2 * collectd - src/network.c
3 * Copyright (C) 2005-2009 Florian octo Forster
4 * Copyright (C) 2009 Aman Gupta
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU Lesser General Public License as published by
8 * the Free Software Foundation; only version 2.1 of the License is
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 * Florian octo Forster <octo at verplant.org>
22 * Aman Gupta <aman at tmm1.net>
25 #define _BSD_SOURCE /* For struct ip_mreq */
30 #include "configfile.h"
31 #include "utils_fbhash.h"
32 #include "utils_avltree.h"
33 #include "utils_cache.h"
41 # include <sys/socket.h>
47 # include <netinet/in.h>
50 # include <arpa/inet.h>
58 GCRY_THREAD_OPTION_PTHREAD_IMPL;
61 #ifndef IPV6_ADD_MEMBERSHIP
62 # ifdef IPV6_JOIN_GROUP
63 # define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP
65 # error "Neither IP_ADD_MEMBERSHIP nor IPV6_JOIN_GROUP is defined"
67 #endif /* !IP_ADD_MEMBERSHIP */
70 * Maximum size required for encryption / signing:
72 * 42 bytes for the encryption header
73 * + 64 bytes for the username
77 #define BUFF_SIG_SIZE 106
82 #define SECURITY_LEVEL_NONE 0
84 # define SECURITY_LEVEL_SIGN 1
85 # define SECURITY_LEVEL_ENCRYPT 2
90 struct sockaddr_storage *addr;
96 gcry_cipher_hd_t cypher;
97 unsigned char password_hash[32];
101 struct sockent_server
109 gcry_cipher_hd_t cypher;
113 typedef struct sockent
115 #define SOCKENT_TYPE_CLIENT 1
116 #define SOCKENT_TYPE_SERVER 2
124 struct sockent_client client;
125 struct sockent_server server;
128 struct sockent *next;
131 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
132 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
133 * +-------+-----------------------+-------------------------------+
134 * ! Ver. ! ! Length !
135 * +-------+-----------------------+-------------------------------+
142 typedef struct part_header_s part_header_t;
144 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
145 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
146 * +-------------------------------+-------------------------------+
148 * +-------------------------------+-------------------------------+
149 * : (Length - 4) Bytes :
150 * +---------------------------------------------------------------+
157 typedef struct part_string_s part_string_t;
159 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
160 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
161 * +-------------------------------+-------------------------------+
163 * +-------------------------------+-------------------------------+
164 * : (Length - 4 == 2 || 4 || 8) Bytes :
165 * +---------------------------------------------------------------+
172 typedef struct part_number_s part_number_t;
174 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
175 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
176 * +-------------------------------+-------------------------------+
178 * +-------------------------------+---------------+---------------+
179 * ! Num of values ! Type0 ! Type1 !
180 * +-------------------------------+---------------+---------------+
183 * +---------------------------------------------------------------+
186 * +---------------------------------------------------------------+
191 uint16_t *num_values;
192 uint8_t *values_types;
195 typedef struct part_values_s part_values_t;
197 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
198 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
199 * +-------------------------------+-------------------------------+
201 * +-------------------------------+-------------------------------+
202 * ! Hash (Bits 0 - 31) !
204 * ! Hash (Bits 224 - 255) !
205 * +---------------------------------------------------------------+
208 #define PART_SIGNATURE_SHA256_SIZE 36
209 struct part_signature_sha256_s
212 unsigned char hash[32];
215 typedef struct part_signature_sha256_s part_signature_sha256_t;
217 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
218 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
219 * +-------------------------------+-------------------------------+
221 * +-------------------------------+-------------------------------+
222 * ! Original length ! Padding (0 - 15 bytes) !
223 * +-------------------------------+-------------------------------+
224 * ! Hash (Bits 0 - 31) !
226 * ! Hash (Bits 128 - 159) !
227 * +---------------------------------------------------------------+
230 #define PART_ENCRYPTION_AES256_SIZE 42
231 struct part_encryption_aes256_s
234 uint16_t username_length;
236 unsigned char iv[16];
238 unsigned char hash[20];
242 typedef struct part_encryption_aes256_s part_encryption_aes256_t;
244 struct receive_list_entry_s
249 struct receive_list_entry_s *next;
251 typedef struct receive_list_entry_s receive_list_entry_t;
256 static int network_config_ttl = 0;
257 static size_t network_config_packet_size = 1024;
258 static int network_config_forward = 0;
260 static sockent_t *sending_sockets = NULL;
262 static receive_list_entry_t *receive_list_head = NULL;
263 static receive_list_entry_t *receive_list_tail = NULL;
264 static pthread_mutex_t receive_list_lock = PTHREAD_MUTEX_INITIALIZER;
265 static pthread_cond_t receive_list_cond = PTHREAD_COND_INITIALIZER;
267 static sockent_t *listen_sockets = NULL;
268 static struct pollfd *listen_sockets_pollfd = NULL;
269 static size_t listen_sockets_num = 0;
271 /* The receive and dispatch threads will run as long as `listen_loop' is set to
273 static int listen_loop = 0;
274 static int receive_thread_running = 0;
275 static pthread_t receive_thread_id;
276 static int dispatch_thread_running = 0;
277 static pthread_t dispatch_thread_id;
279 /* Buffer in which to-be-sent network packets are constructed. */
280 static char *send_buffer;
281 static char *send_buffer_ptr;
282 static int send_buffer_fill;
283 static value_list_t send_buffer_vl = VALUE_LIST_STATIC;
284 static pthread_mutex_t send_buffer_lock = PTHREAD_MUTEX_INITIALIZER;
289 static _Bool check_receive_okay (const value_list_t *vl) /* {{{ */
291 uint64_t time_sent = 0;
294 status = uc_meta_data_get_unsigned_int (vl,
295 "network:time_sent", &time_sent);
297 /* This is a value we already sent. Don't allow it to be received again in
298 * order to avoid looping. */
299 if ((status == 0) && (time_sent >= ((uint64_t) vl->time)))
303 } /* }}} _Bool check_receive_okay */
305 static _Bool check_send_okay (const value_list_t *vl) /* {{{ */
307 _Bool received = false;
310 if (network_config_forward != 0)
313 if (vl->meta == NULL)
316 status = meta_data_get_boolean (vl->meta, "network:received", &received);
317 if (status == -ENOENT)
319 else if (status != 0)
321 ERROR ("network plugin: check_send_okay: meta_data_get_boolean failed "
322 "with status %i.", status);
326 /* By default, only *send* value lists that were not *received* by the
329 } /* }}} _Bool check_send_okay */
331 static int network_dispatch_values (value_list_t *vl) /* {{{ */
336 || (strlen (vl->host) <= 0)
337 || (strlen (vl->plugin) <= 0)
338 || (strlen (vl->type) <= 0))
341 if (!check_receive_okay (vl))
344 char name[6*DATA_MAX_NAME_LEN];
345 FORMAT_VL (name, sizeof (name), vl);
346 name[sizeof (name) - 1] = 0;
347 DEBUG ("network plugin: network_dispatch_values: "
348 "NOT dispatching %s.", name);
353 assert (vl->meta == NULL);
355 vl->meta = meta_data_create ();
356 if (vl->meta == NULL)
358 ERROR ("network plugin: meta_data_create failed.");
362 status = meta_data_add_boolean (vl->meta, "network:received", true);
365 ERROR ("network plugin: meta_data_add_boolean failed.");
366 meta_data_destroy (vl->meta);
371 plugin_dispatch_values (vl);
373 meta_data_destroy (vl->meta);
377 } /* }}} int network_dispatch_values */
380 static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
381 const void *iv, size_t iv_size, const char *username)
384 gcry_cipher_hd_t *cyper_ptr;
385 unsigned char password_hash[32];
387 if (se->type == SOCKENT_TYPE_CLIENT)
389 cyper_ptr = &se->data.client.cypher;
390 memcpy (password_hash, se->data.client.password_hash,
391 sizeof (password_hash));
397 cyper_ptr = &se->data.server.cypher;
399 if (username == NULL)
402 secret = fbh_get (se->data.server.userdb, username);
406 gcry_md_hash_buffer (GCRY_MD_SHA256,
408 secret, strlen (secret));
413 if (*cyper_ptr == NULL)
415 err = gcry_cipher_open (cyper_ptr,
416 GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_OFB, /* flags = */ 0);
419 ERROR ("network plugin: gcry_cipher_open returned: %s",
420 gcry_strerror (err));
427 gcry_cipher_reset (*cyper_ptr);
429 assert (*cyper_ptr != NULL);
431 err = gcry_cipher_setkey (*cyper_ptr,
432 password_hash, sizeof (password_hash));
