#define _BSD_SOURCE /* For struct ip_mreq */
#include "collectd.h"
+
#include "plugin.h"
#include "common.h"
#include "configfile.h"
#include "utils_fbhash.h"
-#include "utils_avltree.h"
#include "utils_cache.h"
#include "utils_complain.h"
#include "network.h"
-#if HAVE_PTHREAD_H
-# include <pthread.h>
-#endif
#if HAVE_NETDB_H
# include <netdb.h>
#endif
#endif
#if HAVE_LIBGCRYPT
-# include <pthread.h>
# if defined __APPLE__
/* default xcode compiler throws warnings even when deprecated functionality
* is not used. -Werror breaks the build because of erroneous warnings.
static _Bool check_notify_received (const notification_t *n) /* {{{ */
{
- notification_meta_t *ptr;
-
- for (ptr = n->meta; ptr != NULL; ptr = ptr->next)
+ for (notification_meta_t *ptr = n->meta; ptr != NULL; ptr = ptr->next)
if ((strcmp ("network:received", ptr->name) == 0)
&& (ptr->type == NM_TYPE_BOOLEAN))
return ((_Bool) ptr->nm_value.nm_boolean);
{
int status;
- if ((vl->time <= 0)
- || (strlen (vl->host) <= 0)
- || (strlen (vl->plugin) <= 0)
- || (strlen (vl->type) <= 0))
+ if ((vl->time == 0)
+ || (strlen (vl->host) == 0)
+ || (strlen (vl->plugin) == 0)
+ || (strlen (vl->type) == 0))
return (-EINVAL);
if (!check_receive_okay (vl))
} /* }}} int network_dispatch_notification */
#if HAVE_LIBGCRYPT
-static void network_init_gcrypt (void) /* {{{ */
+static int network_init_gcrypt (void) /* {{{ */
{
+ gcry_error_t err;
+
/* http://lists.gnupg.org/pipermail/gcrypt-devel/2003-August/000458.html
* Because you can't know in a library whether another library has
* already initialized the library */
if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
- return;
+ return (0);
/* http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
* To ensure thread-safety, it's important to set GCRYCTL_SET_THREAD_CBS
*
* tl;dr: keep all these gry_* statements in this exact order please. */
# if GCRYPT_VERSION_NUMBER < 0x010600
- gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
+ err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
+ if (err)
+ {
+ ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: %s", gcry_strerror (err));
+ return (-1);
+ }
# endif
+
gcry_check_version (NULL);
- gcry_control (GCRYCTL_INIT_SECMEM, 32768);
+
+ err = gcry_control (GCRYCTL_INIT_SECMEM, 32768);
+ if (err)
+ {
+ ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM) failed: %s", gcry_strerror (err));
+ return (-1);
+ }
+
gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
-} /* }}} void network_init_gcrypt */
+ return (0);
+} /* }}} int network_init_gcrypt */
static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
const void *iv, size_t iv_size, const char *username)
} /* }}} int network_get_aes256_cypher */
#endif /* HAVE_LIBGCRYPT */
-static int write_part_values (char **ret_buffer, int *ret_buffer_len,
+static int write_part_values (char **ret_buffer, size_t *ret_buffer_len,
const data_set_t *ds, const value_list_t *vl)
{
char *packet_ptr;
- int packet_len;
+ size_t packet_len;
int num_values;
part_header_t pkg_ph;
uint8_t *pkg_values_types;
value_t *pkg_values;
- int offset;
- int i;
+ size_t offset;
num_values = vl->values_len;
packet_len = sizeof (part_header_t) + sizeof (uint16_t)
pkg_num_values = htons ((uint16_t) vl->values_len);
- for (i = 0; i < num_values; i++)
+ for (int i = 0; i < num_values; i++)
{
pkg_values_types[i] = (uint8_t) ds->ds[i].type;
switch (ds->ds[i].type)
return (0);
} /* int write_part_values */
-static int write_part_number (char **ret_buffer, int *ret_buffer_len,
+static int write_part_number (char **ret_buffer, size_t *ret_buffer_len,
int type, uint64_t value)
{
char *packet_ptr;
- int packet_len;
+ size_t packet_len;
part_header_t pkg_head;
