + +/* Standard-Constructor */ +BEGINobjConstruct(netstrms) /* be sure to specify the object type also in END macro! */ +ENDobjConstruct(netstrms) + + +/* destructor for the netstrms object */ +BEGINobjDestruct(netstrms) /* be sure to specify the object type also in END and CODESTART macros! */ +CODESTARTobjDestruct(netstrms) + if(pThis->pDrvrName != NULL) + free(pThis->pDrvrName); +ENDobjDestruct(netstrms) + + +/* ConstructionFinalizer */ +static rsRetVal +netstrmsConstructFinalize(netstrms_t *pThis) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrms); + CHKiRet(loadDrvr(pThis)); +finalize_it: + RETiRet; +} + + +/* create an instance of a netstrm object. It is initialized with default + * values. The current driver is used. The caller may set netstrm properties + * and must call ConstructFinalize(). + */ +static rsRetVal +CreateStrm(netstrms_t *pThis, netstrm_t **ppStrm) +{ + netstrm_t *pStrm = NULL; + DEFiRet; + + CHKiRet(netstrm.Construct(&pStrm)); + /* we copy over our driver structure. We could provide a pointer to + * ourselves, but that costs some performance on each driver invocation. + * As we already have hefty indirection (and thus performance toll), I + * prefer to copy over the function pointers here. -- rgerhards, 2008-04-23 + */ + memcpy(&pStrm->Drvr, &pThis->Drvr, sizeof(pThis->Drvr)); + pStrm->pNS = pThis; + + *ppStrm = pStrm; + +finalize_it: + if(iRet != RS_RET_OK) { + if(pStrm != NULL) + netstrm.Destruct(&pStrm); + } + RETiRet; +} + + +/* queryInterface function */ +BEGINobjQueryInterface(netstrms) +CODESTARTobjQueryInterface(netstrms) + if(pIf->ifVersion != netstrmsCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + pIf->Construct = netstrmsConstruct; + pIf->ConstructFinalize = netstrmsConstructFinalize; + pIf->Destruct = netstrmsDestruct; + pIf->CreateStrm = CreateStrm; +finalize_it: +ENDobjQueryInterface(netstrms) + + +/* exit our class */ +BEGINObjClassExit(netstrms, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(netstrms) + /* release objects we no longer need */ + //objRelease(net, CORE_COMPONENT); + objRelease(glbl, CORE_COMPONENT); + objRelease(netstrm, LM_NETSTRM_FILENAME); + //objRelease(errmsg, CORE_COMPONENT); +ENDObjClassExit(netstrms) + + +/* Initialize the netstrms class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINAbstractObjClassInit(netstrms, 1, OBJ_IS_CORE_MODULE) /* class, version */ + /* request objects we use */ + //CHKiRet(objUse(errmsg, CORE_COMPONENT)); + CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(netstrm, LM_NETSTRM_FILENAME)); + //CHKiRet(objUse(net, CORE_COMPONENT)); + + /* set our own handlers */ +ENDObjClassInit(netstrms) + + +/* --------------- here now comes the plumbing that makes as a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + netstrmsClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(netstrmsClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/netstrms.h b/runtime/netstrms.h new file mode 100644 index 00000000..1e920304 --- /dev/null +++ b/runtime/netstrms.h @@ -0,0 +1,52 @@ +/* Definitions for the stream-based netstrmsworking class. + * + * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NETSTRMS_H +#define INCLUDED_NETSTRMS_H + +#include "nsd.h" /* we need our driver interface to be defined */ + +/* the netstrms object */ +struct netstrms_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ + nsd_if_t Drvr; /**< our stream driver */ +}; + + +/* interface */ +BEGINinterface(netstrms) /* name must also be changed in ENDinterface macro! */ + rsRetVal (*Construct)(netstrms_t **ppThis); + rsRetVal (*ConstructFinalize)(netstrms_t *pThis); + rsRetVal (*Destruct)(netstrms_t **ppThis); + rsRetVal (*CreateStrm)(netstrms_t *pThis, netstrm_t **ppStrm); +ENDinterface(netstrms) +#define netstrmsCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ + +/* prototypes */ +PROTOTYPEObj(netstrms); + +/* the name of our library binary */ +#define LM_NETSTRMS_FILENAME "lmnetstrms" + +#endif /* #ifndef INCLUDED_NETSTRMS_H */ diff --git a/runtime/nsd.h b/runtime/nsd.h index 2fb883ac..db61780f 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -57,7 +57,7 @@ BEGINinterface(nsdsel) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Destruct)(nsdsel_t **ppThis); rsRetVal (*Add)(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp); rsRetVal (*Select)(nsdsel_t *pNsdsel, int *piNumReady); - rsRetVal (*IsReady)(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp); + rsRetVal (*IsReady)(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp, int *pbIsReady); ENDinterface(nsdsel) #define nsdselCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsdsel_ptcp.c b/runtime/nsdsel_ptcp.c index 67f3c62a..c5864809 100644 --- a/runtime/nsdsel_ptcp.c +++ b/runtime/nsdsel_ptcp.c @@ -131,7 +131,7 @@ Select(nsdsel_t *pNsdsel, int *piNumReady) /* check if a socket is ready for IO */ static rsRetVal -IsReady(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) +IsReady(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp, int *pbIsReady) { DEFiRet; nsdsel_ptcp_t *pThis = (nsdsel_ptcp_t*) pNsdsel; @@ -139,6 +139,21 @@ IsReady(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) ISOBJ_TYPE_assert(pThis, nsdsel_ptcp); ISOBJ_TYPE_assert(pSock, nsd_ptcp); + assert(pbIsReady != NULL); + + switch(waitOp) { + case NSDSEL_RD: + *pbIsReady = FD_ISSET(pSock->sock, &pThis->readfds); + break; + case NSDSEL_WR: + *pbIsReady = FD_ISSET(pSock->sock, &pThis->writefds); + break; + case NSDSEL_RDWR: + *pbIsReady = FD_ISSET(pSock->sock, &pThis->readfds) + | FD_ISSET(pSock->sock, &pThis->writefds); + break; + } + RETiRet; } diff --git a/runtime/nssel.c b/runtime/nssel.c index f2844872..0cbda9b9 100644 --- a/runtime/nssel.c +++ b/runtime/nssel.c @@ -41,6 +41,7 @@ #include "rsyslog.h" #include "obj.h" #include "module-template.h" +#include "netstrm.h" #include "nssel.h" MODULE_TYPE_LIB @@ -103,18 +104,19 @@ finalize_it: } -/* Add a stream object to the current IOW. Note that a single stream may - * have multiple "sockets" if it is a listener. If so, all of them are - * begin added. +/* Add a stream object to the current select() set. + * Note that a single stream may have multiple "sockets" if + * it is a listener. If so, all of them are begin added. */ static rsRetVal -Add(nssel_t *pThis, netstrm_t *pStrm) +Add(nssel_t *pThis, netstrm_t *pStrm, nsdsel_waitOp_t waitOp) { DEFiRet; ISOBJ_TYPE_assert(pThis, nssel); ISOBJ_TYPE_assert(pStrm, netstrm); - + + CHKiRet(pThis->Drvr.Add(pThis->pDrvrData, pStrm->pDrvrData, waitOp)); finalize_it: RETiRet; @@ -131,6 +133,7 @@ Wait(nssel_t *pThis, int *piNumReady) DEFiRet; ISOBJ_TYPE_assert(pThis, nssel); assert(piNumReady != NULL); + iRet = pThis->Drvr.Select(pThis->pDrvrData, piNumReady); RETiRet; } @@ -142,7 +145,7 @@ Wait(nssel_t *pThis, int *piNumReady) * rgerhards, 2008-04-23 */ static rsRetVal -IsReady(nssel_t *pThis, netstrm_t *pStrm, int *pbIsReady, int *piNumReady) +IsReady(nssel_t *pThis, netstrm_t *pStrm, nsdsel_waitOp_t waitOp, int *pbIsReady, int *piNumReady) { DEFiRet; ISOBJ_TYPE_assert(pThis, nssel); diff --git a/runtime/nssel.h b/runtime/nssel.h index 16919b1f..2f907caa 100644 --- a/runtime/nssel.h +++ b/runtime/nssel.h @@ -40,9 +40,9 @@ BEGINinterface(nssel) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Construct)(nssel_t **ppThis); rsRetVal (*ConstructFinalize)(nssel_t *pThis); rsRetVal (*Destruct)(nssel_t **ppThis); - rsRetVal (*Add)(nssel_t *pThis, netstrm_t *pStrm); + rsRetVal (*Add)(nssel_t *pThis, netstrm_t *pStrm, nsdsel_waitOp_t waitOp); rsRetVal (*Wait)(nssel_t *pThis, int *pNumReady); - rsRetVal (*IsReady)(nssel_t *pThis, netstrm_t *pStrm, int *pbIsReady, int *pNumRead); + rsRetVal (*IsReady)(nssel_t *pThis, netstrm_t *pStrm, nsdsel_waitOp_t waitOp, int *pbIsReady, int *piNumReady); ENDinterface(nssel) #define nsselCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 4f62ca3c..6bffae4b 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -64,6 +64,7 @@ typedef struct thrdInfo thrdInfo_t; typedef struct obj_s obj_t; typedef struct filed selector_t;/* TODO: this so far resides in syslogd.c, think about modularization */ typedef struct NetAddr netAddr_t; +typedef struct netstrms_s netstrms_t; typedef struct netstrm_s netstrm_t; typedef struct nssel_s nssel_t; typedef enum nsdsel_waitOp_e nsdsel_waitOp_t; @@ -76,6 +77,7 @@ typedef struct interface_s interface_t; typedef struct objInfo_s objInfo_t; typedef enum rsRetVal_ rsRetVal; /**< friendly type for global return value */ typedef rsRetVal (*errLogFunc_t)(uchar*); /* this is a trick to store a function ptr to a function returning a function ptr... */ +typedef struct tcpsrv_s tcpsrv_t; /* some universal 64 bit define... */ typedef long long int64; -- cgit v1.2.3 From 50fe2ec2ea275b7ed38c7942736fbb2aae727056 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 23 Apr 2008 16:31:35 +0200 Subject: removed listener array from inidividual netstrm (mostly finished) --- runtime/netstrm.c | 9 ++++++-- runtime/netstrm.h | 3 ++- runtime/nsd.h | 3 ++- runtime/nsd_ptcp.c | 60 +++++++++++++++++++++++++++++++++--------------------- runtime/rsyslog.h | 1 + 5 files changed, 49 insertions(+), 27 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index f0bdab78..c8335fa4 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -140,11 +140,16 @@ finalize_it: * rgerhards, 2008-04-22 */ static rsRetVal -LstnInit(void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax) +LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), + uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { DEFiRet; + + ISOBJ_TYPE_assert(pNS, netstrms); + assert(fAddLstn != NULL); assert(pLstnPort != NULL); - //CHKiRet(pThis->Drvr.LstnInit(pUsr, fAddLstn, pLstnPort, pLstnIP, iSessMax)); + + CHKiRet(pNS->Drvr.LstnInit(pNS, pUsr, fAddLstn, pLstnPort, pLstnIP, iSessMax)); finalize_it: RETiRet; diff --git a/runtime/netstrm.h b/runtime/netstrm.h index b87228d2..33d166ea 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -48,7 +48,8 @@ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ rsRetVal (*ConstructFinalize)(netstrm_t *pThis); rsRetVal (*Destruct)(netstrm_t **ppThis); rsRetVal (*AbortDestruct)(netstrm_t **ppThis); - rsRetVal (*LstnInit)(void *pUsr, rsRetVal(*)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax); + rsRetVal (*LstnInit)(netstrms_t *pNS, void *pUsr, rsRetVal(*)(void*,netstrm_t*), + uchar *pLstnPort, uchar *pLstnIP, int iSessMax); rsRetVal (*AcceptConnReq)(netstrm_t *pThis, netstrm_t **ppNew); rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf); diff --git a/runtime/nsd.h b/runtime/nsd.h index db61780f..c32e284e 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -46,7 +46,8 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Rcv)(nsd_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(nsd_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(nsd_t *pThis, int family, unsigned char *port, unsigned char *host); - rsRetVal (*LstnInit)(nsd_t ***parrLstn, int *pLstnArrSize, uchar *pLstnPort, uchar *pLstnIP, int iSessMax); + rsRetVal (*LstnInit)(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), + uchar *pLstnPort, uchar *pLstnIP, int iSessMax); rsRetVal (*AcceptConnReq)(nsd_t *pThis, nsd_t **ppThis); ENDinterface(nsd) #define nsdCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index c737c168..40b11ad4 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -45,6 +45,8 @@ #include "obj.h" #include "errmsg.h" #include "net.h" +#include "netstrms.h" +#include "netstrm.h" #include "nsd_ptcp.h" MODULE_TYPE_LIB @@ -54,6 +56,8 @@ DEFobjStaticHelpers DEFobjCurrIf(errmsg) DEFobjCurrIf(glbl) DEFobjCurrIf(net) +DEFobjCurrIf(netstrms) +DEFobjCurrIf(netstrm) /* a few deinit helpers */ @@ -243,24 +247,29 @@ finalize_it: } -/* initialize tcp sockets for a listner. This function returns an array of nds_t - * objects. The size of this array is returend in pLstnArrSize. +/* initialize tcp sockets for a listner. The initialized sockets are passed to the + * app-level caller via a callback. * pLstnPort must point to a port name or number. NULL is NOT permitted. pLstnIP * points to the port to listen to (NULL means "all"), iMaxSess has the maximum * number of sessions permitted. * rgerhards, 2008-04-22 */ static rsRetVal -LstnInit(nsd_t ***parrLstnNsd, int *pLstnArrSize, uchar *pLstnPort, uchar *pLstnIP, int iSessMax) +LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), + uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { DEFiRet; - struct addrinfo hints, *res = NULL, *r; nsd_ptcp_t **arrLstn = NULL; + netstrm_t *pNewStrm = NULL; + nsd_t *pNewNsd = NULL; int error, maxs, on = 1; int sock; + int numSocks; int sockflags; + struct addrinfo hints, *res = NULL, *r; - assert(parrLstnNsd != NULL); + ISOBJ_TYPE_assert(pNS, netstrms); + assert(fAddLstn != NULL); assert(pLstnPort != NULL); assert(iSessMax >= 0); @@ -282,7 +291,7 @@ LstnInit(nsd_t ***parrLstnNsd, int *pLstnArrSize, uchar *pLstnPort, uchar *pLstn /* EMPTY */; CHKmalloc(arrLstn = (nsd_ptcp_t**) malloc((maxs+1) * sizeof(nsd_ptcp_t*))); - *pLstnArrSize = 0; /* num of sockets counter at start of array */ + numSocks = 0; /* num of sockets counter at start of array */ for(r = res; r != NULL ; r = r->ai_next) { sock = socket(r->ai_family, r->ai_socktype, r->ai_protocol); if(sock < 0) { @@ -366,38 +375,39 @@ LstnInit(nsd_t ***parrLstnNsd, int *pLstnArrSize, uchar *pLstnPort, uchar *pLstn } } - /* if we reach this point, we were able to obtain a valid socket, which we - * now can save to the array of listen sockets. -- rgerhards, 2008-04-22 + /* if we reach this point, we were able to obtain a valid socket, so we can + * construct a new netstrm obj and hand it over to the upper layers for inclusion + * into their socket array. -- rgerhards, 2008-04-23 */ - CHKiRet(nsd_ptcpConstruct(arrLstn+*pLstnArrSize)); - arrLstn[*pLstnArrSize]->sock = sock; - ++(*pLstnArrSize); + CHKiRet(pNS->Drvr.Construct(&pNewNsd)); + ((nsd_ptcp_t*)pNewNsd)->sock = sock; + CHKiRet(netstrms.CreateStrm(pNS, &pNewStrm)); + pNewStrm->pDrvrData = (nsd_t*) pNewNsd; + CHKiRet(fAddLstn(pUsr, pNewStrm)); + pNewNsd = NULL; + pNewStrm = NULL; } if(res != NULL) freeaddrinfo(res); - if(*pLstnArrSize != maxs) + if(numSocks != maxs) dbgprintf("We could initialize %d TCP listen sockets out of %d we received " - "- this may or may not be an error indication.\n", *pLstnArrSize, maxs); + "- this may or may not be an error indication.\n", numSocks, maxs); - if(*pLstnArrSize == 0) { - dbgprintf("No TCP listen sockets could successfully be initialized, " - "message reception disabled.