435 ERROR ("network plugin: gcry_cipher_setkey returned: %s",
436 gcry_strerror (err));
437 gcry_cipher_close (*cyper_ptr);
442 err = gcry_cipher_setiv (*cyper_ptr, iv, iv_size);
445 ERROR ("network plugin: gcry_cipher_setkey returned: %s",
446 gcry_strerror (err));
447 gcry_cipher_close (*cyper_ptr);
453 } /* }}} int network_get_aes256_cypher */
454 #endif /* HAVE_LIBGCRYPT */
456 static int write_part_values (char **ret_buffer, int *ret_buffer_len,
457 const data_set_t *ds, const value_list_t *vl)
463 part_header_t pkg_ph;
464 uint16_t pkg_num_values;
465 uint8_t *pkg_values_types;
471 num_values = vl->values_len;
472 packet_len = sizeof (part_header_t) + sizeof (uint16_t)
473 + (num_values * sizeof (uint8_t))
474 + (num_values * sizeof (value_t));
476 if (*ret_buffer_len < packet_len)
479 pkg_values_types = (uint8_t *) malloc (num_values * sizeof (uint8_t));
480 if (pkg_values_types == NULL)
482 ERROR ("network plugin: write_part_values: malloc failed.");
486 pkg_values = (value_t *) malloc (num_values * sizeof (value_t));
487 if (pkg_values == NULL)
489 free (pkg_values_types);
490 ERROR ("network plugin: write_part_values: malloc failed.");
494 pkg_ph.type = htons (TYPE_VALUES);
495 pkg_ph.length = htons (packet_len);
497 pkg_num_values = htons ((uint16_t) vl->values_len);
499 for (i = 0; i < num_values; i++)
501 pkg_values_types[i] = (uint8_t) ds->ds[i].type;
502 switch (ds->ds[i].type)
504 case DS_TYPE_COUNTER:
505 pkg_values[i].counter = htonll (vl->values[i].counter);
509 pkg_values[i].gauge = htond (vl->values[i].gauge);
513 pkg_values[i].derive = htonll (vl->values[i].derive);
516 case DS_TYPE_ABSOLUTE:
517 pkg_values[i].absolute = htonll (vl->values[i].absolute);
521 free (pkg_values_types);
523 ERROR ("network plugin: write_part_values: "
524 "Unknown data source type: %i",
527 } /* switch (ds->ds[i].type) */
528 } /* for (num_values) */
531 * Use `memcpy' to write everything to the buffer, because the pointer
532 * may be unaligned and some architectures, such as SPARC, can't handle
535 packet_ptr = *ret_buffer;
537 memcpy (packet_ptr + offset, &pkg_ph, sizeof (pkg_ph));
538 offset += sizeof (pkg_ph);
539 memcpy (packet_ptr + offset, &pkg_num_values, sizeof (pkg_num_values));
540 offset += sizeof (pkg_num_values);
541 memcpy (packet_ptr + offset, pkg_values_types, num_values * sizeof (uint8_t));
542 offset += num_values * sizeof (uint8_t);
543 memcpy (packet_ptr + offset, pkg_values, num_values * sizeof (value_t));
544 offset += num_values * sizeof (value_t);
546 assert (offset == packet_len);
548 *ret_buffer = packet_ptr + packet_len;
549 *ret_buffer_len -= packet_len;
551 free (pkg_values_types);
555 } /* int write_part_values */
557 static int write_part_number (char **ret_buffer, int *ret_buffer_len,
558 int type, uint64_t value)
563 part_header_t pkg_head;
568 packet_len = sizeof (pkg_head) + sizeof (pkg_value);
570 if (*ret_buffer_len < packet_len)
573 pkg_head.type = htons (type);
574 pkg_head.length = htons (packet_len);
575 pkg_value = htonll (value);
577 packet_ptr = *ret_buffer;
579 memcpy (packet_ptr + offset, &pkg_head, sizeof (pkg_head));
580 offset += sizeof (pkg_head);
581 memcpy (packet_ptr + offset, &pkg_value, sizeof (pkg_value));
582 offset += sizeof (pkg_value);
584 assert (offset == packet_len);
586 *ret_buffer = packet_ptr + packet_len;
587 *ret_buffer_len -= packet_len;
590 } /* int write_part_number */
592 static int write_part_string (char **ret_buffer, int *ret_buffer_len,
593 int type, const char *str, int str_len)
603 buffer_len = 2 * sizeof (uint16_t) + str_len + 1;
604 if (*ret_buffer_len < buffer_len)
607 pkg_type = htons (type);
608 pkg_length = htons (buffer_len);
610 buffer = *ret_buffer;
612 memcpy (buffer + offset, (void *) &pkg_type, sizeof (pkg_type));
613 offset += sizeof (pkg_type);
614 memcpy (buffer + offset, (void *) &pkg_length, sizeof (pkg_length));
615 offset += sizeof (pkg_length);
616 memcpy (buffer + offset, str, str_len);
618 memset (buffer + offset, '\0', 1);
621 assert (offset == buffer_len);
623 *ret_buffer = buffer + buffer_len;
624 *ret_buffer_len -= buffer_len;
627 } /* int write_part_string */
629 static int parse_part_values (void **ret_buffer, size_t *ret_buffer_len,
630 value_t **ret_values, int *ret_num_values)
632 char *buffer = *ret_buffer;
633 size_t buffer_len = *ret_buffer_len;
648 NOTICE ("network plugin: packet is too short: "
649 "buffer_len = %zu", buffer_len);
653 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
654 buffer += sizeof (tmp16);
655 pkg_type = ntohs (tmp16);
657 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
658 buffer += sizeof (tmp16);
659 pkg_length = ntohs (tmp16);
661 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
662 buffer += sizeof (tmp16);
663 pkg_numval = ntohs (tmp16);
665 assert (pkg_type == TYPE_VALUES);
667 exp_size = 3 * sizeof (uint16_t)
668 + pkg_numval * (sizeof (uint8_t) + sizeof (value_t));
669 if ((buffer_len < 0) || (buffer_len < exp_size))
671 WARNING ("network plugin: parse_part_values: "
673 "Chunk of size %zu expected, "
674 "but buffer has only %zu bytes left.",
675 exp_size, buffer_len);
679 if (pkg_length != exp_size)
681 WARNING ("network plugin: parse_part_values: "
682 "Length and number of values "
683 "in the packet don't match.");
687 pkg_types = (uint8_t *) malloc (pkg_numval * sizeof (uint8_t));
688 pkg_values = (value_t *) malloc (pkg_numval * sizeof (value_t));
689 if ((pkg_types == NULL) || (pkg_values == NULL))
693 ERROR ("network plugin: parse_part_values: malloc failed.");
697 memcpy ((void *) pkg_types, (void *) buffer, pkg_numval * sizeof (uint8_t));
698 buffer += pkg_numval * sizeof (uint8_t);
699 memcpy ((void *) pkg_values, (void *) buffer, pkg_numval * sizeof (value_t));
700 buffer += pkg_numval * sizeof (value_t);
702 for (i = 0; i < pkg_numval; i++)
704 switch (pkg_types[i])
706 case DS_TYPE_COUNTER:
707 pkg_values[i].counter = (counter_t) ntohll (pkg_values[i].counter);
711 pkg_values[i].gauge = (gauge_t) ntohd (pkg_values[i].gauge);
715 pkg_values[i].derive = (derive_t) ntohll (pkg_values[i].derive);
718 case DS_TYPE_ABSOLUTE:
719 pkg_values[i].absolute = (absolute_t) ntohll (pkg_values[i].absolute);
725 NOTICE ("network plugin: parse_part_values: "
726 "Don't know how to handle data source type %"PRIu8,
729 } /* switch (pkg_types[i]) */
732 *ret_buffer = buffer;
733 *ret_buffer_len = buffer_len - pkg_length;
734 *ret_num_values = pkg_numval;
735 *ret_values = pkg_values;
740 } /* int parse_part_values */
742 static int parse_part_number (void **ret_buffer, size_t *ret_buffer_len,
745 char *buffer = *ret_buffer;
746 size_t buffer_len = *ret_buffer_len;
750 size_t exp_size = 2 * sizeof (uint16_t) + sizeof (uint64_t);
755 if ((buffer_len < 0) || ((size_t) buffer_len < exp_size))
757 WARNING ("network plugin: parse_part_number: "
759 "Chunk of size %zu expected, "
760 "but buffer has only %zu bytes left.",
761 exp_size, buffer_len);
765 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
766 buffer += sizeof (tmp16);
767 pkg_type = ntohs (tmp16);
769 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
770 buffer += sizeof (tmp16);
771 pkg_length = ntohs (tmp16);
773 memcpy ((void *) &tmp64, buffer, sizeof (tmp64));
774 buffer += sizeof (tmp64);
775 *value = ntohll (tmp64);
777 *ret_buffer = buffer;
778 *ret_buffer_len = buffer_len - pkg_length;
781 } /* int parse_part_number */
783 static int parse_part_string (void **ret_buffer, size_t *ret_buffer_len,
784 char *output, int output_len)
786 char *buffer = *ret_buffer;
787 size_t buffer_len = *ret_buffer_len;
790 size_t header_size = 2 * sizeof (uint16_t);
795 if ((buffer_len < 0) || (buffer_len < header_size))
797 WARNING ("network plugin: parse_part_string: "
799 "Chunk of at least size %zu expected, "
800 "but buffer has only %zu bytes left.",
801 header_size, buffer_len);
805 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
806 buffer += sizeof (tmp16);
807 pkg_type = ntohs (tmp16);
809 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
810 buffer += sizeof (tmp16);
811 pkg_length = ntohs (tmp16);
813 /* Check that packet fits in the input buffer */
814 if (pkg_length > buffer_len)
816 WARNING ("network plugin: parse_part_string: "
818 "Chunk of size %"PRIu16" received, "
819 "but buffer has only %zu bytes left.",
820 pkg_length, buffer_len);
824 /* Check that pkg_length is in the valid range */
825 if (pkg_length <= header_size)
827 WARNING ("network plugin: parse_part_string: "
829 "Header claims this packet is only %hu "
830 "bytes long.", pkg_length);
834 /* Check that the package data fits into the output buffer.