uint64_t pkg_value;
- int offset;
+ size_t offset;
packet_len = sizeof (pkg_head) + sizeof (pkg_value);
return (0);
} /* int write_part_number */
-static int write_part_string (char **ret_buffer, int *ret_buffer_len,
- int type, const char *str, int str_len)
+static int write_part_string (char **ret_buffer, size_t *ret_buffer_len,
+ int type, const char *str, size_t str_len)
{
char *buffer;
- int buffer_len;
+ size_t buffer_len;
uint16_t pkg_type;
uint16_t pkg_length;
- int offset;
+ size_t offset;
buffer_len = 2 * sizeof (uint16_t) + str_len + 1;
if (*ret_buffer_len < buffer_len)
uint16_t tmp16;
size_t exp_size;
- size_t i;
uint16_t pkg_length;
uint16_t pkg_type;
memcpy (pkg_values, buffer, pkg_numval * sizeof (*pkg_values));
buffer += pkg_numval * sizeof (*pkg_values);
- for (i = 0; i < pkg_numval; i++)
+ for (size_t i = 0; i < pkg_numval; i++)
{
switch (pkg_types[i])
{
size_t buffer_offset;
uint16_t username_len;
part_encryption_aes256_t pea;
- unsigned char hash[sizeof (pea.hash)];
+ unsigned char hash[sizeof (pea.hash)] = { 0 };
gcry_cipher_hd_t cypher;
gcry_error_t err;
BUFFER_READ (&username_len, sizeof (username_len));
username_len = ntohs (username_len);
- if ((username_len <= 0)
+ if ((username_len == 0)
|| (username_len > (part_size - (PART_ENCRYPTION_AES256_SIZE + 1))))
{
NOTICE ("network plugin: parse_part_encr_aes256: "
assert (buffer_offset == (part_size - payload_len));
/* Check hash sum */
- memset (hash, 0, sizeof (hash));
gcry_md_hash_buffer (GCRY_MD_SHA1, hash,
buffer + buffer_offset, payload_len);
if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
int status;
value_list_t vl = VALUE_LIST_INIT;
- notification_t n;
+ notification_t n = { 0 };
#if HAVE_LIBGCRYPT
int packet_was_signed = (flags & PP_SIGNED);
memset (&vl, '\0', sizeof (vl));
- memset (&n, '\0', sizeof (n));
status = 0;
while ((status == 0) && (0 < buffer_size)
printed_ignore_warning = 1;
}
buffer = ((char *) buffer) + pkg_length;
+ buffer_size -= (size_t) pkg_length;
continue;
}
#endif /* HAVE_LIBGCRYPT */
printed_ignore_warning = 1;
}
buffer = ((char *) buffer) + pkg_length;
+ buffer_size -= (size_t) pkg_length;
continue;
}
#endif /* HAVE_LIBGCRYPT */
"unknown severity %i.",
n.severity);
}
- else if (n.time <= 0)
+ else if (n.time == 0)
{
INFO ("network plugin: "
"Ignoring notification with "
"time == 0.");
}
- else if (strlen (n.message) <= 0)
+ else if (strlen (n.message) == 0)
{
INFO ("network plugin: "
"Ignoring notification with "
DEBUG ("network plugin: parse_packet: Unknown part"
" type: 0x%04hx", pkg_type);
buffer = ((char *) buffer) + pkg_length;
+ buffer_size -= (size_t) pkg_length;
}
} /* while (buffer_size > sizeof (part_header_t)) */
static void free_sockent_server (struct sockent_server *ses) /* {{{ */
{
- size_t i;
-
- for (i = 0; i < ses->fd_num; i++)
+ for (size_t i = 0; i < ses->fd_num; i++)
{
if (ses->fd[i] >= 0)
{
* index is preferred here, because of its similarity
* to the way IPv6 handles this. Unfortunately, it
* appears not to be portable. */
- struct ip_mreqn mreq;
-
- memset (&mreq, 0, sizeof (mreq));
- mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
- mreq.imr_address.s_addr = ntohl (INADDR_ANY);
- mreq.imr_ifindex = se->interface;
+ struct ip_mreqn mreq = {
+ .imr_multiaddr.s_addr = addr->sin_addr.s_addr,
+ .imr_address.s_addr = ntohl (INADDR_ANY),
+ .imr_ifindex = se->interface
+ };
#else
- struct ip_mreq mreq;
-
- memset (&mreq, 0, sizeof (mreq));
- mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
- mreq.imr_interface.s_addr = ntohl (INADDR_ANY);
+ struct ip_mreq mreq = {
+ .imr_multiaddr.s_addr = addr->sin_addr.s_addr,
+ .imr_interface.s_addr = ntohl (INADDR_ANY)
+ };
#endif
if (setsockopt (se->data.client.fd, IPPROTO_IP, IP_MULTICAST_IF,
