2 * collectd - src/network.c
3 * Copyright (C) 2005-2009 Florian octo Forster
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU Lesser General Public License as published by
7 * the Free Software Foundation; only version 2.1 of the License is
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public License
16 * along with this program; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 * Florian octo Forster <octo at verplant.org>
23 #define _BSD_SOURCE /* For struct ip_mreq */
28 #include "configfile.h"
29 #include "utils_fbhash.h"
30 #include "utils_avltree.h"
38 # include <sys/socket.h>
44 # include <netinet/in.h>
47 # include <arpa/inet.h>
55 GCRY_THREAD_OPTION_PTHREAD_IMPL;
58 /* 1500 - 40 - 8 = Ethernet packet - IPv6 header - UDP header */
59 /* #define BUFF_SIZE 1452 */
61 #ifndef IPV6_ADD_MEMBERSHIP
62 # ifdef IPV6_JOIN_GROUP
63 # define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP
65 # error "Neither IP_ADD_MEMBERSHIP nor IPV6_JOIN_GROUP is defined"
67 #endif /* !IP_ADD_MEMBERSHIP */
69 /* Buffer size to allocate. */
70 #define BUFF_SIZE 1024
73 * Maximum size required for encryption / signing:
75 * 42 bytes for the encryption header
76 * + 64 bytes for the username
80 #define BUFF_SIG_SIZE 106
85 #define SECURITY_LEVEL_NONE 0
87 # define SECURITY_LEVEL_SIGN 1
88 # define SECURITY_LEVEL_ENCRYPT 2
93 struct sockaddr_storage *addr;
99 gcry_cipher_hd_t cypher;
100 unsigned char password_hash[32];
104 struct sockent_server
112 gcry_cipher_hd_t cypher;
116 typedef struct sockent
118 #define SOCKENT_TYPE_CLIENT 1
119 #define SOCKENT_TYPE_SERVER 2
127 struct sockent_client client;
128 struct sockent_server server;
131 struct sockent *next;
134 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
135 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
136 * +-------+-----------------------+-------------------------------+
137 * ! Ver. ! ! Length !
138 * +-------+-----------------------+-------------------------------+
145 typedef struct part_header_s part_header_t;
147 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
148 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
149 * +-------------------------------+-------------------------------+
151 * +-------------------------------+-------------------------------+
152 * : (Length - 4) Bytes :
153 * +---------------------------------------------------------------+
160 typedef struct part_string_s part_string_t;
162 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
163 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
164 * +-------------------------------+-------------------------------+
166 * +-------------------------------+-------------------------------+
167 * : (Length - 4 == 2 || 4 || 8) Bytes :
168 * +---------------------------------------------------------------+
175 typedef struct part_number_s part_number_t;
177 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
178 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
179 * +-------------------------------+-------------------------------+
181 * +-------------------------------+---------------+---------------+
182 * ! Num of values ! Type0 ! Type1 !
183 * +-------------------------------+---------------+---------------+
186 * +---------------------------------------------------------------+
189 * +---------------------------------------------------------------+
194 uint16_t *num_values;
195 uint8_t *values_types;
198 typedef struct part_values_s part_values_t;
200 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
201 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
202 * +-------------------------------+-------------------------------+
204 * +-------------------------------+-------------------------------+
205 * ! Hash (Bits 0 - 31) !
207 * ! Hash (Bits 224 - 255) !
208 * +---------------------------------------------------------------+
211 #define PART_SIGNATURE_SHA256_SIZE 36
212 struct part_signature_sha256_s
215 unsigned char hash[32];
218 typedef struct part_signature_sha256_s part_signature_sha256_t;
220 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
221 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
222 * +-------------------------------+-------------------------------+
224 * +-------------------------------+-------------------------------+
225 * ! Original length ! Padding (0 - 15 bytes) !
226 * +-------------------------------+-------------------------------+
227 * ! Hash (Bits 0 - 31) !
229 * ! Hash (Bits 128 - 159) !
230 * +---------------------------------------------------------------+
233 #define PART_ENCRYPTION_AES256_SIZE 42
234 struct part_encryption_aes256_s
237 uint16_t username_length;
239 unsigned char iv[16];
241 unsigned char hash[20];
245 typedef struct part_encryption_aes256_s part_encryption_aes256_t;
247 struct receive_list_entry_s
249 char data[BUFF_SIZE];
252 struct receive_list_entry_s *next;
254 typedef struct receive_list_entry_s receive_list_entry_t;
259 static int network_config_ttl = 0;
260 static int network_config_forward = 0;
262 static sockent_t *sending_sockets = NULL;
264 static receive_list_entry_t *receive_list_head = NULL;
265 static receive_list_entry_t *receive_list_tail = NULL;
266 static pthread_mutex_t receive_list_lock = PTHREAD_MUTEX_INITIALIZER;
267 static pthread_cond_t receive_list_cond = PTHREAD_COND_INITIALIZER;
269 static sockent_t *listen_sockets = NULL;
270 static struct pollfd *listen_sockets_pollfd = NULL;
271 static size_t listen_sockets_num = 0;
273 /* The receive and dispatch threads will run as long as `listen_loop' is set to
275 static int listen_loop = 0;
276 static int receive_thread_running = 0;
277 static pthread_t receive_thread_id;
278 static int dispatch_thread_running = 0;
279 static pthread_t dispatch_thread_id;
281 /* Buffer in which to-be-sent network packets are constructed. */
282 static char send_buffer[BUFF_SIZE];
283 static char *send_buffer_ptr;
284 static int send_buffer_fill;
285 static value_list_t send_buffer_vl = VALUE_LIST_STATIC;
286 static pthread_mutex_t send_buffer_lock = PTHREAD_MUTEX_INITIALIZER;
288 /* In this cache we store all the values we received, so we can send out only
289 * those values which were *not* received via the network plugin, too. This is
290 * used for the `Forward false' option. */
291 static c_avl_tree_t *cache_tree = NULL;
292 static pthread_mutex_t cache_lock = PTHREAD_MUTEX_INITIALIZER;
293 static time_t cache_flush_last = 0;
294 static int cache_flush_interval = 1800;
299 static int cache_flush (void)
309 c_avl_iterator_t *iter;
311 time_t curtime = time (NULL);
313 iter = c_avl_get_iterator (cache_tree);
314 while (c_avl_iterator_next (iter, (void *) &key, (void *) &value) == 0)
316 if ((curtime - *value) <= cache_flush_interval)
318 tmp = (char **) realloc (keys,
319 (keys_num + 1) * sizeof (char *));
323 c_avl_iterator_destroy (iter);
324 ERROR ("network plugin: cache_flush: realloc"
329 keys[keys_num] = key;
331 } /* while (c_avl_iterator_next) */
332 c_avl_iterator_destroy (iter);
334 for (i = 0; i < keys_num; i++)
336 if (c_avl_remove (cache_tree, keys[i], (void *) &key,
337 (void *) &value) != 0)
339 WARNING ("network plugin: cache_flush: c_avl_remove"
340 " (%s) failed.", keys[i]);
350 DEBUG ("network plugin: cache_flush: Removed %i %s",
351 keys_num, (keys_num == 1) ? "entry" : "entries");
352 cache_flush_last = curtime;
354 } /* int cache_flush */
356 static int cache_check (const value_list_t *vl)
359 time_t *value = NULL;
362 if (cache_tree == NULL)
365 if (format_name (key, sizeof (key), vl->host, vl->plugin,
366 vl->plugin_instance, vl->type, vl->type_instance))
369 pthread_mutex_lock (&cache_lock);
371 if (c_avl_get (cache_tree, key, (void *) &value) == 0)
373 if (*value < vl->time)
380 DEBUG ("network plugin: cache_check: *value = %i >= vl->time = %i",
381 (int) *value, (int) vl->time);
387 char *key_copy = strdup (key);
388 value = malloc (sizeof (time_t));
389 if ((key_copy != NULL) && (value != NULL))
392 c_avl_insert (cache_tree, key_copy, value);
402 if ((time (NULL) - cache_flush_last) > cache_flush_interval)
405 pthread_mutex_unlock (&cache_lock);
408 } /* int cache_check */
411 static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
412 const void *iv, size_t iv_size, const char *username)
415 gcry_cipher_hd_t *cyper_ptr;
416 unsigned char password_hash[32];
418 if (se->type == SOCKENT_TYPE_CLIENT)
420 cyper_ptr = &se->data.client.cypher;
421 memcpy (password_hash, se->data.client.password_hash,
422 sizeof (password_hash));
428 cyper_ptr = &se->data.server.cypher;
