2 * collectd - src/network.c
3 * Copyright (C) 2005-2009 Florian octo Forster
4 * Copyright (C) 2009 Aman Gupta
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU Lesser General Public License as published by
8 * the Free Software Foundation; only version 2.1 of the License is
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 * Florian octo Forster <octo at verplant.org>
22 * Aman Gupta <aman at tmm1.net>
25 #define _BSD_SOURCE /* For struct ip_mreq */
30 #include "configfile.h"
31 #include "utils_fbhash.h"
32 #include "utils_avltree.h"
33 #include "utils_cache.h"
34 #include "utils_complain.h"
42 # include <sys/socket.h>
48 # include <netinet/in.h>
51 # include <arpa/inet.h>
63 GCRY_THREAD_OPTION_PTHREAD_IMPL;
66 #ifndef IPV6_ADD_MEMBERSHIP
67 # ifdef IPV6_JOIN_GROUP
68 # define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP
70 # error "Neither IP_ADD_MEMBERSHIP nor IPV6_JOIN_GROUP is defined"
72 #endif /* !IP_ADD_MEMBERSHIP */
75 * Maximum size required for encryption / signing:
77 * 42 bytes for the encryption header
78 * + 64 bytes for the username
82 #define BUFF_SIG_SIZE 106
87 #define SECURITY_LEVEL_NONE 0
89 # define SECURITY_LEVEL_SIGN 1
90 # define SECURITY_LEVEL_ENCRYPT 2
95 struct sockaddr_storage *addr;
101 gcry_cipher_hd_t cypher;
102 unsigned char password_hash[32];
106 struct sockent_server
114 gcry_cipher_hd_t cypher;
118 typedef struct sockent
120 #define SOCKENT_TYPE_CLIENT 1
121 #define SOCKENT_TYPE_SERVER 2
130 struct sockent_client client;
131 struct sockent_server server;
134 struct sockent *next;
137 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
138 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
139 * +-------+-----------------------+-------------------------------+
140 * ! Ver. ! ! Length !
141 * +-------+-----------------------+-------------------------------+
148 typedef struct part_header_s part_header_t;
150 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
151 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
152 * +-------------------------------+-------------------------------+
154 * +-------------------------------+-------------------------------+
155 * : (Length - 4) Bytes :
156 * +---------------------------------------------------------------+
163 typedef struct part_string_s part_string_t;
165 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
166 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
167 * +-------------------------------+-------------------------------+
169 * +-------------------------------+-------------------------------+
170 * : (Length - 4 == 2 || 4 || 8) Bytes :
171 * +---------------------------------------------------------------+
178 typedef struct part_number_s part_number_t;
180 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
181 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
182 * +-------------------------------+-------------------------------+
184 * +-------------------------------+---------------+---------------+
185 * ! Num of values ! Type0 ! Type1 !
186 * +-------------------------------+---------------+---------------+
189 * +---------------------------------------------------------------+
192 * +---------------------------------------------------------------+
197 uint16_t *num_values;
198 uint8_t *values_types;
201 typedef struct part_values_s part_values_t;
203 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
204 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
205 * +-------------------------------+-------------------------------+
207 * +-------------------------------+-------------------------------+
208 * ! Hash (Bits 0 - 31) !
210 * ! Hash (Bits 224 - 255) !
211 * +---------------------------------------------------------------+
214 #define PART_SIGNATURE_SHA256_SIZE 36
215 struct part_signature_sha256_s
218 unsigned char hash[32];
221 typedef struct part_signature_sha256_s part_signature_sha256_t;
223 /* 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
224 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
225 * +-------------------------------+-------------------------------+
227 * +-------------------------------+-------------------------------+
228 * ! Original length ! Padding (0 - 15 bytes) !
229 * +-------------------------------+-------------------------------+
230 * ! Hash (Bits 0 - 31) !
232 * ! Hash (Bits 128 - 159) !
233 * +---------------------------------------------------------------+
236 #define PART_ENCRYPTION_AES256_SIZE 42
237 struct part_encryption_aes256_s
240 uint16_t username_length;
242 unsigned char iv[16];
244 unsigned char hash[20];
248 typedef struct part_encryption_aes256_s part_encryption_aes256_t;
250 struct receive_list_entry_s
255 struct receive_list_entry_s *next;
257 typedef struct receive_list_entry_s receive_list_entry_t;
262 static int network_config_ttl = 0;
263 static size_t network_config_packet_size = 1024;
264 static int network_config_forward = 0;
265 static int network_config_stats = 0;
267 static sockent_t *sending_sockets = NULL;
269 static receive_list_entry_t *receive_list_head = NULL;
270 static receive_list_entry_t *receive_list_tail = NULL;
271 static pthread_mutex_t receive_list_lock = PTHREAD_MUTEX_INITIALIZER;
272 static pthread_cond_t receive_list_cond = PTHREAD_COND_INITIALIZER;
273 static uint64_t receive_list_length = 0;
275 static sockent_t *listen_sockets = NULL;
276 static struct pollfd *listen_sockets_pollfd = NULL;
277 static size_t listen_sockets_num = 0;
279 /* The receive and dispatch threads will run as long as `listen_loop' is set to
281 static int listen_loop = 0;
282 static int receive_thread_running = 0;
283 static pthread_t receive_thread_id;
284 static int dispatch_thread_running = 0;
285 static pthread_t dispatch_thread_id;
287 /* Buffer in which to-be-sent network packets are constructed. */
288 static char *send_buffer;
289 static char *send_buffer_ptr;
290 static int send_buffer_fill;
291 static value_list_t send_buffer_vl = VALUE_LIST_STATIC;
292 static pthread_mutex_t send_buffer_lock = PTHREAD_MUTEX_INITIALIZER;
294 /* XXX: These counters are incremented from one place only. The spot in which
295 * the values are incremented is either only reachable by one thread (the
296 * dispatch thread, for example) or locked by some lock (send_buffer_lock for
297 * example). Only if neither is true, the stats_lock is acquired. The counters
298 * are always read without holding a lock in the hope that writing 8 bytes to
299 * memory is an atomic operation. */
300 static uint64_t stats_octets_rx = 0;
301 static uint64_t stats_octets_tx = 0;
302 static uint64_t stats_packets_rx = 0;
303 static uint64_t stats_packets_tx = 0;
304 static uint64_t stats_values_dispatched = 0;
305 static uint64_t stats_values_not_dispatched = 0;
306 static uint64_t stats_values_sent = 0;
307 static uint64_t stats_values_not_sent = 0;
308 static pthread_mutex_t stats_lock = PTHREAD_MUTEX_INITIALIZER;
313 static _Bool check_receive_okay (const value_list_t *vl) /* {{{ */
315 uint64_t time_sent = 0;
318 status = uc_meta_data_get_unsigned_int (vl,
319 "network:time_sent", &time_sent);
321 /* This is a value we already sent. Don't allow it to be received again in
322 * order to avoid looping. */
323 if ((status == 0) && (time_sent >= ((uint64_t) vl->time)))
327 } /* }}} _Bool check_receive_okay */
329 static _Bool check_send_okay (const value_list_t *vl) /* {{{ */
331 _Bool received = false;
334 if (network_config_forward != 0)
337 if (vl->meta == NULL)
340 status = meta_data_get_boolean (vl->meta, "network:received", &received);
341 if (status == -ENOENT)
343 else if (status != 0)
345 ERROR ("network plugin: check_send_okay: meta_data_get_boolean failed "
346 "with status %i.", status);
350 /* By default, only *send* value lists that were not *received* by the
353 } /* }}} _Bool check_send_okay */
355 static _Bool check_notify_received (const notification_t *n) /* {{{ */
357 notification_meta_t *ptr;
359 for (ptr = n->meta; ptr != NULL; ptr = ptr->next)
360 if ((strcmp ("network:received", ptr->name) == 0)
361 && (ptr->type == NM_TYPE_BOOLEAN))
362 return ((_Bool) ptr->nm_value.nm_boolean);
365 } /* }}} _Bool check_notify_received */
367 static _Bool check_send_notify_okay (const notification_t *n) /* {{{ */
369 static c_complain_t complain_forwarding = C_COMPLAIN_INIT_STATIC;
375 received = check_notify_received (n);
377 if (network_config_forward && received)
379 c_complain_once (LOG_ERR, &complain_forwarding,
380 "network plugin: A notification has been received via the network "
381 "forwarding if enabled. Forwarding of notifications is currently "
382 "not supported, because there is not loop-deteciton available. "
383 "Please contact the collectd mailing list if you need this "
387 /* By default, only *send* value lists that were not *received* by the
390 } /* }}} _Bool check_send_notify_okay */
392 static int network_dispatch_values (value_list_t *vl, /* {{{ */
393 const char *username)
398 || (strlen (vl->host) <= 0)
399 || (strlen (vl->plugin) <= 0)
400 || (strlen (vl->type) <= 0))
403 if (!check_receive_okay (vl))
406 char name[6*DATA_MAX_NAME_LEN];
407 FORMAT_VL (name, sizeof (name), vl);
408 name[sizeof (name) - 1] = 0;
409 DEBUG ("network plugin: network_dispatch_values: "
410 "NOT dispatching %s.", name);
412 stats_values_not_dispatched++;
416 assert (vl->meta == NULL);
418 vl->meta = meta_data_create ();
419 if (vl->meta == NULL)
421 ERROR ("network plugin: meta_data_create failed.");
425 status = meta_data_add_boolean (vl->meta, "network:received", true);
428 ERROR ("network plugin: meta_data_add_boolean failed.");
429 meta_data_destroy (vl->meta);
434 if (username != NULL)
436 status = meta_data_add_string (vl->meta, "network:username", username);
439 ERROR ("network plugin: meta_data_add_string failed.");
440 meta_data_destroy (vl->meta);
446 plugin_dispatch_values_secure (vl);
447 stats_values_dispatched++;
449 meta_data_destroy (vl->meta);