835 * The previous if-statement ensures that:
836 * `pkg_length > header_size' */
838 || ((size_t) output_len < ((size_t) pkg_length - header_size)))
840 WARNING ("network plugin: parse_part_string: "
841 "Output buffer too small.");
845 /* All sanity checks successfull, let's copy the data over */
846 output_len = pkg_length - header_size;
847 memcpy ((void *) output, (void *) buffer, output_len);
848 buffer += output_len;
850 /* For some very weird reason '\0' doesn't do the trick on SPARC in
852 if (output[output_len - 1] != 0)
854 WARNING ("network plugin: parse_part_string: "
855 "Received string does not end "
856 "with a NULL-byte.");
860 *ret_buffer = buffer;
861 *ret_buffer_len = buffer_len - pkg_length;
864 } /* int parse_part_string */
866 /* Forward declaration: parse_part_sign_sha256 and parse_part_encr_aes256 call
867 * parse_packet and vice versa. */
868 #define PP_SIGNED 0x01
869 #define PP_ENCRYPTED 0x02
870 static int parse_packet (sockent_t *se,
871 void *buffer, size_t buffer_size, int flags);
873 #define BUFFER_READ(p,s) do { \
874 memcpy ((p), buffer + buffer_offset, (s)); \
875 buffer_offset += (s); \
879 static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
880 void **ret_buffer, size_t *ret_buffer_len, int flags)
884 size_t buffer_offset;
889 part_signature_sha256_t pss;
890 uint16_t pss_head_length;
891 char hash[sizeof (pss.hash)];
895 unsigned char *hash_ptr;
897 buffer = *ret_buffer;
898 buffer_len = *ret_buffer_len;
901 if (se->data.server.userdb == NULL)
903 NOTICE ("network plugin: Received signed network packet but can't verify "
904 "it because no user DB has been configured. Will accept it.");
908 /* Check if the buffer has enough data for this structure. */
909 if (buffer_len <= PART_SIGNATURE_SHA256_SIZE)
912 /* Read type and length header */
913 BUFFER_READ (&pss.head.type, sizeof (pss.head.type));
914 BUFFER_READ (&pss.head.length, sizeof (pss.head.length));
915 pss_head_length = ntohs (pss.head.length);
917 /* Check if the `pss_head_length' is within bounds. */
918 if ((pss_head_length <= PART_SIGNATURE_SHA256_SIZE)
919 || (pss_head_length > buffer_len))
921 ERROR ("network plugin: HMAC-SHA-256 with invalid length received.");
926 BUFFER_READ (pss.hash, sizeof (pss.hash));
928 /* Calculate username length (without null byte) and allocate memory */
929 username_len = pss_head_length - PART_SIGNATURE_SHA256_SIZE;
930 pss.username = malloc (username_len + 1);
931 if (pss.username == NULL)
934 /* Read the username */
935 BUFFER_READ (pss.username, username_len);
936 pss.username[username_len] = 0;
938 assert (buffer_offset == pss_head_length);
940 /* Query the password */
941 secret = fbh_get (se->data.server.userdb, pss.username);
944 ERROR ("network plugin: Unknown user: %s", pss.username);
945 sfree (pss.username);
949 /* Create a hash device and check the HMAC */
951 err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
954 ERROR ("network plugin: Creating HMAC-SHA-256 object failed: %s",
955 gcry_strerror (err));
957 sfree (pss.username);
961 err = gcry_md_setkey (hd, secret, strlen (secret));
964 ERROR ("network plugin: gcry_md_setkey failed: %s", gcry_strerror (err));
970 buffer + PART_SIGNATURE_SHA256_SIZE,
971 buffer_len - PART_SIGNATURE_SHA256_SIZE);
972 hash_ptr = gcry_md_read (hd, GCRY_MD_SHA256);
973 if (hash_ptr == NULL)
975 ERROR ("network plugin: gcry_md_read failed.");
978 sfree (pss.username);
981 memcpy (hash, hash_ptr, sizeof (hash));
988 sfree (pss.username);
990 if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
992 WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
997 parse_packet (se, buffer + buffer_offset, buffer_len - buffer_offset,
1001 *ret_buffer = buffer + buffer_len;
1002 *ret_buffer_len = 0;
1005 } /* }}} int parse_part_sign_sha256 */
1006 /* #endif HAVE_LIBGCRYPT */
1008 #else /* if !HAVE_LIBGCRYPT */
1009 static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
1010 void **ret_buffer, size_t *ret_buffer_size, int flags)
1012 static int warning_has_been_printed = 0;
1016 size_t buffer_offset;
1019 part_signature_sha256_t pss;
1021 buffer = *ret_buffer;
1022 buffer_size = *ret_buffer_size;
1025 if (buffer_size <= PART_SIGNATURE_SHA256_SIZE)
1028 BUFFER_READ (&pss.head.type, sizeof (pss.head.type));
1029 BUFFER_READ (&pss.head.length, sizeof (pss.head.length));
1030 part_len = ntohs (pss.head.length);
1032 if ((part_len <= PART_SIGNATURE_SHA256_SIZE)
1033 || (part_len > buffer_size))
1036 if (warning_has_been_printed == 0)
1038 WARNING ("network plugin: Received signed packet, but the network "
1039 "plugin was not linked with libgcrypt, so I cannot "
1040 "verify the signature. The packet will be accepted.");
1041 warning_has_been_printed = 1;
1044 parse_packet (se, buffer + part_len, buffer_size - part_len, flags);
1046 *ret_buffer = buffer + buffer_size;
1047 *ret_buffer_size = 0;
1050 } /* }}} int parse_part_sign_sha256 */
1051 #endif /* !HAVE_LIBGCRYPT */
1054 static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
1055 void **ret_buffer, size_t *ret_buffer_len,
1058 char *buffer = *ret_buffer;
1059 size_t buffer_len = *ret_buffer_len;
1062 size_t buffer_offset;
1063 uint16_t username_len;
1064 part_encryption_aes256_t pea;
1065 unsigned char hash[sizeof (pea.hash)];
1067 gcry_cipher_hd_t cypher;
1070 /* Make sure at least the header if available. */
1071 if (buffer_len <= PART_ENCRYPTION_AES256_SIZE)
1073 NOTICE ("network plugin: parse_part_encr_aes256: "
1074 "Discarding short packet.");
1080 /* Copy the unencrypted information into `pea'. */
1081 BUFFER_READ (&pea.head.type, sizeof (pea.head.type));
1082 BUFFER_READ (&pea.head.length, sizeof (pea.head.length));
1084 /* Check the `part size'. */
1085 part_size = ntohs (pea.head.length);
1086 if ((part_size <= PART_ENCRYPTION_AES256_SIZE)
1087 || (part_size > buffer_len))
1089 NOTICE ("network plugin: parse_part_encr_aes256: "
1090 "Discarding part with invalid size.");
1094 /* Read the username */
1095 BUFFER_READ (&username_len, sizeof (username_len));
1096 username_len = ntohs (username_len);
1098 if ((username_len <= 0)
1099 || (username_len > (part_size - (PART_ENCRYPTION_AES256_SIZE + 1))))
1101 NOTICE ("network plugin: parse_part_encr_aes256: "
1102 "Discarding part with invalid username length.");
1106 assert (username_len > 0);
1107 pea.username = malloc (username_len + 1);
1108 if (pea.username == NULL)
1110 BUFFER_READ (pea.username, username_len);
1111 pea.username[username_len] = 0;
1113 /* Last but not least, the initialization vector */
1114 BUFFER_READ (pea.iv, sizeof (pea.iv));
1116 /* Make sure we are at the right position */
1117 assert (buffer_offset == (username_len +
1118 PART_ENCRYPTION_AES256_SIZE - sizeof (pea.hash)));
1120 cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
1125 payload_len = part_size - (PART_ENCRYPTION_AES256_SIZE + username_len);
1126 assert (payload_len > 0);
1128 /* Decrypt the packet in-place */
1129 err = gcry_cipher_decrypt (cypher,
1130 buffer + buffer_offset,
1131 part_size - buffer_offset,
1132 /* in = */ NULL, /* in len = */ 0);
1135 ERROR ("network plugin: gcry_cipher_decrypt returned: %s",
1136 gcry_strerror (err));
1141 BUFFER_READ (pea.hash, sizeof (pea.hash));
1143 /* Make sure we're at the right position - again */
1144 assert (buffer_offset == (username_len + PART_ENCRYPTION_AES256_SIZE));
1145 assert (buffer_offset == (part_size - payload_len));
1147 /* Check hash sum */
1148 memset (hash, 0, sizeof (hash));
1149 gcry_md_hash_buffer (GCRY_MD_SHA1, hash,
1150 buffer + buffer_offset, payload_len);
1151 if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
1153 ERROR ("network plugin: Decryption failed: Checksum mismatch.");
1157 parse_packet (se, buffer + buffer_offset, payload_len,
1158 flags | PP_ENCRYPTED);
1160 /* Update return values */
1161 *ret_buffer = buffer + part_size;
1162 *ret_buffer_len = buffer_len - part_size;
1165 } /* }}} int parse_part_encr_aes256 */
1166 /* #endif HAVE_LIBGCRYPT */
1168 #else /* if !HAVE_LIBGCRYPT */
1169 static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
1170 void **ret_buffer, size_t *ret_buffer_size, int flags)
1172 static int warning_has_been_printed = 0;
1176 size_t buffer_offset;
1181 buffer = *ret_buffer;
1182 buffer_size = *ret_buffer_size;
1185 /* parse_packet assures this minimum size. */
1186 assert (buffer_size >= (sizeof (ph.type) + sizeof (ph.length)));
1188 BUFFER_READ (&ph.type, sizeof (ph.type));
1189 BUFFER_READ (&ph.length, sizeof (ph.length));
1190 ph_length = ntohs (ph.length);
1192 if ((ph_length <= PART_ENCRYPTION_AES256_SIZE)
1193 || (ph_length > buffer_size))
1195 ERROR ("network plugin: AES-256 encrypted part "
1196 "with invalid length received.");
1200 if (warning_has_been_printed == 0)
1202 WARNING ("network plugin: Received encrypted packet, but the network "
1203 "plugin was not linked with libgcrypt, so I cannot "
