#include <libgen.h>
#include <grp.h>
+#ifdef HAVE_LIBWRAP
+#include <tcpd.h>
+#endif /* HAVE_LIBWRAP */
+
#include <glib-2.0/glib.h>
/* }}} */
size_t files_num;
} journal_set;
-/* max length of socket command or response */
-#define CMD_MAX 4096
-#define RBUF_SIZE (CMD_MAX*2)
+#define RBUF_SIZE (RRD_CMD_MAX*2)
/*
* Variables
static int add_response_info(listen_socket_t *sock, char *fmt, ...) /* {{{ */
{
va_list argp;
- char buffer[CMD_MAX];
+ char buffer[RRD_CMD_MAX];
int len;
if (JOURNAL_REPLAY(sock)) return 0;
char *fmt, ...) /* {{{ */
{
va_list argp;
- char buffer[CMD_MAX];
+ char buffer[RRD_CMD_MAX];
int lines;
ssize_t wrote;
int rclen, len;
char *file, file_tmp[PATH_MAX];
int values_num = 0;
int status;
- char orig_buf[CMD_MAX];
+ char orig_buf[RRD_CMD_MAX];
cache_item_t *ci;
dest->permissions = src->permissions;
} /* }}} socket_permission_copy */
+static void socket_permission_set_all (listen_socket_t *sock) /* {{{ */
+{
+ size_t i;
+
+ sock->permissions = 0;
+ for (i = 0; i < list_of_commands_len; i++)
+ sock->permissions |= (1 << i);
+} /* }}} void socket_permission_set_all */
+
/* check whether commands are received in the expected context */
static int command_check_context(listen_socket_t *sock, command_t *cmd)
{
if (help && (help->syntax || help->help))
{
- char tmp[CMD_MAX];
+ char tmp[RRD_CMD_MAX];
snprintf(tmp, sizeof(tmp)-1, "Help for %s\n", help->cmd);
resp_txt = tmp;
int entry_cnt = 0;
int fail_cnt = 0;
uint64_t line = 0;
- char entry[CMD_MAX];
+ char entry[RRD_CMD_MAX];
time_t now;
if (file == NULL) return 0;
}
pthread_mutex_lock (&connection_threads_lock);
+#ifdef HAVE_LIBWRAP
+ /* LIBWRAP does not support multiple threads! By putting this code
+ inside pthread_mutex_lock we do not have to worry about request_info
+ getting overwritten by another thread.
+ */
+ struct request_info req;
+ request_init(&req, RQ_DAEMON, "rrdcache\0", RQ_FILE, fd, NULL );
+ fromhost(&req);
+ if(!hosts_access(&req)) {
+ RRDD_LOG(LOG_INFO, "refused connection from %s", eval_client(&req));
+ pthread_mutex_unlock (&connection_threads_lock);
+ close_connection(sock);
+ return NULL;
+ }
+#endif /* HAVE_LIBWRAP */
connection_threads_num++;
pthread_mutex_unlock (&connection_threads_lock);
strncpy(default_socket.addr, RRDCACHED_DEFAULT_ADDRESS,
sizeof(default_socket.addr) - 1);
default_socket.addr[sizeof(default_socket.addr) - 1] = '\0';
+
+ if (default_socket.permissions == 0)
+ socket_permission_set_all (&default_socket);
+
open_listen_socket (&default_socket);
}
else /* if (default_socket.permissions == 0) */
{
/* Add permission for ALL commands to the socket. */
- size_t i;
- for (i = 0; i < list_of_commands_len; i++)
- {
- status = socket_permission_add (new, list_of_commands[i].cmd);
- if (status != 0)
- {
- fprintf (stderr, "read_options: Adding permission \"%s\" to "
- "socket failed. This should never happen, ever! Sorry.\n",
- list_of_commands[i].cmd);
- status = 4;
- }
- }
+ socket_permission_set_all (new);
}
/* }}} Done adding permissions. */
case 'j':
{
char journal_dir_actual[PATH_MAX];
- const char *dir;
- dir = journal_dir = strdup(realpath((const char *)optarg, journal_dir_actual));
-
- status = rrd_mkdir_p(dir, 0777);
- if (status != 0)
- {
- fprintf(stderr, "Failed to create journal directory '%s': %s\n",
- dir, rrd_strerror(errno));
- return 6;
- }
-
- if (access(dir, R_OK|W_OK|X_OK) != 0)
- {
- fprintf(stderr, "Must specify a writable directory with -j! (%s)\n",
- errno ? rrd_strerror(errno) : "");
- return 6;
- }
+ journal_dir = realpath((const char *)optarg, journal_dir_actual);
+ if (journal_dir)
+ {
+ // if we were able to properly resolve the path, lets have a copy
+ // for use outside this block.
+ journal_dir = strdup(journal_dir);
+ status = rrd_mkdir_p(journal_dir, 0777);
+ if (status != 0)
+ {
+ fprintf(stderr, "Failed to create journal directory '%s': %s\n",
+ journal_dir, rrd_strerror(errno));
+ return 6;
+ }
+ if (access(journal_dir, R_OK|W_OK|X_OK) != 0)
+ {
+ fprintf(stderr, "Must specify a writable directory with -j! (%s)\n",
+ errno ? rrd_strerror(errno) : "");
+ return 6;
+ }
+ } else {
+ fprintf(stderr, "Unable to resolve journal path (%s,%s)\n", optarg,
+ errno ? rrd_strerror(errno) : "");
+ return 6;
+ }
}
break;
"\n"
"Valid options are:\n"
" -l <address> Socket address to listen to.\n"
+ " Default: "RRDCACHED_DEFAULT_ADDRESS"\n"
" -P <perms> Sets the permissions to assign to all following "
"sockets\n"
" -w <seconds> Interval in which to write data.\n"
projects / rrdtool.git / blobdiff