453 } /* }}} int network_dispatch_values */
455 static int network_dispatch_notification (notification_t *n) /* {{{ */
459 assert (n->meta == NULL);
461 status = plugin_notification_meta_add_boolean (n, "network:received", 1);
464 ERROR ("network plugin: plugin_notification_meta_add_boolean failed.");
465 plugin_notification_meta_free (n->meta);
470 status = plugin_dispatch_notification (n);
472 plugin_notification_meta_free (n->meta);
476 } /* }}} int network_dispatch_notification */
479 static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
480 const void *iv, size_t iv_size, const char *username)
483 gcry_cipher_hd_t *cyper_ptr;
484 unsigned char password_hash[32];
486 if (se->type == SOCKENT_TYPE_CLIENT)
488 cyper_ptr = &se->data.client.cypher;
489 memcpy (password_hash, se->data.client.password_hash,
490 sizeof (password_hash));
496 cyper_ptr = &se->data.server.cypher;
498 if (username == NULL)
501 secret = fbh_get (se->data.server.userdb, username);
505 gcry_md_hash_buffer (GCRY_MD_SHA256,
507 secret, strlen (secret));
512 if (*cyper_ptr == NULL)
514 err = gcry_cipher_open (cyper_ptr,
515 GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_OFB, /* flags = */ 0);
518 ERROR ("network plugin: gcry_cipher_open returned: %s",
519 gcry_strerror (err));
526 gcry_cipher_reset (*cyper_ptr);
528 assert (*cyper_ptr != NULL);
530 err = gcry_cipher_setkey (*cyper_ptr,
531 password_hash, sizeof (password_hash));
534 ERROR ("network plugin: gcry_cipher_setkey returned: %s",
535 gcry_strerror (err));
536 gcry_cipher_close (*cyper_ptr);
541 err = gcry_cipher_setiv (*cyper_ptr, iv, iv_size);
544 ERROR ("network plugin: gcry_cipher_setkey returned: %s",
545 gcry_strerror (err));
546 gcry_cipher_close (*cyper_ptr);
552 } /* }}} int network_get_aes256_cypher */
553 #endif /* HAVE_LIBGCRYPT */
555 static int write_part_values (char **ret_buffer, int *ret_buffer_len,
556 const data_set_t *ds, const value_list_t *vl)
562 part_header_t pkg_ph;
563 uint16_t pkg_num_values;
564 uint8_t *pkg_values_types;
570 num_values = vl->values_len;
571 packet_len = sizeof (part_header_t) + sizeof (uint16_t)
572 + (num_values * sizeof (uint8_t))
573 + (num_values * sizeof (value_t));
575 if (*ret_buffer_len < packet_len)
578 pkg_values_types = (uint8_t *) malloc (num_values * sizeof (uint8_t));
579 if (pkg_values_types == NULL)
581 ERROR ("network plugin: write_part_values: malloc failed.");
585 pkg_values = (value_t *) malloc (num_values * sizeof (value_t));
586 if (pkg_values == NULL)
588 free (pkg_values_types);
589 ERROR ("network plugin: write_part_values: malloc failed.");
593 pkg_ph.type = htons (TYPE_VALUES);
594 pkg_ph.length = htons (packet_len);
596 pkg_num_values = htons ((uint16_t) vl->values_len);
598 for (i = 0; i < num_values; i++)
600 pkg_values_types[i] = (uint8_t) ds->ds[i].type;
601 switch (ds->ds[i].type)
603 case DS_TYPE_COUNTER:
604 pkg_values[i].counter = htonll (vl->values[i].counter);
608 pkg_values[i].gauge = htond (vl->values[i].gauge);
612 pkg_values[i].derive = htonll (vl->values[i].derive);
615 case DS_TYPE_ABSOLUTE:
616 pkg_values[i].absolute = htonll (vl->values[i].absolute);
620 free (pkg_values_types);
622 ERROR ("network plugin: write_part_values: "
623 "Unknown data source type: %i",
626 } /* switch (ds->ds[i].type) */
627 } /* for (num_values) */
630 * Use `memcpy' to write everything to the buffer, because the pointer
631 * may be unaligned and some architectures, such as SPARC, can't handle
634 packet_ptr = *ret_buffer;
636 memcpy (packet_ptr + offset, &pkg_ph, sizeof (pkg_ph));
637 offset += sizeof (pkg_ph);
638 memcpy (packet_ptr + offset, &pkg_num_values, sizeof (pkg_num_values));
639 offset += sizeof (pkg_num_values);
640 memcpy (packet_ptr + offset, pkg_values_types, num_values * sizeof (uint8_t));
641 offset += num_values * sizeof (uint8_t);
642 memcpy (packet_ptr + offset, pkg_values, num_values * sizeof (value_t));
643 offset += num_values * sizeof (value_t);
645 assert (offset == packet_len);
647 *ret_buffer = packet_ptr + packet_len;
648 *ret_buffer_len -= packet_len;
650 free (pkg_values_types);
654 } /* int write_part_values */
656 static int write_part_number (char **ret_buffer, int *ret_buffer_len,
657 int type, uint64_t value)
662 part_header_t pkg_head;
667 packet_len = sizeof (pkg_head) + sizeof (pkg_value);
669 if (*ret_buffer_len < packet_len)
672 pkg_head.type = htons (type);
673 pkg_head.length = htons (packet_len);
674 pkg_value = htonll (value);
676 packet_ptr = *ret_buffer;
678 memcpy (packet_ptr + offset, &pkg_head, sizeof (pkg_head));
679 offset += sizeof (pkg_head);
680 memcpy (packet_ptr + offset, &pkg_value, sizeof (pkg_value));
681 offset += sizeof (pkg_value);
683 assert (offset == packet_len);
685 *ret_buffer = packet_ptr + packet_len;
686 *ret_buffer_len -= packet_len;
689 } /* int write_part_number */
691 static int write_part_string (char **ret_buffer, int *ret_buffer_len,
692 int type, const char *str, int str_len)
702 buffer_len = 2 * sizeof (uint16_t) + str_len + 1;
703 if (*ret_buffer_len < buffer_len)
706 pkg_type = htons (type);
707 pkg_length = htons (buffer_len);
709 buffer = *ret_buffer;
711 memcpy (buffer + offset, (void *) &pkg_type, sizeof (pkg_type));
712 offset += sizeof (pkg_type);
713 memcpy (buffer + offset, (void *) &pkg_length, sizeof (pkg_length));
714 offset += sizeof (pkg_length);
715 memcpy (buffer + offset, str, str_len);
717 memset (buffer + offset, '\0', 1);
720 assert (offset == buffer_len);
722 *ret_buffer = buffer + buffer_len;
723 *ret_buffer_len -= buffer_len;
726 } /* int write_part_string */
728 static int parse_part_values (void **ret_buffer, size_t *ret_buffer_len,
729 value_t **ret_values, int *ret_num_values)
731 char *buffer = *ret_buffer;
732 size_t buffer_len = *ret_buffer_len;
747 NOTICE ("network plugin: packet is too short: "
748 "buffer_len = %zu", buffer_len);
752 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
753 buffer += sizeof (tmp16);
754 pkg_type = ntohs (tmp16);
756 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
757 buffer += sizeof (tmp16);
758 pkg_length = ntohs (tmp16);
760 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
761 buffer += sizeof (tmp16);
762 pkg_numval = ntohs (tmp16);
764 assert (pkg_type == TYPE_VALUES);
766 exp_size = 3 * sizeof (uint16_t)
767 + pkg_numval * (sizeof (uint8_t) + sizeof (value_t));
768 if (buffer_len < exp_size)
770 WARNING ("network plugin: parse_part_values: "
772 "Chunk of size %zu expected, "
773 "but buffer has only %zu bytes left.",
774 exp_size, buffer_len);
778 if (pkg_length != exp_size)
780 WARNING ("network plugin: parse_part_values: "
781 "Length and number of values "
782 "in the packet don't match.");
786 pkg_types = (uint8_t *) malloc (pkg_numval * sizeof (uint8_t));
787 pkg_values = (value_t *) malloc (pkg_numval * sizeof (value_t));
788 if ((pkg_types == NULL) || (pkg_values == NULL))
792 ERROR ("network plugin: parse_part_values: malloc failed.");
796 memcpy ((void *) pkg_types, (void *) buffer, pkg_numval * sizeof (uint8_t));
797 buffer += pkg_numval * sizeof (uint8_t);
798 memcpy ((void *) pkg_values, (void *) buffer, pkg_numval * sizeof (value_t));
799 buffer += pkg_numval * sizeof (value_t);
801 for (i = 0; i < pkg_numval; i++)
803 switch (pkg_types[i])
805 case DS_TYPE_COUNTER:
806 pkg_values[i].counter = (counter_t) ntohll (pkg_values[i].counter);
810 pkg_values[i].gauge = (gauge_t) ntohd (pkg_values[i].gauge);
814 pkg_values[i].derive = (derive_t) ntohll (pkg_values[i].derive);
817 case DS_TYPE_ABSOLUTE:
818 pkg_values[i].absolute = (absolute_t) ntohll (pkg_values[i].absolute);
822 NOTICE ("network plugin: parse_part_values: "
823 "Don't know how to handle data source type %"PRIu8,
828 } /* switch (pkg_types[i]) */
831 *ret_buffer = buffer;
832 *ret_buffer_len = buffer_len - pkg_length;
833 *ret_num_values = pkg_numval;
834 *ret_values = pkg_values;
839 } /* int parse_part_values */
841 static int parse_part_number (void **ret_buffer, size_t *ret_buffer_len,
844 char *buffer = *ret_buffer;
845 size_t buffer_len = *ret_buffer_len;
849 size_t exp_size = 2 * sizeof (uint16_t) + sizeof (uint64_t);
853 if (buffer_len < exp_size)
855 WARNING ("network plugin: parse_part_number: "
857 "Chunk of size %zu expected, "
858 "but buffer has only %zu bytes left.",
859 exp_size, buffer_len);
863 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
864 buffer += sizeof (tmp16);
865 /* pkg_type = ntohs (tmp16); */
867 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
868 buffer += sizeof (tmp16);
869 pkg_length = ntohs (tmp16);
871 memcpy ((void *) &tmp64, buffer, sizeof (tmp64));
872 buffer += sizeof (tmp64);
873 *value = ntohll (tmp64);
875 *ret_buffer = buffer;
876 *ret_buffer_len = buffer_len - pkg_length;
879 } /* int parse_part_number */
881 static int parse_part_string (void **ret_buffer, size_t *ret_buffer_len,
882 char *output, int output_len)
884 char *buffer = *ret_buffer;
885 size_t buffer_len = *ret_buffer_len;
888 size_t header_size = 2 * sizeof (uint16_t);
892 if (buffer_len < header_size)
894 WARNING ("network plugin: parse_part_string: "
896 "Chunk of at least size %zu expected, "
897 "but buffer has only %zu bytes left.",
898 header_size, buffer_len);
902 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
903 buffer += sizeof (tmp16);
904 /* pkg_type = ntohs (tmp16); */
906 memcpy ((void *) &tmp16, buffer, sizeof (tmp16));
907 buffer += sizeof (tmp16);
908 pkg_length = ntohs (tmp16);
910 /* Check that packet fits in the input buffer */
911 if (pkg_length > buffer_len)
913 WARNING ("network plugin: parse_part_string: "
915 "Chunk of size %"PRIu16" received, "
916 "but buffer has only %zu bytes left.",
917 pkg_length, buffer_len);
921 /* Check that pkg_length is in the valid range */
922 if (pkg_length <= header_size)
924 WARNING ("network plugin: parse_part_string: "
926 "Header claims this packet is only %hu "
927 "bytes long.", pkg_length);
931 /* Check that the package data fits into the output buffer.