1204 "decrypt it. The part will be discarded.");
1205 warning_has_been_printed = 1;
1208 *ret_buffer += ph_length;
1209 *ret_buffer_size -= ph_length;
1212 } /* }}} int parse_part_encr_aes256 */
1213 #endif /* !HAVE_LIBGCRYPT */
1217 static int parse_packet (sockent_t *se, /* {{{ */
1218 void *buffer, size_t buffer_size, int flags)
1222 value_list_t vl = VALUE_LIST_INIT;
1226 int packet_was_signed = (flags & PP_SIGNED);
1227 int packet_was_encrypted = (flags & PP_ENCRYPTED);
1228 int printed_ignore_warning = 0;
1229 #endif /* HAVE_LIBGCRYPT */
1232 memset (&vl, '\0', sizeof (vl));
1233 memset (&n, '\0', sizeof (n));
1236 while ((status == 0) && (0 < buffer_size)
1237 && ((unsigned int) buffer_size > sizeof (part_header_t)))
1239 uint16_t pkg_length;
1242 memcpy ((void *) &pkg_type,
1245 memcpy ((void *) &pkg_length,
1246 (void *) (buffer + sizeof (pkg_type)),
1247 sizeof (pkg_length));
1249 pkg_length = ntohs (pkg_length);
1250 pkg_type = ntohs (pkg_type);
1252 if (pkg_length > buffer_size)
1254 /* Ensure that this loop terminates eventually */
1255 if (pkg_length < (2 * sizeof (uint16_t)))
1258 if (pkg_type == TYPE_ENCR_AES256)
1260 status = parse_part_encr_aes256 (se,
1261 &buffer, &buffer_size, flags);
1264 ERROR ("network plugin: Decrypting AES256 "
1266 "with status %i.", status);
1271 else if ((se->data.server.security_level == SECURITY_LEVEL_ENCRYPT)
1272 && (packet_was_encrypted == 0))
1274 if (printed_ignore_warning == 0)
1276 INFO ("network plugin: Unencrypted packet or "
1277 "part has been ignored.");
1278 printed_ignore_warning = 1;
1280 buffer = ((char *) buffer) + pkg_length;
1283 #endif /* HAVE_LIBGCRYPT */
1284 else if (pkg_type == TYPE_SIGN_SHA256)
1286 status = parse_part_sign_sha256 (se,
1287 &buffer, &buffer_size, flags);
1290 ERROR ("network plugin: Verifying HMAC-SHA-256 "
1292 "with status %i.", status);
1297 else if ((se->data.server.security_level == SECURITY_LEVEL_SIGN)
1298 && (packet_was_encrypted == 0)
1299 && (packet_was_signed == 0))
1301 if (printed_ignore_warning == 0)
1303 INFO ("network plugin: Unsigned packet or "
1304 "part has been ignored.");
1305 printed_ignore_warning = 1;
1307 buffer = ((char *) buffer) + pkg_length;
1310 #endif /* HAVE_LIBGCRYPT */
1311 else if (pkg_type == TYPE_VALUES)
1313 status = parse_part_values (&buffer, &buffer_size,
1314 &vl.values, &vl.values_len);
1318 network_dispatch_values (&vl);
1322 else if (pkg_type == TYPE_TIME)
1325 status = parse_part_number (&buffer, &buffer_size,
1329 vl.time = (time_t) tmp;
1330 n.time = (time_t) tmp;
1333 else if (pkg_type == TYPE_INTERVAL)
1336 status = parse_part_number (&buffer, &buffer_size,
1339 vl.interval = (int) tmp;
1341 else if (pkg_type == TYPE_HOST)
1343 status = parse_part_string (&buffer, &buffer_size,
1344 vl.host, sizeof (vl.host));
1346 sstrncpy (n.host, vl.host, sizeof (n.host));
1348 else if (pkg_type == TYPE_PLUGIN)
1350 status = parse_part_string (&buffer, &buffer_size,
1351 vl.plugin, sizeof (vl.plugin));
1353 sstrncpy (n.plugin, vl.plugin,
1356 else if (pkg_type == TYPE_PLUGIN_INSTANCE)
1358 status = parse_part_string (&buffer, &buffer_size,
1360 sizeof (vl.plugin_instance));
1362 sstrncpy (n.plugin_instance,
1364 sizeof (n.plugin_instance));
1366 else if (pkg_type == TYPE_TYPE)
1368 status = parse_part_string (&buffer, &buffer_size,
1369 vl.type, sizeof (vl.type));
1371 sstrncpy (n.type, vl.type, sizeof (n.type));
1373 else if (pkg_type == TYPE_TYPE_INSTANCE)
1375 status = parse_part_string (&buffer, &buffer_size,
1377 sizeof (vl.type_instance));
1379 sstrncpy (n.type_instance, vl.type_instance,
1380 sizeof (n.type_instance));
1382 else if (pkg_type == TYPE_MESSAGE)
1384 status = parse_part_string (&buffer, &buffer_size,
1385 n.message, sizeof (n.message));
1391 else if ((n.severity != NOTIF_FAILURE)
1392 && (n.severity != NOTIF_WARNING)
1393 && (n.severity != NOTIF_OKAY))
1395 INFO ("network plugin: "
1396 "Ignoring notification with "
1397 "unknown severity %i.",
1400 else if (n.time <= 0)
1402 INFO ("network plugin: "
1403 "Ignoring notification with "
1406 else if (strlen (n.message) <= 0)
1408 INFO ("network plugin: "
1409 "Ignoring notification with "
1410 "an empty message.");
1414 plugin_dispatch_notification (&n);
1417 else if (pkg_type == TYPE_SEVERITY)
1420 status = parse_part_number (&buffer, &buffer_size,
1423 n.severity = (int) tmp;
1427 DEBUG ("network plugin: parse_packet: Unknown part"
1428 " type: 0x%04hx", pkg_type);
1429 buffer = ((char *) buffer) + pkg_length;
1431 } /* while (buffer_size > sizeof (part_header_t)) */
1433 if (status == 0 && buffer_size > 0)
1434 WARNING ("network plugin: parse_packet: Received truncated "
1435 "packet, try increasing `MaxPacketSize'");
1438 } /* }}} int parse_packet */
1440 static void free_sockent_client (struct sockent_client *sec) /* {{{ */
1449 sfree (sec->username);
1450 sfree (sec->password);
1451 if (sec->cypher != NULL)
1452 gcry_cipher_close (sec->cypher);
1454 } /* }}} void free_sockent_client */
1456 static void free_sockent_server (struct sockent_server *ses) /* {{{ */
1460 for (i = 0; i < ses->fd_num; i++)
1462 if (ses->fd[i] >= 0)
1471 sfree (ses->auth_file);
1472 fbh_destroy (ses->userdb);
1473 if (ses->cypher != NULL)
1474 gcry_cipher_close (ses->cypher);
1476 } /* }}} void free_sockent_server */
1478 static void sockent_destroy (sockent_t *se) /* {{{ */
1482 DEBUG ("network plugin: sockent_destroy (se = %p);", (void *) se);
1489 sfree (se->service);
1491 if (se->type == SOCKENT_TYPE_CLIENT)
1492 free_sockent_client (&se->data.client);
1494 free_sockent_server (&se->data.server);
1499 } /* }}} void sockent_destroy */
1502 * int network_set_ttl
1504 * Set the `IP_MULTICAST_TTL', `IP_TTL', `IPV6_MULTICAST_HOPS' or
1505 * `IPV6_UNICAST_HOPS', depending on which option is applicable.
1507 * The `struct addrinfo' is used to destinguish between unicast and multicast
1510 static int network_set_ttl (const sockent_t *se, const struct addrinfo *ai)
1512 DEBUG ("network plugin: network_set_ttl: network_config_ttl = %i;",
1513 network_config_ttl);
1515 assert (se->type == SOCKENT_TYPE_CLIENT);
1517 if ((network_config_ttl < 1) || (network_config_ttl > 255))
1520 if (ai->ai_family == AF_INET)
1522 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1525 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1526 optname = IP_MULTICAST_TTL;
1530 if (setsockopt (se->data.client.fd, IPPROTO_IP, optname,
1531 &network_config_ttl,
1532 sizeof (network_config_ttl)) == -1)
1535 ERROR ("setsockopt: %s",
1536 sstrerror (errno, errbuf, sizeof (errbuf)));
1540 else if (ai->ai_family == AF_INET6)
1542 /* Useful example: http://gsyc.escet.urjc.es/~eva/IPv6-web/examples/mcast.html */
1543 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1546 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1547 optname = IPV6_MULTICAST_HOPS;
1549 optname = IPV6_UNICAST_HOPS;
1551 if (setsockopt (se->data.client.fd, IPPROTO_IPV6, optname,
1552 &network_config_ttl,
1553 sizeof (network_config_ttl)) == -1)
1556 ERROR ("setsockopt: %s",
1557 sstrerror (errno, errbuf,
1564 } /* int network_set_ttl */
1566 static int network_bind_socket (int fd, const struct addrinfo *ai)
1571 /* allow multiple sockets to use the same PORT number */
1572 if (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR,
1573 &yes, sizeof(yes)) == -1) {
1575 ERROR ("setsockopt: %s",
1576 sstrerror (errno, errbuf, sizeof (errbuf)));
1580 DEBUG ("fd = %i; calling `bind'", fd);
1582 if (bind (fd, ai->ai_addr, ai->ai_addrlen) == -1)
1586 sstrerror (errno, errbuf, sizeof (errbuf)));
1590 if (ai->ai_family == AF_INET)
1592 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1593 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1595 struct ip_mreq mreq;
1597 DEBUG ("fd = %i; IPv4 multicast address found", fd);
1599 mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
1600 mreq.imr_interface.s_addr = htonl (INADDR_ANY);
1602 if (setsockopt (fd, IPPROTO_IP, IP_MULTICAST_LOOP,
1603 &loop, sizeof (loop)) == -1)
1606 ERROR ("setsockopt: %s",
1607 sstrerror (errno, errbuf,
1612 if (setsockopt (fd, IPPROTO_IP, IP_ADD_MEMBERSHIP,
1613 &mreq, sizeof (mreq)) == -1)
1616 ERROR ("setsockopt: %s",
1617 sstrerror (errno, errbuf,
1623 else if (ai->ai_family == AF_INET6)
1625 /* Useful example: http://gsyc.escet.urjc.es/~eva/IPv6-web/examples/mcast.html */
1626 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1627 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1629 struct ipv6_mreq mreq;
1631 DEBUG ("fd = %i; IPv6 multicast address found", fd);
1633 memcpy (&mreq.ipv6mr_multiaddr,
1635 sizeof (addr->sin6_addr));
1637 /* http://developer.apple.com/documentation/Darwin/Reference/ManPages/man4/ip6.4.html
1638 * ipv6mr_interface may be set to zeroes to
1639 * choose the default multicast interface or to
1640 * the index of a particular multicast-capable
1641 * interface if the host is multihomed.
