#include "plugin.h"
#include "common.h"
-#include "configfile.h"
#include "utils_fbhash.h"
#include "utils_cache.h"
#include "utils_complain.h"
static _Bool check_notify_received (const notification_t *n) /* {{{ */
{
- notification_meta_t *ptr;
-
- for (ptr = n->meta; ptr != NULL; ptr = ptr->next)
+ for (notification_meta_t *ptr = n->meta; ptr != NULL; ptr = ptr->next)
if ((strcmp ("network:received", ptr->name) == 0)
&& (ptr->type == NM_TYPE_BOOLEAN))
return ((_Bool) ptr->nm_value.nm_boolean);
} /* }}} int network_dispatch_notification */
#if HAVE_LIBGCRYPT
-static void network_init_gcrypt (void) /* {{{ */
+static int network_init_gcrypt (void) /* {{{ */
{
gcry_error_t err;
* Because you can't know in a library whether another library has
* already initialized the library */
if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
- return;
+ return (0);
/* http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
* To ensure thread-safety, it's important to set GCRYCTL_SET_THREAD_CBS
if (err)
{
ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: %s", gcry_strerror (err));
- abort ();
+ return (-1);
}
# endif
if (err)
{
ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM) failed: %s", gcry_strerror (err));
- abort ();
+ return (-1);
}
gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
-} /* }}} void network_init_gcrypt */
+ return (0);
+} /* }}} int network_init_gcrypt */
static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
const void *iv, size_t iv_size, const char *username)
value_t *pkg_values;
size_t offset;
- int i;
num_values = vl->values_len;
packet_len = sizeof (part_header_t) + sizeof (uint16_t)
pkg_num_values = htons ((uint16_t) vl->values_len);
- for (i = 0; i < num_values; i++)
+ for (int i = 0; i < num_values; i++)
{
pkg_values_types[i] = (uint8_t) ds->ds[i].type;
switch (ds->ds[i].type)
uint16_t tmp16;
size_t exp_size;
- size_t i;
uint16_t pkg_length;
uint16_t pkg_type;
memcpy (pkg_values, buffer, pkg_numval * sizeof (*pkg_values));
buffer += pkg_numval * sizeof (*pkg_values);
- for (i = 0; i < pkg_numval; i++)
+ for (size_t i = 0; i < pkg_numval; i++)
{
switch (pkg_types[i])
{
if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
{
WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
- "Hash mismatch.");
+ "Hash mismatch. Username: %s", pss.username);
}
else
{
pea.username);
if (cypher == NULL)
{
+ ERROR ("network plugin: Failed to get cypher. Username: %s", pea.username);
sfree (pea.username);
return (-1);
}
if (err != 0)
{
sfree (pea.username);
- ERROR ("network plugin: gcry_cipher_decrypt returned: %s",
- gcry_strerror (err));
+ ERROR ("network plugin: gcry_cipher_decrypt returned: %s. Username: %s",
+ gcry_strerror (err), pea.username);
return (-1);
}
buffer + buffer_offset, payload_len);
if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
{
+ ERROR ("network plugin: Checksum mismatch. Username: %s", pea.username);
sfree (pea.username);
- ERROR ("network plugin: Decryption failed: Checksum mismatch.");
return (-1);
}
#if HAVE_LIBGCRYPT
int packet_was_signed = (flags & PP_SIGNED);
- int packet_was_encrypted = (flags & PP_ENCRYPTED);
+ int packet_was_encrypted = (flags & PP_ENCRYPTED);
int printed_ignore_warning = 0;
#endif /* HAVE_LIBGCRYPT */
static void free_sockent_server (struct sockent_server *ses) /* {{{ */
{
- size_t i;
-
- for (i = 0; i < ses->fd_num; i++)
+ for (size_t i = 0; i < ses->fd_num; i++)
{
if (ses->fd[i] >= 0)
{
{
if (se->data.client.security_level > SECURITY_LEVEL_NONE)
{
- network_init_gcrypt ();
+ if (network_init_gcrypt () < 0)
+ {
+ ERROR ("network plugin: Cannot configure client socket with "
+ "security: Failed to initialize crypto library.");
+ return (-1);
+ }
if ((se->data.client.username == NULL)
|| (se->data.client.password == NULL))
}
else /* (se->type == SOCKENT_TYPE_SERVER) */
{
- if (se->data.server.security_level > SECURITY_LEVEL_NONE)
+ if ((se->data.server.security_level > SECURITY_LEVEL_NONE)
+ && (se->data.server.auth_file == NULL))
{
- network_init_gcrypt ();
-
- if (se->data.server.auth_file == NULL)
- {
- ERROR ("network plugin: Server socket with "
- "security requested, but no "
- "password file is configured.");
- return (-1);
- }