932 * The previous if-statement ensures that:
933 * `pkg_length > header_size' */
935 || ((size_t) output_len < ((size_t) pkg_length - header_size)))
937 WARNING ("network plugin: parse_part_string: "
938 "Output buffer too small.");
942 /* All sanity checks successfull, let's copy the data over */
943 output_len = pkg_length - header_size;
944 memcpy ((void *) output, (void *) buffer, output_len);
945 buffer += output_len;
947 /* For some very weird reason '\0' doesn't do the trick on SPARC in
949 if (output[output_len - 1] != 0)
951 WARNING ("network plugin: parse_part_string: "
952 "Received string does not end "
953 "with a NULL-byte.");
957 *ret_buffer = buffer;
958 *ret_buffer_len = buffer_len - pkg_length;
961 } /* int parse_part_string */
963 /* Forward declaration: parse_part_sign_sha256 and parse_part_encr_aes256 call
964 * parse_packet and vice versa. */
965 #define PP_SIGNED 0x01
966 #define PP_ENCRYPTED 0x02
967 static int parse_packet (sockent_t *se,
968 void *buffer, size_t buffer_size, int flags,
969 const char *username);
971 #define BUFFER_READ(p,s) do { \
972 memcpy ((p), buffer + buffer_offset, (s)); \
973 buffer_offset += (s); \
977 static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
978 void **ret_buffer, size_t *ret_buffer_len, int flags)
980 static c_complain_t complain_no_users = C_COMPLAIN_INIT_STATIC;
984 size_t buffer_offset;
989 part_signature_sha256_t pss;
990 uint16_t pss_head_length;
991 char hash[sizeof (pss.hash)];
995 unsigned char *hash_ptr;
997 buffer = *ret_buffer;
998 buffer_len = *ret_buffer_len;
1001 if (se->data.server.userdb == NULL)
1003 c_complain (LOG_NOTICE, &complain_no_users,
1004 "network plugin: Received signed network packet but can't verify it "
1005 "because no user DB has been configured. Will accept it.");
1009 /* Check if the buffer has enough data for this structure. */
1010 if (buffer_len <= PART_SIGNATURE_SHA256_SIZE)
1013 /* Read type and length header */
1014 BUFFER_READ (&pss.head.type, sizeof (pss.head.type));
1015 BUFFER_READ (&pss.head.length, sizeof (pss.head.length));
1016 pss_head_length = ntohs (pss.head.length);
1018 /* Check if the `pss_head_length' is within bounds. */
1019 if ((pss_head_length <= PART_SIGNATURE_SHA256_SIZE)
1020 || (pss_head_length > buffer_len))
1022 ERROR ("network plugin: HMAC-SHA-256 with invalid length received.");
1026 /* Copy the hash. */
1027 BUFFER_READ (pss.hash, sizeof (pss.hash));
1029 /* Calculate username length (without null byte) and allocate memory */
1030 username_len = pss_head_length - PART_SIGNATURE_SHA256_SIZE;
1031 pss.username = malloc (username_len + 1);
1032 if (pss.username == NULL)
1035 /* Read the username */
1036 BUFFER_READ (pss.username, username_len);
1037 pss.username[username_len] = 0;
1039 assert (buffer_offset == pss_head_length);
1041 /* Query the password */
1042 secret = fbh_get (se->data.server.userdb, pss.username);
1045 ERROR ("network plugin: Unknown user: %s", pss.username);
1046 sfree (pss.username);
1050 /* Create a hash device and check the HMAC */
1052 err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
1055 ERROR ("network plugin: Creating HMAC-SHA-256 object failed: %s",
1056 gcry_strerror (err));
1058 sfree (pss.username);
1062 err = gcry_md_setkey (hd, secret, strlen (secret));
1065 ERROR ("network plugin: gcry_md_setkey failed: %s", gcry_strerror (err));
1068 sfree (pss.username);
1073 buffer + PART_SIGNATURE_SHA256_SIZE,
1074 buffer_len - PART_SIGNATURE_SHA256_SIZE);
1075 hash_ptr = gcry_md_read (hd, GCRY_MD_SHA256);
1076 if (hash_ptr == NULL)
1078 ERROR ("network plugin: gcry_md_read failed.");
1081 sfree (pss.username);
1084 memcpy (hash, hash_ptr, sizeof (hash));
1090 if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
1092 WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
1097 parse_packet (se, buffer + buffer_offset, buffer_len - buffer_offset,
1098 flags | PP_SIGNED, pss.username);
1102 sfree (pss.username);
1104 *ret_buffer = buffer + buffer_len;
1105 *ret_buffer_len = 0;
1108 } /* }}} int parse_part_sign_sha256 */
1109 /* #endif HAVE_LIBGCRYPT */
1111 #else /* if !HAVE_LIBGCRYPT */
1112 static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
1113 void **ret_buffer, size_t *ret_buffer_size, int flags)
1115 static int warning_has_been_printed = 0;
1119 size_t buffer_offset;
1122 part_signature_sha256_t pss;
1124 buffer = *ret_buffer;
1125 buffer_size = *ret_buffer_size;
1128 if (buffer_size <= PART_SIGNATURE_SHA256_SIZE)
1131 BUFFER_READ (&pss.head.type, sizeof (pss.head.type));
1132 BUFFER_READ (&pss.head.length, sizeof (pss.head.length));
1133 part_len = ntohs (pss.head.length);
1135 if ((part_len <= PART_SIGNATURE_SHA256_SIZE)
1136 || (part_len > buffer_size))
1139 if (warning_has_been_printed == 0)
1141 WARNING ("network plugin: Received signed packet, but the network "
1142 "plugin was not linked with libgcrypt, so I cannot "
1143 "verify the signature. The packet will be accepted.");
1144 warning_has_been_printed = 1;
1147 parse_packet (se, buffer + part_len, buffer_size - part_len, flags,
1148 /* username = */ NULL);
1150 *ret_buffer = buffer + buffer_size;
1151 *ret_buffer_size = 0;
1154 } /* }}} int parse_part_sign_sha256 */
1155 #endif /* !HAVE_LIBGCRYPT */
1158 static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
1159 void **ret_buffer, size_t *ret_buffer_len,
1162 char *buffer = *ret_buffer;
1163 size_t buffer_len = *ret_buffer_len;
1166 size_t buffer_offset;
1167 uint16_t username_len;
1168 part_encryption_aes256_t pea;
1169 unsigned char hash[sizeof (pea.hash)];
1171 gcry_cipher_hd_t cypher;
1174 /* Make sure at least the header if available. */
1175 if (buffer_len <= PART_ENCRYPTION_AES256_SIZE)
1177 NOTICE ("network plugin: parse_part_encr_aes256: "
1178 "Discarding short packet.");
1184 /* Copy the unencrypted information into `pea'. */
1185 BUFFER_READ (&pea.head.type, sizeof (pea.head.type));
1186 BUFFER_READ (&pea.head.length, sizeof (pea.head.length));
1188 /* Check the `part size'. */
1189 part_size = ntohs (pea.head.length);
1190 if ((part_size <= PART_ENCRYPTION_AES256_SIZE)
1191 || (part_size > buffer_len))
1193 NOTICE ("network plugin: parse_part_encr_aes256: "
1194 "Discarding part with invalid size.");
1198 /* Read the username */
1199 BUFFER_READ (&username_len, sizeof (username_len));
1200 username_len = ntohs (username_len);
1202 if ((username_len <= 0)
1203 || (username_len > (part_size - (PART_ENCRYPTION_AES256_SIZE + 1))))
1205 NOTICE ("network plugin: parse_part_encr_aes256: "
1206 "Discarding part with invalid username length.");
1210 assert (username_len > 0);
1211 pea.username = malloc (username_len + 1);
1212 if (pea.username == NULL)
1214 BUFFER_READ (pea.username, username_len);
1215 pea.username[username_len] = 0;
1217 /* Last but not least, the initialization vector */
1218 BUFFER_READ (pea.iv, sizeof (pea.iv));
1220 /* Make sure we are at the right position */
1221 assert (buffer_offset == (username_len +
1222 PART_ENCRYPTION_AES256_SIZE - sizeof (pea.hash)));
1224 cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
1228 sfree (pea.username);
1232 payload_len = part_size - (PART_ENCRYPTION_AES256_SIZE + username_len);
1233 assert (payload_len > 0);
1235 /* Decrypt the packet in-place */
1236 err = gcry_cipher_decrypt (cypher,
1237 buffer + buffer_offset,
1238 part_size - buffer_offset,
1239 /* in = */ NULL, /* in len = */ 0);
1242 sfree (pea.username);
1243 ERROR ("network plugin: gcry_cipher_decrypt returned: %s",
1244 gcry_strerror (err));
1249 BUFFER_READ (pea.hash, sizeof (pea.hash));
1251 /* Make sure we're at the right position - again */
1252 assert (buffer_offset == (username_len + PART_ENCRYPTION_AES256_SIZE));
1253 assert (buffer_offset == (part_size - payload_len));
1255 /* Check hash sum */
1256 memset (hash, 0, sizeof (hash));
1257 gcry_md_hash_buffer (GCRY_MD_SHA1, hash,
1258 buffer + buffer_offset, payload_len);
1259 if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
1261 sfree (pea.username);
1262 ERROR ("network plugin: Decryption failed: Checksum mismatch.");
1266 parse_packet (se, buffer + buffer_offset, payload_len,
1267 flags | PP_ENCRYPTED, pea.username);
1269 /* XXX: Free pea.username?!? */
1271 /* Update return values */
1272 *ret_buffer = buffer + part_size;
1273 *ret_buffer_len = buffer_len - part_size;
1275 sfree (pea.username);
1278 } /* }}} int parse_part_encr_aes256 */
1279 /* #endif HAVE_LIBGCRYPT */
1281 #else /* if !HAVE_LIBGCRYPT */
1282 static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
1283 void **ret_buffer, size_t *ret_buffer_size, int flags)
1285 static int warning_has_been_printed = 0;
1289 size_t buffer_offset;
1294 buffer = *ret_buffer;
1295 buffer_size = *ret_buffer_size;
1298 /* parse_packet assures this minimum size. */
1299 assert (buffer_size >= (sizeof (ph.type) + sizeof (ph.length)));
1301 BUFFER_READ (&ph.type, sizeof (ph.type));
1302 BUFFER_READ (&ph.length, sizeof (ph.length));
1303 ph_length = ntohs (ph.length);
1305 if ((ph_length <= PART_ENCRYPTION_AES256_SIZE)
1306 || (ph_length > buffer_size))
1308 ERROR ("network plugin: AES-256 encrypted part "
1309 "with invalid length received.");
1313 if (warning_has_been_printed == 0)
1315 WARNING ("network plugin: Received encrypted packet, but the network "
1316 "plugin was not linked with libgcrypt, so I cannot "
1317 "decrypt it. The part will be discarded.");
1318 warning_has_been_printed = 1;
1321 *ret_buffer += ph_length;
1322 *ret_buffer_size -= ph_length;
1325 } /* }}} int parse_part_encr_aes256 */
1326 #endif /* !HAVE_LIBGCRYPT */
1330 static int parse_packet (sockent_t *se, /* {{{ */
1331 void *buffer, size_t buffer_size, int flags,
1332 const char *username)
1336 value_list_t vl = VALUE_LIST_INIT;
1340 int packet_was_signed = (flags & PP_SIGNED);
1341 int packet_was_encrypted = (flags & PP_ENCRYPTED);
1342 int printed_ignore_warning = 0;
1343 #endif /* HAVE_LIBGCRYPT */
1346 memset (&vl, '\0', sizeof (vl));
1347 memset (&n, '\0', sizeof (n));
1350 while ((status == 0) && (0 < buffer_size)
1351 && ((unsigned int) buffer_size > sizeof (part_header_t)))
1353 uint16_t pkg_length;
1356 memcpy ((void *) &pkg_type,
1359 memcpy ((void *) &pkg_length,
1360 (void *) (buffer + sizeof (pkg_type)),
1361 sizeof (pkg_length));
1363 pkg_length = ntohs (pkg_length);
1364 pkg_type = ntohs (pkg_type);
1366 if (pkg_length > buffer_size)
1368 /* Ensure that this loop terminates eventually */
1369 if (pkg_length < (2 * sizeof (uint16_t)))
1372 if (pkg_type == TYPE_ENCR_AES256)
1374 status = parse_part_encr_aes256 (se,
1375 &buffer, &buffer_size, flags);
1378 ERROR ("network plugin: Decrypting AES256 "
1380 "with status %i.", status);
