#include "utils_fbhash.h"
#include "utils_avltree.h"
#include "utils_cache.h"
+#include "utils_complain.h"
#include "network.h"
return (!received);
} /* }}} _Bool check_send_okay */
-static int network_dispatch_values (value_list_t *vl) /* {{{ */
+static int network_dispatch_values (value_list_t *vl, /* {{{ */
+ const char *username)
{
int status;
return (status);
}
- plugin_dispatch_values (vl);
+ if (username != NULL)
+ {
+ status = meta_data_add_string (vl->meta, "network:username", username);
+ if (status != 0)
+ {
+ ERROR ("network plugin: meta_data_add_string failed.");
+ meta_data_destroy (vl->meta);
+ vl->meta = NULL;
+ return (status);
+ }
+ }
+
+ plugin_dispatch_values_secure (vl);
stats_values_dispatched++;
meta_data_destroy (vl->meta);
exp_size = 3 * sizeof (uint16_t)
+ pkg_numval * (sizeof (uint8_t) + sizeof (value_t));
- if ((buffer_len < 0) || (buffer_len < exp_size))
+ if (buffer_len < exp_size)
{
WARNING ("network plugin: parse_part_values: "
"Packet too short: "
break;
default:
- sfree (pkg_types);
- sfree (pkg_values);
NOTICE ("network plugin: parse_part_values: "
"Don't know how to handle data source type %"PRIu8,
pkg_types[i]);
+ sfree (pkg_types);
+ sfree (pkg_values);
return (-1);
} /* switch (pkg_types[i]) */
}
size_t exp_size = 2 * sizeof (uint16_t) + sizeof (uint64_t);
uint16_t pkg_length;
- uint16_t pkg_type;
- if ((buffer_len < 0) || ((size_t) buffer_len < exp_size))
+ if (buffer_len < exp_size)
{
WARNING ("network plugin: parse_part_number: "
"Packet too short: "
memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
buffer += sizeof (tmp16);
- pkg_type = ntohs (tmp16);
+ /* pkg_type = ntohs (tmp16); */
memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
buffer += sizeof (tmp16);
size_t header_size = 2 * sizeof (uint16_t);
uint16_t pkg_length;
- uint16_t pkg_type;
- if ((buffer_len < 0) || (buffer_len < header_size))
+ if (buffer_len < header_size)
{
WARNING ("network plugin: parse_part_string: "
"Packet too short: "
memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
buffer += sizeof (tmp16);
- pkg_type = ntohs (tmp16);
+ /* pkg_type = ntohs (tmp16); */
memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
buffer += sizeof (tmp16);
#define PP_SIGNED 0x01
#define PP_ENCRYPTED 0x02
static int parse_packet (sockent_t *se,
- void *buffer, size_t buffer_size, int flags);
+ void *buffer, size_t buffer_size, int flags,
+ const char *username);
#define BUFFER_READ(p,s) do { \
memcpy ((p), buffer + buffer_offset, (s)); \
static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
void **ret_buffer, size_t *ret_buffer_len, int flags)
{
+ static c_complain_t complain_no_users = C_COMPLAIN_INIT_STATIC;
+
char *buffer;
size_t buffer_len;
size_t buffer_offset;
if (se->data.server.userdb == NULL)
{
- NOTICE ("network plugin: Received signed network packet but can't verify "
- "it because no user DB has been configured. Will accept it.");
+ c_complain (LOG_NOTICE, &complain_no_users,
+ "network plugin: Received signed network packet but can't verify it "
+ "because no user DB has been configured. Will accept it.");
return (0);
}
{
ERROR ("network plugin: gcry_md_setkey failed: %s", gcry_strerror (err));
gcry_md_close (hd);
+ sfree (secret);
+ sfree (pss.username);
return (-1);
}
gcry_md_close (hd);
hd = NULL;
- sfree (secret);
- sfree (pss.username);
-
if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
{
WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
else
{
parse_packet (se, buffer + buffer_offset, buffer_len - buffer_offset,
- flags | PP_SIGNED);
+ flags | PP_SIGNED, pss.username);
}
+ sfree (secret);
+ sfree (pss.username);
+
*ret_buffer = buffer + buffer_len;
*ret_buffer_len = 0;
warning_has_been_printed = 1;
}
- parse_packet (se, buffer + part_len, buffer_size - part_len, flags);
+ parse_packet (se, buffer + part_len, buffer_size - part_len, flags,
+ /* username = */ NULL);
*ret_buffer = buffer + buffer_size;
*ret_buffer_size = 0;
cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
pea.username);
if (cypher == NULL)
+ {
+ sfree (pea.username);
return (-1);
+ }
payload_len = part_size - (PART_ENCRYPTION_AES256_SIZE + username_len);
assert (payload_len > 0);
/* in = */ NULL, /* in len = */ 0);
if (err != 0)
{
+ sfree (pea.username);
ERROR ("network plugin: gcry_cipher_decrypt returned: %s",
gcry_strerror (err));
return (-1);
buffer + buffer_offset, payload_len);
if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