\n"); + if(numSocks == 0) { + dbgprintf("No TCP listen sockets could successfully be initialized"); ABORT_FINALIZE(RS_RET_COULD_NOT_BIND); } - *parrLstnNsd = (nsd_t**) arrLstn; - arrLstn = NULL; /* prevent from being freed in error handler */ - finalize_it: if(iRet != RS_RET_OK) { if(res != NULL) freeaddrinfo(res); - if(arrLstn != NULL) { - for(maxs = 0 ; maxs < *pLstnArrSize ; ++maxs) - nsd_ptcpDestruct(arrLstn+*pLstnArrSize); - } + if(pNewStrm != NULL) + netstrm.Destruct(&pNewStrm); + if(pNewNsd != NULL) + pNS->Drvr.Destruct(&pNewNsd); } RETiRet; @@ -537,6 +547,8 @@ CODESTARTObjClassExit(nsd_ptcp) objRelease(net, CORE_COMPONENT); objRelease(glbl, CORE_COMPONENT); objRelease(errmsg, CORE_COMPONENT); + objRelease(netstrm, LM_NETSTRM_FILENAME); + objRelease(netstrms, LM_NETSTRMS_FILENAME); ENDObjClassExit(nsd_ptcp) @@ -549,6 +561,8 @@ BEGINObjClassInit(nsd_ptcp, 1, OBJ_IS_LOADABLE_MODULE) /* class, version */ CHKiRet(objUse(errmsg, CORE_COMPONENT)); CHKiRet(objUse(glbl, CORE_COMPONENT)); CHKiRet(objUse(net, CORE_COMPONENT)); + CHKiRet(objUse(netstrm, LM_NETSTRM_FILENAME)); + CHKiRet(objUse(netstrms, LM_NETSTRMS_FILENAME)); /* set our own handlers */ ENDObjClassInit(nsd_ptcp) diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 6bffae4b..6cd9d94d 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -213,6 +213,7 @@ enum rsRetVal_ /** return value. All methods return this if not specified oth RS_RET_INVALID_PORT = -2076, /**< invalid port value */ RS_RET_COULD_NOT_BIND = -2077, /**< could not bind socket, defunct */ RS_RET_MAX_SESS_REACHED = -2078, /**< max nbr of sessions reached, can not create more */ + RS_RET_MAX_LSTN_REACHED = -2079, /**< max nbr of listeners reached, can not create more */ /* RainerScript error messages (range 1000.. 1999) */ RS_RET_SYSVAR_NOT_FOUND = 1001, /**< system variable could not be found (maybe misspelled) */ -- cgit v1.2.3 From 721b9ee252143d182c3c145380e5dbec8c3b0102 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 23 Apr 2008 17:48:13 +0200 Subject: client functionality works again (with the new socket abstraction) --- runtime/netstrm.c | 2 +- runtime/netstrms.c | 27 +++++++++++++++++++-------- 2 files changed, 20 insertions(+), 9 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index c8335fa4..83e91c2d 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -1,4 +1,4 @@ -/* netstrmstrm.c +/* netstrm.c * * This class implements a generic netstrmwork stream class. It supports * sending and receiving data streams over a netstrmwork. The class abstracts diff --git a/runtime/netstrms.c b/runtime/netstrms.c index d0e11441..46e740ab 100644 --- a/runtime/netstrms.c +++ b/runtime/netstrms.c @@ -23,15 +23,11 @@ * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. */ #include "config.h" - -//#include #include #include #include -//#include #include "rsyslog.h" -//#include "syslogd-types.h" #include "module-template.h" #include "obj.h" //#include "errmsg.h" @@ -104,6 +100,22 @@ finalize_it: } +/* load the netstrm interface, but only if needed (if we load it always, we get + * into a circular dependency, because netstrm also needs ourselfs in some cases + * rgerhards, 2008-04-23 + */ +static inline rsRetVal +loadNetstrm(void) +{ + DEFiRet; + if(!netstrm.ifIsLoaded) { + CHKiRet(objUse(netstrm, LM_NETSTRM_FILENAME)); + } +finalize_it: + RETiRet; +} + + /* create an instance of a netstrm object. It is initialized with default * values. The current driver is used. The caller may set netstrm properties * and must call ConstructFinalize(). @@ -114,6 +126,7 @@ CreateStrm(netstrms_t *pThis, netstrm_t **ppStrm) netstrm_t *pStrm = NULL; DEFiRet; + CHKiRet(loadNetstrm()); CHKiRet(netstrm.Construct(&pStrm)); /* we copy over our driver structure. We could provide a pointer to * ourselves, but that costs some performance on each driver invocation. @@ -160,8 +173,8 @@ CODESTARTObjClassExit(netstrms) /* release objects we no longer need */ //objRelease(net, CORE_COMPONENT); objRelease(glbl, CORE_COMPONENT); - objRelease(netstrm, LM_NETSTRM_FILENAME); - //objRelease(errmsg, CORE_COMPONENT); + if(netstrm.ifIsLoaded) + objRelease(netstrm, LM_NETSTRM_FILENAME); ENDObjClassExit(netstrms) @@ -171,9 +184,7 @@ ENDObjClassExit(netstrms) */ BEGINAbstractObjClassInit(netstrms, 1, OBJ_IS_CORE_MODULE) /* class, version */ /* request objects we use */ - //CHKiRet(objUse(errmsg, CORE_COMPONENT)); CHKiRet(objUse(glbl, CORE_COMPONENT)); - CHKiRet(objUse(netstrm, LM_NETSTRM_FILENAME)); //CHKiRet(objUse(net, CORE_COMPONENT)); /* set our own handlers */ -- cgit v1.2.3 From bf3d2c1b392af1383a3cdc247f2280fd31a12699 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Apr 2008 09:57:43 +0200 Subject: message reception via TCP work again ... at least in some cases ;) I assume there are still a couple of bugs inside the code. But at least we have something from where we can continue to work on. --- runtime/netstrm.c | 25 ++++++++++++++++++++++++ runtime/netstrm.h | 20 ++++++++----------- runtime/netstrms.c | 21 ++------------------ runtime/nsd.h | 2 ++ runtime/nsd_ptcp.c | 53 +++++++++++++++++++++++++++++++++++++++++++++------ runtime/nsdsel_ptcp.c | 9 --------- runtime/nssel.c | 4 +++- runtime/obj-types.h | 8 ++++++-- runtime/obj.c | 2 +- 9 files changed, 94 insertions(+), 50 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 83e91c2d..670899ef 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -117,6 +117,7 @@ AcceptConnReq(netstrm_t *pThis, netstrm_t **ppNew) assert(ppNew != NULL); /* accept the new connection */ +RUNLOG_VAR("%p", pThis->pDrvrData); CHKiRet(pThis->Drvr.AcceptConnReq(pThis->pDrvrData, &pNewNsd)); /* construct our object so that we can use it... */ CHKiRet(netstrms.CreateStrm(pThis->pNS, ppNew)); @@ -191,6 +192,28 @@ Send(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf) } +/* get remote hname - slim wrapper for NSD driver function */ +static rsRetVal +GetRemoteHName(netstrm_t *pThis, uchar **ppsz) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + iRet = pThis->Drvr.GetRemoteHName(pThis->pDrvrData, ppsz); + RETiRet; +} + + +/* get remote IP - slim wrapper for NSD driver function */ +static rsRetVal +GetRemoteIP(netstrm_t *pThis, uchar **ppsz) +{ + DEFiRet; + ISOBJ_TYPE_assert(pThis, netstrm); + iRet = pThis->Drvr.GetRemoteIP(pThis->pDrvrData, ppsz); + RETiRet; +} + + /* open a connection to a remote host (server). * rgerhards, 2008-03-19 */ @@ -228,6 +251,8 @@ CODESTARTobjQueryInterface(netstrm) pIf->Connect = Connect; pIf->LstnInit = LstnInit; pIf->AcceptConnReq = AcceptConnReq; + pIf->GetRemoteHName = GetRemoteHName; + pIf->GetRemoteIP = GetRemoteIP; finalize_it: ENDobjQueryInterface(netstrm) diff --git a/runtime/netstrm.h b/runtime/netstrm.h index 33d166ea..f4205f80 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -32,13 +32,7 @@ struct netstrm_s { nsd_t *pDrvrData; /**< the driver's data elements (at most other places, this is called pNsd) */ uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ nsd_if_t Drvr; /**< our stream driver */ - netstrms_t *pNS; /**< pointer to our netstream subsystem object */ - /* for listeners, we need to have the capablity to listen on multiple "sockets". This - * is needed to support IPv6. We do this by specifying an array of nsd_t objects to - * handle this case. - */ - //int isizeLstnArr; - //nsd_t **parrLstn; + netstrms_t *pNS; /**< pointer to