1385 else if ((se->data.server.security_level == SECURITY_LEVEL_ENCRYPT)
1386 && (packet_was_encrypted == 0))
1388 if (printed_ignore_warning == 0)
1390 INFO ("network plugin: Unencrypted packet or "
1391 "part has been ignored.");
1392 printed_ignore_warning = 1;
1394 buffer = ((char *) buffer) + pkg_length;
1397 #endif /* HAVE_LIBGCRYPT */
1398 else if (pkg_type == TYPE_SIGN_SHA256)
1400 status = parse_part_sign_sha256 (se,
1401 &buffer, &buffer_size, flags);
1404 ERROR ("network plugin: Verifying HMAC-SHA-256 "
1406 "with status %i.", status);
1411 else if ((se->data.server.security_level == SECURITY_LEVEL_SIGN)
1412 && (packet_was_encrypted == 0)
1413 && (packet_was_signed == 0))
1415 if (printed_ignore_warning == 0)
1417 INFO ("network plugin: Unsigned packet or "
1418 "part has been ignored.");
1419 printed_ignore_warning = 1;
1421 buffer = ((char *) buffer) + pkg_length;
1424 #endif /* HAVE_LIBGCRYPT */
1425 else if (pkg_type == TYPE_VALUES)
1427 status = parse_part_values (&buffer, &buffer_size,
1428 &vl.values, &vl.values_len);
1432 network_dispatch_values (&vl, username);
1436 else if (pkg_type == TYPE_TIME)
1439 status = parse_part_number (&buffer, &buffer_size,
1443 vl.time = (time_t) tmp;
1444 n.time = (time_t) tmp;
1447 else if (pkg_type == TYPE_INTERVAL)
1450 status = parse_part_number (&buffer, &buffer_size,
1453 vl.interval = (int) tmp;
1455 else if (pkg_type == TYPE_HOST)
1457 status = parse_part_string (&buffer, &buffer_size,
1458 vl.host, sizeof (vl.host));
1460 sstrncpy (n.host, vl.host, sizeof (n.host));
1462 else if (pkg_type == TYPE_PLUGIN)
1464 status = parse_part_string (&buffer, &buffer_size,
1465 vl.plugin, sizeof (vl.plugin));
1467 sstrncpy (n.plugin, vl.plugin,
1470 else if (pkg_type == TYPE_PLUGIN_INSTANCE)
1472 status = parse_part_string (&buffer, &buffer_size,
1474 sizeof (vl.plugin_instance));
1476 sstrncpy (n.plugin_instance,
1478 sizeof (n.plugin_instance));
1480 else if (pkg_type == TYPE_TYPE)
1482 status = parse_part_string (&buffer, &buffer_size,
1483 vl.type, sizeof (vl.type));
1485 sstrncpy (n.type, vl.type, sizeof (n.type));
1487 else if (pkg_type == TYPE_TYPE_INSTANCE)
1489 status = parse_part_string (&buffer, &buffer_size,
1491 sizeof (vl.type_instance));
1493 sstrncpy (n.type_instance, vl.type_instance,
1494 sizeof (n.type_instance));
1496 else if (pkg_type == TYPE_MESSAGE)
1498 status = parse_part_string (&buffer, &buffer_size,
1499 n.message, sizeof (n.message));
1505 else if ((n.severity != NOTIF_FAILURE)
1506 && (n.severity != NOTIF_WARNING)
1507 && (n.severity != NOTIF_OKAY))
1509 INFO ("network plugin: "
1510 "Ignoring notification with "
1511 "unknown severity %i.",
1514 else if (n.time <= 0)
1516 INFO ("network plugin: "
1517 "Ignoring notification with "
1520 else if (strlen (n.message) <= 0)
1522 INFO ("network plugin: "
1523 "Ignoring notification with "
1524 "an empty message.");
1528 network_dispatch_notification (&n);
1531 else if (pkg_type == TYPE_SEVERITY)
1534 status = parse_part_number (&buffer, &buffer_size,
1537 n.severity = (int) tmp;
1541 DEBUG ("network plugin: parse_packet: Unknown part"
1542 " type: 0x%04hx", pkg_type);
1543 buffer = ((char *) buffer) + pkg_length;
1545 } /* while (buffer_size > sizeof (part_header_t)) */
1547 if (status == 0 && buffer_size > 0)
1548 WARNING ("network plugin: parse_packet: Received truncated "
1549 "packet, try increasing `MaxPacketSize'");
1552 } /* }}} int parse_packet */
1554 static void free_sockent_client (struct sockent_client *sec) /* {{{ */
1563 sfree (sec->username);
1564 sfree (sec->password);
1565 if (sec->cypher != NULL)
1566 gcry_cipher_close (sec->cypher);
1568 } /* }}} void free_sockent_client */
1570 static void free_sockent_server (struct sockent_server *ses) /* {{{ */
1574 for (i = 0; i < ses->fd_num; i++)
1576 if (ses->fd[i] >= 0)
1585 sfree (ses->auth_file);
1586 fbh_destroy (ses->userdb);
1587 if (ses->cypher != NULL)
1588 gcry_cipher_close (ses->cypher);
1590 } /* }}} void free_sockent_server */
1592 static void sockent_destroy (sockent_t *se) /* {{{ */
1596 DEBUG ("network plugin: sockent_destroy (se = %p);", (void *) se);
1603 sfree (se->service);
1605 if (se->type == SOCKENT_TYPE_CLIENT)
1606 free_sockent_client (&se->data.client);
1608 free_sockent_server (&se->data.server);
1613 } /* }}} void sockent_destroy */
1616 * int network_set_ttl
1618 * Set the `IP_MULTICAST_TTL', `IP_TTL', `IPV6_MULTICAST_HOPS' or
1619 * `IPV6_UNICAST_HOPS', depending on which option is applicable.
1621 * The `struct addrinfo' is used to destinguish between unicast and multicast
1624 static int network_set_ttl (const sockent_t *se, const struct addrinfo *ai)
1626 DEBUG ("network plugin: network_set_ttl: network_config_ttl = %i;",
1627 network_config_ttl);
1629 assert (se->type == SOCKENT_TYPE_CLIENT);
1631 if ((network_config_ttl < 1) || (network_config_ttl > 255))
1634 if (ai->ai_family == AF_INET)
1636 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1639 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1640 optname = IP_MULTICAST_TTL;
1644 if (setsockopt (se->data.client.fd, IPPROTO_IP, optname,
1645 &network_config_ttl,
1646 sizeof (network_config_ttl)) != 0)
1649 ERROR ("network plugin: setsockopt (ipv4-ttl): %s",
1650 sstrerror (errno, errbuf, sizeof (errbuf)));
1654 else if (ai->ai_family == AF_INET6)
1656 /* Useful example: http://gsyc.escet.urjc.es/~eva/IPv6-web/examples/mcast.html */
1657 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1660 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1661 optname = IPV6_MULTICAST_HOPS;
1663 optname = IPV6_UNICAST_HOPS;
1665 if (setsockopt (se->data.client.fd, IPPROTO_IPV6, optname,
1666 &network_config_ttl,
1667 sizeof (network_config_ttl)) != 0)
1670 ERROR ("network plugin: setsockopt(ipv6-ttl): %s",
1671 sstrerror (errno, errbuf,
1678 } /* int network_set_ttl */
1680 static int network_set_interface (const sockent_t *se, const struct addrinfo *ai) /* {{{ */
1682 DEBUG ("network plugin: network_set_interface: interface index = %i;",
1685 assert (se->type == SOCKENT_TYPE_CLIENT);
1687 if (ai->ai_family == AF_INET)
1689 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1691 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1693 #if HAVE_STRUCT_IP_MREQN_IMR_IFINDEX
1694 /* If possible, use the "ip_mreqn" structure which has
1695 * an "interface index" member. Using the interface
1696 * index is preferred here, because of its similarity
1697 * to the way IPv6 handles this. Unfortunately, it
1698 * appears not to be portable. */
1699 struct ip_mreqn mreq;
1701 memset (&mreq, 0, sizeof (mreq));
1702 mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
1703 mreq.imr_address.s_addr = ntohl (INADDR_ANY);
1704 mreq.imr_ifindex = se->interface;
1706 struct ip_mreq mreq;
1708 memset (&mreq, 0, sizeof (mreq));
1709 mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
1710 mreq.imr_interface.s_addr = ntohl (INADDR_ANY);
1713 if (setsockopt (se->data.client.fd, IPPROTO_IP, IP_MULTICAST_IF,
1714 &mreq, sizeof (mreq)) != 0)
1717 ERROR ("network plugin: setsockopt (ipv4-multicast-if): %s",
1718 sstrerror (errno, errbuf, sizeof (errbuf)));
1725 else if (ai->ai_family == AF_INET6)
1727 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1729 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1731 if (setsockopt (se->data.client.fd, IPPROTO_IPV6, IPV6_MULTICAST_IF,
1733 sizeof (se->interface)) != 0)
1736 ERROR ("network plugin: setsockopt (ipv6-multicast-if): %s",
1737 sstrerror (errno, errbuf,
1746 /* else: Not a multicast interface. */
1747 if (se->interface != 0)
1749 #if defined(HAVE_IF_INDEXTONAME) && HAVE_IF_INDEXTONAME && defined(SO_BINDTODEVICE)
1750 char interface_name[IFNAMSIZ];
1752 if (if_indextoname (se->interface, interface_name) == NULL)
1755 DEBUG ("network plugin: Binding socket to interface %s", interface_name);
1757 if (setsockopt (se->data.client.fd, SOL_SOCKET, SO_BINDTODEVICE,
1759 sizeof(interface_name)) == -1 )
1762 ERROR ("network plugin: setsockopt (bind-if): %s",
1763 sstrerror (errno, errbuf, sizeof (errbuf)));
1766 /* #endif HAVE_IF_INDEXTONAME && SO_BINDTODEVICE */
1769 WARNING ("network plugin: Cannot set the interface on a unicast "
1771 # if !defined(SO_BINDTODEVICE)
1772 "the \"SO_BINDTODEVICE\" socket option "
1774 "the \"if_indextoname\" function "
1776 "is not available on your system.");
1782 } /* }}} network_set_interface */
1784 static int network_bind_socket (int fd, const struct addrinfo *ai, const int interface_idx)
1793 /* allow multiple sockets to use the same PORT number */
1794 if (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR,
1795 &yes, sizeof(yes)) == -1) {
1797 ERROR ("network plugin: setsockopt (reuseaddr): %s",
1798 sstrerror (errno, errbuf, sizeof (errbuf)));
1802 DEBUG ("fd = %i; calling `bind'", fd);
1804 if (bind (fd, ai->ai_addr, ai->ai_addrlen) == -1)
1808 sstrerror (errno, errbuf, sizeof (errbuf)));
1812 if (ai->ai_family == AF_INET)
1814 struct sockaddr_in *addr = (struct sockaddr_in *) ai->ai_addr;
1815 if (IN_MULTICAST (ntohl (addr->sin_addr.s_addr)))
1817 #if HAVE_STRUCT_IP_MREQN_IMR_IFINDEX
1818 struct ip_mreqn mreq;
1820 struct ip_mreq mreq;
1823 DEBUG ("fd = %i; IPv4 multicast address found", fd);
1825 mreq.imr_multiaddr.s_addr = addr->sin_addr.s_addr;
1826 #if HAVE_STRUCT_IP_MREQN_IMR_IFINDEX
1827 /* Set the interface using the interface index if
1828 * possible (available). Unfortunately, the struct
1829 * ip_mreqn is not portable. */
1830 mreq.imr_address.s_addr = ntohl (INADDR_ANY);
1831 mreq.imr_ifindex = interface_idx;
1833 mreq.imr_interface.s_addr = ntohl (INADDR_ANY);
1836 if (setsockopt (fd, IPPROTO_IP, IP_MULTICAST_LOOP,
1837 &loop, sizeof (loop)) == -1)
1840 ERROR ("network plugin: setsockopt (multicast-loop): %s",
1841 sstrerror (errno, errbuf,
1846 if (setsockopt (fd, IPPROTO_IP, IP_ADD_MEMBERSHIP,
1847 &mreq, sizeof (mreq)) == -1)
1850 ERROR ("network plugin: setsockopt (add-membership): %s",
1851 sstrerror (errno, errbuf,
1859 else if (ai->ai_family == AF_INET6)
1861 /* Useful example: http://gsyc.escet.urjc.es/~eva/IPv6-web/examples/mcast.html */
1862 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) ai->ai_addr;
1863 if (IN6_IS_ADDR_MULTICAST (&addr->sin6_addr))
1865 struct ipv6_mreq mreq;
1867 DEBUG ("fd = %i; IPv6 multicast address found", fd);
1869 memcpy (&mreq.ipv6mr_multiaddr,
1871 sizeof (addr->sin6_addr));
1873 /* http://developer.apple.com/documentation/Darwin/Reference/ManPages/man4/ip6.4.html
1874 * ipv6mr_interface may be set to zeroes to
1875 * choose the default multicast interface or to
1876 * the index of a particular multicast-capable
1877 * interface if the host is multihomed.