430 if (username == NULL)
433 secret = fbh_get (se->data.server.userdb, username);
437 gcry_md_hash_buffer (GCRY_MD_SHA256,
439 secret, strlen (secret));
444 if (*cyper_ptr == NULL)
446 err = gcry_cipher_open (cyper_ptr,
447 GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_OFB, /* flags = */ 0);
450 ERROR ("network plugin: gcry_cipher_open returned: %s",
451 gcry_strerror (err));
458 gcry_cipher_reset (*cyper_ptr);
460 assert (*cyper_ptr != NULL);
462 err = gcry_cipher_setkey (*cyper_ptr,
463 password_hash, sizeof (password_hash));
466 ERROR ("network plugin: gcry_cipher_setkey returned: %s",
467 gcry_strerror (err));
468 gcry_cipher_close (*cyper_ptr);
473 err = gcry_cipher_setiv (*cyper_ptr, iv, iv_size);
476 ERROR ("network plugin: gcry_cipher_setkey returned: %s",
477 gcry_strerror (err));
478 gcry_cipher_close (*cyper_ptr);
484 } /* }}} int network_get_aes256_cypher */
485 #endif /* HAVE_LIBGCRYPT */
487 static int write_part_values (char **ret_buffer, int *ret_buffer_len,
488 const data_set_t *ds, const value_list_t *vl)
494 part_header_t pkg_ph;
495 uint16_t pkg_num_values;
496 uint8_t *pkg_values_types;
502 num_values = vl->values_len;
503 packet_len = sizeof (part_header_t) + sizeof (uint16_t)
504 + (num_values * sizeof (uint8_t))
505 + (num_values * sizeof (value_t));
507 if (*ret_buffer_len < packet_len)
510 pkg_values_types = (uint8_t *) malloc (num_values * sizeof (uint8_t));
511 if (pkg_values_types == NULL)
513 ERROR ("network plugin: write_part_values: malloc failed.");
517 pkg_values = (value_t *) malloc (num_values * sizeof (value_t));
518 if (pkg_values == NULL)
520 free (pkg_values_types);
521 ERROR ("network plugin: write_part_values: malloc failed.");
525 pkg_ph.type = htons (TYPE_VALUES);
526 pkg_ph.length = htons (packet_len);
528 pkg_num_values = htons ((uint16_t) vl->values_len);
530 for (i = 0; i < num_values; i++)
532 if (ds->ds[i].type == DS_TYPE_COUNTER)
534 pkg_values_types[i] = DS_TYPE_COUNTER;
535 pkg_values[i].counter = htonll (vl->values[i].counter);
539 pkg_values_types[i] = DS_TYPE_GAUGE;
540 pkg_values[i].gauge = htond (vl->values[i].gauge);
545 * Use `memcpy' to write everything to the buffer, because the pointer
546 * may be unaligned and some architectures, such as SPARC, can't handle
549 packet_ptr = *ret_buffer;
551 memcpy (packet_ptr + offset, &pkg_ph, sizeof (pkg_ph));
552 offset += sizeof (pkg_ph);
553 memcpy (packet_ptr + offset, &pkg_num_values, sizeof (pkg_num_values));
554 offset += sizeof (pkg_num_values);
555 memcpy (packet_ptr + offset, pkg_values_types, num_values * sizeof (uint8_t));
556 offset += num_values * sizeof (uint8_t);
557 memcpy (packet_ptr + offset, pkg_values, num_values * sizeof (value_t));
558 offset += num_values * sizeof (value_t);
560 assert (offset == packet_len);
562 *ret_buffer = packet_ptr + packet_len;
563 *ret_buffer_len -= packet_len;
565 free (pkg_values_types);
569 } /* int write_part_values */
571 static int write_part_number (char **ret_buffer, int *ret_buffer_len,
572 int type, uint64_t value)
577 part_header_t pkg_head;
582 packet_len = sizeof (pkg_head) + sizeof (pkg_value);
584 if (*ret_buffer_len < packet_len)
587 pkg_head.type = htons (type);
588 pkg_head.length = htons (packet_len);
589 pkg_value = htonll (value);
591 packet_ptr = *ret_buffer;
593 memcpy (packet_ptr + offset, &pkg_head, sizeof (pkg_head));
594 offset += sizeof (pkg_head);
595 memcpy (packet_ptr + offset, &pkg_value, sizeof (pkg_value));
596 offset += sizeof (pkg_value);
598 assert (offset == packet_len);
600 *ret_buffer = packet_ptr + packet_len;
601 *ret_buffer_len -= packet_len;
604 } /* int write_part_number */
606 static int write_part_string (char **ret_buffer, int *ret_buffer_len,
607 int type, const char *str, int str_len)
617 buffer_len = 2 * sizeof (uint16_t) + str_len + 1;
618 if (*ret_buffer_len < buffer_len)
621 pkg_type = htons (type);
622 pkg_length = htons (buffer_len);
624 buffer = *ret_buffer;
626 memcpy (buffer + offset, (void *) &pkg_type, sizeof (pkg_type));
627 offset += sizeof (pkg_type);
628 memcpy (buffer + offset, (void *) &pkg_length, sizeof (pkg_length));
629 offset += sizeof (pkg_length);
630 memcpy (buffer + offset, str, str_len);
632 memset (buffer + offset, '\0', 1);
635 assert (offset == buffer_len);
637 *ret_buffer = buffer + buffer_len;
638 *ret_buffer_len -= buffer_len;
641 } /* int write_part_string */
643 static int parse_part_values (void **ret_buffer, size_t *ret_buffer_len,
644 value_t **ret_values, int *ret_num_values)
646 char *buffer = *ret_buffer;
647 size_t buffer_len = *ret_buffer_len;
662 NOTICE ("network plugin: packet is too short: "
663 "buffer_len = %zu", buffer_len);
667 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
668 buffer += sizeof (tmp16);
669 pkg_type = ntohs (tmp16);
671 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
672 buffer += sizeof (tmp16);
673 pkg_length = ntohs (tmp16);
675 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
676 buffer += sizeof (tmp16);
677 pkg_numval = ntohs (tmp16);
679 assert (pkg_type == TYPE_VALUES);
681 exp_size = 3 * sizeof (uint16_t)
682 + pkg_numval * (sizeof (uint8_t) + sizeof (value_t));
683 if ((buffer_len < 0) || (buffer_len < exp_size))
685 WARNING ("network plugin: parse_part_values: "
687 "Chunk of size %zu expected, "
688 "but buffer has only %zu bytes left.",
689 exp_size, buffer_len);
693 if (pkg_length != exp_size)
695 WARNING ("network plugin: parse_part_values: "
696 "Length and number of values "
697 "in the packet don't match.");
701 pkg_types = (uint8_t *) malloc (pkg_numval * sizeof (uint8_t));
702 pkg_values = (value_t *) malloc (pkg_numval * sizeof (value_t));
703 if ((pkg_types == NULL) || (pkg_values == NULL))
707 ERROR ("network plugin: parse_part_values: malloc failed.");
711 memcpy ((void *) pkg_types, (void *) buffer, pkg_numval * sizeof (uint8_t));
712 buffer += pkg_numval * sizeof (uint8_t);
713 memcpy ((void *) pkg_values, (void *) buffer, pkg_numval * sizeof (value_t));
714 buffer += pkg_numval * sizeof (value_t);
716 for (i = 0; i < pkg_numval; i++)
718 if (pkg_types[i] == DS_TYPE_COUNTER)
719 pkg_values[i].counter = ntohll (pkg_values[i].counter);
720 else if (pkg_types[i] == DS_TYPE_GAUGE)
721 pkg_values[i].gauge = ntohd (pkg_values[i].gauge);
724 *ret_buffer = buffer;
725 *ret_buffer_len = buffer_len - pkg_length;
726 *ret_num_values = pkg_numval;
727 *ret_values = pkg_values;
732 } /* int parse_part_values */
734 static int parse_part_number (void **ret_buffer, size_t *ret_buffer_len,
737 char *buffer = *ret_buffer;
738 size_t buffer_len = *ret_buffer_len;
742 size_t exp_size = 2 * sizeof (uint16_t) + sizeof (uint64_t);
747 if ((buffer_len < 0) || ((size_t) buffer_len < exp_size))
749 WARNING ("network plugin: parse_part_number: "
751 "Chunk of size %zu expected, "
752 "but buffer has only %zu bytes left.",
753 exp_size, buffer_len);
757 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
758 buffer += sizeof (tmp16);
759 pkg_type = ntohs (tmp16);
761 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
762 buffer += sizeof (tmp16);
763 pkg_length = ntohs (tmp16);
765 memcpy ((void *) &tmp64, buffer, sizeof (tmp64));
766 buffer += sizeof (tmp64);
767 *value = ntohll (tmp64);
769 *ret_buffer = buffer;
770 *ret_buffer_len = buffer_len - pkg_length;
773 } /* int parse_part_number */
775 static int parse_part_string (void **ret_buffer, size_t *ret_buffer_len,
776 char *output, int output_len)
778 char *buffer = *ret_buffer;
779 size_t buffer_len = *ret_buffer_len;
782 size_t header_size = 2 * sizeof (uint16_t);
787 if ((buffer_len < 0) || (buffer_len < header_size))
789 WARNING ("network plugin: parse_part_string: "
791 "Chunk of at least size %zu expected, "
792 "but buffer has only %zu bytes left.",
793 header_size, buffer_len);
797 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
798 buffer += sizeof (tmp16);
799 pkg_type = ntohs (tmp16);
801 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
802 buffer += sizeof (tmp16);
803 pkg_length = ntohs (tmp16);
805 /* Check that packet fits in the input buffer */
806 if (pkg_length > buffer_len)
808 WARNING ("network plugin: parse_part_string: "
810 "Chunk of size %"PRIu16" received, "
811 "but buffer has only %zu bytes left.",
812 pkg_length, buffer_len);
816 /* Check that pkg_length is in the valid range */
817 if (pkg_length <= header_size)
819 WARNING ("network plugin: parse_part_string: "
821 "Header claims this packet is only %hu "
822 "bytes long.", pkg_length);
826 /* Check that the package data fits into the output buffer.