{
if (se->data.client.security_level > SECURITY_LEVEL_NONE)
{
- network_init_gcrypt ();
+ if (network_init_gcrypt () < 0)
+ {
+ ERROR ("network plugin: Cannot configure client socket with "
+ "security: Failed to initialize crypto library.");
+ return (-1);
+ }
if ((se->data.client.username == NULL)
|| (se->data.client.password == NULL))
{
if (se->data.server.security_level > SECURITY_LEVEL_NONE)
{
- network_init_gcrypt ();
+ if (network_init_gcrypt () < 0)
+ {
+ ERROR ("network plugin: Cannot configure server socket with "
+ "security: Failed to initialize crypto library.");
+ return (-1);
+ }
if (se->data.server.auth_file == NULL)
{
static c_complain_t complaint = C_COMPLAIN_INIT_STATIC;
struct sockent_client *client;
- struct addrinfo ai_hints;
- struct addrinfo *ai_list = NULL, *ai_ptr;
+ struct addrinfo *ai_list;
int status;
_Bool reconnect = 0;
cdtime_t now;
if (client->fd >= 0 && !reconnect) /* already connected and not stale*/
return (0);
- memset (&ai_hints, 0, sizeof (ai_hints));
-#ifdef AI_ADDRCONFIG
- ai_hints.ai_flags |= AI_ADDRCONFIG;
-#endif
- ai_hints.ai_family = AF_UNSPEC;
- ai_hints.ai_socktype = SOCK_DGRAM;
- ai_hints.ai_protocol = IPPROTO_UDP;
+ struct addrinfo ai_hints = {
+ .ai_family = AF_UNSPEC,
+ .ai_flags = AI_ADDRCONFIG,
+ .ai_protocol = IPPROTO_UDP,
+ .ai_socktype = SOCK_DGRAM
+ };
status = getaddrinfo (se->node,
(se->service != NULL) ? se->service : NET_DEFAULT_PORT,
se->node);
}
- for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
+ for (struct addrinfo *ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
{
if (client->fd >= 0) /* when we reconnect */
sockent_client_disconnect(se);
/* Open the file descriptors for a initialized sockent structure. */
static int sockent_server_listen (sockent_t *se) /* {{{ */
{
- struct addrinfo ai_hints;
- struct addrinfo *ai_list, *ai_ptr;
+ struct addrinfo *ai_list;
int status;
const char *node;
DEBUG ("network plugin: sockent_server_listen: node = %s; service = %s;",
node, service);
- memset (&ai_hints, 0, sizeof (ai_hints));
- ai_hints.ai_flags = 0;
-#ifdef AI_PASSIVE
- ai_hints.ai_flags |= AI_PASSIVE;
-#endif
-#ifdef AI_ADDRCONFIG
- ai_hints.ai_flags |= AI_ADDRCONFIG;
-#endif
- ai_hints.ai_family = AF_UNSPEC;
- ai_hints.ai_socktype = SOCK_DGRAM;
- ai_hints.ai_protocol = IPPROTO_UDP;
+ struct addrinfo ai_hints = {
+ .ai_family = AF_UNSPEC,
+ .ai_flags = AI_ADDRCONFIG | AI_PASSIVE,
+ .ai_protocol = IPPROTO_UDP,
+ .ai_socktype = SOCK_DGRAM
+ };
status = getaddrinfo (node, service, &ai_hints, &ai_list);
if (status != 0)
return (-1);
}
- for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
+ for (struct addrinfo *ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
{
int *tmp;
if (se->type == SOCKENT_TYPE_SERVER)
{
struct pollfd *tmp;
- size_t i;
tmp = realloc (listen_sockets_pollfd,
sizeof (*tmp) * (listen_sockets_num
listen_sockets_pollfd = tmp;
tmp = listen_sockets_pollfd + listen_sockets_num;
- for (i = 0; i < se->data.server.fd_num; i++)
+ for (size_t i = 0; i < se->data.server.fd_num; i++)
{
memset (tmp + i, 0, sizeof (*tmp));
tmp[i].fd = se->data.server.fd[i];
char buffer[network_config_packet_size];
int buffer_len;
- size_t i;
int status = 0;
receive_list_entry_t *private_list_head;
break;
}
- for (i = 0; (i < listen_sockets_num) && (status > 0); i++)
+ for (size_t i = 0; (i < listen_sockets_num) && (status > 0); i++)
{
receive_list_entry_t *ent;
static void network_send_buffer_signed (sockent_t *se, /* {{{ */
const char *in_buffer, size_t in_buffer_size)
{
- part_signature_sha256_t ps;
char buffer[BUFF_SIG_SIZE + in_buffer_size];
size_t buffer_offset;
size_t username_len;
in_buffer, in_buffer_size);
/* Initialize the `ps' structure. */