1878 * Membership is associ-associated with a
1879 * single interface; programs running on
1880 * multihomed hosts may need to join the same
1881 * group on more than one interface.*/
1882 mreq.ipv6mr_interface = interface_idx;
1884 if (setsockopt (fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP,
1885 &loop, sizeof (loop)) == -1)
1888 ERROR ("network plugin: setsockopt (ipv6-multicast-loop): %s",
1889 sstrerror (errno, errbuf,
1894 if (setsockopt (fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP,
1895 &mreq, sizeof (mreq)) == -1)
1898 ERROR ("network plugin: setsockopt (ipv6-add-membership): %s",
1899 sstrerror (errno, errbuf,
1908 #if defined(HAVE_IF_INDEXTONAME) && HAVE_IF_INDEXTONAME && defined(SO_BINDTODEVICE)
1909 /* if a specific interface was set, bind the socket to it. But to avoid
1910 * possible problems with multicast routing, only do that for non-multicast
1912 if (interface_idx != 0)
1914 char interface_name[IFNAMSIZ];
1916 if (if_indextoname (interface_idx, interface_name) == NULL)
1919 DEBUG ("fd = %i; Binding socket to interface %s", fd, interface_name);
1921 if (setsockopt (fd, SOL_SOCKET, SO_BINDTODEVICE,
1923 sizeof(interface_name)) == -1 )
1926 ERROR ("network plugin: setsockopt (bind-if): %s",
1927 sstrerror (errno, errbuf, sizeof (errbuf)));
1931 #endif /* HAVE_IF_INDEXTONAME && SO_BINDTODEVICE */
1934 } /* int network_bind_socket */
1936 /* Initialize a sockent structure. `type' must be either `SOCKENT_TYPE_CLIENT'
1937 * or `SOCKENT_TYPE_SERVER' */
1938 static int sockent_init (sockent_t *se, int type) /* {{{ */
1943 memset (se, 0, sizeof (*se));
1945 se->type = SOCKENT_TYPE_CLIENT;
1951 if (type == SOCKENT_TYPE_SERVER)
1953 se->type = SOCKENT_TYPE_SERVER;
1954 se->data.server.fd = NULL;
1956 se->data.server.security_level = SECURITY_LEVEL_NONE;
1957 se->data.server.auth_file = NULL;
1958 se->data.server.userdb = NULL;
1959 se->data.server.cypher = NULL;
1964 se->data.client.fd = -1;
1965 se->data.client.addr = NULL;
1967 se->data.client.security_level = SECURITY_LEVEL_NONE;
1968 se->data.client.username = NULL;
1969 se->data.client.password = NULL;
1970 se->data.client.cypher = NULL;
1975 } /* }}} int sockent_init */
1977 /* Open the file descriptors for a initialized sockent structure. */
1978 static int sockent_open (sockent_t *se) /* {{{ */
1980 struct addrinfo ai_hints;
1981 struct addrinfo *ai_list, *ai_ptr;
1985 const char *service;
1990 /* Set up the security structures. */
1991 #if HAVE_LIBGCRYPT /* {{{ */
1992 if (se->type == SOCKENT_TYPE_CLIENT)
1994 if (se->data.client.security_level > SECURITY_LEVEL_NONE)
1996 if ((se->data.client.username == NULL)
1997 || (se->data.client.password == NULL))
1999 ERROR ("network plugin: Client socket with "
2000 "security requested, but no "
2001 "credentials are configured.");
2004 gcry_md_hash_buffer (GCRY_MD_SHA256,
2005 se->data.client.password_hash,
2006 se->data.client.password,
2007 strlen (se->data.client.password));
2010 else /* (se->type == SOCKENT_TYPE_SERVER) */
2012 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
2014 if (se->data.server.auth_file == NULL)
2016 ERROR ("network plugin: Server socket with "
2017 "security requested, but no "
2018 "password file is configured.");
2022 if (se->data.server.auth_file != NULL)
2024 se->data.server.userdb = fbh_create (se->data.server.auth_file);
2025 if (se->data.server.userdb == NULL)
2027 ERROR ("network plugin: Reading password file "
2029 se->data.server.auth_file);
2030 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
2035 #endif /* }}} HAVE_LIBGCRYPT */
2038 service = se->service;
2040 if (service == NULL)
2041 service = NET_DEFAULT_PORT;
2043 DEBUG ("network plugin: sockent_open: node = %s; service = %s;",
2046 memset (&ai_hints, 0, sizeof (ai_hints));
2047 ai_hints.ai_flags = 0;
2049 ai_hints.ai_flags |= AI_PASSIVE;
2051 #ifdef AI_ADDRCONFIG
2052 ai_hints.ai_flags |= AI_ADDRCONFIG;
2054 ai_hints.ai_family = AF_UNSPEC;
2055 ai_hints.ai_socktype = SOCK_DGRAM;
2056 ai_hints.ai_protocol = IPPROTO_UDP;
2058 ai_return = getaddrinfo (node, service, &ai_hints, &ai_list);
2061 ERROR ("network plugin: getaddrinfo (%s, %s) failed: %s",
2062 (se->node == NULL) ? "(null)" : se->node,
2063 (se->service == NULL) ? "(null)" : se->service,
2064 gai_strerror (ai_return));
2068 for (ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next)
2072 if (se->type == SOCKENT_TYPE_SERVER) /* {{{ */
2076 tmp = realloc (se->data.server.fd,
2077 sizeof (*tmp) * (se->data.server.fd_num + 1));
2080 ERROR ("network plugin: realloc failed.");
2083 se->data.server.fd = tmp;
2084 tmp = se->data.server.fd + se->data.server.fd_num;
2086 *tmp = socket (ai_ptr->ai_family, ai_ptr->ai_socktype,
2087 ai_ptr->ai_protocol);
2091 ERROR ("network plugin: socket(2) failed: %s",
2092 sstrerror (errno, errbuf,
2097 status = network_bind_socket (*tmp, ai_ptr, se->interface);
2105 se->data.server.fd_num++;
2107 } /* }}} if (se->type == SOCKENT_TYPE_SERVER) */
2108 else /* if (se->type == SOCKENT_TYPE_CLIENT) {{{ */
2110 se->data.client.fd = socket (ai_ptr->ai_family,
2111 ai_ptr->ai_socktype,
2112 ai_ptr->ai_protocol);
2113 if (se->data.client.fd < 0)
2116 ERROR ("network plugin: socket(2) failed: %s",
2117 sstrerror (errno, errbuf,
2122 se->data.client.addr = malloc (sizeof (*se->data.client.addr));
2123 if (se->data.client.addr == NULL)
2125 ERROR ("network plugin: malloc failed.");
2126 close (se->data.client.fd);
2127 se->data.client.fd = -1;
2131 memset (se->data.client.addr, 0, sizeof (*se->data.client.addr));
2132 assert (sizeof (*se->data.client.addr) >= ai_ptr->ai_addrlen);
2133 memcpy (se->data.client.addr, ai_ptr->ai_addr, ai_ptr->ai_addrlen);
2134 se->data.client.addrlen = ai_ptr->ai_addrlen;
2136 network_set_ttl (se, ai_ptr);
2137 network_set_interface (se, ai_ptr);
2139 /* We don't open more than one write-socket per
2140 * node/service pair.. */
2142 } /* }}} if (se->type == SOCKENT_TYPE_CLIENT) */
2143 } /* for (ai_list) */
2145 freeaddrinfo (ai_list);
2147 /* Check if all went well. */
2148 if (se->type == SOCKENT_TYPE_SERVER)
2150 if (se->data.server.fd_num <= 0)
2153 else /* if (se->type == SOCKENT_TYPE_CLIENT) */
2155 if (se->data.client.fd < 0)
2160 } /* }}} int sockent_open */
2162 /* Add a sockent to the global list of sockets */
2163 static int sockent_add (sockent_t *se) /* {{{ */
2165 sockent_t *last_ptr;
2170 if (se->type == SOCKENT_TYPE_SERVER)
2175 tmp = realloc (listen_sockets_pollfd,
2176 sizeof (*tmp) * (listen_sockets_num
2177 + se->data.server.fd_num));
2180 ERROR ("network plugin: realloc failed.");
2183 listen_sockets_pollfd = tmp;
2184 tmp = listen_sockets_pollfd + listen_sockets_num;
2186 for (i = 0; i < se->data.server.fd_num; i++)
2188 memset (tmp + i, 0, sizeof (*tmp));
2189 tmp[i].fd = se->data.server.fd[i];
2190 tmp[i].events = POLLIN | POLLPRI;
2194 listen_sockets_num += se->data.server.fd_num;
2196 if (listen_sockets == NULL)
2198 listen_sockets = se;
2201 last_ptr = listen_sockets;
2203 else /* if (se->type == SOCKENT_TYPE_CLIENT) */
2205 if (sending_sockets == NULL)
2207 sending_sockets = se;
2210 last_ptr = sending_sockets;
2213 while (last_ptr->next != NULL)
2214 last_ptr = last_ptr->next;
2215 last_ptr->next = se;
2218 } /* }}} int sockent_add */
2220 static void *dispatch_thread (void __attribute__((unused)) *arg) /* {{{ */
2224 receive_list_entry_t *ent;
2227 /* Lock and wait for more data to come in */
2228 pthread_mutex_lock (&receive_list_lock);
2229 while ((listen_loop == 0)
2230 && (receive_list_head == NULL))
2231 pthread_cond_wait (&receive_list_cond, &receive_list_lock);
2233 /* Remove the head entry and unlock */
2234 ent = receive_list_head;
2236 receive_list_head = ent->next;
2237 receive_list_length--;
2238 pthread_mutex_unlock (&receive_list_lock);
2240 /* Check whether we are supposed to exit. We do NOT check `listen_loop'
2241 * because we dispatch all missing packets before shutting down. */
2245 /* Look for the correct `sockent_t' */
2246 se = listen_sockets;
2251 for (i = 0; i < se->data.server.fd_num; i++)
2252 if (se->data.server.fd[i] == ent->fd)
2255 if (i < se->data.server.fd_num)
2263 ERROR ("network plugin: Got packet from FD %i, but can't "
2264 "find an appropriate socket entry.",
2271 parse_packet (se, ent->data, ent->data_len, /* flags = */ 0,
2272 /* username = */ NULL);
2278 } /* }}} void *dispatch_thread */
2280 static int network_receive (void) /* {{{ */
2282 char buffer[network_config_packet_size];
2288 receive_list_entry_t *private_list_head;
2289 receive_list_entry_t *private_list_tail;
2290 uint64_t private_list_length;
2292 assert (listen_sockets_num > 0);
2294 private_list_head = NULL;
2295 private_list_tail = NULL;
2296 private_list_length = 0;
2298 while (listen_loop == 0)
2300 status = poll (listen_sockets_pollfd, listen_sockets_num, -1);
2307 ERROR ("poll failed: %s",
2308 sstrerror (errno, errbuf, sizeof (errbuf)));
2312 for (i = 0; (i < listen_sockets_num) && (status > 0); i++)
2314 receive_list_entry_t *ent;
2316 if ((listen_sockets_pollfd[i].revents
2317 & (POLLIN | POLLPRI)) == 0)
2321 buffer_len = recv (listen_sockets_pollfd[i].fd,
2322 buffer, sizeof (buffer),
2327 ERROR ("recv failed: %s",
2328 sstrerror (errno, errbuf,