827 * The previous if-statement ensures that:
828 * `pkg_length > header_size' */
830 || ((size_t) output_len < ((size_t) pkg_length - header_size)))
832 WARNING ("network plugin: parse_part_string: "
833 "Output buffer too small.");
837 /* All sanity checks successfull, let's copy the data over */
838 output_len = pkg_length - header_size;
839 memcpy ((void *) output, (void *) buffer, output_len);
840 buffer += output_len;
842 /* For some very weird reason '\0' doesn't do the trick on SPARC in
844 if (output[output_len - 1] != 0)
846 WARNING ("network plugin: parse_part_string: "
847 "Received string does not end "
848 "with a NULL-byte.");
852 *ret_buffer = buffer;
853 *ret_buffer_len = buffer_len - pkg_length;
856 } /* int parse_part_string */
858 /* Forward declaration: parse_part_sign_sha256 and parse_part_encr_aes256 call
859 * parse_packet and vice versa. */
860 #define PP_SIGNED 0x01
861 #define PP_ENCRYPTED 0x02
862 static int parse_packet (sockent_t *se,
863 void *buffer, size_t buffer_size, int flags);
865 #define BUFFER_READ(p,s) do { \
866 memcpy ((p), buffer + buffer_offset, (s)); \
867 buffer_offset += (s); \
871 static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
872 void **ret_buffer, size_t *ret_buffer_len, int flags)
876 size_t buffer_offset;
881 part_signature_sha256_t pss;
882 uint16_t pss_head_length;
883 char hash[sizeof (pss.hash)];
887 unsigned char *hash_ptr;
889 buffer = *ret_buffer;
890 buffer_len = *ret_buffer_len;
893 if (se->data.server.userdb == NULL)
895 NOTICE ("network plugin: Received signed network packet but can't verify "
896 "it because no user DB has been configured. Will accept it.");
900 /* Check if the buffer has enough data for this structure. */
901 if (buffer_len <= PART_SIGNATURE_SHA256_SIZE)
904 /* Read type and length header */
905 BUFFER_READ (&pss.head.type, sizeof (pss.head.type));
906 BUFFER_READ (&pss.head.length, sizeof (pss.head.length));
907 pss_head_length = ntohs (pss.head.length);
909 /* Check if the `pss_head_length' is within bounds. */
910 if ((pss_head_length <= PART_SIGNATURE_SHA256_SIZE)
911 || (pss_head_length > buffer_len))
913 ERROR ("network plugin: HMAC-SHA-256 with invalid length received.");
918 BUFFER_READ (pss.hash, sizeof (pss.hash));
920 /* Calculate username length (without null byte) and allocate memory */
921 username_len = pss_head_length - PART_SIGNATURE_SHA256_SIZE;
922 pss.username = malloc (username_len + 1);
923 if (pss.username == NULL)
926 /* Read the username */
927 BUFFER_READ (pss.username, username_len);
928 pss.username[username_len] = 0;
930 assert (buffer_offset == pss_head_length);
932 /* Query the password */
933 secret = fbh_get (se->data.server.userdb, pss.username);
936 ERROR ("network plugin: Unknown user: %s", pss.username);
937 sfree (pss.username);
941 /* Create a hash device and check the HMAC */
943 err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
946 ERROR ("network plugin: Creating HMAC-SHA-256 object failed: %s",
947 gcry_strerror (err));
949 sfree (pss.username);
953 err = gcry_md_setkey (hd, secret, strlen (secret));
956 ERROR ("network plugin: gcry_md_setkey failed: %s", gcry_strerror (err));
962 buffer + PART_SIGNATURE_SHA256_SIZE,
963 buffer_len - PART_SIGNATURE_SHA256_SIZE);
964 hash_ptr = gcry_md_read (hd, GCRY_MD_SHA256);
965 if (hash_ptr == NULL)
967 ERROR ("network plugin: gcry_md_read failed.");
970 sfree (pss.username);
973 memcpy (hash, hash_ptr, sizeof (hash));
980 sfree (pss.username);
982 if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
984 WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
989 parse_packet (se, buffer + buffer_offset, buffer_len - buffer_offset,
993 *ret_buffer = buffer + buffer_len;
997 } /* }}} int parse_part_sign_sha256 */
998 /* #endif HAVE_LIBGCRYPT */
1000 #else /* if !HAVE_LIBGCRYPT */
1001 static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
1002 void **ret_buffer, size_t *ret_buffer_size, int flags)
1004 static int warning_has_been_printed = 0;
1008 size_t buffer_offset;
1011 part_signature_sha256_t pss;
1013 buffer = *ret_buffer;
1014 buffer_size = *ret_buffer_size;
1017 if (buffer_size <= PART_SIGNATURE_SHA256_SIZE)
1020 BUFFER_READ (&pss.head.type, sizeof (pss.head.type));
1021 BUFFER_READ (&pss.head.length, sizeof (pss.head.length));
1022 part_len = ntohs (pss.head.length);
1024 if ((part_len <= PART_SIGNATURE_SHA256_SIZE)
1025 || (part_len > buffer_size))
1028 if (warning_has_been_printed == 0)
1030 WARNING ("network plugin: Received signed packet, but the network "
1031 "plugin was not linked with libgcrypt, so I cannot "
1032 "verify the signature. The packet will be accepted.");
1033 warning_has_been_printed = 1;
1036 parse_packet (se, buffer + part_len, buffer_size - part_len, flags);
1038 *ret_buffer = buffer + buffer_size;
1039 *ret_buffer_size = 0;
1042 } /* }}} int parse_part_sign_sha256 */
1043 #endif /* !HAVE_LIBGCRYPT */
1046 static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
1047 void **ret_buffer, size_t *ret_buffer_len,
1050 char *buffer = *ret_buffer;
1051 size_t buffer_len = *ret_buffer_len;
1054 size_t buffer_offset;
1055 uint16_t username_len;
1056 part_encryption_aes256_t pea;
1057 unsigned char hash[sizeof (pea.hash)];
1059 gcry_cipher_hd_t cypher;
1062 /* Make sure at least the header if available. */
1063 if (buffer_len <= PART_ENCRYPTION_AES256_SIZE)
1065 NOTICE ("network plugin: parse_part_encr_aes256: "
1066 "Discarding short packet.");
1072 /* Copy the unencrypted information into `pea'. */
1073 BUFFER_READ (&pea.head.type, sizeof (pea.head.type));
1074 BUFFER_READ (&pea.head.length, sizeof (pea.head.length));
1076 /* Check the `part size'. */
1077 part_size = ntohs (pea.head.length);
1078 if ((part_size <= PART_ENCRYPTION_AES256_SIZE)
1079 || (part_size > buffer_len))
1081 NOTICE ("network plugin: parse_part_encr_aes256: "
1082 "Discarding part with invalid size.");
1086 /* Read the username */
1087 BUFFER_READ (&username_len, sizeof (username_len));
1088 username_len = ntohs (username_len);
1090 if ((username_len <= 0)
1091 || (username_len > (part_size - (PART_ENCRYPTION_AES256_SIZE + 1))))
1093 NOTICE ("network plugin: parse_part_encr_aes256: "
1094 "Discarding part with invalid username length.");
1098 assert (username_len > 0);
1099 pea.username = malloc (username_len + 1);
1100 if (pea.username == NULL)
1102 BUFFER_READ (pea.username, username_len);
1103 pea.username[username_len] = 0;
1105 /* Last but not least, the initialization vector */
1106 BUFFER_READ (pea.iv, sizeof (pea.iv));
1108 /* Make sure we are at the right position */
1109 assert (buffer_offset == (username_len +
1110 PART_ENCRYPTION_AES256_SIZE - sizeof (pea.hash)));
1112 cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
1117 payload_len = part_size - (PART_ENCRYPTION_AES256_SIZE + username_len);
1118 assert (payload_len > 0);
1120 /* Decrypt the packet in-place */
1121 err = gcry_cipher_decrypt (cypher,
1122 buffer + buffer_offset,
1123 part_size - buffer_offset,
1124 /* in = */ NULL, /* in len = */ 0);
1127 ERROR ("network plugin: gcry_cipher_decrypt returned: %s",
1128 gcry_strerror (err));
1133 BUFFER_READ (pea.hash, sizeof (pea.hash));
1135 /* Make sure we're at the right position - again */
1136 assert (buffer_offset == (username_len + PART_ENCRYPTION_AES256_SIZE));
1137 assert (buffer_offset == (part_size - payload_len));
1139 /* Check hash sum */
1140 memset (hash, 0, sizeof (hash));
1141 gcry_md_hash_buffer (GCRY_MD_SHA1, hash,
1142 buffer + buffer_offset, payload_len);
1143 if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
1145 ERROR ("network plugin: Decryption failed: Checksum mismatch.");
1149 parse_packet (se, buffer + buffer_offset, payload_len,
1150 flags | PP_ENCRYPTED);
1152 /* Update return values */
1153 *ret_buffer = buffer + part_size;
1154 *ret_buffer_len = buffer_len - part_size;
1157 } /* }}} int parse_part_encr_aes256 */
1158 /* #endif HAVE_LIBGCRYPT */
1160 #else /* if !HAVE_LIBGCRYPT */
1161 static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
1162 void **ret_buffer, size_t *ret_buffer_size, int flags)
1164 static int warning_has_been_printed = 0;
1168 size_t buffer_offset;
1173 buffer = *ret_buffer;
1174 buffer_size = *ret_buffer_size;
1177 /* parse_packet assures this minimum size. */
1178 assert (buffer_size >= (sizeof (ph.type) + sizeof (ph.length)));
1180 BUFFER_READ (&ph.type, sizeof (ph.type));
1181 BUFFER_READ (&ph.length, sizeof (ph.length));
1182 ph_length = ntohs (ph.length);
1184 if ((ph_length <= PART_ENCRYPTION_AES256_SIZE)
1185 || (ph_length > buffer_size))
1187 ERROR ("network plugin: AES-256 encrypted part "
1188 "with invalid length received.");
1192 if (warning_has_been_printed == 0)
1194 WARNING ("network plugin: Received encrypted packet, but the network "
1195 "plugin was not linked with libgcrypt, so I cannot "
1196 "decrypt it. The part will be discarded.");
