pacemaker  2.0.2-debe490
Scalable High-Availability cluster resource manager
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ipc.c
Go to the documentation of this file.
1 /*
2  * Copyright 2004-2019 the Pacemaker project contributors
3  *
4  * The version control history for this file may have further details.
5  *
6  * This source code is licensed under the GNU Lesser General Public License
7  * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
8  */
9 
10 #include <crm_internal.h>
11 
12 #if defined(US_AUTH_PEERCRED_UCRED) || defined(US_AUTH_PEERCRED_SOCKPEERCRED)
13 # ifdef US_AUTH_PEERCRED_UCRED
14 # ifndef _GNU_SOURCE
15 # define _GNU_SOURCE
16 # endif
17 # endif
18 # include <sys/socket.h>
19 #elif defined(US_AUTH_GETPEERUCRED)
20 # include <ucred.h>
21 #endif
22 
23 #include <sys/param.h>
24 
25 #include <stdio.h>
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <grp.h>
30 
31 #include <errno.h>
32 #include <fcntl.h>
33 #include <bzlib.h>
34 
35 #include <crm/crm.h> /* indirectly: pcmk_err_generic */
36 #include <crm/msg_xml.h>
37 #include <crm/common/ipc.h>
38 #include <crm/common/ipcs.h>
39 
40 #include <crm/common/ipc_internal.h> /* PCMK__SPECIAL_PID* */
41 
42 #define PCMK_IPC_VERSION 1
43 
44 /* Evict clients whose event queue grows this large (by default) */
45 #define PCMK_IPC_DEFAULT_QUEUE_MAX 500
46 
47 struct crm_ipc_response_header {
48  struct qb_ipc_response_header qb;
49  uint32_t size_uncompressed;
50  uint32_t size_compressed;
51  uint32_t flags;
52  uint8_t version; /* Protect against version changes for anyone that might bother to statically link us */
53 };
54 
55 static int hdr_offset = 0;
56 static unsigned int ipc_buffer_max = 0;
57 static unsigned int pick_ipc_buffer(unsigned int max);
58 
59 static inline void
60 crm_ipc_init(void)
61 {
62  if (hdr_offset == 0) {
63  hdr_offset = sizeof(struct crm_ipc_response_header);
64  }
65  if (ipc_buffer_max == 0) {
66  ipc_buffer_max = pick_ipc_buffer(0);
67  }
68 }
69 
70 unsigned int
72 {
73  return pick_ipc_buffer(0);
74 }
75 
76 static char *
77 generateReference(const char *custom1, const char *custom2)
78 {
79  static uint ref_counter = 0;
80 
81  return crm_strdup_printf("%s-%s-%lu-%u",
82  (custom1? custom1 : "_empty_"),
83  (custom2? custom2 : "_empty_"),
84  (unsigned long)time(NULL), ref_counter++);
85 }
86 
87 xmlNode *
88 create_request_adv(const char *task, xmlNode * msg_data,
89  const char *host_to, const char *sys_to,
90  const char *sys_from, const char *uuid_from, const char *origin)
91 {
92  char *true_from = NULL;
93  xmlNode *request = NULL;
94  char *reference = generateReference(task, sys_from);
95 
96  if (uuid_from != NULL) {
97  true_from = generate_hash_key(sys_from, uuid_from);
98  } else if (sys_from != NULL) {
99  true_from = strdup(sys_from);
100  } else {
101  crm_err("No sys from specified");
102  }
103 
104  // host_from will get set for us if necessary by the controller when routed
105  request = create_xml_node(NULL, __FUNCTION__);
106  crm_xml_add(request, F_CRM_ORIGIN, origin);
107  crm_xml_add(request, F_TYPE, T_CRM);
110  crm_xml_add(request, F_CRM_REFERENCE, reference);
111  crm_xml_add(request, F_CRM_TASK, task);
112  crm_xml_add(request, F_CRM_SYS_TO, sys_to);
113  crm_xml_add(request, F_CRM_SYS_FROM, true_from);
114 
115  /* HOSTTO will be ignored if it is to the DC anyway. */
116  if (host_to != NULL && strlen(host_to) > 0) {
117  crm_xml_add(request, F_CRM_HOST_TO, host_to);
118  }
119 
120  if (msg_data != NULL) {
121  add_message_xml(request, F_CRM_DATA, msg_data);
122  }
123  free(reference);
124  free(true_from);
125 
126  return request;
127 }
128 