2333 stats_octets_rx += ((uint64_t) buffer_len);
2336 /* TODO: Possible performance enhancement: Do not free
2337 * these entries in the dispatch thread but put them in
2338 * another list, so we don't have to allocate more and
2339 * more of these structures. */
2340 ent = malloc (sizeof (receive_list_entry_t));
2343 ERROR ("network plugin: malloc failed.");
2346 memset (ent, 0, sizeof (receive_list_entry_t));
2347 ent->data = malloc (network_config_packet_size);
2348 if (ent->data == NULL)
2351 ERROR ("network plugin: malloc failed.");
2354 ent->fd = listen_sockets_pollfd[i].fd;
2357 memcpy (ent->data, buffer, buffer_len);
2358 ent->data_len = buffer_len;
2360 if (private_list_head == NULL)
2361 private_list_head = ent;
2363 private_list_tail->next = ent;
2364 private_list_tail = ent;
2365 private_list_length++;
2367 /* Do not block here. Blocking here has led to
2368 * insufficient performance in the past. */
2369 if (pthread_mutex_trylock (&receive_list_lock) == 0)
2371 assert (((receive_list_head == NULL) && (receive_list_length == 0))
2372 || ((receive_list_head != NULL) && (receive_list_length != 0)));
2374 if (receive_list_head == NULL)
2375 receive_list_head = private_list_head;
2377 receive_list_tail->next = private_list_head;
2378 receive_list_tail = private_list_tail;
2379 receive_list_length += private_list_length;
2381 pthread_cond_signal (&receive_list_cond);
2382 pthread_mutex_unlock (&receive_list_lock);
2384 private_list_head = NULL;
2385 private_list_tail = NULL;
2386 private_list_length = 0;
2388 } /* for (listen_sockets_pollfd) */
2389 } /* while (listen_loop == 0) */
2391 /* Make sure everything is dispatched before exiting. */
2392 if (private_list_head != NULL)
2394 pthread_mutex_lock (&receive_list_lock);
2396 if (receive_list_head == NULL)
2397 receive_list_head = private_list_head;
2399 receive_list_tail->next = private_list_head;
2400 receive_list_tail = private_list_tail;
2401 receive_list_length += private_list_length;
2403 private_list_head = NULL;
2404 private_list_tail = NULL;
2405 private_list_length = 0;
2407 pthread_cond_signal (&receive_list_cond);
2408 pthread_mutex_unlock (&receive_list_lock);
2412 } /* }}} int network_receive */
2414 static void *receive_thread (void __attribute__((unused)) *arg)
2416 return (network_receive () ? (void *) 1 : (void *) 0);
2417 } /* void *receive_thread */
2419 static void network_init_buffer (void)
2421 memset (send_buffer, 0, network_config_packet_size);
2422 send_buffer_ptr = send_buffer;
2423 send_buffer_fill = 0;
2425 memset (&send_buffer_vl, 0, sizeof (send_buffer_vl));
2426 } /* int network_init_buffer */
2428 static void networt_send_buffer_plain (const sockent_t *se, /* {{{ */
2429 const char *buffer, size_t buffer_size)
2435 status = sendto (se->data.client.fd, buffer, buffer_size,
2437 (struct sockaddr *) se->data.client.addr,
2438 se->data.client.addrlen);
2444 ERROR ("network plugin: sendto failed: %s",
2445 sstrerror (errno, errbuf,
2452 } /* }}} void networt_send_buffer_plain */
2455 #define BUFFER_ADD(p,s) do { \
2456 memcpy (buffer + buffer_offset, (p), (s)); \
2457 buffer_offset += (s); \
2460 static void networt_send_buffer_signed (const sockent_t *se, /* {{{ */
2461 const char *in_buffer, size_t in_buffer_size)
2463 part_signature_sha256_t ps;
2464 char buffer[BUFF_SIG_SIZE + in_buffer_size];
2465 size_t buffer_offset;
2466 size_t username_len;
2470 unsigned char *hash;
2473 err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
2476 ERROR ("network plugin: Creating HMAC object failed: %s",
2477 gcry_strerror (err));
2481 err = gcry_md_setkey (hd, se->data.client.password,
2482 strlen (se->data.client.password));
2485 ERROR ("network plugin: gcry_md_setkey failed: %s",
2486 gcry_strerror (err));
2491 username_len = strlen (se->data.client.username);
2492 if (username_len > (BUFF_SIG_SIZE - PART_SIGNATURE_SHA256_SIZE))
2494 ERROR ("network plugin: Username too long: %s",
2495 se->data.client.username);
2499 memcpy (buffer + PART_SIGNATURE_SHA256_SIZE,
2500 se->data.client.username, username_len);
2501 memcpy (buffer + PART_SIGNATURE_SHA256_SIZE + username_len,
2502 in_buffer, in_buffer_size);
2504 /* Initialize the `ps' structure. */
2505 memset (&ps, 0, sizeof (ps));
2506 ps.head.type = htons (TYPE_SIGN_SHA256);
2507 ps.head.length = htons (PART_SIGNATURE_SHA256_SIZE + username_len);
2509 /* Calculate the hash value. */
2510 gcry_md_write (hd, buffer + PART_SIGNATURE_SHA256_SIZE,
2511 username_len + in_buffer_size);
2512 hash = gcry_md_read (hd, GCRY_MD_SHA256);
2515 ERROR ("network plugin: gcry_md_read failed.");
2519 memcpy (ps.hash, hash, sizeof (ps.hash));
2521 /* Add the header */
2524 BUFFER_ADD (&ps.head.type, sizeof (ps.head.type));
2525 BUFFER_ADD (&ps.head.length, sizeof (ps.head.length));
2526 BUFFER_ADD (ps.hash, sizeof (ps.hash));
2528 assert (buffer_offset == PART_SIGNATURE_SHA256_SIZE);
2533 buffer_offset = PART_SIGNATURE_SHA256_SIZE + username_len + in_buffer_size;
2534 networt_send_buffer_plain (se, buffer, buffer_offset);
2535 } /* }}} void networt_send_buffer_signed */
2537 static void networt_send_buffer_encrypted (sockent_t *se, /* {{{ */
2538 const char *in_buffer, size_t in_buffer_size)
2540 part_encryption_aes256_t pea;
2541 char buffer[BUFF_SIG_SIZE + in_buffer_size];
2543 size_t buffer_offset;
2545 size_t username_len;
2547 gcry_cipher_hd_t cypher;
2549 /* Initialize the header fields */
2550 memset (&pea, 0, sizeof (pea));
2551 pea.head.type = htons (TYPE_ENCR_AES256);
2553 pea.username = se->data.client.username;
2555 username_len = strlen (pea.username);
2556 if ((PART_ENCRYPTION_AES256_SIZE + username_len) > BUFF_SIG_SIZE)
2558 ERROR ("network plugin: Username too long: %s", pea.username);
2562 buffer_size = PART_ENCRYPTION_AES256_SIZE + username_len + in_buffer_size;
2563 header_size = PART_ENCRYPTION_AES256_SIZE + username_len
2564 - sizeof (pea.hash);
2566 assert (buffer_size <= sizeof (buffer));
2567 DEBUG ("network plugin: networt_send_buffer_encrypted: "
2568 "buffer_size = %zu;", buffer_size);
2570 pea.head.length = htons ((uint16_t) (PART_ENCRYPTION_AES256_SIZE
2571 + username_len + in_buffer_size));
2572 pea.username_length = htons ((uint16_t) username_len);
2574 /* Chose a random initialization vector. */
2575 gcry_randomize ((void *) &pea.iv, sizeof (pea.iv), GCRY_STRONG_RANDOM);
2577 /* Create hash of the payload */
2578 gcry_md_hash_buffer (GCRY_MD_SHA1, pea.hash, in_buffer, in_buffer_size);
2580 /* Initialize the buffer */
2582 memset (buffer, 0, sizeof (buffer));
2585 BUFFER_ADD (&pea.head.type, sizeof (pea.head.type));
2586 BUFFER_ADD (&pea.head.length, sizeof (pea.head.length));
2587 BUFFER_ADD (&pea.username_length, sizeof (pea.username_length));
2588 BUFFER_ADD (pea.username, username_len);
2589 BUFFER_ADD (pea.iv, sizeof (pea.iv));
2590 assert (buffer_offset == header_size);
2591 BUFFER_ADD (pea.hash, sizeof (pea.hash));
2592 BUFFER_ADD (in_buffer, in_buffer_size);
2594 assert (buffer_offset == buffer_size);
2596 cypher = network_get_aes256_cypher (se, pea.iv, sizeof (pea.iv),
2597 se->data.client.password);
2601 /* Encrypt the buffer in-place */
2602 err = gcry_cipher_encrypt (cypher,
2603 buffer + header_size,
2604 buffer_size - header_size,
2605 /* in = */ NULL, /* in len = */ 0);
2608 ERROR ("network plugin: gcry_cipher_encrypt returned: %s",
2609 gcry_strerror (err));
2613 /* Send it out without further modifications */
2614 networt_send_buffer_plain (se, buffer, buffer_size);
2615 } /* }}} void networt_send_buffer_encrypted */
2617 #endif /* HAVE_LIBGCRYPT */
2619 static void network_send_buffer (char *buffer, size_t buffer_len) /* {{{ */
2623 DEBUG ("network plugin: network_send_buffer: buffer_len = %zu", buffer_len);
2625 for (se = sending_sockets; se != NULL; se = se->next)
2628 if (se->data.client.security_level == SECURITY_LEVEL_ENCRYPT)
2629 networt_send_buffer_encrypted (se, buffer, buffer_len);
2630 else if (se->data.client.security_level == SECURITY_LEVEL_SIGN)
2631 networt_send_buffer_signed (se, buffer, buffer_len);
2632 else /* if (se->data.client.security_level == SECURITY_LEVEL_NONE) */
2633 #endif /* HAVE_LIBGCRYPT */
2634 networt_send_buffer_plain (se, buffer, buffer_len);
2635 } /* for (sending_sockets) */
2636 } /* }}} void network_send_buffer */
2638 static int add_to_buffer (char *buffer, int buffer_size, /* {{{ */
2639 value_list_t *vl_def,
2640 const data_set_t *ds, const value_list_t *vl)
2642 char *buffer_orig = buffer;
2644 if (strcmp (vl_def->host, vl->host) != 0)
2646 if (write_part_string (&buffer, &buffer_size, TYPE_HOST,
2647 vl->host, strlen (vl->host)) != 0)
2649 sstrncpy (vl_def->host, vl->host, sizeof (vl_def->host));
2652 if (vl_def->time != vl->time)
2654 if (write_part_number (&buffer, &buffer_size, TYPE_TIME,
2655 (uint64_t) vl->time))
2657 vl_def->time = vl->time;
2660 if (vl_def->interval != vl->interval)
2662 if (write_part_number (&buffer, &buffer_size, TYPE_INTERVAL,
2663 (uint64_t) vl->interval))
2665 vl_def->interval = vl->interval;
2668 if (strcmp (vl_def->plugin, vl->plugin) != 0)
2670 if (write_part_string (&buffer, &buffer_size, TYPE_PLUGIN,
2671 vl->plugin, strlen (vl->plugin)) != 0)
2673 sstrncpy (vl_def->plugin, vl->plugin, sizeof (vl_def->plugin));