1197 warning_has_been_printed = 1;
1200 *ret_buffer += ph_length;
1201 *ret_buffer_size -= ph_length;
1204 } /* }}} int parse_part_encr_aes256 */
1205 #endif /* !HAVE_LIBGCRYPT */
1209 static int parse_packet (sockent_t *se, /* {{{ */
1210 void *buffer, size_t buffer_size, int flags)
1214 value_list_t vl = VALUE_LIST_INIT;
1218 int packet_was_signed = (flags & PP_SIGNED);
1219 int packet_was_encrypted = (flags & PP_ENCRYPTED);
1220 int printed_ignore_warning = 0;
1221 #endif /* HAVE_LIBGCRYPT */
1224 memset (&vl, '\0', sizeof (vl));
1225 memset (&n, '\0', sizeof (n));
1228 while ((status == 0) && (0 < buffer_size)
1229 && ((unsigned int) buffer_size > sizeof (part_header_t)))
1231 uint16_t pkg_length;
1234 memcpy ((void *) &pkg_type,
1237 memcpy ((void *) &pkg_length,
1238 (void *) (buffer + sizeof (pkg_type)),
1239 sizeof (pkg_length));
1241 pkg_length = ntohs (pkg_length);
1242 pkg_type = ntohs (pkg_type);
1244 if (pkg_length > buffer_size)
1246 /* Ensure that this loop terminates eventually */
1247 if (pkg_length < (2 * sizeof (uint16_t)))
1250 if (pkg_type == TYPE_ENCR_AES256)
1252 status = parse_part_encr_aes256 (se,
1253 &buffer, &buffer_size, flags);
1256 ERROR ("network plugin: Decrypting AES256 "
1258 "with status %i.", status);
1263 else if ((se->data.server.security_level == SECURITY_LEVEL_ENCRYPT)
1264 && (packet_was_encrypted == 0))
1266 if (printed_ignore_warning == 0)
1268 INFO ("network plugin: Unencrypted packet or "
1269 "part has been ignored.");
1270 printed_ignore_warning = 1;
1272 buffer = ((char *) buffer) + pkg_length;
1275 #endif /* HAVE_LIBGCRYPT */
1276 else if (pkg_type == TYPE_SIGN_SHA256)
1278 status = parse_part_sign_sha256 (se,
1279 &buffer, &buffer_size, flags);
1282 ERROR ("network plugin: Verifying HMAC-SHA-256 "
1284 "with status %i.", status);
1289 else if ((se->data.server.security_level == SECURITY_LEVEL_SIGN)
1290 && (packet_was_encrypted == 0)
1291 && (packet_was_signed == 0))
1293 if (printed_ignore_warning == 0)
1295 INFO ("network plugin: Unsigned packet or "
1296 "part has been ignored.");
1297 printed_ignore_warning = 1;
1299 buffer = ((char *) buffer) + pkg_length;
1302 #endif /* HAVE_LIBGCRYPT */
1303 else if (pkg_type == TYPE_VALUES)
1305 status = parse_part_values (&buffer, &buffer_size,
1306 &vl.values, &vl.values_len);
1312 && (strlen (vl.host) > 0)
1313 && (strlen (vl.plugin) > 0)
1314 && (strlen (vl.type) > 0)
1315 && (cache_check (&vl) == 0))
1317 plugin_dispatch_values (&vl);
1321 DEBUG ("network plugin: parse_packet:"
1322 " NOT dispatching values");
1327 else if (pkg_type == TYPE_TIME)
1330 status = parse_part_number (&buffer, &buffer_size,
1334 vl.time = (time_t) tmp;
1335 n.time = (time_t) tmp;
1338 else if (pkg_type == TYPE_INTERVAL)
1341 status = parse_part_number (&buffer, &buffer_size,
1344 vl.interval = (int) tmp;
1346 else if (pkg_type == TYPE_HOST)
1348 status = parse_part_string (&buffer, &buffer_size,
1349 vl.host, sizeof (vl.host));
1351 sstrncpy (n.host, vl.host, sizeof (n.host));
1353 else if (pkg_type == TYPE_PLUGIN)
1355 status = parse_part_string (&buffer, &buffer_size,
1356 vl.plugin, sizeof (vl.plugin));
1358 sstrncpy (n.plugin, vl.plugin,
1361 else if (pkg_type == TYPE_PLUGIN_INSTANCE)
1363 status = parse_part_string (&buffer, &buffer_size,
1365 sizeof (vl.plugin_instance));
1367 sstrncpy (n.plugin_instance,
1369 sizeof (n.plugin_instance));
1371 else if (pkg_type == TYPE_TYPE)
1373 status = parse_part_string (&buffer, &buffer_size,
1374 vl.type, sizeof (vl.type));
1376 sstrncpy (n.type, vl.type, sizeof (n.type));
1378 else if (pkg_type == TYPE_TYPE_INSTANCE)
1380 status = parse_part_string (&buffer, &buffer_size,
1382 sizeof (vl.type_instance));
1384 sstrncpy (n.type_instance, vl.type_instance,
1385 sizeof (n.type_instance));
1387 else if (pkg_type == TYPE_MESSAGE)
1389 status = parse_part_string (&buffer, &buffer_size,
1390 n.message, sizeof (n.message));
1396 else if ((n.severity != NOTIF_FAILURE)
1397 && (n.severity != NOTIF_WARNING)
1398 && (n.severity != NOTIF_OKAY))
1400 INFO ("network plugin: "
1401 "Ignoring notification with "
1402 "unknown severity %i.",
1405 else if (n.time <= 0)
1407 INFO ("network plugin: "
1408 "Ignoring notification with "
1411 else if (strlen (n.message) <= 0)
1413 INFO ("network plugin: "
1414 "Ignoring notification with "
1415 "an empty message.");
1419 plugin_dispatch_notification (&n);
1422 else if (pkg_type == TYPE_SEVERITY)
1425 status = parse_part_number (&buffer, &buffer_size,
1428 n.severity = (int) tmp;
1432 DEBUG ("network plugin: parse_packet: Unknown part"
1433 " type: 0x%04hx", pkg_type);
1434 buffer = ((char *) buffer) + pkg_length;
1436 } /* while (buffer_size > sizeof (part_header_t)) */
1439 } /* }}} int parse_packet */
1441 static void free_sockent_client (struct sockent_client *sec) /* {{{ */
1450 sfree (sec->username);
1451 sfree (sec->password);
1452 if (sec->cypher != NULL)
1453 gcry_cipher_close (sec->cypher);
1455 } /* }}} void free_sockent_client */
1457 static void free_sockent_server (struct sockent_server *ses) /* {{{ */
1461 for (i = 0; i < ses->fd_num; i++)
1463 if (ses->fd[i] >= 0)
1472 sfree (ses->auth_file);
1473 fbh_destroy (ses->userdb);
1474 if (ses->cypher != NULL)
1475 gcry_cipher_close (ses->cypher);
1477 } /* }}} void free_sockent_server */
1479 static void sockent_destroy (sockent_t *se) /* {{{ */
1483 DEBUG ("network plugin: sockent_destroy (se = %p);", (void *) se);
1490 sfree (se->service);
1492 if (se->type == SOCKENT_TYPE_CLIENT)
1493 free_sockent_client (&se->data.client);
1495 free_sockent_server (&se->data.server);
1500 } /* }}} void sockent_destroy */
1503 * int network_set_ttl
1505 * Set the `IP_MULTICAST_TTL', `IP_TTL', `IPV6_MULTICAST_HOPS' or
1506 * `IPV6_UNICAST_HOPS', depending on which option is applicable.
1508 * The `struct addrinfo' is used to destinguish between unicast and multicast
1511 static int network_set_ttl (const sockent_t *se, const struct addrinfo *ai)
1513 DEBUG ("network plugin: network_set_ttl: network_config_ttl = %i;",
1514 network_config_ttl);
1516 assert (se->type == SOCKENT_TYPE_CLIENT);
1518 if ((network_config_ttl < 1) || (network_config_ttl > 255))
1521 if (ai->ai_family == AF_INET)
1523 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1526 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1527 optname = IP_MULTICAST_TTL;
1531 if (setsockopt (se->data.client.fd, IPPROTO_IP, optname,
1532 &network_config_ttl,
1533 sizeof (network_config_ttl)) == -1)
1536 ERROR ("setsockopt: %s",
1537 sstrerror (errno, errbuf, sizeof (errbuf)));
1541 else if (ai->ai_family == AF_INET6)
1543 /* Useful example: http://gsyc.escet.urjc.es/~eva/IPv6-web/examples/mcast.html */
1544 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1547 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1548 optname = IPV6_MULTICAST_HOPS;
1550 optname = IPV6_UNICAST_HOPS;
1552 if (setsockopt (se->data.client.fd, IPPROTO_IPV6, optname,
1553 &network_config_ttl,
1554 sizeof (network_config_ttl)) == -1)
1557 ERROR ("setsockopt: %s",
1558 sstrerror (errno, errbuf,
1565 } /* int network_set_ttl */
1567 static int network_bind_socket (int fd, const struct addrinfo *ai)
1572 /* allow multiple sockets to use the same PORT number */
1573 if (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR,
1574 &yes, sizeof(yes)) == -1) {
1576 ERROR ("setsockopt: %s",
1577 sstrerror (errno, errbuf, sizeof (errbuf)));
1581 DEBUG ("fd = %i; calling `bind'", fd);
1583 if (bind (fd, ai->ai_addr, ai->ai_addrlen) == -1)
1587 sstrerror (errno, errbuf, sizeof (errbuf)));
1591 if (ai->ai_family == AF_INET)
1593 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1594 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1596 struct ip_mreq mreq;
1598 DEBUG ("fd = %i; IPv4 multicast address found", fd);
1600 mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
1601 mreq.imr_interface.s_addr = htonl (INADDR_ANY);
1603 if (setsockopt (fd, IPPROTO_IP, IP_MULTICAST_LOOP,
1604 &loop, sizeof (loop)) == -1)
1607 ERROR ("setsockopt: %s",
1608 sstrerror (errno, errbuf,
1613 if (setsockopt (fd, IPPROTO_IP, IP_ADD_MEMBERSHIP,
1614 &mreq, sizeof (mreq)) == -1)
1617 ERROR ("setsockopt: %s",
1618 sstrerror (errno, errbuf,
1624 else if (ai->ai_family == AF_INET6)
1626 /* Useful example: http://gsyc.escet.urjc.es/~eva/IPv6-web/examples/mcast.html */
1627 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1628 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1630 struct ipv6_mreq mreq;
1632 DEBUG ("fd = %i; IPv6 multicast address found", fd);
1634 memcpy (&mreq.ipv6mr_multiaddr,
1636 sizeof (addr->sin6_addr));
1638 /* http://developer.apple.com/documentation/Darwin/Reference/ManPages/man4/ip6.4.html
1639 * ipv6mr_interface may be set to zeroes to
1640 * choose the default multicast interface or to
1641 * the index of a particular multicast-capable
1642 * interface if the host is multihomed.