+ ERROR ("network plugin: Server socket with security requested, "
+ "but no \"AuthFile\" is configured.");
+ return (-1);
}
if (se->data.server.auth_file != NULL)
{
+ if (network_init_gcrypt () < 0)
+ {
+ ERROR ("network plugin: Cannot configure server socket with security: "
+ "Failed to initialize crypto library.");
+ return (-1);
+ }
+
se->data.server.userdb = fbh_create (se->data.server.auth_file);
if (se->data.server.userdb == NULL)
{
- ERROR ("network plugin: Reading password file "
- "`%s' failed.",
+ ERROR ("network plugin: Reading password file \"%s\" failed.",
se->data.server.auth_file);
- if (se->data.server.security_level > SECURITY_LEVEL_NONE)
- return (-1);
+ return (-1);
}
}
}
static c_complain_t complaint = C_COMPLAIN_INIT_STATIC;
struct sockent_client *client;
- struct addrinfo *ai_list, *ai_ptr;
+ struct addrinfo *ai_list;
int status;
_Bool reconnect = 0;
cdtime_t now;
se->node);
}
- for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
+ for (struct addrinfo *ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
{
if (client->fd >= 0) /* when we reconnect */
sockent_client_disconnect(se);
/* Open the file descriptors for a initialized sockent structure. */
static int sockent_server_listen (sockent_t *se) /* {{{ */
{
- struct addrinfo *ai_list, *ai_ptr;
+ struct addrinfo *ai_list;
int status;
const char *node;
return (-1);
}
- for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
+ for (struct addrinfo *ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
{
int *tmp;
if (se->type == SOCKENT_TYPE_SERVER)
{
struct pollfd *tmp;
- size_t i;
tmp = realloc (listen_sockets_pollfd,
sizeof (*tmp) * (listen_sockets_num
listen_sockets_pollfd = tmp;
tmp = listen_sockets_pollfd + listen_sockets_num;
- for (i = 0; i < se->data.server.fd_num; i++)
+ for (size_t i = 0; i < se->data.server.fd_num; i++)
{
memset (tmp + i, 0, sizeof (*tmp));
tmp[i].fd = se->data.server.fd[i];
char buffer[network_config_packet_size];
int buffer_len;
- size_t i;
int status = 0;
receive_list_entry_t *private_list_head;
break;
}
- for (i = 0; (i < listen_sockets_num) && (status > 0); i++)
+ for (size_t i = 0; (i < listen_sockets_num) && (status > 0); i++)
{
receive_list_entry_t *ent;
static void network_send_buffer (char *buffer, size_t buffer_len) /* {{{ */
{
- sockent_t *se;
-
DEBUG ("network plugin: network_send_buffer: buffer_len = %zu", buffer_len);
- for (se = sending_sockets; se != NULL; se = se->next)
+ for (sockent_t *se = sending_sockets; se != NULL; se = se->next)
{
#if HAVE_LIBGCRYPT
if (se->data.client.security_level == SECURITY_LEVEL_ENCRYPT)
{
int status;
+ /* listen_loop is set to non-zero in the shutdown callback, which is
+ * guaranteed to be called *after* all the write threads have been shut
+ * down. */
+ assert (listen_loop == 0);
+
if (!check_send_okay (vl))
{
#if COLLECT_DEBUG
{
sockent_t *se;
int status;
- int i;
if ((ci->values_num < 1) || (ci->values_num > 2)
|| (ci->values[0].type != OCONFIG_TYPE_STRING)
if (ci->values_num >= 2)
se->service = strdup (ci->values[1].value.string);
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
{
sockent_t *se;
int status;
- int i;
if ((ci->values_num < 1) || (ci->values_num > 2)
|| (ci->values[0].type != OCONFIG_TYPE_STRING)
if (ci->values_num >= 2)
se->service = strdup (ci->values[1].value.string);
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
static int network_config (oconfig_item_t *ci) /* {{{ */
{
- int i;
-
/* The options need to be applied first */
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
if (strcasecmp ("TimeToLive", child->key) == 0)
network_config_set_ttl (child);
}
- for (i = 0; i < ci->children_num; i++)
+ for (int i = 0; i < ci->children_num; i++)
{
oconfig_item_t *child = ci->children + i;
static int network_shutdown (void)
{
- sockent_t *se;
-
listen_loop++;
/* Kill the listening thread */
sfree (send_buffer);
- for (se = sending_sockets; se != NULL; se = se->next)
+ for (sockent_t *se = sending_sockets; se != NULL; se = se->next)
sockent_client_disconnect (se);
sockent_destroy (sending_sockets);
return (0);
have_init = 1;
-#if HAVE_LIBGCRYPT
- network_init_gcrypt ();
-#endif
-
if (network_config_stats)
plugin_register_read ("network", network_stats_read);