our netstream subsystem object */ }; @@ -54,11 +48,13 @@ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(netstrm_t *pThis, int family, unsigned char *port, unsigned char *host); - rsRetVal (*SelectInit)(nsdsel_t **ppSel, netstrm_t *pThis); - rsRetVal (*SelectAdd)(nsdsel_t *pSel, netstrm_t *pThis); - rsRetVal (*SelectWait)(nsdsel_t *pSel, int *piNumReady); - rsRetVal (*SelectIsReady)(nsdsel_t *pSel, int *piNumReady); - rsRetVal (*SelectExit)(nsdsel_t **ppSel); + //rsRetVal (*SelectInit)(nsdsel_t **ppSel, netstrm_t *pThis); + //rsRetVal (*SelectAdd)(nsdsel_t *pSel, netstrm_t *pThis); + //rsRetVal (*SelectWait)(nsdsel_t *pSel, int *piNumReady); + //rsRetVal (*SelectIsReady)(nsdsel_t *pSel, int *piNumReady); + //rsRetVal (*SelectExit)(nsdsel_t **ppSel); + rsRetVal (*GetRemoteHName)(netstrm_t *pThis, uchar **pszName); + rsRetVal (*GetRemoteIP)(netstrm_t *pThis, uchar **pszIP); ENDinterface(netstrm) #define netstrmCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/netstrms.c b/runtime/netstrms.c index 46e740ab..661234e4 100644 --- a/runtime/netstrms.c +++ b/runtime/netstrms.c @@ -100,22 +100,6 @@ finalize_it: } -/* load the netstrm interface, but only if needed (if we load it always, we get - * into a circular dependency, because netstrm also needs ourselfs in some cases - * rgerhards, 2008-04-23 - */ -static inline rsRetVal -loadNetstrm(void) -{ - DEFiRet; - if(!netstrm.ifIsLoaded) { - CHKiRet(objUse(netstrm, LM_NETSTRM_FILENAME)); - } -finalize_it: - RETiRet; -} - - /* create an instance of a netstrm object. It is initialized with default * values. The current driver is used. The caller may set netstrm properties * and must call ConstructFinalize(). @@ -126,7 +110,7 @@ CreateStrm(netstrms_t *pThis, netstrm_t **ppStrm) netstrm_t *pStrm = NULL; DEFiRet; - CHKiRet(loadNetstrm()); + CHKiRet(objUse(netstrm, LM_NETSTRM_FILENAME)); CHKiRet(netstrm.Construct(&pStrm)); /* we copy over our driver structure. We could provide a pointer to * ourselves, but that costs some performance on each driver invocation. @@ -173,8 +157,7 @@ CODESTARTObjClassExit(netstrms) /* release objects we no longer need */ //objRelease(net, CORE_COMPONENT); objRelease(glbl, CORE_COMPONENT); - if(netstrm.ifIsLoaded) - objRelease(netstrm, LM_NETSTRM_FILENAME); + objRelease(netstrm, LM_NETSTRM_FILENAME); ENDObjClassExit(netstrms) diff --git a/runtime/nsd.h b/runtime/nsd.h index c32e284e..ff12ecb0 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -49,6 +49,8 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ rsRetVal (*LstnInit)(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax); rsRetVal (*AcceptConnReq)(nsd_t *pThis, nsd_t **ppThis); + rsRetVal (*GetRemoteHName)(nsd_t *pThis, uchar **pszName); + rsRetVal (*GetRemoteIP)(nsd_t *pThis, uchar **pszIP); ENDinterface(nsd) #define nsdCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 40b11ad4..8dbc80d9 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -207,7 +207,7 @@ AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew) DEFiRet; assert(ppNew != NULL); - ISOBJ_TYPE_assert(pThis, nsd_ptcp_t); + ISOBJ_TYPE_assert(pThis, nsd_ptcp); iNewSock = accept(pThis->sock, (struct sockaddr*) &addr, &addrlen); if(iNewSock < 0) { @@ -294,6 +294,7 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), numSocks = 0; /* num of sockets counter at start of array */ for(r = res; r != NULL ; r = r->ai_next) { sock = socket(r->ai_family, r->ai_socktype, r->ai_protocol); +RUNLOG_VAR("%d", sock); if(sock < 0) { if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) dbgprintf("error %d creating tcp listen socket", errno); @@ -386,11 +387,9 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), CHKiRet(fAddLstn(pUsr, pNewStrm)); pNewNsd = NULL; pNewStrm = NULL; + ++numSocks; } - if(res != NULL) - freeaddrinfo(res); - if(numSocks != maxs) dbgprintf("We could initialize %d TCP listen sockets out of %d we received " "- this may or may not be an error indication.\n", numSocks, maxs); @@ -401,9 +400,10 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), } finalize_it: + if(res != NULL) + freeaddrinfo(res); + if(iRet != RS_RET_OK) { - if(res != NULL) - freeaddrinfo(res); if(pNewStrm != NULL) netstrm.Destruct(&pNewStrm); if(pNewNsd != NULL) @@ -515,6 +515,45 @@ finalize_it: } +/* get the remote hostname. The returned hostname must be freed by the + * caller. + * rgerhards, 2008-04-24 + */ +static rsRetVal +GetRemoteHName(nsd_t *pNsd, uchar **ppszHName) +{ + DEFiRet; + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + assert(ppszHName != NULL); + + // TODO: how can the RemHost be empty? + CHKmalloc(*ppszHName = (uchar*)strdup(pThis->pRemHostName == NULL ? "" : (char*) pThis->pRemHostName)); + +finalize_it: + RETiRet; +} + + +/* get the remote host's IP address. The returned string must be freed by the + * caller. + * rgerhards, 2008-04-24 + */ +static rsRetVal +GetRemoteIP(nsd_t *pNsd, uchar **ppszIP) +{ + DEFiRet; + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + ISOBJ_TYPE_assert(pThis, nsd_ptcp); + assert(ppszIP != NULL); + + CHKmalloc(*ppszIP = (uchar*)strdup(pThis->pRemHostIP == NULL ? "" : (char*) pThis->pRemHostIP)); + +finalize_it: + RETiRet; +} + + /* queryInterface function */ BEGINobjQueryInterface(nsd_ptcp) CODESTARTobjQueryInterface(nsd_ptcp) @@ -535,6 +574,8 @@ CODESTARTobjQueryInterface(nsd_ptcp) pIf->LstnInit = LstnInit; pIf->AcceptConnReq = AcceptConnReq; pIf->Connect = Connect; + pIf->GetRemoteHName = GetRemoteHName; + pIf->GetRemoteIP = GetRemoteIP; finalize_it: ENDobjQueryInterface(nsd_ptcp) diff --git a/runtime/nsdsel_ptcp.c b/runtime/nsdsel_ptcp.c index c5864809..b439063a 100644 --- a/runtime/nsdsel_ptcp.c +++ b/runtime/nsdsel_ptcp.c @@ -24,19 +24,10 @@ */ #include "config.h" -#include "rsyslog.h" -#include -#include #include #include #include #include -#include -#include -#include -#include -#include -#include #include #include "rsyslog.h" diff --git a/runtime/nssel.c b/runtime/nssel.c index 0cbda9b9..c4f6691e 100644 --- a/runtime/nssel.c +++ b/runtime/nssel.c @@ -74,7 +74,8 @@ loadDrvr(nssel_t *pThis) * about this hack, but for the time being it is efficient and clean * enough. -- rgerhards, 2008-04-18 */ - CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); + //CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); + CHKiRet(obj.UseObj(__FILE__, "nsdsel_ptcp", "lmnsdsel_ptcp", (void*) &pThis->Drvr)); finalize_it: RETiRet; } @@ -152,6 +153,7 @@ IsReady(nssel_t *pThis, netstrm_t *pStrm, nsdsel_waitOp_t waitOp, int *pbIsReady ISOBJ_TYPE_assert(pStrm, netstrm); assert(pbIsReady != NULL); assert(piNumReady != NULL); + iRet = pThis->Drvr.IsReady(pThis->pDrvrData, pStrm->pDrvrData, waitOp, pbIsReady); RETiRet; } diff --git a/runtime/obj-types.h b/runtime/obj-types.h index acdc757d..2d0e0f14 100644 --- a/runtime/obj-types.h +++ b/runtime/obj-types.h @@ -106,8 +106,12 @@ struct obj_s { /* the dummy struct that each derived class can be casted to */ do { \ ASSERT(pObj != NULL); \ ASSERT((unsigned) ((obj_t*) (pObj))->iObjCooCKiE == (unsigned) 0xBADEFEE); \ - ASSERT(!strcmp((char*)(((obj_t*)pObj)->pObjInfo->pszID), #objType)); \ - } while(0); + if(strcmp((char*)(((obj_t*)pObj)->pObjInfo->pszID), #objType)) { \ + dbgprintf("ISOBJ assert failure: invalid object type, expected '%s' " \ + "actual '%s'\n", #objType, (((obj_t*)pObj)->pObjInfo->pszID)); \ + assert(0); /* trigger assertion, messge we already have */ \ + } \ + } while(0) #else /* non-debug mode, no checks but much faster */ # define BEGINobjInstance obj_t objData # define ISOBJ_TYPE_assert(pObj, objType) diff --git a/runtime/obj.c b/runtime/obj.c index 8ab606f9..18a4a726 100644 --- a/runtime/obj.c +++ b/runtime/obj.c @@ -1198,7 +1198,7 @@ ReleaseObj(char *srcFile, uchar *pObjName, uchar *pObjFile, interface_t *pIf) FINALIZE; /* if it is not a lodable module, we do not need to do anything... */ if(pIf->ifIsLoaded == 0) { - ABORT_FINALIZE(RS_RET_OK); /* we are already set */ /* TODO: flag an error? */ + ABORT_FINALIZE(RS_RET_OK); /* we are not loaded - this is perfectly OK... */ } if(pIf->ifIsLoaded == 2) { pIf->ifIsLoaded = 0; /* clean up */ -- cgit v1.2.3 From 0e19d501bbf4d96bc622436a161b57ff7445a657 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Apr 2008 10:54:51 +0200 Subject: fixed newly introduced memory leaks --- runtime/nsd_ptcp.c | 2 -- runtime/nssel.c | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'runtime') diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 8dbc80d9..8ab2ccf7 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -259,7 +259,6 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { DEFiRet; - nsd_ptcp_t **arrLstn = NULL; netstrm_t *pNewStrm = NULL; nsd_t *pNewNsd = NULL; int error, maxs, on = 1; @@ -289,7 +288,6 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), /* Count max number of sockets we may open */ for(maxs = 0, r = res; r != NULL ; r = r->ai_next, maxs++) /* EMPTY */; - CHKmalloc(arrLstn = (nsd_ptcp_t**) malloc((maxs+1) * sizeof(nsd_ptcp_t*))); numSocks = 0; /* num of sockets counter at start of array */ for(r = res; r != NULL ; r = r->ai_next) { diff --git a/runtime/nssel.c b/runtime/nssel.c index c4f6691e..7cb63e98 100644 --- a/runtime/nssel.c +++ b/runtime/nssel.c @@ -89,6 +89,8 @@ ENDobjConstruct(nssel) /* destructor for the nssel object */ BEGINobjDestruct(nssel) /* be sure to specify the object type also in END and CODESTART macros! */ CODESTARTobjDestruct(nssel) + if(pThis->pDrvrData != NULL) + pThis->Drvr.Destruct(&pThis->pDrvrData); ENDobjDestruct(nssel) -- cgit v1.2.3 From a7040a9623e228043209da897dbf30b9ab02d771 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Apr 2008 11:03:34 +0200 Subject: some cleanup --- runtime/netstrm.c | 1 - runtime/nsd_ptcp.c | 1 - 2 files changed, 2 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 670899ef..be754aae 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -117,7 +117,6 @@ AcceptConnReq(netstrm_t *pThis, netstrm_t **ppNew) assert(ppNew != NULL); /* accept the new connection */ -RUNLOG_VAR("%p", pThis->pDrvrData); CHKiRet(pThis->Drvr.AcceptConnReq(pThis->pDrvrData, &pNewNsd)); /* construct our object so that we can use it... */ CHKiRet(netstrms.CreateStrm(pThis->pNS, ppNew)); diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 8ab2ccf7..c5cba12b 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -292,7 +292,6 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), numSocks = 0; /* num of sockets counter at start of array */ for(r = res; r != NULL ; r = r->ai_next) { sock = socket(r->ai_family, r->ai_socktype, r->ai_protocol); -RUNLOG_VAR("%d", sock); if(sock < 0) { if(!(r->ai_family == PF_INET6 && errno == EAFNOSUPPORT)) dbgprintf("error %d creating tcp listen socket", errno); -- cgit v1.2.3 From af50a76c3f251c82ef9d21ecf9a2ca8877852906 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Apr 2008 17:59:43 +0200 Subject: made this compile with the new abstracted socket server calls undid some invalid changes during merge plus did a few wrappers. Compiles, but does not yet work. --- runtime/nsd.h | 5 +++++ runtime/nsd_gtls.c | 11 ++--------- runtime/nsd_ptcp.c | 1 + runtime/rsyslog.h | 3 --- 4 files changed, 8 insertions(+), 12 deletions(-) (limited to 'runtime') diff --git a/runtime/nsd.h b/runtime/nsd.h index d6fa9e0d..044cc266 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -50,6 +50,11 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ rsRetVal (*AcceptConnReq)(nsd_t *pThis, nsd_t **ppThis); rsRetVal (*GetRemoteHName)(nsd_t *pThis, uchar **pszName); rsRetVal (*GetRemoteIP)(nsd_t *pThis, uchar **pszIP); + rsRetVal (*GetSock)(nsd_t *pThis, int *pSock); + /* GetSock() returns an error if the driver does not use plain + * OS sockets. This interface is primarily meant as an internal aid for + * those drivers that utilize the nsd_ptcp to do some of their work. + */ ENDinterface(nsd) #define nsdCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index 648b843e..604e4bcb 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -174,18 +174,11 @@ Abort(nsd_t *pNsd) * gerhards, 2008-03-17 */ static rsRetVal -LstnInit(nsd_t *pNsd, uchar *pLstnPort) +LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), + uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { - nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; DEFiRet; - ISOBJ_TYPE_assert(pThis, nsd_gtls); - assert(pLstnPort != NULL); - - if(pThis->iMode == 0) { - CHKiRet(nsd_ptcp.LstnInit(pThis->pTcp, pLstnPort)); - } - finalize_it: RETiRet; } diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 2b77787e..584cc93f 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -586,6 +586,7 @@ CODESTARTobjQueryInterface(nsd_ptcp) pIf->Construct = (rsRetVal(*)(nsd_t**)) nsd_ptcpConstruct; pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_ptcpDestruct; pIf->Abort = Abort; + pIf->GetSock = GetSock; pIf->Rcv = Rcv; pIf->Send = Send; pIf->LstnInit = LstnInit; diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index f59c38bf..c20a61ea 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -69,13 +69,10 @@ typedef struct netstrm_s netstrm_t; typedef struct nssel_s nssel_t; typedef enum nsdsel_waitOp_e nsdsel_waitOp_t; typedef struct nsd_ptcp_s nsd_ptcp_t; -<<<<<<< HEAD:runtime/rsyslog.h typedef struct nsd_gtls_s nsd_gtls_t; typedef struct nsd_gsspi_s nsd_gsspi_t; typedef struct nsd_nss_s nsd_nss_t; -======= typedef struct nsdsel_ptcp_s nsdsel_ptcp_t; ->>>>>>> a7040a9623e228043209da897dbf30b9ab02d771:runtime/rsyslog.h typedef obj_t nsd_t; typedef obj_t nsdsel_t; typedef struct msg msg_t; -- cgit v1.2.3 From af30c9f8f2dba9b817c9c3b6c6f1b3e8264a8e0f Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Apr 2008 20:10:24 +0200 Subject: added select() driver for GnuTls --- runtime/Makefile.am | 7 +++ runtime/nsd_gtls.c | 22 ++----- runtime/nsdsel_gtls.c | 170 ++++++++++++++++++++++++++++++++++++++++++++++++++ runtime/nsdsel_gtls.h | 45 +++++++++++++ runtime/nsdsel_ptcp.h | 1 + runtime/rsyslog.h | 1 + 6 files changed, 229 insertions(+), 17 deletions(-) create mode 100644 runtime/nsdsel_gtls.c create mode 100644 runtime/nsdsel_gtls.h (limited to 'runtime') diff --git a/runtime/Makefile.am b/runtime/Makefile.am index 15efcbb8..dcb475d8 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -134,5 +134,12 @@ lmnsd_gtls_la_SOURCES = nsd_gtls.c nsd_gtls.h lmnsd_gtls_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) $(gnutls_cflags) lmnsd_gtls_la_LDFLAGS = -module -avoid-version lmnsd_gtls_la_LIBADD = $(gnutls_libs) +# +# select interface for gtls driver +pkglib_LTLIBRARIES += lmnsdsel_gtls.la +lmnsdsel_gtls_la_SOURCES = nsdsel_gtls.c nsdsel_gtls.h +lmnsdsel_gtls_la_CPPFLAGS = $(pthreads_cflags) $(rsrt_cflags) +lmnsdsel_gtls_la_LDFLAGS = -module -avoid-version +lmnsdsel_gtls_la_LIBADD = endif diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index 604e4bcb..d2606799 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -2,7 +2,7 @@ * * An implementation of the nsd interface for GnuTLS. * - * Copyright 2007, 2008 Rainer Gerhards and Adiscon GmbH. + * Copyright (C) 2007, 2008 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -23,27 +23,13 @@ * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. */ #include "config.h" - -#include "rsyslog.h" -#include -#include #include #include -#include -#include -#include -#include -#include -#include -#include -#include #include #include "rsyslog.h" #include "syslogd-types.h" #include "module-template.h" -#include "parse.h" -#include "srUtils.h" #include "obj.h" #include "errmsg.h" #include "nsd_ptcp.h" @@ -202,8 +188,11 @@ Rcv(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) if(pThis->iMode == 0) { CHKiRet(nsd_ptcp.Rcv(pThis->pTcp, pBuf, pLenBuf)); + FINALIZE; } + /* in TLS mode now */ + finalize_it: RETiRet; } @@ -231,7 +220,6 @@ Send(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) /* in TLS mode now */ while(1) { /* loop broken inside */ iSent = gnutls_record_send(pThis->sess, pBuf, *pLenBuf); -RUNLOG_VAR("%d", iSent); if(iSent >= 0) { *pLenBuf = iSent; break; @@ -255,7 +243,7 @@ Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; int sock; int gnuRet; -static const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; + static const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; DEFiRet; ISOBJ_TYPE_assert(pThis, nsd_gtls); diff --git a/runtime/nsdsel_gtls.c b/runtime/nsdsel_gtls.c new file mode 100644 index 00000000..e32dfd10 --- /dev/null +++ b/runtime/nsdsel_gtls.c @@ -0,0 +1,170 @@ +/* nsdsel_gtls.c + * + * An implementation of the nsd select() interface for GnuTLS. + * + * Copyright (C) 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ +#include "config.h" + +#include +#include +#include +#include +#include +#include + +#include "rsyslog.h" +#include "module-template.h" +#include "obj.h" +#include "errmsg.h" +#include "nsd.h" +#include "nsdsel_ptcp.h" +#include "nsdsel_gtls.h" + +MODULE_TYPE_LIB + +/* static data */ +DEFobjStaticHelpers +DEFobjCurrIf(errmsg) +DEFobjCurrIf(glbl) +DEFobjCurrIf(nsdsel_ptcp) + + +/* Standard-Constructor + */ +BEGINobjConstruct(nsdsel_gtls) /* be sure to specify the object type also in END macro! */ + iRet = nsdsel_ptcp.Construct(&pThis->pTcp); +ENDobjConstruct(nsdsel_gtls) + + +/* destructor for the nsdsel_gtls object */ +BEGINobjDestruct(nsdsel_gtls) /* be sure to specify the object type also in END and CODESTART macros! */ +CODESTARTobjDestruct(nsdsel_gtls) + if(pThis->pTcp != NULL) + nsdsel_ptcp.Destruct(&pThis->pTcp); +ENDobjDestruct(nsdsel_gtls) + + +/* Add a socket to the select set */ +static rsRetVal +Add(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) +{ + DEFiRet; + iRet = nsdsel_ptcp.Add(pNsdsel, pNsd, waitOp); + RETiRet; +} + + +/* perform the select() piNumReady returns how many descriptors are ready for IO + * TODO: add timeout! + */ +static rsRetVal +Select(nsdsel_t *pNsdsel, int *piNumReady) +{ + DEFiRet; + iRet = nsdsel_ptcp.Select(pNsdsel, piNumReady); + RETiRet; +} + + +/* check if a socket is ready for IO */ +static rsRetVal +IsReady(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp, int *pbIsReady) +{ + DEFiRet; + iRet = nsdsel_ptcp.IsReady(pNsdsel, pNsd, waitOp, pbIsReady); + RETiRet; +} + + +/* ------------------------------ end support for the select() interface ------------------------------ */ + + +/* queryInterface function */ +BEGINobjQueryInterface(nsdsel_gtls) +CODESTARTobjQueryInterface(nsdsel_gtls) + if(pIf->ifVersion != nsdCURR_IF_VERSION) {/* check for current version, increment on each change */ + ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); + } + + /* ok, we have the right interface, so let's fill it + * Please note that we may also do some backwards-compatibility + * work here (if we can support an older interface version - that, + * of course, also affects the "if" above). + */ + pIf->Construct = (rsRetVal(*)(nsdsel_t**)) nsdsel_gtlsConstruct; + pIf->Destruct = (rsRetVal(*)(nsdsel_t**)) nsdsel_gtlsDestruct; + pIf->Add = Add; + pIf->Select = Select; + pIf->IsReady = IsReady; +finalize_it: +ENDobjQueryInterface(nsdsel_gtls) + + +/* exit our class + */ +BEGINObjClassExit(nsdsel_gtls, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */ +CODESTARTObjClassExit(nsdsel_gtls) + /* release objects we no longer need */ + objRelease(glbl, CORE_COMPONENT); + objRelease(errmsg, CORE_COMPONENT); + objRelease(nsdsel_ptcp, LM_NSDSEL_PTCP_FILENAME); +ENDObjClassExit(nsdsel_gtls) + + +/* Initialize the nsdsel_gtls class. Must be called as the very first method + * before anything else is called inside this class. + * rgerhards, 2008-02-19 + */ +BEGINObjClassInit(nsdsel_gtls, 1, OBJ_IS_LOADABLE_MODULE) /* class, version */ + /* request objects we use */ + CHKiRet(objUse(errmsg, CORE_COMPONENT)); + CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(nsdsel_ptcp, LM_NSDSEL_PTCP_FILENAME)); + + /* set our own handlers */ +ENDObjClassInit(nsdsel_gtls) + + +/* --------------- here now comes the plumbing that makes as a library module --------------- */ + + +BEGINmodExit +CODESTARTmodExit + nsdsel_gtlsClassExit(); +ENDmodExit + + +BEGINqueryEtryPt +CODESTARTqueryEtryPt +CODEqueryEtryPt_STD_LIB_QUERIES +ENDqueryEtryPt + + +BEGINmodInit() +CODESTARTmodInit + *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ + + /* Initialize all classes that are in our module - this includes ourselfs */ + CHKiRet(nsdsel_gtlsClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ +ENDmodInit +/* vi:set ai: + */ diff --git a/runtime/nsdsel_gtls.h b/runtime/nsdsel_gtls.h new file mode 100644 index 00000000..a309d302 --- /dev/null +++ b/runtime/nsdsel_gtls.h @@ -0,0 +1,45 @@ +/* An implementation of the nsd select interface for GnuTLS. + * + * Copyright (C) 2008 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * + * The rsyslog runtime library is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * The rsyslog runtime library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the rsyslog runtime library. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + * A copy of the LGPL can be found in the file "COPYING.LESSER" in this distribution. + */ + +#ifndef INCLUDED_NSDSEL_GTLS_H +#define INCLUDED_NSDSEL_GTLS_H + +#include "nsd.h" +typedef nsdsel_if_t nsdsel_gtls_if_t; /* we just *implement* this interface */ + +/* the nsdsel_gtls object */ +struct nsdsel_gtls_s { + BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ + nsdsel_t *pTcp; /* our aggregated ptcp sel handler (which does almost everything) */ +}; + +/* interface is defined in nsd.h, we just implement it! */ +#define nsdsel_gtlsCURR_IF_VERSION nsdCURR_IF_VERSION + +/* prototypes */ +PROTOTYPEObj(nsdsel_gtls); + +/* the name of our library binary */ +#define LM_NSDSEL_GTLS_FILENAME "lmnsdsel_gtls" + +#endif /* #ifndef INCLUDED_NSDSEL_GTLS_H */ diff --git a/runtime/nsdsel_ptcp.h b/runtime/nsdsel_ptcp.h index 39294d7d..93874e55 100644 --- a/runtime/nsdsel_ptcp.h +++ b/runtime/nsdsel_ptcp.h @@ -36,6 +36,7 @@ struct nsdsel_ptcp_s { }; /* interface is defined in nsd.h, we just implement it! */ +#define nsdsel_ptcpCURR_IF_VERSION nsdCURR_IF_VERSION /* prototypes */ PROTOTYPEObj(nsdsel_ptcp); diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index c20a61ea..19fda468 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -73,6 +73,7 @@ typedef struct nsd_gtls_s nsd_gtls_t; typedef struct nsd_gsspi_s nsd_gsspi_t; typedef struct nsd_nss_s nsd_nss_t; typedef struct nsdsel_ptcp_s nsdsel_ptcp_t; +typedef struct nsdsel_gtls_s nsdsel_gtls_t; typedef obj_t nsd_t; typedef obj_t nsdsel_t; typedef struct msg msg_t; -- cgit v1.2.3 From 75cf92117c118f9aca37b39f44ad1e1e759f78bf Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 25 Apr 2008 12:54:59 +0200 Subject: made gtls server driver work in plain tcp mode --- runtime/netstrm.c | 7 ---- runtime/netstrm.h | 6 ---- runtime/nsd.h | 3 +- runtime/nsd_gtls.c | 91 +++++++++++++++++++++++++++++++++++++++++++++++---- runtime/nsd_ptcp.c | 28 ++++++++++++++-- runtime/nsdsel_gtls.c | 20 +++++++++-- runtime/nsdsel_ptcp.c | 2 ++ runtime/nssel.c | 2 +- runtime/obj-types.h | 4 +-- 9 files changed, 134 insertions(+), 29 deletions(-) (limited to 'runtime') diff --git a/runtime/netstrm.c b/runtime/netstrm.c index 5e073899..be754aae 100644 --- a/runtime/netstrm.c +++ b/runtime/netstrm.c @@ -68,13 +68,6 @@ BEGINobjDestruct(netstrm) /* be sure to specify the object type also in END and CODESTARTobjDestruct(netstrm) if(pThis->pDrvrData != NULL) iRet = pThis->Drvr.Destruct(&pThis->pDrvrData); - - /* driver can only be released after all data has been destructed */ - if(pThis->Drvr.ifIsLoaded == 1) { - obj.ReleaseObj(__FILE__, pThis->pDrvrName+2, pThis->pDrvrName, (void*) &pThis->Drvr); - } - if(pThis->pDrvrName != NULL) - free(pThis->pDrvrName); ENDobjDestruct(netstrm) diff --git a/runtime/netstrm.h b/runtime/netstrm.h index f4205f80..160bbb0b 100644 --- a/runtime/netstrm.h +++ b/runtime/netstrm.h @@ -30,7 +30,6 @@ struct netstrm_s { BEGINobjInstance; /* Data to implement generic object - MUST be the first data element! */ nsd_t *pDrvrData; /**< the driver's data elements (at most other places, this is called pNsd) */ - uchar *pDrvrName; /**< nsd driver name to use, or NULL if system default */ nsd_if_t Drvr; /**< our stream driver */ netstrms_t *pNS; /**< pointer to our netstream subsystem object */ }; @@ -48,11 +47,6 @@ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Rcv)(netstrm_t *pThis, uchar *pRcvBuf, ssize_t *pLenBuf); rsRetVal (*Send)(netstrm_t *pThis, uchar *pBuf, ssize_t *pLenBuf); rsRetVal (*Connect)(netstrm_t *pThis, int family, unsigned char *port, unsigned char *host); - //rsRetVal (*SelectInit)(nsdsel_t **ppSel, netstrm_t *pThis); - //rsRetVal (*SelectAdd)(nsdsel_t *pSel, netstrm_t *pThis); - //rsRetVal (*SelectWait)(nsdsel_t *pSel, int *piNumReady); - //rsRetVal (*SelectIsReady)(nsdsel_t *pSel, int *piNumReady); - //rsRetVal (*SelectExit)(nsdsel_t **ppSel); rsRetVal (*GetRemoteHName)(netstrm_t *pThis, uchar **pszName); rsRetVal (*GetRemoteIP)(netstrm_t *pThis, uchar **pszIP); ENDinterface(netstrm) diff --git a/runtime/nsd.h b/runtime/nsd.h index 044cc266..1b3702a0 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -51,7 +51,8 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ rsRetVal (*GetRemoteHName)(nsd_t *pThis, uchar **pszName); rsRetVal (*GetRemoteIP)(nsd_t *pThis, uchar **pszIP); rsRetVal (*GetSock)(nsd_t *pThis, int *pSock); - /* GetSock() returns an error if the driver does not use plain + rsRetVal (*SetSock)(nsd_t *pThis, int sock); + /* GetSock() and SetSock() return an error if the driver does not use plain * OS sockets. This interface is primarily meant as an internal aid for * those drivers that utilize the nsd_ptcp to do some of their work. */ diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index d2606799..f3622f36 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -117,6 +117,7 @@ gtlsEndSess(nsd_gtls_t *pThis) BEGINobjConstruct(nsd_gtls) /* be sure to specify the object type also in END macro! */ iRet = nsd_ptcp.Construct(&pThis->pTcp); pThis->iMode = 1; /* TODO: must be made configurable */ + pThis->iMode = 0; /* TODO: must be made configurable */ ENDobjConstruct(nsd_gtls) @@ -127,11 +128,31 @@ CODESTARTobjDestruct(nsd_gtls) gtlsEndSess(pThis); } +RUNLOG_VAR("%p", pThis->pTcp); if(pThis->pTcp != NULL) nsd_ptcp.Destruct(&pThis->pTcp); ENDobjDestruct(nsd_gtls) +/* Provide access to the underlying OS socket. This is primarily + * useful for other drivers (like nsd_gtls) who utilize ourselfs + * for some of their functionality. -- rgerhards, 2008-04-18 + */ +static rsRetVal +SetSock(nsd_t *pNsd, int sock) +{ + DEFiRet; + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + + ISOBJ_TYPE_assert((pThis), nsd_gtls); + assert(sock >= 0); + + nsd_ptcp.SetSock(pThis->pTcp, sock); + + RETiRet; +} + + /* abort a connection. This is meant to be called immediately * before the Destruct call. -- rgerhards, 2008-03-24 */ @@ -153,19 +174,73 @@ Abort(nsd_t *pNsd) /* initialize the tcp socket for a listner - * pLstnPort must point to a port name or number. NULL is NOT permitted - * (hint: we need to be careful when we use this module together with librelp, - * there NULL indicates the default port - * default is used. - * gerhards, 2008-03-17 + * Here, we use the ptcp driver - because there is nothing special + * at this point with GnuTLS. Things become special once we accept + * a session, but not during listener setup. + * gerhards, 2008-04-25 */ static rsRetVal LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), uchar *pLstnPort, uchar *pLstnIP, int iSessMax) { DEFiRet; + iRet = nsd_ptcp.LstnInit(pNS, pUsr, fAddLstn, pLstnPort, pLstnIP, iSessMax); + RETiRet; +} + + +/* get the remote hostname. The returned hostname must be freed by the caller. + * rgerhards, 2008-04-25 + */ +static rsRetVal +GetRemoteHName(nsd_t *pNsd, uchar **ppszHName) +{ + DEFiRet; + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + ISOBJ_TYPE_assert(pThis, nsd_gtls); + iRet = nsd_ptcp.GetRemoteHName(pThis->pTcp, ppszHName); + RETiRet; +} + + +/* get the remote host's IP address. The returned string must be freed by the + * caller. + * rgerhards, 2008-04-25 + */ +static rsRetVal +GetRemoteIP(nsd_t *pNsd, uchar **ppszIP) +{ + DEFiRet; + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + ISOBJ_TYPE_assert(pThis, nsd_gtls); + iRet = nsd_ptcp.GetRemoteIP(pThis->pTcp, ppszIP); + RETiRet; +} + + +/* accept an incoming connection request - here, we do the usual accept + * handling. TLS specific handling is done thereafter (and if we run in TLS + * mode at this time). + * rgerhards, 2008-04-25 + */ +static rsRetVal +AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew) +{ + DEFiRet; + nsd_gtls_t *pNew = NULL; + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + + ISOBJ_TYPE_assert((pThis), nsd_gtls); + CHKiRet(nsd_gtlsConstruct(&pNew)); + CHKiRet(nsd_ptcp.AcceptConnReq(pThis->pTcp, &pNew->pTcp)); + + *ppNew = (nsd_t*) pNew; finalize_it: + if(iRet != RS_RET_OK) { + if(pNew != NULL) + nsd_gtlsDestruct(&pNew); + } RETiRet; } @@ -187,6 +262,7 @@ Rcv(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) ISOBJ_TYPE_assert(pThis, nsd_gtls); if(pThis->iMode == 0) { +RUNLOG; CHKiRet(nsd_ptcp.Rcv(pThis->pTcp, pBuf, pLenBuf)); FINALIZE; } @@ -302,10 +378,13 @@ CODESTARTobjQueryInterface(nsd_gtls) pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_gtlsDestruct; pIf->Abort = Abort; pIf->LstnInit = LstnInit; - //pIf->AcceptConnReq = AcceptConnReq; + pIf->AcceptConnReq = AcceptConnReq; pIf->Rcv = Rcv; pIf->Send = Send; pIf->Connect = Connect; + pIf->SetSock = SetSock; + pIf->GetRemoteHName = GetRemoteHName; + pIf->GetRemoteIP = GetRemoteIP; finalize_it: ENDobjQueryInterface(nsd_gtls) diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 584cc93f..2a74e061 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -93,7 +93,6 @@ ENDobjDestruct(nsd_ptcp) /* Provide access to the underlying OS socket. This is primarily * useful for other drivers (like nsd_gtls) who utilize ourselfs * for some of their functionality. -- rgerhards, 2008-04-18 - * TODO: what about the server socket structure? */ static rsRetVal GetSock(nsd_t *pNsd, int *pSock) @@ -110,6 +109,26 @@ GetSock(nsd_t *pNsd, int *pSock) } +/* Provide access to the underlying OS socket. This is primarily + * useful for other drivers (like nsd_gtls) who utilize ourselfs + * for some of their functionality. + * This function sets the socket -- rgerhards, 2008-04-25 + */ +static rsRetVal +SetSock(nsd_t *pNsd, int sock) +{ + nsd_ptcp_t *pThis = (nsd_ptcp_t*) pNsd; + DEFiRet; + + ISOBJ_TYPE_assert((pThis), nsd_ptcp); + assert(sock >= 0); + + pThis->sock = sock; + + RETiRet; +} + + /* abort a connection. This is meant to be called immediately * before the Destruct call. -- rgerhards, 2008-03-24 */ @@ -211,7 +230,6 @@ finalize_it: } - /* accept an incoming connection request * rgerhards, 2008-04-22 */ @@ -397,10 +415,13 @@ LstnInit(netstrms_t *pNS, void *pUsr, rsRetVal(*fAddLstn)(void*,netstrm_t*), * construct a new netstrm obj and hand it over to the upper layers for inclusion * into their socket array. -- rgerhards, 2008-04-23 */ +RUNLOG_VAR("%d", sock); CHKiRet(pNS->Drvr.Construct(&pNewNsd)); - ((nsd_ptcp_t*)pNewNsd)->sock = sock; + CHKiRet(pNS->Drvr.SetSock(pNewNsd, sock)); +RUNLOG; CHKiRet(netstrms.CreateStrm(pNS, &pNewStrm)); pNewStrm->pDrvrData = (nsd_t*) pNewNsd; +RUNLOG; CHKiRet(fAddLstn(pUsr, pNewStrm)); pNewNsd = NULL; pNewStrm = NULL; @@ -587,6 +608,7 @@ CODESTARTobjQueryInterface(nsd_ptcp) pIf->Destruct = (rsRetVal(*)(nsd_t**)) nsd_ptcpDestruct; pIf->Abort = Abort; pIf->GetSock = GetSock; + pIf->SetSock = SetSock; pIf->Rcv = Rcv; pIf->Send = Send; pIf->LstnInit = LstnInit; diff --git a/runtime/nsdsel_gtls.c b/runtime/nsdsel_gtls.c index e32dfd10..7cafec49 100644 --- a/runtime/nsdsel_gtls.c +++ b/runtime/nsdsel_gtls.c @@ -36,6 +36,7 @@ #include "obj.h" #include "errmsg.h" #include "nsd.h" +#include "nsd_gtls.h" #include "nsdsel_ptcp.h" #include "nsdsel_gtls.h" @@ -68,7 +69,12 @@ static rsRetVal Add(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) { DEFiRet; - iRet = nsdsel_ptcp.Add(pNsdsel, pNsd, waitOp); + nsdsel_gtls_t *pThis = (nsdsel_gtls_t*) pNsdsel; + nsd_gtls_t *pNsdGTLS = (nsd_gtls_t*) pNsd; + + ISOBJ_TYPE_assert(pThis, nsdsel_gtls); + ISOBJ_TYPE_assert(pNsdGTLS, nsd_gtls); + iRet = nsdsel_ptcp.Add(pThis->pTcp, pNsdGTLS->pTcp, waitOp); RETiRet; } @@ -80,7 +86,10 @@ static rsRetVal Select(nsdsel_t *pNsdsel, int *piNumReady) { DEFiRet; - iRet = nsdsel_ptcp.Select(pNsdsel, piNumReady); + nsdsel_gtls_t *pThis = (nsdsel_gtls_t*) pNsdsel; + + ISOBJ_TYPE_assert(pThis, nsdsel_gtls); + iRet = nsdsel_ptcp.Select(pThis->pTcp, piNumReady); RETiRet; } @@ -90,7 +99,12 @@ static rsRetVal IsReady(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp, int *pbIsReady) { DEFiRet; - iRet = nsdsel_ptcp.IsReady(pNsdsel, pNsd, waitOp, pbIsReady); + nsdsel_gtls_t *pThis = (nsdsel_gtls_t*) pNsdsel; + nsd_gtls_t *pNsdGTLS = (nsd_gtls_t*) pNsd; + + ISOBJ_TYPE_assert(pThis, nsdsel_gtls); + ISOBJ_TYPE_assert(pNsdGTLS, nsd_gtls); + iRet = nsdsel_ptcp.IsReady(pThis->pTcp, pNsdGTLS->pTcp, waitOp, pbIsReady); RETiRet; } diff --git a/runtime/nsdsel_ptcp.c b/runtime/nsdsel_ptcp.c index b439063a..22c000b9 100644 --- a/runtime/nsdsel_ptcp.c +++ b/runtime/nsdsel_ptcp.c @@ -71,6 +71,8 @@ Add(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) ISOBJ_TYPE_assert(pSock, nsd_ptcp); ISOBJ_TYPE_assert(pThis, nsdsel_ptcp); +RUNLOG_VAR("%d", pSock->sock); +RUNLOG_VAR("%p", &pThis->readfds); switch(waitOp) { case NSDSEL_RD: FD_SET(pSock->sock, &pThis->readfds); diff --git a/runtime/nssel.c b/runtime/nssel.c index 7cb63e98..5333fc75 100644 --- a/runtime/nssel.c +++ b/runtime/nssel.c @@ -75,7 +75,7 @@ loadDrvr(nssel_t *pThis) * enough. -- rgerhards, 2008-04-18 */ //CHKiRet(obj.UseObj(__FILE__, pDrvrName+2, pDrvrName, (void*) &pThis->Drvr)); - CHKiRet(obj.UseObj(__FILE__, "nsdsel_ptcp", "lmnsdsel_ptcp", (void*) &pThis->Drvr)); + CHKiRet(obj.UseObj(__FILE__, "nsdsel_gtls", "lmnsdsel_gtls", (void*) &pThis->Drvr)); finalize_it: RETiRet; } diff --git a/runtime/obj-types.h b/runtime/obj-types.h index 2d0e0f14..5f531eb1 100644 --- a/runtime/obj-types.h +++ b/runtime/obj-types.h @@ -107,8 +107,8 @@ struct obj_s { /* the dummy struct that each derived class can be casted to */ ASSERT(pObj != NULL); \ ASSERT((unsigned) ((obj_t*) (pObj))->iObjCooCKiE == (unsigned) 0xBADEFEE); \ if(strcmp((char*)(((obj_t*)pObj)->pObjInfo->pszID), #objType)) { \ - dbgprintf("ISOBJ assert failure: invalid object type, expected '%s' " \ - "actual '%s'\n", #objType, (((obj_t*)pObj)->pObjInfo->pszID)); \ + dbgprintf("%s:%d ISOBJ assert failure: invalid object type, expected '%s' " \ + "actual '%s'\n", __FILE__, __LINE__, #objType, (((obj_t*)pObj)->pObjInfo->pszID)); \ assert(0); /* trigger assertion, messge we already have */ \ } \ } while(0) -- cgit v1.2.3 From 76e4eb29d4343d11cb2e4b354f7d7d14df707b7a Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 28 Apr 2008 08:09:21 +0200 Subject: fixed memory leaks --- runtime/nsd_gtls.c | 7 ++++--- runtime/nsdsel_ptcp.c | 2 -- 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'runtime') diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index f3622f36..d59043f2 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -128,9 +128,9 @@ CODESTARTobjDestruct(nsd_gtls) gtlsEndSess(pThis); } -RUNLOG_VAR("%p", pThis->pTcp); - if(pThis->pTcp != NULL) + if(pThis->pTcp != NULL) { nsd_ptcp.Destruct(&pThis->pTcp); + } ENDobjDestruct(nsd_gtls) @@ -231,7 +231,9 @@ AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew) nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; ISOBJ_TYPE_assert((pThis), nsd_gtls); + // TODO: method to construct without pTcp CHKiRet(nsd_gtlsConstruct(&pNew)); + CHKiRet(nsd_ptcp.Destruct(&pNew->pTcp)); CHKiRet(nsd_ptcp.AcceptConnReq(pThis->pTcp, &pNew->pTcp)); *ppNew = (nsd_t*) pNew; @@ -262,7 +264,6 @@ Rcv(nsd_t *pNsd, uchar *pBuf, ssize_t *pLenBuf) ISOBJ_TYPE_assert(pThis, nsd_gtls); if(pThis->iMode == 0) { -RUNLOG; CHKiRet(nsd_ptcp.Rcv(pThis->pTcp, pBuf, pLenBuf)); FINALIZE; } diff --git a/runtime/nsdsel_ptcp.c b/runtime/nsdsel_ptcp.c index 22c000b9..b439063a 100644 --- a/runtime/nsdsel_ptcp.c +++ b/runtime/nsdsel_ptcp.c @@ -71,8 +71,6 @@ Add(nsdsel_t *pNsdsel, nsd_t *pNsd, nsdsel_waitOp_t waitOp) ISOBJ_TYPE_assert(pSock, nsd_ptcp); ISOBJ_TYPE_assert(pThis, nsdsel_ptcp); -RUNLOG_VAR("%d", pSock->sock); -RUNLOG_VAR("%p", &pThis->readfds); switch(waitOp) { case NSDSEL_RD: FD_SET(pSock->sock, &pThis->readfds); -- cgit v1.2.3