1642 * Membership is associ-associated with a
1643 * single interface; programs running on
1644 * multihomed hosts may need to join the same
1645 * group on more than one interface.*/
1646 mreq.ipv6mr_interface = 0;
1648 if (setsockopt (fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP,
1649 &loop, sizeof (loop)) == -1)
1652 ERROR ("setsockopt: %s",
1653 sstrerror (errno, errbuf,
1658 if (setsockopt (fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP,
1659 &mreq, sizeof (mreq)) == -1)
1662 ERROR ("setsockopt: %s",
1663 sstrerror (errno, errbuf,
1671 } /* int network_bind_socket */
1673 /* Initialize a sockent structure. `type' must be either `SOCKENT_TYPE_CLIENT'
1674 * or `SOCKENT_TYPE_SERVER' */
1675 static int sockent_init (sockent_t *se, int type) /* {{{ */
1680 memset (se, 0, sizeof (*se));
1682 se->type = SOCKENT_TYPE_CLIENT;
1687 if (type == SOCKENT_TYPE_SERVER)
1689 se->type = SOCKENT_TYPE_SERVER;
1690 se->data.server.fd = NULL;
1692 se->data.server.security_level = SECURITY_LEVEL_NONE;
1693 se->data.server.auth_file = NULL;
1694 se->data.server.userdb = NULL;
1695 se->data.server.cypher = NULL;
1700 se->data.client.fd = -1;
1701 se->data.client.addr = NULL;
1703 se->data.client.security_level = SECURITY_LEVEL_NONE;
1704 se->data.client.username = NULL;
1705 se->data.client.password = NULL;
1706 se->data.client.cypher = NULL;
1711 } /* }}} int sockent_init */
1713 /* Open the file descriptors for a initialized sockent structure. */
1714 static int sockent_open (sockent_t *se) /* {{{ */
1716 struct addrinfo ai_hints;
1717 struct addrinfo *ai_list, *ai_ptr;
1721 const char *service;
1726 /* Set up the security structures. */
1727 #if HAVE_LIBGCRYPT /* {{{ */
1728 if (se->type == SOCKENT_TYPE_CLIENT)
1730 if (se->data.client.security_level > SECURITY_LEVEL_NONE)
1732 if ((se->data.client.username == NULL)
1733 || (se->data.client.password == NULL))
1735 ERROR ("network plugin: Client socket with "
1736 "security requested, but no "
1737 "credentials are configured.");
1740 gcry_md_hash_buffer (GCRY_MD_SHA256,
1741 se->data.client.password_hash,
1742 se->data.client.password,
1743 strlen (se->data.client.password));
1746 else /* (se->type == SOCKENT_TYPE_SERVER) */
1748 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
1750 if (se->data.server.auth_file == NULL)
1752 ERROR ("network plugin: Server socket with "
1753 "security requested, but no "
1754 "password file is configured.");
1758 if (se->data.server.auth_file != NULL)
1760 se->data.server.userdb = fbh_create (se->data.server.auth_file);
1761 if (se->data.server.userdb == NULL)
1763 ERROR ("network plugin: Reading password file "
1765 se->data.server.auth_file);
1766 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
1771 #endif /* }}} HAVE_LIBGCRYPT */
1774 service = se->service;
1776 if (service == NULL)
1777 service = NET_DEFAULT_PORT;
1779 DEBUG ("network plugin: sockent_open: node = %s; service = %s;",
1782 memset (&ai_hints, 0, sizeof (ai_hints));
1783 ai_hints.ai_flags = 0;
1785 ai_hints.ai_flags |= AI_PASSIVE;
1787 #ifdef AI_ADDRCONFIG
1788 ai_hints.ai_flags |= AI_ADDRCONFIG;
1790 ai_hints.ai_family = AF_UNSPEC;
1791 ai_hints.ai_socktype = SOCK_DGRAM;
1792 ai_hints.ai_protocol = IPPROTO_UDP;
1794 ai_return = getaddrinfo (node, service, &ai_hints, &ai_list);
1797 ERROR ("network plugin: getaddrinfo (%s, %s) failed: %s",
1798 (se->node == NULL) ? "(null)" : se->node,
1799 (se->service == NULL) ? "(null)" : se->service,
1800 gai_strerror (ai_return));
1804 for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
1808 if (se->type == SOCKENT_TYPE_SERVER) /* {{{ */
1812 tmp = realloc (se->data.server.fd,
1813 sizeof (*tmp) * (se->data.server.fd_num + 1));
1816 ERROR ("network plugin: realloc failed.");
1819 se->data.server.fd = tmp;
1820 tmp = se->data.server.fd + se->data.server.fd_num;
1822 *tmp = socket (ai_ptr->ai_family, ai_ptr->ai_socktype,
1823 ai_ptr->ai_protocol);
1827 ERROR ("network plugin: socket(2) failed: %s",
1828 sstrerror (errno, errbuf,
1833 status = network_bind_socket (*tmp, ai_ptr);
1841 se->data.server.fd_num++;
1843 } /* }}} if (se->type == SOCKENT_TYPE_SERVER) */
1844 else /* if (se->type == SOCKENT_TYPE_CLIENT) {{{ */
1846 se->data.client.fd = socket (ai_ptr->ai_family,
1847 ai_ptr->ai_socktype,
1848 ai_ptr->ai_protocol);
1849 if (se->data.client.fd < 0)
1852 ERROR ("network plugin: socket(2) failed: %s",
1853 sstrerror (errno, errbuf,
1858 se->data.client.addr = malloc (sizeof (*se->data.client.addr));
1859 if (se->data.client.addr == NULL)
1861 ERROR ("network plugin: malloc failed.");
1862 close (se->data.client.fd);
1863 se->data.client.fd = -1;
1867 memset (se->data.client.addr, 0, sizeof (*se->data.client.addr));
1868 assert (sizeof (*se->data.client.addr) >= ai_ptr->ai_addrlen);
1869 memcpy (se->data.client.addr, ai_ptr->ai_addr, ai_ptr->ai_addrlen);
1870 se->data.client.addrlen = ai_ptr->ai_addrlen;
1872 network_set_ttl (se, ai_ptr);
1874 /* We don't open more than one write-socket per
1875 * node/service pair.. */
1877 } /* }}} if (se->type == SOCKENT_TYPE_CLIENT) */
1878 } /* for (ai_list) */
1880 freeaddrinfo (ai_list);
1882 /* Check if all went well. */
1883 if (se->type == SOCKENT_TYPE_SERVER)
1885 if (se->data.server.fd_num <= 0)
1888 else /* if (se->type == SOCKENT_TYPE_CLIENT) */
1890 if (se->data.client.fd < 0)
1895 } /* }}} int sockent_open */
1897 /* Add a sockent to the global list of sockets */
1898 static int sockent_add (sockent_t *se) /* {{{ */
1900 sockent_t *last_ptr;
1905 if (se->type == SOCKENT_TYPE_SERVER)
1910 tmp = realloc (listen_sockets_pollfd,
1911 sizeof (*tmp) * (listen_sockets_num
1912 + se->data.server.fd_num));
1915 ERROR ("network plugin: realloc failed.");
1918 listen_sockets_pollfd = tmp;
1919 tmp = listen_sockets_pollfd + listen_sockets_num;
1921 for (i = 0; i < se->data.server.fd_num; i++)
1923 memset (tmp + i, 0, sizeof (*tmp));
1924 tmp[i].fd = se->data.server.fd[i];
1925 tmp[i].events = POLLIN | POLLPRI;
1929 listen_sockets_num += se->data.server.fd_num;
1931 if (listen_sockets == NULL)
1933 listen_sockets = se;
1936 last_ptr = listen_sockets;
1938 else /* if (se->type == SOCKENT_TYPE_CLIENT) */
1940 if (sending_sockets == NULL)
1942 sending_sockets = se;
1945 last_ptr = sending_sockets;
1948 while (last_ptr->next != NULL)
1949 last_ptr = last_ptr->next;
1950 last_ptr->next = se;
1953 } /* }}} int sockent_add */
1955 static void *dispatch_thread (void __attribute__((unused)) *arg) /* {{{ */
1959 receive_list_entry_t *ent;
1962 /* Lock and wait for more data to come in */
1963 pthread_mutex_lock (&receive_list_lock);
1964 while ((listen_loop == 0)
1965 && (receive_list_head == NULL))
1966 pthread_cond_wait (&receive_list_cond, &receive_list_lock);
1968 /* Remove the head entry and unlock */
1969 ent = receive_list_head;
1971 receive_list_head = ent->next;
1972 pthread_mutex_unlock (&receive_list_lock);
1974 /* Check whether we are supposed to exit. We do NOT check `listen_loop'
1975 * because we dispatch all missing packets before shutting down. */
1979 /* Look for the correct `sockent_t' */
1980 se = listen_sockets;
1985 for (i = 0; i < se->data.server.fd_num; i++)
1986 if (se->data.server.fd[i] == ent->fd)
1989 if (i < se->data.server.fd_num)
1997 ERROR ("network plugin: Got packet from FD %i, but can't "
1998 "find an appropriate socket entry.",
2005 parse_packet (se, ent->data, ent->data_len, /* flags = */ 0);
2011 } /* }}} void *dispatch_thread */
2013 static int network_receive (void) /* {{{ */
2015 char buffer[network_config_packet_size];
2021 receive_list_entry_t *private_list_head;
2022 receive_list_entry_t *private_list_tail;
2024 assert (listen_sockets_num > 0);
2026 private_list_head = NULL;
2027 private_list_tail = NULL;
2029 while (listen_loop == 0)
2031 status = poll (listen_sockets_pollfd, listen_sockets_num, -1);
2038 ERROR ("poll failed: %s",
2039 sstrerror (errno, errbuf, sizeof (errbuf)));
2043 for (i = 0; (i < listen_sockets_num) && (status > 0); i++)
2045 receive_list_entry_t *ent;