{
+ sfree (pea.username);
ERROR ("network plugin: Decryption failed: Checksum mismatch.");
return (-1);
}
parse_packet (se, buffer + buffer_offset, payload_len,
- flags | PP_ENCRYPTED);
+ flags | PP_ENCRYPTED, pea.username);
+
+ /* XXX: Free pea.username?!? */
/* Update return values */
*ret_buffer = buffer + part_size;
*ret_buffer_len = buffer_len - part_size;
+ sfree (pea.username);
+
return (0);
} /* }}} int parse_part_encr_aes256 */
/* #endif HAVE_LIBGCRYPT */
#undef BUFFER_READ
static int parse_packet (sockent_t *se, /* {{{ */
- void *buffer, size_t buffer_size, int flags)
+ void *buffer, size_t buffer_size, int flags,
+ const char *username)
{
int status;
if (status != 0)
break;
- network_dispatch_values (&vl);
+ network_dispatch_values (&vl, username);
sfree (vl.values);
}
if (setsockopt (se->data.client.fd, IPPROTO_IP, optname,
&network_config_ttl,
- sizeof (network_config_ttl)) == -1)
+ sizeof (network_config_ttl)) != 0)
{
char errbuf[1024];
ERROR ("setsockopt: %s",
if (setsockopt (se->data.client.fd, IPPROTO_IPV6, optname,
&network_config_ttl,
- sizeof (network_config_ttl)) == -1)
+ sizeof (network_config_ttl)) != 0)
{
char errbuf[1024];
ERROR ("setsockopt: %s",
#endif
if (setsockopt (se->data.client.fd, IPPROTO_IP, IP_MULTICAST_IF,
- &mreq, sizeof (mreq)) == -1)
+ &mreq, sizeof (mreq)) != 0)
{
char errbuf[1024];
ERROR ("setsockopt: %s",
{
if (setsockopt (se->data.client.fd, IPPROTO_IPV6, IPV6_MULTICAST_IF,
&se->interface,
- sizeof (se->interface)) == -1)
+ sizeof (se->interface)) != 0)
{
char errbuf[1024];
ERROR ("setsockopt: %s",
}
}
-#if defined(HAVE_IF_INDEXTONAME) && HAVE_IF_INDEXTONAME && defined(SO_BINDTODEVICE)
+ /* else: Not a multicast interface. */
if (se->interface != 0)
{
+#if defined(HAVE_IF_INDEXTONAME) && HAVE_IF_INDEXTONAME && defined(SO_BINDTODEVICE)
char interface_name[IFNAMSIZ];
if (if_indextoname (se->interface, interface_name) == NULL)
sstrerror (errno, errbuf, sizeof (errbuf)));
return (-1);
}
+/* #endif HAVE_IF_INDEXTONAME && SO_BINDTODEVICE */
+
+#else
+ WARNING ("network plugin: Cannot set the interface on a unicast "
+ "socket because "
+# if !defined(SO_BINDTODEVICE)
+ "the \"SO_BINDTODEVICE\" socket option "
+# else
+ "the \"if_indextoname\" function "
+# endif
+ "is not available on your system.");
+#endif
+
}
-#endif /* HAVE_IF_INDEXTONAME && SO_BINDTODEVICE */
return (0);
} /* }}} network_set_interface */
continue;
}
- parse_packet (se, ent->data, ent->data_len, /* flags = */ 0);
+ parse_packet (se, ent->data, ent->data_len, /* flags = */ 0,
+ /* username = */ NULL);
sfree (ent->data);
sfree (ent);
} /* while (42) */
ERROR ("network plugin: Unable to append to the "
"buffer for some weird reason");
}
- else if ((network_config_packet_size - send_buffer_fill) < 15)
+ else if (send_buffer_fill >= 1452 - 15)
{
flush_buffer ();
}
vl.values[0].counter = (counter_t) copy_octets_rx;
vl.values[1].counter = (counter_t) copy_octets_tx;
sstrncpy (vl.type, "if_octets", sizeof (vl.type));
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
/* Packets received / send */
vl.values[0].counter = (counter_t) copy_packets_rx;
vl.values[1].counter = (counter_t) copy_packets_tx;
sstrncpy (vl.type, "if_packets", sizeof (vl.type));
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
/* Values (not) dispatched and (not) send */
sstrncpy (vl.type, "total_values", sizeof (vl.type));
vl.values[0].derive = (derive_t) copy_values_dispatched;
sstrncpy (vl.type_instance, "dispatch-accepted",
sizeof (vl.type_instance));
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
vl.values[0].derive = (derive_t) copy_values_not_dispatched;
sstrncpy (vl.type_instance, "dispatch-rejected",
sizeof (vl.type_instance));
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
vl.values[0].derive = (derive_t) copy_values_sent;
sstrncpy (vl.type_instance, "send-accepted",
sizeof (vl.type_instance));
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
vl.values[0].derive = (derive_t) copy_values_not_sent;
sstrncpy (vl.type_instance, "send-rejected",
sizeof (vl.type_instance));
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
/* Receive queue length */
vl.values[0].gauge = (gauge_t) copy_receive_list_length;
sstrncpy (vl.type, "queue_length", sizeof (vl.type));
vl.type_instance[0] = 0;
- plugin_dispatch_values (&vl);
+ plugin_dispatch_values_secure (&vl);
return (0);
} /* }}} int network_stats_read */
projects / collectd.git / blobdiff