129 /*
130  * This method adds a copy of xml_response_data
131  */
132 xmlNode *
133 create_reply_adv(xmlNode * original_request, xmlNode * xml_response_data, const char *origin)
134 {
135  xmlNode *reply = NULL;
136 
137  const char *host_from = crm_element_value(original_request, F_CRM_HOST_FROM);
138  const char *sys_from = crm_element_value(original_request, F_CRM_SYS_FROM);
139  const char *sys_to = crm_element_value(original_request, F_CRM_SYS_TO);
140  const char *type = crm_element_value(original_request, F_CRM_MSG_TYPE);
141  const char *operation = crm_element_value(original_request, F_CRM_TASK);
142  const char *crm_msg_reference = crm_element_value(original_request, F_CRM_REFERENCE);
143 
144  if (type == NULL) {
145  crm_err("Cannot create new_message, no message type in original message");
146  CRM_ASSERT(type != NULL);
147  return NULL;
148 #if 0
149  } else if (strcasecmp(XML_ATTR_REQUEST, type) != 0) {
150  crm_err("Cannot create new_message, original message was not a request");
151  return NULL;
152 #endif
153  }
154  reply = create_xml_node(NULL, __FUNCTION__);
155  if (reply == NULL) {
156  crm_err("Cannot create new_message, malloc failed");
157  return NULL;
158  }
159 
160  crm_xml_add(reply, F_CRM_ORIGIN, origin);
161  crm_xml_add(reply, F_TYPE, T_CRM);
164  crm_xml_add(reply, F_CRM_REFERENCE, crm_msg_reference);
165  crm_xml_add(reply, F_CRM_TASK, operation);
166 
167  /* since this is a reply, we reverse the from and to */
168  crm_xml_add(reply, F_CRM_SYS_TO, sys_from);
169  crm_xml_add(reply, F_CRM_SYS_FROM, sys_to);
170 
171  /* HOSTTO will be ignored if it is to the DC anyway. */
172  if (host_from != NULL && strlen(host_from) > 0) {
173  crm_xml_add(reply, F_CRM_HOST_TO, host_from);
174  }
175 
176  if (xml_response_data != NULL) {
177  add_message_xml(reply, F_CRM_DATA, xml_response_data);
178  }
179 
180  return reply;
181 }
182 
183 /* Libqb based IPC */
184 
185 /* Server... */
186 
187 GHashTable *client_connections = NULL;
188 
189 crm_client_t *
190 crm_client_get(qb_ipcs_connection_t * c)
191 {
192  if (client_connections) {
193  return g_hash_table_lookup(client_connections, c);
194  }
195 
196  crm_trace("No client found for %p", c);
197  return NULL;
198 }
199 
200 crm_client_t *
201 crm_client_get_by_id(const char *id)
202 {
203  gpointer key;
204  crm_client_t *client;
205  GHashTableIter iter;
206 
207  if (client_connections && id) {
208  g_hash_table_iter_init(&iter, client_connections);
209  while (g_hash_table_iter_next(&iter, &key, (gpointer *) & client)) {
210  if (strcmp(client->id, id) == 0) {
211  return client;
212  }
213  }
214  }
215 
216  crm_trace("No client found with id=%s", id);
217  return NULL;
218 }
219 
220 const char *
222 {
223  if (c == NULL) {
224  return "null";
225  } else if (c->name == NULL && c->id == NULL) {
226  return "unknown";
227  } else if (c->name == NULL) {
228  return c->id;
229  } else {
230  return c->name;
231  }
232 }
233 
234 const char *
236 {
237  switch (client_type) {
238  case CRM_CLIENT_IPC:
239  return "IPC";
240  case CRM_CLIENT_TCP:
241  return "TCP";
242 #ifdef HAVE_GNUTLS_GNUTLS_H
243  case CRM_CLIENT_TLS:
244  return "TLS";
245 #endif
246  default:
247  return "unknown";
248  }
249 }
250 
251 void
253 {
254  if (client_connections == NULL) {
255  crm_trace("Creating client hash table");
256  client_connections = g_hash_table_new(g_direct_hash, g_direct_equal);
257  }
258 }
259 
260 void
262 {
263  if (client_connections != NULL) {
264  int active = g_hash_table_size(client_connections);
265 
266  if (active) {
267  crm_err("Exiting with %d active connections", active);
268  }