2047 if ((listen_sockets_pollfd[i].revents
2048 & (POLLIN | POLLPRI)) == 0)
2052 buffer_len = recv (listen_sockets_pollfd[i].fd,
2053 buffer, sizeof (buffer),
2058 ERROR ("recv failed: %s",
2059 sstrerror (errno, errbuf,
2064 /* TODO: Possible performance enhancement: Do not free
2065 * these entries in the dispatch thread but put them in
2066 * another list, so we don't have to allocate more and
2067 * more of these structures. */
2068 ent = malloc (sizeof (receive_list_entry_t));
2071 ERROR ("network plugin: malloc failed.");
2074 memset (ent, 0, sizeof (receive_list_entry_t));
2075 ent->data = malloc (network_config_packet_size);
2076 if (ent->data == NULL)
2078 ERROR ("network plugin: malloc failed.");
2081 ent->fd = listen_sockets_pollfd[i].fd;
2084 memcpy (ent->data, buffer, buffer_len);
2085 ent->data_len = buffer_len;
2087 if (private_list_head == NULL)
2088 private_list_head = ent;
2090 private_list_tail->next = ent;
2091 private_list_tail = ent;
2093 /* Do not block here. Blocking here has led to
2094 * insufficient performance in the past. */
2095 if (pthread_mutex_trylock (&receive_list_lock) == 0)
2097 if (receive_list_head == NULL)
2098 receive_list_head = private_list_head;
2100 receive_list_tail->next = private_list_head;
2101 receive_list_tail = private_list_tail;
2103 private_list_head = NULL;
2104 private_list_tail = NULL;
2106 pthread_cond_signal (&receive_list_cond);
2107 pthread_mutex_unlock (&receive_list_lock);
2109 } /* for (listen_sockets_pollfd) */
2110 } /* while (listen_loop == 0) */
2112 /* Make sure everything is dispatched before exiting. */
2113 if (private_list_head != NULL)
2115 pthread_mutex_lock (&receive_list_lock);
2117 if (receive_list_head == NULL)
2118 receive_list_head = private_list_head;
2120 receive_list_tail->next = private_list_head;
2121 receive_list_tail = private_list_tail;
2123 private_list_head = NULL;
2124 private_list_tail = NULL;
2126 pthread_cond_signal (&receive_list_cond);
2127 pthread_mutex_unlock (&receive_list_lock);
2131 } /* }}} int network_receive */
2133 static void *receive_thread (void __attribute__((unused)) *arg)
2135 return (network_receive () ? (void *) 1 : (void *) 0);
2136 } /* void *receive_thread */
2138 static void network_init_buffer (void)
2140 memset (send_buffer, 0, network_config_packet_size);
2141 send_buffer_ptr = send_buffer;
2142 send_buffer_fill = 0;
2144 memset (&send_buffer_vl, 0, sizeof (send_buffer_vl));
2145 } /* int network_init_buffer */
2147 static void networt_send_buffer_plain (const sockent_t *se, /* {{{ */
2148 const char *buffer, size_t buffer_size)
2154 status = sendto (se->data.client.fd, buffer, buffer_size,
2156 (struct sockaddr *) se->data.client.addr,
2157 se->data.client.addrlen);
2163 ERROR ("network plugin: sendto failed: %s",
2164 sstrerror (errno, errbuf,
2171 } /* }}} void networt_send_buffer_plain */
2174 #define BUFFER_ADD(p,s) do { \
2175 memcpy (buffer + buffer_offset, (p), (s)); \
2176 buffer_offset += (s); \
2179 static void networt_send_buffer_signed (const sockent_t *se, /* {{{ */
2180 const char *in_buffer, size_t in_buffer_size)
2182 part_signature_sha256_t ps;
2183 char buffer[BUFF_SIG_SIZE + in_buffer_size];
2184 size_t buffer_offset;
2185 size_t username_len;
2189 unsigned char *hash;
2192 err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
2195 ERROR ("network plugin: Creating HMAC object failed: %s",
2196 gcry_strerror (err));
2200 err = gcry_md_setkey (hd, se->data.client.password,
2201 strlen (se->data.client.password));
2204 ERROR ("network plugin: gcry_md_setkey failed: %s",
2205 gcry_strerror (err));
2210 username_len = strlen (se->data.client.username);
2211 if (username_len > (BUFF_SIG_SIZE - PART_SIGNATURE_SHA256_SIZE))
2213 ERROR ("network plugin: Username too long: %s",
2214 se->data.client.username);
2218 memcpy (buffer + PART_SIGNATURE_SHA256_SIZE,
2219 se->data.client.username, username_len);
2220 memcpy (buffer + PART_SIGNATURE_SHA256_SIZE + username_len,
2221 in_buffer, in_buffer_size);
2223 /* Initialize the `ps' structure. */
2224 memset (&ps, 0, sizeof (ps));
2225 ps.head.type = htons (TYPE_SIGN_SHA256);
2226 ps.head.length = htons (PART_SIGNATURE_SHA256_SIZE + username_len);
2228 /* Calculate the hash value. */
2229 gcry_md_write (hd, buffer + PART_SIGNATURE_SHA256_SIZE,
2230 username_len + in_buffer_size);
2231 hash = gcry_md_read (hd, GCRY_MD_SHA256);
2234 ERROR ("network plugin: gcry_md_read failed.");
2238 memcpy (ps.hash, hash, sizeof (ps.hash));
2240 /* Add the header */
2243 BUFFER_ADD (&ps.head.type, sizeof (ps.head.type));
2244 BUFFER_ADD (&ps.head.length, sizeof (ps.head.length));
2245 BUFFER_ADD (ps.hash, sizeof (ps.hash));
2247 assert (buffer_offset == PART_SIGNATURE_SHA256_SIZE);
2252 buffer_offset = PART_SIGNATURE_SHA256_SIZE + username_len + in_buffer_size;
2253 networt_send_buffer_plain (se, buffer, buffer_offset);
2254 } /* }}} void networt_send_buffer_signed */
2256 static void networt_send_buffer_encrypted (sockent_t *se, /* {{{ */
2257 const char *in_buffer, size_t in_buffer_size)
2259 part_encryption_aes256_t pea;
2260 char buffer[BUFF_SIG_SIZE + in_buffer_size];
2262 size_t buffer_offset;
2264 size_t username_len;
2266 gcry_cipher_hd_t cypher;
2268 /* Initialize the header fields */
2269 memset (&pea, 0, sizeof (pea));
2270 pea.head.type = htons (TYPE_ENCR_AES256);
2272 pea.username = se->data.client.username;
2274 username_len = strlen (pea.username);
2275 if ((PART_ENCRYPTION_AES256_SIZE + username_len) > BUFF_SIG_SIZE)
2277 ERROR ("network plugin: Username too long: %s", pea.username);
2281 buffer_size = PART_ENCRYPTION_AES256_SIZE + username_len + in_buffer_size;
2282 header_size = PART_ENCRYPTION_AES256_SIZE + username_len
2283 - sizeof (pea.hash);
2285 assert (buffer_size <= sizeof (buffer));
2286 DEBUG ("network plugin: networt_send_buffer_encrypted: "
2287 "buffer_size = %zu;", buffer_size);
2289 pea.head.length = htons ((uint16_t) (PART_ENCRYPTION_AES256_SIZE
2290 + username_len + in_buffer_size));
2291 pea.username_length = htons ((uint16_t) username_len);
2293 /* Chose a random initialization vector. */
2294 gcry_randomize ((void *) &pea.iv, sizeof (pea.iv), GCRY_STRONG_RANDOM);
2296 /* Create hash of the payload */
2297 gcry_md_hash_buffer (GCRY_MD_SHA1, pea.hash, in_buffer, in_buffer_size);
2299 /* Initialize the buffer */
2301 memset (buffer, 0, sizeof (buffer));
2304 BUFFER_ADD (&pea.head.type, sizeof (pea.head.type));
2305 BUFFER_ADD (&pea.head.length, sizeof (pea.head.length));
2306 BUFFER_ADD (&pea.username_length, sizeof (pea.username_length));
2307 BUFFER_ADD (pea.username, username_len);
2308 BUFFER_ADD (pea.iv, sizeof (pea.iv));
2309 assert (buffer_offset == header_size);
2310 BUFFER_ADD (pea.hash, sizeof (pea.hash));
2311 BUFFER_ADD (in_buffer, in_buffer_size);
2313 assert (buffer_offset == buffer_size);
2315 cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
2316 se->data.client.password);
2320 /* Encrypt the buffer in-place */
2321 err = gcry_cipher_encrypt (cypher,
2322 buffer + header_size,
2323 buffer_size - header_size,
2324 /* in = */ NULL, /* in len = */ 0);
2327 ERROR ("network plugin: gcry_cipher_encrypt returned: %s",
2328 gcry_strerror (err));
2332 /* Send it out without further modifications */
2333 networt_send_buffer_plain (se, buffer, buffer_size);
2334 } /* }}} void networt_send_buffer_encrypted */
2336 #endif /* HAVE_LIBGCRYPT */
2338 static void network_send_buffer (char *buffer, size_t buffer_len) /* {{{ */
2342 DEBUG ("network plugin: network_send_buffer: buffer_len = %zu", buffer_len);
2344 for (se = sending_sockets; se != NULL; se = se->next)
2347 if (se->data.client.security_level == SECURITY_LEVEL_ENCRYPT)
2348 networt_send_buffer_encrypted (se, buffer, buffer_len);
2349 else if (se->data.client.security_level == SECURITY_LEVEL_SIGN)
2350 networt_send_buffer_signed (se, buffer, buffer_len);
2351 else /* if (se->data.client.security_level == SECURITY_LEVEL_NONE) */
2352 #endif /* HAVE_LIBGCRYPT */