2676 if (strcmp (vl_def->plugin_instance, vl->plugin_instance) != 0)
2678 if (write_part_string (&buffer, &buffer_size, TYPE_PLUGIN_INSTANCE,
2679 vl->plugin_instance,
2680 strlen (vl->plugin_instance)) != 0)
2682 sstrncpy (vl_def->plugin_instance, vl->plugin_instance, sizeof (vl_def->plugin_instance));
2685 if (strcmp (vl_def->type, vl->type) != 0)
2687 if (write_part_string (&buffer, &buffer_size, TYPE_TYPE,
2688 vl->type, strlen (vl->type)) != 0)
2690 sstrncpy (vl_def->type, ds->type, sizeof (vl_def->type));
2693 if (strcmp (vl_def->type_instance, vl->type_instance) != 0)
2695 if (write_part_string (&buffer, &buffer_size, TYPE_TYPE_INSTANCE,
2697 strlen (vl->type_instance)) != 0)
2699 sstrncpy (vl_def->type_instance, vl->type_instance, sizeof (vl_def->type_instance));
2702 if (write_part_values (&buffer, &buffer_size, ds, vl) != 0)
2705 return (buffer - buffer_orig);
2706 } /* }}} int add_to_buffer */
2708 static void flush_buffer (void)
2710 DEBUG ("network plugin: flush_buffer: send_buffer_fill = %i",
2713 network_send_buffer (send_buffer, (size_t) send_buffer_fill);
2715 stats_octets_tx += ((uint64_t) send_buffer_fill);
2718 network_init_buffer ();
2721 static int network_write (const data_set_t *ds, const value_list_t *vl,
2722 user_data_t __attribute__((unused)) *user_data)
2726 if (!check_send_okay (vl))
2729 char name[6*DATA_MAX_NAME_LEN];
2730 FORMAT_VL (name, sizeof (name), vl);
2731 name[sizeof (name) - 1] = 0;
2732 DEBUG ("network plugin: network_write: "
2733 "NOT sending %s.", name);
2735 /* Counter is not protected by another lock and may be reached by
2736 * multiple threads */
2737 pthread_mutex_lock (&stats_lock);
2738 stats_values_not_sent++;
2739 pthread_mutex_unlock (&stats_lock);
2743 uc_meta_data_add_unsigned_int (vl,
2744 "network:time_sent", (uint64_t) vl->time);
2746 pthread_mutex_lock (&send_buffer_lock);
2748 status = add_to_buffer (send_buffer_ptr,
2749 network_config_packet_size - (send_buffer_fill + BUFF_SIG_SIZE),
2754 /* status == bytes added to the buffer */
2755 send_buffer_fill += status;
2756 send_buffer_ptr += status;
2758 stats_values_sent++;
2764 status = add_to_buffer (send_buffer_ptr,
2765 network_config_packet_size - (send_buffer_fill + BUFF_SIG_SIZE),
2771 send_buffer_fill += status;
2772 send_buffer_ptr += status;
2774 stats_values_sent++;
2780 ERROR ("network plugin: Unable to append to the "
2781 "buffer for some weird reason");
2783 else if ((network_config_packet_size - send_buffer_fill) < 15)
2788 pthread_mutex_unlock (&send_buffer_lock);
2790 return ((status < 0) ? -1 : 0);
2791 } /* int network_write */
2793 static int network_config_set_boolean (const oconfig_item_t *ci, /* {{{ */
2796 if ((ci->values_num != 1)
2797 || ((ci->values[0].type != OCONFIG_TYPE_BOOLEAN)
2798 && (ci->values[0].type != OCONFIG_TYPE_STRING)))
2800 ERROR ("network plugin: The `%s' config option needs "
2801 "exactly one boolean argument.", ci->key);
2805 if (ci->values[0].type == OCONFIG_TYPE_BOOLEAN)
2807 if (ci->values[0].value.boolean)
2814 char *str = ci->values[0].value.string;
2818 else if (IS_FALSE (str))
2822 ERROR ("network plugin: Cannot parse string value `%s' of the `%s' "
2823 "option as boolean value.",
2830 } /* }}} int network_config_set_boolean */
2832 static int network_config_set_ttl (const oconfig_item_t *ci) /* {{{ */
2835 if ((ci->values_num != 1)
2836 || (ci->values[0].type != OCONFIG_TYPE_NUMBER))
2838 WARNING ("network plugin: The `TimeToLive' config option needs exactly "
2839 "one numeric argument.");
2843 tmp = (int) ci->values[0].value.number;
2844 if ((tmp > 0) && (tmp <= 255))
2845 network_config_ttl = tmp;
2848 } /* }}} int network_config_set_ttl */
2850 static int network_config_set_interface (const oconfig_item_t *ci, /* {{{ */
2853 if ((ci->values_num != 1)
2854 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2856 WARNING ("network plugin: The `Interface' config option needs exactly "
2857 "one string argument.");
2861 if (interface == NULL)
2864 *interface = if_nametoindex (ci->values[0].value.string);
2867 } /* }}} int network_config_set_interface */
2869 static int network_config_set_buffer_size (const oconfig_item_t *ci) /* {{{ */
2872 if ((ci->values_num != 1)
2873 || (ci->values[0].type != OCONFIG_TYPE_NUMBER))
2875 WARNING ("network plugin: The `MaxPacketSize' config option needs exactly "
2876 "one numeric argument.");
2880 tmp = (int) ci->values[0].value.number;
2881 if ((tmp >= 1024) && (tmp <= 65535))
2882 network_config_packet_size = tmp;
2885 } /* }}} int network_config_set_buffer_size */
2888 static int network_config_set_string (const oconfig_item_t *ci, /* {{{ */
2892 if ((ci->values_num != 1)
2893 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2895 WARNING ("network plugin: The `%s' config option needs exactly "
2896 "one string argument.", ci->key);
2900 tmp = strdup (ci->values[0].value.string);
2904 sfree (*ret_string);
2908 } /* }}} int network_config_set_string */
2909 #endif /* HAVE_LIBGCRYPT */
2912 static int network_config_set_security_level (oconfig_item_t *ci, /* {{{ */
2916 if ((ci->values_num != 1)
2917 || (ci->values[0].type != OCONFIG_TYPE_STRING))
2919 WARNING ("network plugin: The `SecurityLevel' config option needs exactly "
2920 "one string argument.");
2924 str = ci->values[0].value.string;
2925 if (strcasecmp ("Encrypt", str) == 0)
2926 *retval = SECURITY_LEVEL_ENCRYPT;
2927 else if (strcasecmp ("Sign", str) == 0)
2928 *retval = SECURITY_LEVEL_SIGN;
2929 else if (strcasecmp ("None", str) == 0)
2930 *retval = SECURITY_LEVEL_NONE;
2933 WARNING ("network plugin: Unknown security level: %s.", str);
2938 } /* }}} int network_config_set_security_level */
2939 #endif /* HAVE_LIBGCRYPT */
2941 static int network_config_add_listen (const oconfig_item_t *ci) /* {{{ */
2947 if ((ci->values_num < 1) || (ci->values_num > 2)
2948 || (ci->values[0].type != OCONFIG_TYPE_STRING)
2949 || ((ci->values_num > 1) && (ci->values[1].type != OCONFIG_TYPE_STRING)))
2951 ERROR ("network plugin: The `%s' config option needs "
2952 "one or two string arguments.", ci->key);
2956 se = malloc (sizeof (*se));
2959 ERROR ("network plugin: malloc failed.");
2962 sockent_init (se, SOCKENT_TYPE_SERVER);
2964 se->node = strdup (ci->values[0].value.string);
2965 if (ci->values_num >= 2)
2966 se->service = strdup (ci->values[1].value.string);
2968 for (i = 0; i < ci->children_num; i++)
2970 oconfig_item_t *child = ci->children + i;
2973 if (strcasecmp ("AuthFile", child->key) == 0)
2974 network_config_set_string (child, &se->data.server.auth_file);
2975 else if (strcasecmp ("SecurityLevel", child->key) == 0)
2976 network_config_set_security_level (child,
2977 &se->data.server.security_level);
2979 #endif /* HAVE_LIBGCRYPT */
2980 if (strcasecmp ("Interface", child->key) == 0)
2981 network_config_set_interface (child,
2985 WARNING ("network plugin: Option `%s' is not allowed here.",
2991 if ((se->data.server.security_level > SECURITY_LEVEL_NONE)
2992 && (se->data.server.auth_file == NULL))
2994 ERROR ("network plugin: A security level higher than `none' was "
2995 "requested, but no AuthFile option was given. Cowardly refusing to "
2996 "open this socket!");
2997 sockent_destroy (se);
3000 #endif /* HAVE_LIBGCRYPT */
3002 status = sockent_open (se);
3005 ERROR ("network plugin: network_config_add_listen: sockent_open failed.");
3006 sockent_destroy (se);
3010 status = sockent_add (se);
3013 ERROR ("network plugin: network_config_add_listen: sockent_add failed.");
3014 sockent_destroy (se);
3019 } /* }}} int network_config_add_listen */
3021 static int network_config_add_server (const oconfig_item_t *ci) /* {{{ */
3027 if ((ci->values_num < 1) || (ci->values_num > 2)
3028 || (ci->values[0].type != OCONFIG_TYPE_STRING)
3029 || ((ci->values_num > 1) && (ci->values[1].type != OCONFIG_TYPE_STRING)))
3031 ERROR ("network plugin: The `%s' config option needs "
3032 "one or two string arguments.", ci->key);
3036 se = malloc (sizeof (*se));
3039 ERROR ("network plugin: malloc failed.");
3042 sockent_init (se, SOCKENT_TYPE_CLIENT);
3044 se->node = strdup (ci->values[0].value.string);
3045 if (ci->values_num >= 2)
3046 se->service = strdup (ci->values[1].value.string);
3048 for (i = 0; i < ci->children_num; i++)
3050 oconfig_item_t *child = ci->children + i;
3053 if (strcasecmp ("Username", child->key) == 0)
3054 network_config_set_string (child, &se->data.client.username);
3055 else if (strcasecmp ("Password", child->key) == 0)
3056 network_config_set_string (child, &se->data.client.password);
3057 else if (strcasecmp ("SecurityLevel", child->key) == 0)
3058 network_config_set_security_level (child,
3059 &se->data.client.security_level);
3061 #endif /* HAVE_LIBGCRYPT */
3062 if (strcasecmp ("Interface", child->key) == 0)
3063 network_config_set_interface (child,
3067 WARNING ("network plugin: Option `%s' is not allowed here.",
3073 if ((se->data.client.security_level > SECURITY_LEVEL_NONE)
3074 && ((se->data.client.username == NULL)
3075 || (se->data.client.password == NULL)))
3077 ERROR ("network plugin: A security level higher than `none' was "
3078 "requested, but no Username or Password option was given. "
3079 "Cowardly refusing to open this socket!");
3080 sockent_destroy (se);
3083 #endif /* HAVE_LIBGCRYPT */