269  g_hash_table_destroy(client_connections); client_connections = NULL;
270  }
271 }
272 
273 void
274 crm_client_disconnect_all(qb_ipcs_service_t *service)
275 {
276  qb_ipcs_connection_t *c = NULL;
277 
278  if (service == NULL) {
279  return;
280  }
281 
282  c = qb_ipcs_connection_first_get(service);
283 
284  while (c != NULL) {
285  qb_ipcs_connection_t *last = c;
286 
287  c = qb_ipcs_connection_next_get(service, last);
288 
289  /* There really shouldn't be anyone connected at this point */
290  crm_notice("Disconnecting client %p, pid=%d...", last, crm_ipcs_client_pid(last));
291  qb_ipcs_disconnect(last);
292  qb_ipcs_connection_unref(last);
293  }
294 }
295 
306 static crm_client_t *
307 client_from_connection(qb_ipcs_connection_t *c, void *key, uid_t uid_client)
308 {
309  crm_client_t *client = calloc(1, sizeof(crm_client_t));
310 
311  if (client == NULL) {
312  crm_perror(LOG_ERR, "Allocating client");
313  return NULL;
314  }
315 
316  if (c) {
317 #if ENABLE_ACL
318  client->user = uid2username(uid_client);
319  if (client->user == NULL) {
320  client->user = strdup("#unprivileged");
321  CRM_CHECK(client->user != NULL, free(client); return NULL);
322  crm_err("Unable to enforce ACLs for user ID %d, assuming unprivileged",
323  uid_client);
324  }
325 #endif
326  client->ipcs = c;
327  client->kind = CRM_CLIENT_IPC;
328  client->pid = crm_ipcs_client_pid(c);
329  if (key == NULL) {
330  key = c;
331  }
332  }
333 
334  client->id = crm_generate_uuid();
335  if (client->id == NULL) {
336  crm_err("Could not generate UUID for client");
337  free(client->user);
338  free(client);
339  return NULL;
340  }
341  if (key == NULL) {
342  key = client->id;
343  }
344  g_hash_table_insert(client_connections, key, client);
345  return client;
346 }
347 
355 crm_client_t *
357 {
358  crm_client_t *client = client_from_connection(NULL, key, 0);
359 
360  CRM_ASSERT(client != NULL);
361  return client;
362 }
363 
364 crm_client_t *
365 crm_client_new(qb_ipcs_connection_t * c, uid_t uid_client, gid_t gid_client)
366 {
367  static gid_t uid_cluster = 0;
368  static gid_t gid_cluster = 0;
369 
370  crm_client_t *client = NULL;
371 
372  CRM_CHECK(c != NULL, return NULL);
373 
374  if (uid_cluster == 0) {
375  if (crm_user_lookup(CRM_DAEMON_USER, &uid_cluster, &gid_cluster) < 0) {
376  static bool need_log = TRUE;
377 
378  if (need_log) {
379  crm_warn("Could not find user and group IDs for user %s",
381  need_log = FALSE;
382  }
383  }
384  }
385 
386  if (uid_client != 0) {
387  crm_trace("Giving access to group %u", gid_cluster);
388  /* Passing -1 to chown(2) means don't change */
389  qb_ipcs_connection_auth_set(c, -1, gid_cluster, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
390  }
391 
392  crm_client_init();
393 
394  /* TODO: Do our own auth checking, return NULL if unauthorized */
395  client = client_from_connection(c, NULL, uid_client);
396  if (client == NULL) {
397  return NULL;
398  }
399 
400  if ((uid_client == 0) || (uid_client == uid_cluster)) {
401  /* Remember when a connection came from root or hacluster */
403  }
404 
405  crm_debug("Connecting %p for uid=%d gid=%d pid=%u id=%s", c, uid_client, gid_client, client->pid, client->id);
406 
407  return client;
408 }
409 
410 static struct iovec *
411 pcmk__new_ipc_event()
412 {
413  struct iovec *iov = calloc(2, sizeof(struct iovec));
414 
415  CRM_ASSERT(iov != NULL);
416  return iov;
417 }
418 
424 void
425 pcmk_free_ipc_event(struct iovec *event)
426 {
427  if (event != NULL) {
428  free(event[0].iov_base);
429  free(event[1].iov_base);
430  free(event);
431  }
432 }
433 
434 static void
435 free_event(gpointer data)