2353 networt_send_buffer_plain (se, buffer, buffer_len);
2354 } /* for (sending_sockets) */
2355 } /* }}} void network_send_buffer */
2357 static int add_to_buffer (char *buffer, int buffer_size, /* {{{ */
2358 value_list_t *vl_def,
2359 const data_set_t *ds, const value_list_t *vl)
2361 char *buffer_orig = buffer;
2363 if (strcmp (vl_def->host, vl->host) != 0)
2365 if (write_part_string (&buffer, &buffer_size, TYPE_HOST,
2366 vl->host, strlen (vl->host)) != 0)
2368 sstrncpy (vl_def->host, vl->host, sizeof (vl_def->host));
2371 if (vl_def->time != vl->time)
2373 if (write_part_number (&buffer, &buffer_size, TYPE_TIME,
2374 (uint64_t) vl->time))
2376 vl_def->time = vl->time;
2379 if (vl_def->interval != vl->interval)
2381 if (write_part_number (&buffer, &buffer_size, TYPE_INTERVAL,
2382 (uint64_t) vl->interval))
2384 vl_def->interval = vl->interval;
2387 if (strcmp (vl_def->plugin, vl->plugin) != 0)
2389 if (write_part_string (&buffer, &buffer_size, TYPE_PLUGIN,
2390 vl->plugin, strlen (vl->plugin)) != 0)
2392 sstrncpy (vl_def->plugin, vl->plugin, sizeof (vl_def->plugin));
2395 if (strcmp (vl_def->plugin_instance, vl->plugin_instance) != 0)
2397 if (write_part_string (&buffer, &buffer_size, TYPE_PLUGIN_INSTANCE,
2398 vl->plugin_instance,
2399 strlen (vl->plugin_instance)) != 0)
2401 sstrncpy (vl_def->plugin_instance, vl->plugin_instance, sizeof (vl_def->plugin_instance));
2404 if (strcmp (vl_def->type, vl->type) != 0)
2406 if (write_part_string (&buffer, &buffer_size, TYPE_TYPE,
2407 vl->type, strlen (vl->type)) != 0)
2409 sstrncpy (vl_def->type, ds->type, sizeof (vl_def->type));
2412 if (strcmp (vl_def->type_instance, vl->type_instance) != 0)
2414 if (write_part_string (&buffer, &buffer_size, TYPE_TYPE_INSTANCE,
2416 strlen (vl->type_instance)) != 0)
2418 sstrncpy (vl_def->type_instance, vl->type_instance, sizeof (vl_def->type_instance));
2421 if (write_part_values (&buffer, &buffer_size, ds, vl) != 0)
2424 return (buffer - buffer_orig);
2425 } /* }}} int add_to_buffer */
2427 static void flush_buffer (void)
2429 DEBUG ("network plugin: flush_buffer: send_buffer_fill = %i",
2432 network_send_buffer (send_buffer, (size_t) send_buffer_fill);
2433 network_init_buffer ();
2436 static int network_write (const data_set_t *ds, const value_list_t *vl,
2437 user_data_t __attribute__((unused)) *user_data)
2441 if (!check_send_okay (vl))
2444 char name[6*DATA_MAX_NAME_LEN];
2445 FORMAT_VL (name, sizeof (name), vl);
2446 name[sizeof (name) - 1] = 0;
2447 DEBUG ("network plugin: network_write: "
2448 "NOT sending %s.", name);
2453 uc_meta_data_add_unsigned_int (vl,
2454 "network:time_sent", (uint64_t) vl->time);
2456 pthread_mutex_lock (&send_buffer_lock);
2458 status = add_to_buffer (send_buffer_ptr,
2459 network_config_packet_size - (send_buffer_fill + BUFF_SIG_SIZE),
2464 /* status == bytes added to the buffer */
2465 send_buffer_fill += status;
2466 send_buffer_ptr += status;
2472 status = add_to_buffer (send_buffer_ptr,
2473 network_config_packet_size - (send_buffer_fill + BUFF_SIG_SIZE),
2479 send_buffer_fill += status;
2480 send_buffer_ptr += status;
2486 ERROR ("network plugin: Unable to append to the "
2487 "buffer for some weird reason");
2489 else if ((network_config_packet_size - send_buffer_fill) < 15)
2494 pthread_mutex_unlock (&send_buffer_lock);
2496 return ((status < 0) ? -1 : 0);
2497 } /* int network_write */
2499 static int network_config_set_boolean (const oconfig_item_t *ci, /* {{{ */
2502 if ((ci->values_num != 1)
2503 || ((ci->values[0].type != OCONFIG_TYPE_BOOLEAN)
2504 && (ci->values[0].type != OCONFIG_TYPE_STRING)))
2506 ERROR ("network plugin: The `%s' config option needs "
2507 "exactly one boolean argument.", ci->key);
2511 if (ci->values[0].type == OCONFIG_TYPE_BOOLEAN)
2513 if (ci->values[0].value.boolean)
2520 char *str = ci->values[0].value.string;
2522 if ((strcasecmp ("true", str) == 0)
2523 || (strcasecmp ("yes", str) == 0)
2524 || (strcasecmp ("on", str) == 0))
2526 else if ((strcasecmp ("false", str) == 0)
2527 || (strcasecmp ("no", str) == 0)
2528 || (strcasecmp ("off", str) == 0))
2532 ERROR ("network plugin: Cannot parse string value `%s' of the `%s' "
2533 "option as boolean value.",
2540 } /* }}} int network_config_set_boolean */
2542 static int network_config_set_ttl (const oconfig_item_t *ci) /* {{{ */
2545 if ((ci->values_num != 1)
2546 || (ci->values[0].type != OCONFIG_TYPE_NUMBER))
2548 WARNING ("network plugin: The `TimeToLive' config option needs exactly "
2549 "one numeric argument.");
2553 tmp = (int) ci->values[0].value.number;
2554 if ((tmp > 0) && (tmp <= 255))
2555 network_config_ttl = tmp;
2558 } /* }}} int network_config_set_ttl */
2560 static int network_config_set_buffer_size (const oconfig_item_t *ci) /* {{{ */
2563 if ((ci->values_num != 1)
2564 || (ci->values[0].type != OCONFIG_TYPE_NUMBER))
2566 WARNING ("network plugin: The `MaxPacketSize' config option needs exactly "
2567 "one numeric argument.");
2571 tmp = (int) ci->values[0].value.number;
2572 if ((tmp >= 1024) && (tmp <= 65535))
2573 network_config_packet_size = tmp;
2576 } /* }}} int network_config_set_buffer_size */
2579 static int network_config_set_string (const oconfig_item_t *ci, /* {{{ */
2583 if ((ci->values_num != 1)
2584 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2586 WARNING ("network plugin: The `%s' config option needs exactly "
2587 "one string argument.", ci->key);
2591 tmp = strdup (ci->values[0].value.string);
2595 sfree (*ret_string);
2599 } /* }}} int network_config_set_string */
2600 #endif /* HAVE_LIBGCRYPT */
2603 static int network_config_set_security_level (oconfig_item_t *ci, /* {{{ */
2607 if ((ci->values_num != 1)
2608 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2610 WARNING ("network plugin: The `SecurityLevel' config option needs exactly "
2611 "one string argument.");
2615 str = ci->values[0].value.string;
2616 if (strcasecmp ("Encrypt", str) == 0)
2617 *retval = SECURITY_LEVEL_ENCRYPT;
2618 else if (strcasecmp ("Sign", str) == 0)
2619 *retval = SECURITY_LEVEL_SIGN;
2620 else if (strcasecmp ("None", str) == 0)
2621 *retval = SECURITY_LEVEL_NONE;
2624 WARNING ("network plugin: Unknown security level: %s.", str);
2629 } /* }}} int network_config_set_security_level */
2630 #endif /* HAVE_LIBGCRYPT */
2632 static int network_config_add_listen (const oconfig_item_t *ci) /* {{{ */
2638 if ((ci->values_num < 1) || (ci->values_num > 2)
2639 || (ci->values[0].type != OCONFIG_TYPE_STRING)
2640 || ((ci->values_num > 1) && (ci->values[1].type != OCONFIG_TYPE_STRING)))
2642 ERROR ("network plugin: The `%s' config option needs "
2643 "one or two string arguments.", ci->key);
2647 se = malloc (sizeof (*se));
2650 ERROR ("network plugin: malloc failed.");
2653 sockent_init (se, SOCKENT_TYPE_SERVER);
2655 se->node = strdup (ci->values[0].value.string);
2656 if (ci->values_num >= 2)
2657 se->service = strdup (ci->values[1].value.string);
2659 for (i = 0; i < ci->children_num; i++)
2661 oconfig_item_t *child = ci->children + i;
2664 if (strcasecmp ("AuthFile", child->key) == 0)
2665 network_config_set_string (child, &se->data.server.auth_file);
2666 else if (strcasecmp ("SecurityLevel", child->key) == 0)
2667 network_config_set_security_level (child,
2668 &se->data.server.security_level);
2670 #endif /* HAVE_LIBGCRYPT */
2672 WARNING ("network plugin: Option `%s' is not allowed here.",
2678 if ((se->data.server.security_level > SECURITY_LEVEL_NONE)
2679 && (se->data.server.auth_file == NULL))
2681 ERROR ("network plugin: A security level higher than `none' was "
2682 "requested, but no AuthFile option was given. Cowardly refusing to "
2683 "open this socket!");
2684 sockent_destroy (se);
2687 #endif /* HAVE_LIBGCRYPT */
2689 status = sockent_open (se);
2692 ERROR ("network plugin: network_config_add_listen: sockent_open failed.");
2693 sockent_destroy (se);
2697 status = sockent_add (se);
2700 ERROR ("network plugin: network_config_add_listen: sockent_add failed.");
2701 sockent_destroy (se);