1643 * Membership is associ-associated with a
1644 * single interface; programs running on
1645 * multihomed hosts may need to join the same
1646 * group on more than one interface.*/
1647 mreq.ipv6mr_interface = 0;
1649 if (setsockopt (fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP,
1650 &loop, sizeof (loop)) == -1)
1653 ERROR ("setsockopt: %s",
1654 sstrerror (errno, errbuf,
1659 if (setsockopt (fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP,
1660 &mreq, sizeof (mreq)) == -1)
1663 ERROR ("setsockopt: %s",
1664 sstrerror (errno, errbuf,
1672 } /* int network_bind_socket */
1674 /* Initialize a sockent structure. `type' must be either `SOCKENT_TYPE_CLIENT'
1675 * or `SOCKENT_TYPE_SERVER' */
1676 static int sockent_init (sockent_t *se, int type) /* {{{ */
1681 memset (se, 0, sizeof (*se));
1683 se->type = SOCKENT_TYPE_CLIENT;
1688 if (type == SOCKENT_TYPE_SERVER)
1690 se->type = SOCKENT_TYPE_SERVER;
1691 se->data.server.fd = NULL;
1693 se->data.server.security_level = SECURITY_LEVEL_NONE;
1694 se->data.server.auth_file = NULL;
1695 se->data.server.userdb = NULL;
1696 se->data.server.cypher = NULL;
1701 se->data.client.fd = -1;
1702 se->data.client.addr = NULL;
1704 se->data.client.security_level = SECURITY_LEVEL_NONE;
1705 se->data.client.username = NULL;
1706 se->data.client.password = NULL;
1707 se->data.client.cypher = NULL;
1712 } /* }}} int sockent_init */
1714 /* Open the file descriptors for a initialized sockent structure. */
1715 static int sockent_open (sockent_t *se) /* {{{ */
1717 struct addrinfo ai_hints;
1718 struct addrinfo *ai_list, *ai_ptr;
1722 const char *service;
1727 /* Set up the security structures. */
1728 #if HAVE_LIBGCRYPT /* {{{ */
1729 if (se->type == SOCKENT_TYPE_CLIENT)
1731 if (se->data.client.security_level > SECURITY_LEVEL_NONE)
1733 if ((se->data.client.username == NULL)
1734 || (se->data.client.password == NULL))
1736 ERROR ("network plugin: Client socket with "
1737 "security requested, but no "
1738 "credentials are configured.");
1741 gcry_md_hash_buffer (GCRY_MD_SHA256,
1742 se->data.client.password_hash,
1743 se->data.client.password,
1744 strlen (se->data.client.password));
1747 else /* (se->type == SOCKENT_TYPE_SERVER) */
1749 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
1751 if (se->data.server.auth_file == NULL)
1753 ERROR ("network plugin: Server socket with "
1754 "security requested, but no "
1755 "password file is configured.");
1759 if (se->data.server.auth_file != NULL)
1761 se->data.server.userdb = fbh_create (se->data.server.auth_file);
1762 if (se->data.server.userdb == NULL)
1764 ERROR ("network plugin: Reading password file "
1766 se->data.server.auth_file);
1767 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
1772 #endif /* }}} HAVE_LIBGCRYPT */
1775 service = se->service;
1777 if (service == NULL)
1778 service = NET_DEFAULT_PORT;
1780 DEBUG ("network plugin: sockent_open: node = %s; service = %s;",
1783 memset (&ai_hints, 0, sizeof (ai_hints));
1784 ai_hints.ai_flags = 0;
1786 ai_hints.ai_flags |= AI_PASSIVE;
1788 #ifdef AI_ADDRCONFIG
1789 ai_hints.ai_flags |= AI_ADDRCONFIG;
1791 ai_hints.ai_family = AF_UNSPEC;
1792 ai_hints.ai_socktype = SOCK_DGRAM;
1793 ai_hints.ai_protocol = IPPROTO_UDP;
1795 ai_return = getaddrinfo (node, service, &ai_hints, &ai_list);
1798 ERROR ("network plugin: getaddrinfo (%s, %s) failed: %s",
1799 (se->node == NULL) ? "(null)" : se->node,
1800 (se->service == NULL) ? "(null)" : se->service,
1801 gai_strerror (ai_return));
1805 for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
1809 if (se->type == SOCKENT_TYPE_SERVER) /* {{{ */
1813 tmp = realloc (se->data.server.fd,
1814 sizeof (*tmp) * (se->data.server.fd_num + 1));
1817 ERROR ("network plugin: realloc failed.");
1820 se->data.server.fd = tmp;
1821 tmp = se->data.server.fd + se->data.server.fd_num;
1823 *tmp = socket (ai_ptr->ai_family, ai_ptr->ai_socktype,
1824 ai_ptr->ai_protocol);
1828 ERROR ("network plugin: socket(2) failed: %s",
1829 sstrerror (errno, errbuf,
1834 status = network_bind_socket (*tmp, ai_ptr);
1842 se->data.server.fd_num++;
1844 } /* }}} if (se->type == SOCKENT_TYPE_SERVER) */
1845 else /* if (se->type == SOCKENT_TYPE_CLIENT) {{{ */
1847 se->data.client.fd = socket (ai_ptr->ai_family,
1848 ai_ptr->ai_socktype,
1849 ai_ptr->ai_protocol);
1850 if (se->data.client.fd < 0)
1853 ERROR ("network plugin: socket(2) failed: %s",
1854 sstrerror (errno, errbuf,
1859 se->data.client.addr = malloc (sizeof (*se->data.client.addr));
1860 if (se->data.client.addr == NULL)
1862 ERROR ("network plugin: malloc failed.");
1863 close (se->data.client.fd);
1864 se->data.client.fd = -1;
1868 memset (se->data.client.addr, 0, sizeof (*se->data.client.addr));
1869 assert (sizeof (*se->data.client.addr) >= ai_ptr->ai_addrlen);
1870 memcpy (se->data.client.addr, ai_ptr->ai_addr, ai_ptr->ai_addrlen);
1871 se->data.client.addrlen = ai_ptr->ai_addrlen;
1873 network_set_ttl (se, ai_ptr);
1875 /* We don't open more than one write-socket per
1876 * node/service pair.. */
1878 } /* }}} if (se->type == SOCKENT_TYPE_CLIENT) */
1879 } /* for (ai_list) */
1881 freeaddrinfo (ai_list);
1883 /* Check if all went well. */
1884 if (se->type == SOCKENT_TYPE_SERVER)
1886 if (se->data.server.fd_num <= 0)
1889 else /* if (se->type == SOCKENT_TYPE_CLIENT) */
1891 if (se->data.client.fd < 0)
1896 } /* }}} int sockent_open */
1898 /* Add a sockent to the global list of sockets */
1899 static int sockent_add (sockent_t *se) /* {{{ */
1901 sockent_t *last_ptr;
1906 if (se->type == SOCKENT_TYPE_SERVER)
1911 tmp = realloc (listen_sockets_pollfd,
1912 sizeof (*tmp) * (listen_sockets_num
1913 + se->data.server.fd_num));
1916 ERROR ("network plugin: realloc failed.");
1919 listen_sockets_pollfd = tmp;
1920 tmp = listen_sockets_pollfd + listen_sockets_num;
1922 for (i = 0; i < se->data.server.fd_num; i++)
1924 memset (tmp + i, 0, sizeof (*tmp));
1925 tmp[i].fd = se->data.server.fd[i];
1926 tmp[i].events = POLLIN | POLLPRI;
1930 listen_sockets_num += se->data.server.fd_num;
1932 if (listen_sockets == NULL)
1934 listen_sockets = se;
1937 last_ptr = listen_sockets;
1939 else /* if (se->type == SOCKENT_TYPE_CLIENT) */
1941 if (sending_sockets == NULL)
1943 sending_sockets = se;
1946 last_ptr = sending_sockets;
1949 while (last_ptr->next != NULL)
1950 last_ptr = last_ptr->next;
1951 last_ptr->next = se;
1954 } /* }}} int sockent_add */
1956 static void *dispatch_thread (void __attribute__((unused)) *arg) /* {{{ */
1960 receive_list_entry_t *ent;
1963 /* Lock and wait for more data to come in */
1964 pthread_mutex_lock (&receive_list_lock);
1965 while ((listen_loop == 0)
1966 && (receive_list_head == NULL))
1967 pthread_cond_wait (&receive_list_cond, &receive_list_lock);
1969 /* Remove the head entry and unlock */
1970 ent = receive_list_head;
1972 receive_list_head = ent->next;
1973 pthread_mutex_unlock (&receive_list_lock);
1975 /* Check whether we are supposed to exit. We do NOT check `listen_loop'
1976 * because we dispatch all missing packets before shutting down. */
1980 /* Look for the correct `sockent_t' */
1981 se = listen_sockets;
1986 for (i = 0; i < se->data.server.fd_num; i++)
1987 if (se->data.server.fd[i] == ent->fd)
1990 if (i < se->data.server.fd_num)
1998 ERROR ("network plugin: Got packet from FD %i, but can't "
1999 "find an appropriate socket entry.",
2005 parse_packet (se, ent->data, ent->data_len, /* flags = */ 0);
2010 } /* }}} void *dispatch_thread */
2012 static int network_receive (void) /* {{{ */
2014 char buffer[BUFF_SIZE];
2020 receive_list_entry_t *private_list_head;
2021 receive_list_entry_t *private_list_tail;
2023 assert (listen_sockets_num > 0);
2025 private_list_head = NULL;
2026 private_list_tail = NULL;
2028 while (listen_loop == 0)
2030 status = poll (listen_sockets_pollfd, listen_sockets_num, -1);
2037 ERROR ("poll failed: %s",
2038 sstrerror (errno, errbuf, sizeof (errbuf)));
2042 for (i = 0; (i < listen_sockets_num) && (status > 0); i++)
2044 receive_list_entry_t *ent;
2046 if ((listen_sockets_pollfd[i].revents
2047 & (POLLIN | POLLPRI)) == 0)
2051 buffer_len = recv (listen_sockets_pollfd[i].fd,
2052 buffer, sizeof (buffer),
2057 ERROR ("recv failed: %s",
2058 sstrerror (errno, errbuf,
2063 /* TODO: Possible performance enhancement: Do not free
2064 * these entries in the dispatch thread but put them in
2065 * another list, so we don't have to allocate more and
2066 * more of these structures. */
2067 ent = malloc (sizeof (receive_list_entry_t));
2070 ERROR ("network plugin: malloc failed.");
2073 memset (ent, 0, sizeof (receive_list_entry_t));
2074 ent->fd = listen_sockets_pollfd[i].fd;
2077 /* Hopefully this be optimized out by the compiler. It
2078 * might help prevent stupid bugs in the future though.