436 {
437  pcmk_free_ipc_event((struct iovec *) data);
438 }
439 
440 static void
441 add_event(crm_client_t *c, struct iovec *iov)
442 {
443  if (c->event_queue == NULL) {
444  c->event_queue = g_queue_new();
445  }
446  g_queue_push_tail(c->event_queue, iov);
447 }
448 
449 void
451 {
452  if (c == NULL) {
453  return;
454  }
455 
456  if (client_connections) {
457  if (c->ipcs) {
458  crm_trace("Destroying %p/%p (%d remaining)",
459  c, c->ipcs, crm_hash_table_size(client_connections) - 1);
460  g_hash_table_remove(client_connections, c->ipcs);
461 
462  } else {
463  crm_trace("Destroying remote connection %p (%d remaining)",
464  c, crm_hash_table_size(client_connections) - 1);
465  g_hash_table_remove(client_connections, c->id);
466  }
467  }
468 
469  if (c->event_timer) {
470  g_source_remove(c->event_timer);
471  }
472 
473  if (c->event_queue) {
474  crm_debug("Destroying %d events", g_queue_get_length(c->event_queue));
475  g_queue_free_full(c->event_queue, free_event);
476  }
477 
478  free(c->id);
479  free(c->name);
480  free(c->user);
481  if (c->remote) {
482  if (c->remote->auth_timeout) {
483  g_source_remove(c->remote->auth_timeout);
484  }
485  free(c->remote->buffer);
486  free(c->remote);
487  }
488  free(c);
489 }
490 
499 bool
500 crm_set_client_queue_max(crm_client_t *client, const char *qmax)
501 {
502  if (is_set(client->flags, crm_client_flag_ipc_privileged)) {
503  int qmax_int = crm_int_helper(qmax, NULL);
504 
505  if ((errno == 0) && (qmax_int > 0)) {
506  client->queue_max = qmax_int;
507  return TRUE;
508  }
509  }
510  return FALSE;
511 }
512 
513 int
514 crm_ipcs_client_pid(qb_ipcs_connection_t * c)
515 {
516  struct qb_ipcs_connection_stats stats;
517 
518  stats.client_pid = 0;
519  qb_ipcs_connection_stats_get(c, &stats, 0);
520  return stats.client_pid;
521 }
522 
523 xmlNode *
524 crm_ipcs_recv(crm_client_t * c, void *data, size_t size, uint32_t * id, uint32_t * flags)
525 {
526  xmlNode *xml = NULL;
527  char *uncompressed = NULL;
528  char *text = ((char *)data) + sizeof(struct crm_ipc_response_header);
529  struct crm_ipc_response_header *header = data;
530 
531  if (id) {
532  *id = ((struct qb_ipc_response_header *)data)->id;
533  }
534  if (flags) {
535  *flags = header->flags;
536  }
537 
538  if (is_set(header->flags, crm_ipc_proxied)) {
539  /* Mark this client as being the endpoint of a proxy connection.
540  * Proxy connections responses are sent on the event channel, to avoid
541  * blocking the controller serving as proxy.
542  */
544  }
545 
546  if(header->version > PCMK_IPC_VERSION) {
547  crm_err("Filtering incompatible v%d IPC message, we only support versions <= %d",
548  header->version, PCMK_IPC_VERSION);
549  return NULL;
550  }
551 
552  if (header->size_compressed) {
553  int rc = 0;
554  unsigned int size_u = 1 + header->size_uncompressed;
555  uncompressed = calloc(1, size_u);
556 
557  crm_trace("Decompressing message data %u bytes into %u bytes",
558  header->size_compressed, size_u);
559 
560  rc = BZ2_bzBuffToBuffDecompress(uncompressed, &size_u, text, header->size_compressed, 1, 0);
561  text = uncompressed;
562 
563  if (rc != BZ_OK) {
564  crm_err("Decompression failed: %s " CRM_XS " bzerror=%d",
565  bz2_strerror(rc), rc);
566  free(uncompressed);
567  return NULL;
568  }
569  }
570 
571  CRM_ASSERT(text[header->size_uncompressed - 1] == 0);
572 
573  crm_trace("Received %.200s", text);
574  xml = string2xml(text);
575 
576  free(uncompressed);
577  return xml;
578 }
579 
581 
582 static gboolean
583 crm_ipcs_flush_events_cb(gpointer data)
584 {
585  crm_client_t *c = data;
586 
587  c->event_timer = 0;