3085 status = sockent_open (se);
3088 ERROR ("network plugin: network_config_add_server: sockent_open failed.");
3089 sockent_destroy (se);
3093 status = sockent_add (se);
3096 ERROR ("network plugin: network_config_add_server: sockent_add failed.");
3097 sockent_destroy (se);
3102 } /* }}} int network_config_add_server */
3104 static int network_config (oconfig_item_t *ci) /* {{{ */
3108 for (i = 0; i < ci->children_num; i++)
3110 oconfig_item_t *child = ci->children + i;
3112 if (strcasecmp ("Listen", child->key) == 0)
3113 network_config_add_listen (child);
3114 else if (strcasecmp ("Server", child->key) == 0)
3115 network_config_add_server (child);
3116 else if (strcasecmp ("TimeToLive", child->key) == 0)
3117 network_config_set_ttl (child);
3118 else if (strcasecmp ("MaxPacketSize", child->key) == 0)
3119 network_config_set_buffer_size (child);
3120 else if (strcasecmp ("Forward", child->key) == 0)
3121 network_config_set_boolean (child, &network_config_forward);
3122 else if (strcasecmp ("ReportStats", child->key) == 0)
3123 network_config_set_boolean (child, &network_config_stats);
3124 else if (strcasecmp ("CacheFlush", child->key) == 0)
3125 /* no op for backwards compatibility only */;
3128 WARNING ("network plugin: Option `%s' is not allowed here.",
3134 } /* }}} int network_config */
3136 static int network_notification (const notification_t *n,
3137 user_data_t __attribute__((unused)) *user_data)
3139 char buffer[network_config_packet_size];
3140 char *buffer_ptr = buffer;
3141 int buffer_free = sizeof (buffer);
3144 if (!check_send_notify_okay (n))
3147 memset (buffer, 0, sizeof (buffer));
3149 status = write_part_number (&buffer_ptr, &buffer_free, TYPE_TIME,
3150 (uint64_t) n->time);
3154 status = write_part_number (&buffer_ptr, &buffer_free, TYPE_SEVERITY,
3155 (uint64_t) n->severity);
3159 if (strlen (n->host) > 0)
3161 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_HOST,
3162 n->host, strlen (n->host));
3167 if (strlen (n->plugin) > 0)
3169 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_PLUGIN,
3170 n->plugin, strlen (n->plugin));
3175 if (strlen (n->plugin_instance) > 0)
3177 status = write_part_string (&buffer_ptr, &buffer_free,
3178 TYPE_PLUGIN_INSTANCE,
3179 n->plugin_instance, strlen (n->plugin_instance));
3184 if (strlen (n->type) > 0)
3186 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_TYPE,
3187 n->type, strlen (n->type));
3192 if (strlen (n->type_instance) > 0)
3194 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_TYPE_INSTANCE,
3195 n->type_instance, strlen (n->type_instance));
3200 status = write_part_string (&buffer_ptr, &buffer_free, TYPE_MESSAGE,
3201 n->message, strlen (n->message));
3205 network_send_buffer (buffer, sizeof (buffer) - buffer_free);
3208 } /* int network_notification */
3210 static int network_shutdown (void)
3214 /* Kill the listening thread */
3215 if (receive_thread_running != 0)
3217 INFO ("network plugin: Stopping receive thread.");
3218 pthread_kill (receive_thread_id, SIGTERM);
3219 pthread_join (receive_thread_id, NULL /* no return value */);
3220 memset (&receive_thread_id, 0, sizeof (receive_thread_id));
3221 receive_thread_running = 0;
3224 /* Shutdown the dispatching thread */
3225 if (dispatch_thread_running != 0)
3227 INFO ("network plugin: Stopping dispatch thread.");
3228 pthread_mutex_lock (&receive_list_lock);
3229 pthread_cond_broadcast (&receive_list_cond);
3230 pthread_mutex_unlock (&receive_list_lock);
3231 pthread_join (dispatch_thread_id, /* ret = */ NULL);
3232 dispatch_thread_running = 0;
3235 sockent_destroy (listen_sockets);
3237 if (send_buffer_fill > 0)
3240 sfree (send_buffer);
3242 /* TODO: Close `sending_sockets' */
3244 plugin_unregister_config ("network");
3245 plugin_unregister_init ("network");
3246 plugin_unregister_write ("network");
3247 plugin_unregister_shutdown ("network");
3250 } /* int network_shutdown */
3252 static int network_stats_read (void) /* {{{ */
3254 uint64_t copy_octets_rx;
3255 uint64_t copy_octets_tx;
3256 uint64_t copy_packets_rx;
3257 uint64_t copy_packets_tx;
3258 uint64_t copy_values_dispatched;
3259 uint64_t copy_values_not_dispatched;
3260 uint64_t copy_values_sent;
3261 uint64_t copy_values_not_sent;
3262 uint64_t copy_receive_list_length;
3263 value_list_t vl = VALUE_LIST_INIT;
3266 copy_octets_rx = stats_octets_rx;
3267 copy_octets_tx = stats_octets_tx;
3268 copy_packets_rx = stats_packets_rx;
3269 copy_packets_tx = stats_packets_tx;
3270 copy_values_dispatched = stats_values_dispatched;
3271 copy_values_not_dispatched = stats_values_not_dispatched;
3272 copy_values_sent = stats_values_sent;
3273 copy_values_not_sent = stats_values_not_sent;
3274 copy_receive_list_length = receive_list_length;
3276 /* Initialize `vl' */
3280 vl.interval = interval_g;
3281 sstrncpy (vl.host, hostname_g, sizeof (vl.host));
3282 sstrncpy (vl.plugin, "network", sizeof (vl.plugin));
3284 /* Octets received / sent */
3285 vl.values[0].counter = (counter_t) copy_octets_rx;
3286 vl.values[1].counter = (counter_t) copy_octets_tx;
3287 sstrncpy (vl.type, "if_octets", sizeof (vl.type));
3288 plugin_dispatch_values_secure (&vl);
3290 /* Packets received / send */
3291 vl.values[0].counter = (counter_t) copy_packets_rx;
3292 vl.values[1].counter = (counter_t) copy_packets_tx;
3293 sstrncpy (vl.type, "if_packets", sizeof (vl.type));
3294 plugin_dispatch_values_secure (&vl);
3296 /* Values (not) dispatched and (not) send */
3297 sstrncpy (vl.type, "total_values", sizeof (vl.type));
3300 vl.values[0].derive = (derive_t) copy_values_dispatched;
3301 sstrncpy (vl.type_instance, "dispatch-accepted",
3302 sizeof (vl.type_instance));
3303 plugin_dispatch_values_secure (&vl);
3305 vl.values[0].derive = (derive_t) copy_values_not_dispatched;
3306 sstrncpy (vl.type_instance, "dispatch-rejected",
3307 sizeof (vl.type_instance));
3308 plugin_dispatch_values_secure (&vl);
3310 vl.values[0].derive = (derive_t) copy_values_sent;
3311 sstrncpy (vl.type_instance, "send-accepted",
3312 sizeof (vl.type_instance));
3313 plugin_dispatch_values_secure (&vl);
3315 vl.values[0].derive = (derive_t) copy_values_not_sent;
3316 sstrncpy (vl.type_instance, "send-rejected",
3317 sizeof (vl.type_instance));
3318 plugin_dispatch_values_secure (&vl);
3320 /* Receive queue length */
3321 vl.values[0].gauge = (gauge_t) copy_receive_list_length;
3322 sstrncpy (vl.type, "queue_length", sizeof (vl.type));
3323 vl.type_instance[0] = 0;
3324 plugin_dispatch_values_secure (&vl);
3327 } /* }}} int network_stats_read */
3329 static int network_init (void)
3331 static _Bool have_init = false;
3333 /* Check if we were already initialized. If so, just return - there's
3334 * nothing more to do (for now, that is). */
3340 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
3341 gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
3342 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
3345 if (network_config_stats != 0)
3346 plugin_register_read ("network", network_stats_read);
3348 plugin_register_shutdown ("network", network_shutdown);
3350 send_buffer = malloc (network_config_packet_size);
3351 if (send_buffer == NULL)
3353 ERROR ("network plugin: malloc failed.");
3356 network_init_buffer ();
3358 /* setup socket(s) and so on */
3359 if (sending_sockets != NULL)
3361 plugin_register_write ("network", network_write,
3362 /* user_data = */ NULL);
3363 plugin_register_notification ("network", network_notification,
3364 /* user_data = */ NULL);
3367 /* If no threads need to be started, return here. */
3368 if ((listen_sockets_num == 0)
3369 || ((dispatch_thread_running != 0)
3370 && (receive_thread_running != 0)))
3373 if (dispatch_thread_running == 0)
3376 status = pthread_create (&dispatch_thread_id,
3377 NULL /* no attributes */,
3379 NULL /* no argument */);
3383 ERROR ("network: pthread_create failed: %s",
3384 sstrerror (errno, errbuf,
3389 dispatch_thread_running = 1;
3393 if (receive_thread_running == 0)
3396 status = pthread_create (&receive_thread_id,
3397 NULL /* no attributes */,
3399 NULL /* no argument */);
3403 ERROR ("network: pthread_create failed: %s",
3404 sstrerror (errno, errbuf,
3409 receive_thread_running = 1;
3414 } /* int network_init */
3417 * The flush option of the network plugin cannot flush individual identifiers.
3418 * All the values are added to a buffer and sent when the buffer is full, the
3419 * requested value may or may not be in there, it's not worth finding out. We
3420 * just send the buffer if `flush' is called - if the requested value was in
3421 * there, good. If not, well, then there is nothing to flush.. -octo
3423 static int network_flush (int timeout,
3424 const char __attribute__((unused)) *identifier,
3425 user_data_t __attribute__((unused)) *user_data)
3427 pthread_mutex_lock (&send_buffer_lock);
3429 if (send_buffer_fill > 0)
3432 pthread_mutex_unlock (&send_buffer_lock);
3435 } /* int network_flush */
3437 void module_register (void)
3439 plugin_register_complex_config ("network", network_config);
3440 plugin_register_init ("network", network_init);
3441 plugin_register_flush ("network", network_flush,
3442 /* user_data = */ NULL);
3443 } /* void module_register */
3445 /* vim: set fdm=marker : */
projects / collectd.git / blob