2080 assert (sizeof (ent->data) == sizeof (buffer));
2082 memcpy (ent->data, buffer, buffer_len);
2083 ent->data_len = buffer_len;
2085 if (private_list_head == NULL)
2086 private_list_head = ent;
2088 private_list_tail->next = ent;
2089 private_list_tail = ent;
2091 /* Do not block here. Blocking here has led to
2092 * insufficient performance in the past. */
2093 if (pthread_mutex_trylock (&receive_list_lock) == 0)
2095 if (receive_list_head == NULL)
2096 receive_list_head = private_list_head;
2098 receive_list_tail->next = private_list_head;
2099 receive_list_tail = private_list_tail;
2101 private_list_head = NULL;
2102 private_list_tail = NULL;
2104 pthread_cond_signal (&receive_list_cond);
2105 pthread_mutex_unlock (&receive_list_lock);
2107 } /* for (listen_sockets_pollfd) */
2108 } /* while (listen_loop == 0) */
2110 /* Make sure everything is dispatched before exiting. */
2111 if (private_list_head != NULL)
2113 pthread_mutex_lock (&receive_list_lock);
2115 if (receive_list_head == NULL)
2116 receive_list_head = private_list_head;
2118 receive_list_tail->next = private_list_head;
2119 receive_list_tail = private_list_tail;
2121 private_list_head = NULL;
2122 private_list_tail = NULL;
2124 pthread_cond_signal (&receive_list_cond);
2125 pthread_mutex_unlock (&receive_list_lock);
2129 } /* }}} int network_receive */
2131 static void *receive_thread (void __attribute__((unused)) *arg)
2133 return (network_receive () ? (void *) 1 : (void *) 0);
2134 } /* void *receive_thread */
2136 static void network_init_buffer (void)
2138 memset (send_buffer, 0, sizeof (send_buffer));
2139 send_buffer_ptr = send_buffer;
2140 send_buffer_fill = 0;
2142 memset (&send_buffer_vl, 0, sizeof (send_buffer_vl));
2143 } /* int network_init_buffer */
2145 static void networt_send_buffer_plain (const sockent_t *se, /* {{{ */
2146 const char *buffer, size_t buffer_size)
2152 status = sendto (se->data.client.fd, buffer, buffer_size,
2154 (struct sockaddr *) se->data.client.addr,
2155 se->data.client.addrlen);
2161 ERROR ("network plugin: sendto failed: %s",
2162 sstrerror (errno, errbuf,
2169 } /* }}} void networt_send_buffer_plain */
2172 #define BUFFER_ADD(p,s) do { \
2173 memcpy (buffer + buffer_offset, (p), (s)); \
2174 buffer_offset += (s); \
2177 static void networt_send_buffer_signed (const sockent_t *se, /* {{{ */
2178 const char *in_buffer, size_t in_buffer_size)
2180 part_signature_sha256_t ps;
2181 char buffer[BUFF_SIG_SIZE + in_buffer_size];
2182 size_t buffer_offset;
2183 size_t username_len;
2187 unsigned char *hash;
2190 err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
2193 ERROR ("network plugin: Creating HMAC object failed: %s",
2194 gcry_strerror (err));
2198 err = gcry_md_setkey (hd, se->data.client.password,
2199 strlen (se->data.client.password));
2202 ERROR ("network plugin: gcry_md_setkey failed: %s",
2203 gcry_strerror (err));
2208 username_len = strlen (se->data.client.username);
2209 if (username_len > (BUFF_SIG_SIZE - PART_SIGNATURE_SHA256_SIZE))
2211 ERROR ("network plugin: Username too long: %s",
2212 se->data.client.username);
2216 memcpy (buffer + PART_SIGNATURE_SHA256_SIZE,
2217 se->data.client.username, username_len);
2218 memcpy (buffer + PART_SIGNATURE_SHA256_SIZE + username_len,
2219 in_buffer, in_buffer_size);
2221 /* Initialize the `ps' structure. */
2222 memset (&ps, 0, sizeof (ps));
2223 ps.head.type = htons (TYPE_SIGN_SHA256);
2224 ps.head.length = htons (PART_SIGNATURE_SHA256_SIZE + username_len);
2226 /* Calculate the hash value. */
2227 gcry_md_write (hd, buffer + PART_SIGNATURE_SHA256_SIZE,
2228 username_len + in_buffer_size);
2229 hash = gcry_md_read (hd, GCRY_MD_SHA256);
2232 ERROR ("network plugin: gcry_md_read failed.");
2236 memcpy (ps.hash, hash, sizeof (ps.hash));
2238 /* Add the header */
2241 BUFFER_ADD (&ps.head.type, sizeof (ps.head.type));
2242 BUFFER_ADD (&ps.head.length, sizeof (ps.head.length));
2243 BUFFER_ADD (ps.hash, sizeof (ps.hash));
2245 assert (buffer_offset == PART_SIGNATURE_SHA256_SIZE);
2250 buffer_offset = PART_SIGNATURE_SHA256_SIZE + username_len + in_buffer_size;
2251 networt_send_buffer_plain (se, buffer, buffer_offset);
2252 } /* }}} void networt_send_buffer_signed */
2254 static void networt_send_buffer_encrypted (sockent_t *se, /* {{{ */
2255 const char *in_buffer, size_t in_buffer_size)
2257 part_encryption_aes256_t pea;
2258 char buffer[BUFF_SIG_SIZE + in_buffer_size];
2260 size_t buffer_offset;
2262 size_t username_len;
2264 gcry_cipher_hd_t cypher;
2266 /* Initialize the header fields */
2267 memset (&pea, 0, sizeof (pea));
2268 pea.head.type = htons (TYPE_ENCR_AES256);
2270 pea.username = se->data.client.username;
2272 username_len = strlen (pea.username);
2273 if ((PART_ENCRYPTION_AES256_SIZE + username_len) > BUFF_SIG_SIZE)
2275 ERROR ("network plugin: Username too long: %s", pea.username);
2279 buffer_size = PART_ENCRYPTION_AES256_SIZE + username_len + in_buffer_size;
2280 header_size = PART_ENCRYPTION_AES256_SIZE + username_len
2281 - sizeof (pea.hash);
2283 assert (buffer_size <= sizeof (buffer));
2284 DEBUG ("network plugin: networt_send_buffer_encrypted: "
2285 "buffer_size = %zu;", buffer_size);
2287 pea.head.length = htons ((uint16_t) (PART_ENCRYPTION_AES256_SIZE
2288 + username_len + in_buffer_size));
2289 pea.username_length = htons ((uint16_t) username_len);
2291 /* Chose a random initialization vector. */
2292 gcry_randomize ((void *) &pea.iv, sizeof (pea.iv), GCRY_STRONG_RANDOM);
2294 /* Create hash of the payload */
2295 gcry_md_hash_buffer (GCRY_MD_SHA1, pea.hash, in_buffer, in_buffer_size);
2297 /* Initialize the buffer */
2299 memset (buffer, 0, sizeof (buffer));
2302 BUFFER_ADD (&pea.head.type, sizeof (pea.head.type));
2303 BUFFER_ADD (&pea.head.length, sizeof (pea.head.length));
2304 BUFFER_ADD (&pea.username_length, sizeof (pea.username_length));
2305 BUFFER_ADD (pea.username, username_len);
2306 BUFFER_ADD (pea.iv, sizeof (pea.iv));
2307 assert (buffer_offset == header_size);
2308 BUFFER_ADD (pea.hash, sizeof (pea.hash));
2309 BUFFER_ADD (in_buffer, in_buffer_size);
2311 assert (buffer_offset == buffer_size);
2313 cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
2314 se->data.client.password);
2318 /* Encrypt the buffer in-place */
2319 err = gcry_cipher_encrypt (cypher,
2320 buffer + header_size,
2321 buffer_size - header_size,
2322 /* in = */ NULL, /* in len = */ 0);
2325 ERROR ("network plugin: gcry_cipher_encrypt returned: %s",
2326 gcry_strerror (err));
2330 /* Send it out without further modifications */
2331 networt_send_buffer_plain (se, buffer, buffer_size);
2332 } /* }}} void networt_send_buffer_encrypted */
2334 #endif /* HAVE_LIBGCRYPT */
2336 static void network_send_buffer (char *buffer, size_t buffer_len) /* {{{ */
2340 DEBUG ("network plugin: network_send_buffer: buffer_len = %zu", buffer_len);
2342 for (se = sending_sockets; se != NULL; se = se->next)
2345 if (se->data.client.security_level == SECURITY_LEVEL_ENCRYPT)
2346 networt_send_buffer_encrypted (se, buffer, buffer_len);
2347 else if (se->data.client.security_level == SECURITY_LEVEL_SIGN)
2348 networt_send_buffer_signed (se, buffer, buffer_len);
2349 else /* if (se->data.client.security_level == SECURITY_LEVEL_NONE) */
2350 #endif /* HAVE_LIBGCRYPT */
2351 networt_send_buffer_plain (se, buffer, buffer_len);
2352 } /* for (sending_sockets) */
2353 } /* }}} void network_send_buffer */
2355 static int add_to_buffer (char *buffer, int buffer_size, /* {{{ */
2356 value_list_t *vl_def,
2357 const data_set_t *ds, const value_list_t *vl)
2359 char *buffer_orig = buffer;
2361 if (strcmp (vl_def->host, vl->host) != 0)
2363 if (write_part_string (&buffer, &buffer_size, TYPE_HOST,
2364 vl->host, strlen (vl->host)) != 0)