2706 } /* }}} int network_config_add_listen */
2708 static int network_config_add_server (const oconfig_item_t *ci) /* {{{ */
2714 if ((ci->values_num < 1) || (ci->values_num > 2)
2715 || (ci->values[0].type != OCONFIG_TYPE_STRING)
2716 || ((ci->values_num > 1) && (ci->values[1].type != OCONFIG_TYPE_STRING)))
2718 ERROR ("network plugin: The `%s' config option needs "
2719 "one or two string arguments.", ci->key);
2723 se = malloc (sizeof (*se));
2726 ERROR ("network plugin: malloc failed.");
2729 sockent_init (se, SOCKENT_TYPE_CLIENT);
2731 se->node = strdup (ci->values[0].value.string);
2732 if (ci->values_num >= 2)
2733 se->service = strdup (ci->values[1].value.string);
2735 for (i = 0; i < ci->children_num; i++)
2737 oconfig_item_t *child = ci->children + i;
2740 if (strcasecmp ("Username", child->key) == 0)
2741 network_config_set_string (child, &se->data.client.username);
2742 else if (strcasecmp ("Password", child->key) == 0)
2743 network_config_set_string (child, &se->data.client.password);
2744 else if (strcasecmp ("SecurityLevel", child->key) == 0)
2745 network_config_set_security_level (child,
2746 &se->data.client.security_level);
2748 #endif /* HAVE_LIBGCRYPT */
2750 WARNING ("network plugin: Option `%s' is not allowed here.",
2756 if ((se->data.client.security_level > SECURITY_LEVEL_NONE)
2757 && ((se->data.client.username == NULL)
2758 || (se->data.client.password == NULL)))
2760 ERROR ("network plugin: A security level higher than `none' was "
2761 "requested, but no Username or Password option was given. "
2762 "Cowardly refusing to open this socket!");
2763 sockent_destroy (se);
2766 #endif /* HAVE_LIBGCRYPT */
2768 status = sockent_open (se);
2771 ERROR ("network plugin: network_config_add_server: sockent_open failed.");
2772 sockent_destroy (se);
2776 status = sockent_add (se);
2779 ERROR ("network plugin: network_config_add_server: sockent_add failed.");
2780 sockent_destroy (se);
2785 } /* }}} int network_config_add_server */
2787 static int network_config (oconfig_item_t *ci) /* {{{ */
2791 for (i = 0; i < ci->children_num; i++)
2793 oconfig_item_t *child = ci->children + i;
2795 if (strcasecmp ("Listen", child->key) == 0)
2796 network_config_add_listen (child);
2797 else if (strcasecmp ("Server", child->key) == 0)
2798 network_config_add_server (child);
2799 else if (strcasecmp ("TimeToLive", child->key) == 0)
2800 network_config_set_ttl (child);
2801 else if (strcasecmp ("MaxPacketSize", child->key) == 0)
2802 network_config_set_buffer_size (child);
2803 else if (strcasecmp ("Forward", child->key) == 0)
2804 network_config_set_boolean (child, &network_config_forward);
2805 else if (strcasecmp ("CacheFlush", child->key) == 0)
2806 /* no op for backwards compatibility only */;
2809 WARNING ("network plugin: Option `%s' is not allowed here.",
2815 } /* }}} int network_config */
2817 static int network_notification (const notification_t *n,
2818 user_data_t __attribute__((unused)) *user_data)
2820 char buffer[network_config_packet_size];
2821 char *buffer_ptr = buffer;
2822 int buffer_free = sizeof (buffer);
2825 memset (buffer, '\0', sizeof (buffer));
2828 status = write_part_number (&buffer_ptr, &buffer_free, TYPE_TIME,
2829 (uint64_t) n->time);
2833 status = write_part_number (&buffer_ptr, &buffer_free, TYPE_SEVERITY,
2834 (uint64_t) n->severity);
2838 if (strlen (n->host) > 0)
2840 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_HOST,
2841 n->host, strlen (n->host));
2846 if (strlen (n->plugin) > 0)
2848 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_PLUGIN,
2849 n->plugin, strlen (n->plugin));
2854 if (strlen (n->plugin_instance) > 0)
2856 status = write_part_string (&buffer_ptr, &buffer_free,
2857 TYPE_PLUGIN_INSTANCE,
2858 n->plugin_instance, strlen (n->plugin_instance));
2863 if (strlen (n->type) > 0)
2865 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_TYPE,
2866 n->type, strlen (n->type));
2871 if (strlen (n->type_instance) > 0)
2873 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_TYPE_INSTANCE,
2874 n->type_instance, strlen (n->type_instance));
2879 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_MESSAGE,
2880 n->message, strlen (n->message));
2884 network_send_buffer (buffer, sizeof (buffer) - buffer_free);
2887 } /* int network_notification */
2889 static int network_shutdown (void)
2893 /* Kill the listening thread */
2894 if (receive_thread_running != 0)
2896 INFO ("network plugin: Stopping receive thread.");
2897 pthread_kill (receive_thread_id, SIGTERM);
2898 pthread_join (receive_thread_id, NULL /* no return value */);
2899 memset (&receive_thread_id, 0, sizeof (receive_thread_id));
2900 receive_thread_running = 0;
2903 /* Shutdown the dispatching thread */
2904 if (dispatch_thread_running != 0)
2906 INFO ("network plugin: Stopping dispatch thread.");
2907 pthread_mutex_lock (&receive_list_lock);
2908 pthread_cond_broadcast (&receive_list_cond);
2909 pthread_mutex_unlock (&receive_list_lock);
2910 pthread_join (dispatch_thread_id, /* ret = */ NULL);
2911 dispatch_thread_running = 0;
2914 sockent_destroy (listen_sockets);
2916 if (send_buffer_fill > 0)
2919 sfree (send_buffer);
2921 /* TODO: Close `sending_sockets' */
2923 plugin_unregister_config ("network");
2924 plugin_unregister_init ("network");
2925 plugin_unregister_write ("network");
2926 plugin_unregister_shutdown ("network");
2929 } /* int network_shutdown */
2931 static int network_init (void)
2933 static _Bool have_init = false;
2935 /* Check if we were already initialized. If so, just return - there's
2936 * nothing more to do (for now, that is). */
2942 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
2943 gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
2944 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
2947 plugin_register_shutdown ("network", network_shutdown);
2949 send_buffer = malloc (network_config_packet_size);
2950 if (send_buffer == NULL)
2952 ERROR ("network plugin: malloc failed.");
2955 network_init_buffer ();
2957 /* setup socket(s) and so on */
2958 if (sending_sockets != NULL)
2960 plugin_register_write ("network", network_write,
2961 /* user_data = */ NULL);
2962 plugin_register_notification ("network", network_notification,
2963 /* user_data = */ NULL);
2966 /* If no threads need to be started, return here. */
2967 if ((listen_sockets_num == 0)
2968 || ((dispatch_thread_running != 0)
2969 && (receive_thread_running != 0)))
2972 if (dispatch_thread_running == 0)
2975 status = pthread_create (&dispatch_thread_id,
2976 NULL /* no attributes */,
2978 NULL /* no argument */);
2982 ERROR ("network: pthread_create failed: %s",
2983 sstrerror (errno, errbuf,
2988 dispatch_thread_running = 1;
2992 if (receive_thread_running == 0)
2995 status = pthread_create (&receive_thread_id,
2996 NULL /* no attributes */,
2998 NULL /* no argument */);
3002 ERROR ("network: pthread_create failed: %s",
3003 sstrerror (errno, errbuf,
3008 receive_thread_running = 1;
3013 } /* int network_init */
3016 * The flush option of the network plugin cannot flush individual identifiers.
3017 * All the values are added to a buffer and sent when the buffer is full, the
3018 * requested value may or may not be in there, it's not worth finding out. We
3019 * just send the buffer if `flush' is called - if the requested value was in
3020 * there, good. If not, well, then there is nothing to flush.. -octo
3022 static int network_flush (int timeout,
3023 const char __attribute__((unused)) *identifier,
3024 user_data_t __attribute__((unused)) *user_data)
3026 pthread_mutex_lock (&send_buffer_lock);
3028 if (send_buffer_fill > 0)
3031 pthread_mutex_unlock (&send_buffer_lock);
3034 } /* int network_flush */
3036 void module_register (void)
3038 plugin_register_complex_config ("network", network_config);
3039 plugin_register_init ("network", network_init);
3040 plugin_register_flush ("network", network_flush,
3041 /* user_data = */ NULL);
3042 } /* void module_register */
3044 /* vim: set fdm=marker : */
projects / collectd.git / blob