589  return FALSE;
590 }
591 
599 static inline void
600 delay_next_flush(crm_client_t *c, unsigned int queue_len)
601 {
602  /* Delay a maximum of 1.5 seconds */
603  guint delay = (queue_len < 5)? (1000 + 100 * queue_len) : 1500;
604 
605  c->event_timer = g_timeout_add(delay, crm_ipcs_flush_events_cb, c);
606 }
607 
608 ssize_t
610 {
611  ssize_t rc = 0;
612  unsigned int sent = 0;
613  unsigned int queue_len = 0;
614 
615  if (c == NULL) {
616  return pcmk_ok;
617 
618  } else if (c->event_timer) {
619  /* There is already a timer, wait until it goes off */
620  crm_trace("Timer active for %p - %d", c->ipcs, c->event_timer);
621  return pcmk_ok;
622  }
623 
624  if (c->event_queue) {
625  queue_len = g_queue_get_length(c->event_queue);
626  }
627  while (sent < 100) {
628  struct crm_ipc_response_header *header = NULL;
629  struct iovec *event = NULL;
630 
631  if (c->event_queue) {
632  // We don't pop unless send is successful
633  event = g_queue_peek_head(c->event_queue);
634  }
635  if (event == NULL) { // Queue is empty
636  break;
637  }
638 
639  rc = qb_ipcs_event_sendv(c->ipcs, event, 2);
640  if (rc < 0) {
641  break;
642  }
643  event = g_queue_pop_head(c->event_queue);
644 
645  sent++;
646  header = event[0].iov_base;
647  if (header->size_compressed) {
648  crm_trace("Event %d to %p[%d] (%lld compressed bytes) sent",
649  header->qb.id, c->ipcs, c->pid, (long long) rc);
650  } else {
651  crm_trace("Event %d to %p[%d] (%lld bytes) sent: %.120s",
652  header->qb.id, c->ipcs, c->pid, (long long) rc,
653  (char *) (event[1].iov_base));
654  }
655  pcmk_free_ipc_event(event);
656  }
657 
658  queue_len -= sent;
659  if (sent > 0 || queue_len) {
660  crm_trace("Sent %d events (%d remaining) for %p[%d]: %s (%lld)",
661  sent, queue_len, c->ipcs, c->pid,
662  pcmk_strerror(rc < 0 ? rc : 0), (long long) rc);
663  }
664 
665  if (queue_len) {
666 
667  /* Allow clients to briefly fall behind on processing incoming messages,
668  * but drop completely unresponsive clients so the connection doesn't
669  * consume resources indefinitely.
670  */
671  if (queue_len > QB_MAX(c->queue_max, PCMK_IPC_DEFAULT_QUEUE_MAX)) {
672  if ((c->queue_backlog <= 1) || (queue_len < c->queue_backlog)) {
673  /* Don't evict for a new or shrinking backlog */
674  crm_warn("Client with process ID %u has a backlog of %u messages "
675  CRM_XS " %p", c->pid, queue_len, c->ipcs);
676  } else {
677  crm_err("Evicting client with process ID %u due to backlog of %u messages "
678  CRM_XS " %p", c->pid, queue_len, c->ipcs);
679  c->queue_backlog = 0;
680  qb_ipcs_disconnect(c->ipcs);
681  return rc;
682  }
683  }
684 
685  c->queue_backlog = queue_len;
686  delay_next_flush(c, queue_len);
687 
688  } else {
689  /* Event queue is empty, there is no backlog */
690  c->queue_backlog = 0;
691  }
692 
693  return rc;
694 }
695 
696 ssize_t
697 crm_ipc_prepare(uint32_t request, xmlNode * message, struct iovec ** result, uint32_t max_send_size)
698 {
699  static unsigned int biggest = 0;
700  struct iovec *iov;
701  unsigned int total = 0;
702  char *compressed = NULL;
703  char *buffer = dump_xml_unformatted(message);
704  struct crm_ipc_response_header *header = calloc(1, sizeof(struct crm_ipc_response_header));
705 
706  CRM_ASSERT(result != NULL);
707 
708  crm_ipc_init();
709 
710  if (max_send_size == 0) {
711  max_send_size = ipc_buffer_max;
712  }
713 
714  CRM_LOG_ASSERT(max_send_size != 0);
715 
716  *result = NULL;
717  iov = pcmk__new_ipc_event();
718  iov[0].iov_len = hdr_offset;
719  iov[0].iov_base = header;
720 
721  header->version = PCMK_IPC_VERSION;
722  header->size_uncompressed = 1 + strlen(buffer);