2366 sstrncpy (vl_def->host, vl->host, sizeof (vl_def->host));
2369 if (vl_def->time != vl->time)
2371 if (write_part_number (&buffer, &buffer_size, TYPE_TIME,
2372 (uint64_t) vl->time))
2374 vl_def->time = vl->time;
2377 if (vl_def->interval != vl->interval)
2379 if (write_part_number (&buffer, &buffer_size, TYPE_INTERVAL,
2380 (uint64_t) vl->interval))
2382 vl_def->interval = vl->interval;
2385 if (strcmp (vl_def->plugin, vl->plugin) != 0)
2387 if (write_part_string (&buffer, &buffer_size, TYPE_PLUGIN,
2388 vl->plugin, strlen (vl->plugin)) != 0)
2390 sstrncpy (vl_def->plugin, vl->plugin, sizeof (vl_def->plugin));
2393 if (strcmp (vl_def->plugin_instance, vl->plugin_instance) != 0)
2395 if (write_part_string (&buffer, &buffer_size, TYPE_PLUGIN_INSTANCE,
2396 vl->plugin_instance,
2397 strlen (vl->plugin_instance)) != 0)
2399 sstrncpy (vl_def->plugin_instance, vl->plugin_instance, sizeof (vl_def->plugin_instance));
2402 if (strcmp (vl_def->type, vl->type) != 0)
2404 if (write_part_string (&buffer, &buffer_size, TYPE_TYPE,
2405 vl->type, strlen (vl->type)) != 0)
2407 sstrncpy (vl_def->type, ds->type, sizeof (vl_def->type));
2410 if (strcmp (vl_def->type_instance, vl->type_instance) != 0)
2412 if (write_part_string (&buffer, &buffer_size, TYPE_TYPE_INSTANCE,
2414 strlen (vl->type_instance)) != 0)
2416 sstrncpy (vl_def->type_instance, vl->type_instance, sizeof (vl_def->type_instance));
2419 if (write_part_values (&buffer, &buffer_size, ds, vl) != 0)
2422 return (buffer - buffer_orig);
2423 } /* }}} int add_to_buffer */
2425 static void flush_buffer (void)
2427 DEBUG ("network plugin: flush_buffer: send_buffer_fill = %i",
2430 network_send_buffer (send_buffer, (size_t) send_buffer_fill);
2431 network_init_buffer ();
2434 static int network_write (const data_set_t *ds, const value_list_t *vl,
2435 user_data_t __attribute__((unused)) *user_data)
2439 /* If the value is already in the cache, we have received it via the
2440 * network. We write it again if forwarding is activated. It's then in
2441 * the cache and should we receive it again we will ignore it. */
2442 status = cache_check (vl);
2443 if ((network_config_forward == 0)
2447 pthread_mutex_lock (&send_buffer_lock);
2449 status = add_to_buffer (send_buffer_ptr,
2450 sizeof (send_buffer) - (send_buffer_fill + BUFF_SIG_SIZE),
2455 /* status == bytes added to the buffer */
2456 send_buffer_fill += status;
2457 send_buffer_ptr += status;
2463 status = add_to_buffer (send_buffer_ptr,
2464 sizeof (send_buffer) - (send_buffer_fill + BUFF_SIG_SIZE),
2470 send_buffer_fill += status;
2471 send_buffer_ptr += status;
2477 ERROR ("network plugin: Unable to append to the "
2478 "buffer for some weird reason");
2480 else if ((sizeof (send_buffer) - send_buffer_fill) < 15)
2485 pthread_mutex_unlock (&send_buffer_lock);
2487 return ((status < 0) ? -1 : 0);
2488 } /* int network_write */
2490 static int network_config_set_boolean (const oconfig_item_t *ci, /* {{{ */
2493 if ((ci->values_num != 1)
2494 || ((ci->values[0].type != OCONFIG_TYPE_BOOLEAN)
2495 && (ci->values[0].type != OCONFIG_TYPE_STRING)))
2497 ERROR ("network plugin: The `%s' config option needs "
2498 "exactly one boolean argument.", ci->key);
2502 if (ci->values[0].type == OCONFIG_TYPE_BOOLEAN)
2504 if (ci->values[0].value.boolean)
2511 char *str = ci->values[0].value.string;
2513 if ((strcasecmp ("true", str) == 0)
2514 || (strcasecmp ("yes", str) == 0)
2515 || (strcasecmp ("on", str) == 0))
2517 else if ((strcasecmp ("false", str) == 0)
2518 || (strcasecmp ("no", str) == 0)
2519 || (strcasecmp ("off", str) == 0))
2523 ERROR ("network plugin: Cannot parse string value `%s' of the `%s' "
2524 "option as boolean value.",
2531 } /* }}} int network_config_set_boolean */
2533 static int network_config_set_ttl (const oconfig_item_t *ci) /* {{{ */
2536 if ((ci->values_num != 1)
2537 || (ci->values[0].type != OCONFIG_TYPE_NUMBER))
2539 WARNING ("network plugin: The `TimeToLive' config option needs exactly "
2540 "one numeric argument.");
2544 tmp = (int) ci->values[0].value.number;
2545 if ((tmp > 0) && (tmp <= 255))
2546 network_config_ttl = tmp;
2549 } /* }}} int network_config_set_ttl */
2552 static int network_config_set_string (const oconfig_item_t *ci, /* {{{ */
2556 if ((ci->values_num != 1)
2557 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2559 WARNING ("network plugin: The `%s' config option needs exactly "
2560 "one string argument.", ci->key);
2564 tmp = strdup (ci->values[0].value.string);
2568 sfree (*ret_string);
2572 } /* }}} int network_config_set_string */
2573 #endif /* HAVE_LIBGCRYPT */
2576 static int network_config_set_security_level (oconfig_item_t *ci, /* {{{ */
2580 if ((ci->values_num != 1)
2581 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2583 WARNING ("network plugin: The `SecurityLevel' config option needs exactly "
2584 "one string argument.");
2588 str = ci->values[0].value.string;
2589 if (strcasecmp ("Encrypt", str) == 0)
2590 *retval = SECURITY_LEVEL_ENCRYPT;
2591 else if (strcasecmp ("Sign", str) == 0)
2592 *retval = SECURITY_LEVEL_SIGN;
2593 else if (strcasecmp ("None", str) == 0)
2594 *retval = SECURITY_LEVEL_NONE;
2597 WARNING ("network plugin: Unknown security level: %s.", str);
2602 } /* }}} int network_config_set_security_level */
2603 #endif /* HAVE_LIBGCRYPT */
2605 static int network_config_add_listen (const oconfig_item_t *ci) /* {{{ */
2611 if ((ci->values_num < 1) || (ci->values_num > 2)
2612 || (ci->values[0].type != OCONFIG_TYPE_STRING)
2613 || ((ci->values_num > 1) && (ci->values[1].type != OCONFIG_TYPE_STRING)))
2615 ERROR ("network plugin: The `%s' config option needs "
2616 "one or two string arguments.", ci->key);
2620 se = malloc (sizeof (*se));
2623 ERROR ("network plugin: malloc failed.");
2626 sockent_init (se, SOCKENT_TYPE_SERVER);
2628 se->node = strdup (ci->values[0].value.string);
2629 if (ci->values_num >= 2)
2630 se->service = strdup (ci->values[1].value.string);
2632 for (i = 0; i < ci->children_num; i++)
2634 oconfig_item_t *child = ci->children + i;
2637 if (strcasecmp ("AuthFile", child->key) == 0)
2638 network_config_set_string (child, &se->data.server.auth_file);
2639 else if (strcasecmp ("SecurityLevel", child->key) == 0)
2640 network_config_set_security_level (child,
2641 &se->data.server.security_level);
2643 #endif /* HAVE_LIBGCRYPT */
2645 WARNING ("network plugin: Option `%s' is not allowed here.",
2651 if ((se->data.server.security_level > SECURITY_LEVEL_NONE)
2652 && (se->data.server.auth_file == NULL))
2654 ERROR ("network plugin: A security level higher than `none' was "
2655 "requested, but no AuthFile option was given. Cowardly refusing to "
2656 "open this socket!");
2657 sockent_destroy (se);
2660 #endif /* HAVE_LIBGCRYPT */
2662 status = sockent_open (se);
2665 ERROR ("network plugin: network_config_add_listen: sockent_open failed.");
2666 sockent_destroy (se);
2670 status = sockent_add (se);
2673 ERROR ("network plugin: network_config_add_listen: sockent_add failed.");
2674 sockent_destroy (se);
2679 } /* }}} int network_config_add_listen */
2681 static int network_config_add_server (const oconfig_item_t *ci) /* {{{ */
2687 if ((ci->values_num < 1) || (ci->values_num > 2)
2688 || (ci->values[0].type != OCONFIG_TYPE_STRING)
2689 || ((ci->values_num > 1) && (ci->values[1].type != OCONFIG_TYPE_STRING)))
2691 ERROR ("network plugin: The `%s' config option needs "
2692 "one or two string arguments.", ci->key);
2696 se = malloc (sizeof (*se));
2699 ERROR ("network plugin: malloc failed.");
2702 sockent_init (se, SOCKENT_TYPE_CLIENT);
2704 se->node = strdup (ci->values[0].value.string);
2705 if (ci->values_num >= 2)
2706 se->service = strdup (ci->values[1].value.string);
2708 for (i = 0; i < ci->children_num; i++)