- memset (&ps, 0, sizeof (ps));
- ps.head.type = htons (TYPE_SIGN_SHA256);
- ps.head.length = htons (PART_SIGNATURE_SHA256_SIZE + username_len);
+ part_signature_sha256_t ps = {
+ .head.type = htons (TYPE_SIGN_SHA256),
+ .head.length = htons (PART_SIGNATURE_SHA256_SIZE + username_len)
+ };
/* Calculate the hash value. */
gcry_md_write (hd, buffer + PART_SIGNATURE_SHA256_SIZE,
static void network_send_buffer_encrypted (sockent_t *se, /* {{{ */
const char *in_buffer, size_t in_buffer_size)
{
- part_encryption_aes256_t pea;
char buffer[BUFF_SIG_SIZE + in_buffer_size];
size_t buffer_size;
size_t buffer_offset;
gcry_cipher_hd_t cypher;
/* Initialize the header fields */
- memset (&pea, 0, sizeof (pea));
- pea.head.type = htons (TYPE_ENCR_AES256);
-
- pea.username = se->data.client.username;
+ part_encryption_aes256_t pea = {
+ .head.type = htons (TYPE_ENCR_AES256),
+ .username = se->data.client.username
+ };
username_len = strlen (pea.username);
if ((PART_ENCRYPTION_AES256_SIZE + username_len) > BUFF_SIG_SIZE)
static void network_send_buffer (char *buffer, size_t buffer_len) /* {{{ */
{
- sockent_t *se;
-
DEBUG ("network plugin: network_send_buffer: buffer_len = %zu", buffer_len);
- for (se = sending_sockets; se != NULL; se = se->next)
+ for (sockent_t *se = sending_sockets; se != NULL; se = se->next)
{
#if HAVE_LIBGCRYPT
if (se->data.client.security_level == SECURITY_LEVEL_ENCRYPT)
} /* for (sending_sockets) */
} /* }}} void network_send_buffer */
-static int add_to_buffer (char *buffer, int buffer_size, /* {{{ */
+static int add_to_buffer (char *buffer, size_t buffer_size, /* {{{ */
value_list_t *vl_def,
const data_set_t *ds, const value_list_t *vl)
{
{
int status;
+ /* listen_loop is set to non-zero in the shutdown callback, which is
+ * guaranteed to be called *after* all the write threads have been shut
+ * down. */
+ assert (listen_loop == 0);
+
if (!check_send_okay (vl))
{
#if COLLECT_DEBUG
{
sockent_t *se;
int status;
- int i;
if ((ci->values_num < 1) || (ci->values_num > 2)
|| (ci->values[0].type != OCONFIG_TYPE_STRING)
if (ci->values_num >= 2)
se->service = strdup (ci->values[1].value.string);
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
{
sockent_t *se;
int status;
- int i;
if ((ci->values_num < 1) || (ci->values_num > 2)
|| (ci->values[0].type != OCONFIG_TYPE_STRING)
if (ci->values_num >= 2)
se->service = strdup (ci->values[1].value.string);
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
static int network_config (oconfig_item_t *ci) /* {{{ */
{
- int i;
-
/* The options need to be applied first */
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
if (strcasecmp ("TimeToLive", child->key) == 0)
network_config_set_ttl (child);
}
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
static int network_notification (const notification_t *n,
user_data_t __attribute__((unused)) *user_data)
{
- char buffer[network_config_packet_size];
- char *buffer_ptr = buffer;
- int buffer_free = sizeof (buffer);
- int status;
+ char buffer[network_config_packet_size];
+ char *buffer_ptr = buffer;
+ size_t buffer_free = sizeof (buffer);
+ int status;
if (!check_send_notify_okay (n))
return (0);
static int network_shutdown (void)
{
- sockent_t *se;
-
listen_loop++;
/* Kill the listening thread */
sfree (send_buffer);
- for (se = sending_sockets; se != NULL; se = se->next)
+ for (sockent_t *se = sending_sockets; se != NULL; se = se->next)
sockent_client_disconnect (se);
sockent_destroy (sending_sockets);
have_init = 1;
#if HAVE_LIBGCRYPT
- network_init_gcrypt ();
+ if (network_init_gcrypt () < 0)
+ {
+ ERROR ("network plugin: Failed to initialize crypto library.");
+ return (-1);
+ }
#endif
if (network_config_stats)