2710 oconfig_item_t *child = ci->children + i;
2713 if (strcasecmp ("Username", child->key) == 0)
2714 network_config_set_string (child, &se->data.client.username);
2715 else if (strcasecmp ("Password", child->key) == 0)
2716 network_config_set_string (child, &se->data.client.password);
2717 else if (strcasecmp ("SecurityLevel", child->key) == 0)
2718 network_config_set_security_level (child,
2719 &se->data.client.security_level);
2721 #endif /* HAVE_LIBGCRYPT */
2723 WARNING ("network plugin: Option `%s' is not allowed here.",
2729 if ((se->data.client.security_level > SECURITY_LEVEL_NONE)
2730 && ((se->data.client.username == NULL)
2731 || (se->data.client.password == NULL)))
2733 ERROR ("network plugin: A security level higher than `none' was "
2734 "requested, but no Username or Password option was given. "
2735 "Cowardly refusing to open this socket!");
2736 sockent_destroy (se);
2739 #endif /* HAVE_LIBGCRYPT */
2741 status = sockent_open (se);
2744 ERROR ("network plugin: network_config_add_server: sockent_open failed.");
2745 sockent_destroy (se);
2749 status = sockent_add (se);
2752 ERROR ("network plugin: network_config_add_server: sockent_add failed.");
2753 sockent_destroy (se);
2758 } /* }}} int network_config_add_server */
2760 static int network_config_set_cache_flush (const oconfig_item_t *ci) /* {{{ */
2763 if ((ci->values_num != 1)
2764 || (ci->values[0].type != OCONFIG_TYPE_NUMBER))
2766 WARNING ("network plugin: The `CacheFlush' config option needs exactly "
2767 "one numeric argument.");
2771 tmp = (int) ci->values[0].value.number;
2773 cache_flush_interval = tmp;
2776 } /* }}} int network_config_set_cache_flush */
2778 static int network_config (oconfig_item_t *ci) /* {{{ */
2782 for (i = 0; i < ci->children_num; i++)
2784 oconfig_item_t *child = ci->children + i;
2786 if (strcasecmp ("Listen", child->key) == 0)
2787 network_config_add_listen (child);
2788 else if (strcasecmp ("Server", child->key) == 0)
2789 network_config_add_server (child);
2790 else if (strcasecmp ("TimeToLive", child->key) == 0)
2791 network_config_set_ttl (child);
2792 else if (strcasecmp ("Forward", child->key) == 0)
2793 network_config_set_boolean (child, &network_config_forward);
2794 else if (strcasecmp ("CacheFlush", child->key) == 0)
2795 network_config_set_cache_flush (child);
2798 WARNING ("network plugin: Option `%s' is not allowed here.",
2804 } /* }}} int network_config */
2806 static int network_notification (const notification_t *n,
2807 user_data_t __attribute__((unused)) *user_data)
2809 char buffer[BUFF_SIZE];
2810 char *buffer_ptr = buffer;
2811 int buffer_free = sizeof (buffer);
2814 memset (buffer, '\0', sizeof (buffer));
2817 status = write_part_number (&buffer_ptr, &buffer_free, TYPE_TIME,
2818 (uint64_t) n->time);
2822 status = write_part_number (&buffer_ptr, &buffer_free, TYPE_SEVERITY,
2823 (uint64_t) n->severity);
2827 if (strlen (n->host) > 0)
2829 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_HOST,
2830 n->host, strlen (n->host));
2835 if (strlen (n->plugin) > 0)
2837 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_PLUGIN,
2838 n->plugin, strlen (n->plugin));
2843 if (strlen (n->plugin_instance) > 0)
2845 status = write_part_string (&buffer_ptr, &buffer_free,
2846 TYPE_PLUGIN_INSTANCE,
2847 n->plugin_instance, strlen (n->plugin_instance));
2852 if (strlen (n->type) > 0)
2854 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_TYPE,
2855 n->type, strlen (n->type));
2860 if (strlen (n->type_instance) > 0)
2862 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_TYPE_INSTANCE,
2863 n->type_instance, strlen (n->type_instance));
2868 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_MESSAGE,
2869 n->message, strlen (n->message));
2873 network_send_buffer (buffer, sizeof (buffer) - buffer_free);
2876 } /* int network_notification */
2878 static int network_shutdown (void)
2882 /* Kill the listening thread */
2883 if (receive_thread_running != 0)
2885 INFO ("network plugin: Stopping receive thread.");
2886 pthread_kill (receive_thread_id, SIGTERM);
2887 pthread_join (receive_thread_id, NULL /* no return value */);
2888 memset (&receive_thread_id, 0, sizeof (receive_thread_id));
2889 receive_thread_running = 0;
2892 /* Shutdown the dispatching thread */
2893 if (dispatch_thread_running != 0)
2895 INFO ("network plugin: Stopping dispatch thread.");
2896 pthread_mutex_lock (&receive_list_lock);
2897 pthread_cond_broadcast (&receive_list_cond);
2898 pthread_mutex_unlock (&receive_list_lock);
2899 pthread_join (dispatch_thread_id, /* ret = */ NULL);
2900 dispatch_thread_running = 0;
2903 sockent_destroy (listen_sockets);
2905 if (send_buffer_fill > 0)
2908 if (cache_tree != NULL)
2913 while (c_avl_pick (cache_tree, &key, &value) == 0)
2918 c_avl_destroy (cache_tree);
2922 /* TODO: Close `sending_sockets' */
2924 plugin_unregister_config ("network");
2925 plugin_unregister_init ("network");
2926 plugin_unregister_write ("network");
2927 plugin_unregister_shutdown ("network");
2929 /* Let the init function do it's move again ;) */
2930 cache_flush_last = 0;
2933 } /* int network_shutdown */
2935 static int network_init (void)
2937 /* Check if we were already initialized. If so, just return - there's
2938 * nothing more to do (for now, that is). */
2939 if (cache_flush_last != 0)
2943 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
2944 gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
2945 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
2948 plugin_register_shutdown ("network", network_shutdown);
2950 network_init_buffer ();
2952 cache_tree = c_avl_create ((int (*) (const void *, const void *)) strcmp);
2953 cache_flush_last = time (NULL);
2955 /* setup socket(s) and so on */
2956 if (sending_sockets != NULL)
2958 plugin_register_write ("network", network_write,
2959 /* user_data = */ NULL);
2960 plugin_register_notification ("network", network_notification,
2961 /* user_data = */ NULL);
2964 /* If no threads need to be started, return here. */
2965 if ((listen_sockets_num == 0)
2966 || ((dispatch_thread_running != 0)
2967 && (receive_thread_running != 0)))
2970 if (dispatch_thread_running == 0)
2973 status = pthread_create (&dispatch_thread_id,
2974 NULL /* no attributes */,
2976 NULL /* no argument */);
2980 ERROR ("network: pthread_create failed: %s",
2981 sstrerror (errno, errbuf,
2986 dispatch_thread_running = 1;
2990 if (receive_thread_running == 0)
2993 status = pthread_create (&receive_thread_id,
2994 NULL /* no attributes */,
2996 NULL /* no argument */);
3000 ERROR ("network: pthread_create failed: %s",
3001 sstrerror (errno, errbuf,
3006 receive_thread_running = 1;
3011 } /* int network_init */
3014 * The flush option of the network plugin cannot flush individual identifiers.
3015 * All the values are added to a buffer and sent when the buffer is full, the
3016 * requested value may or may not be in there, it's not worth finding out. We
3017 * just send the buffer if `flush' is called - if the requested value was in
3018 * there, good. If not, well, then there is nothing to flush.. -octo
3020 static int network_flush (int timeout,
3021 const char __attribute__((unused)) *identifier,
3022 user_data_t __attribute__((unused)) *user_data)
3024 pthread_mutex_lock (&send_buffer_lock);
3026 if (((time (NULL) - cache_flush_last) >= timeout)
3027 && (send_buffer_fill > 0))
3032 pthread_mutex_unlock (&send_buffer_lock);
3035 } /* int network_flush */
3037 void module_register (void)
3039 plugin_register_complex_config ("network", network_config);
3040 plugin_register_init ("network", network_init);
3041 plugin_register_flush ("network", network_flush,
3042 /* user_data = */ NULL);
3043 } /* void module_register */
3045 /* vim: set fdm=marker : */