723  total = iov[0].iov_len + header->size_uncompressed;
724 
725  if (total < max_send_size) {
726  iov[1].iov_base = buffer;
727  iov[1].iov_len = header->size_uncompressed;
728 
729  } else {
730  unsigned int new_size = 0;
731 
733  (buffer, header->size_uncompressed, max_send_size, &compressed, &new_size)) {
734 
735  header->flags |= crm_ipc_compressed;
736  header->size_compressed = new_size;
737 
738  iov[1].iov_len = header->size_compressed;
739  iov[1].iov_base = compressed;
740 
741  free(buffer);
742 
743  biggest = QB_MAX(header->size_compressed, biggest);
744 
745  } else {
746  ssize_t rc = -EMSGSIZE;
747 
748  crm_log_xml_trace(message, "EMSGSIZE");
749  biggest = QB_MAX(header->size_uncompressed, biggest);
750 
751  crm_err
752  ("Could not compress the message (%u bytes) into less than the configured ipc limit (%u bytes). "
753  "Set PCMK_ipc_buffer to a higher value (%u bytes suggested)",
754  header->size_uncompressed, max_send_size, 4 * biggest);
755 
756  free(compressed);
757  pcmk_free_ipc_event(iov);
758  return rc;
759  }
760  }
761 
762  header->qb.size = iov[0].iov_len + iov[1].iov_len;
763  header->qb.id = (int32_t)request; /* Replying to a specific request */
764 
765  *result = iov;
766  CRM_ASSERT(header->qb.size > 0);
767  return header->qb.size;
768 }
769 
770 ssize_t
771 crm_ipcs_sendv(crm_client_t * c, struct iovec * iov, enum crm_ipc_flags flags)
772 {
773  ssize_t rc;
774  static uint32_t id = 1;
775  struct crm_ipc_response_header *header = iov[0].iov_base;
776 
778  /* _ALL_ replies to proxied connections need to be sent as events */
779  if (is_not_set(flags, crm_ipc_server_event)) {
780  flags |= crm_ipc_server_event;
781  /* this flag lets us know this was originally meant to be a response.
782  * even though we're sending it over the event channel. */
784  }
785  }
786 
787  header->flags |= flags;
788  if (flags & crm_ipc_server_event) {
789  header->qb.id = id++; /* We don't really use it, but doesn't hurt to set one */
790 
791  if (flags & crm_ipc_server_free) {
792  crm_trace("Sending the original to %p[%d]", c->ipcs, c->pid);
793  add_event(c, iov);
794 
795  } else {
796  struct iovec *iov_copy = pcmk__new_ipc_event();
797 
798  crm_trace("Sending a copy to %p[%d]", c->ipcs, c->pid);
799  iov_copy[0].iov_len = iov[0].iov_len;
800  iov_copy[0].iov_base = malloc(iov[0].iov_len);
801  memcpy(iov_copy[0].iov_base, iov[0].iov_base, iov[0].iov_len);
802 
803  iov_copy[1].iov_len = iov[1].iov_len;
804  iov_copy[1].iov_base = malloc(iov[1].iov_len);
805  memcpy(iov_copy[1].iov_base, iov[1].iov_base, iov[1].iov_len);
806 
807  add_event(c, iov_copy);
808  }
809 
810  } else {
811  CRM_LOG_ASSERT(header->qb.id != 0); /* Replying to a specific request */
812 
813  rc = qb_ipcs_response_sendv(c->ipcs, iov, 2);
814  if (rc < header->qb.size) {
815  crm_notice("Response %d to pid %d failed: %s "
816  CRM_XS " bytes=%u rc=%lld ipcs=%p",
817  header->qb.id, c->pid, pcmk_strerror(rc),
818  header->qb.size, (long long) rc, c->ipcs);
819 
820  } else {
821  crm_trace("Response %d sent, %lld bytes to %p[%d]",
822  header->qb.id, (long long) rc, c->ipcs, c->pid);
823  }
824 
825  if (flags & crm_ipc_server_free) {
826  pcmk_free_ipc_event(iov);
827  }
828  }
829 
830  if (flags & crm_ipc_server_event) {
831  rc = crm_ipcs_flush_events(c);
832  } else {
834  }
835 
836  if (rc == -EPIPE || rc == -ENOTCONN) {
837  crm_trace("Client %p disconnected", c->ipcs);
838  }
839 
840  return rc;
841 }
842 
843 ssize_t
844 crm_ipcs_send(crm_client_t * c, uint32_t request, xmlNode * message,
845  enum crm_ipc_flags flags)
846 {
847  struct iovec *iov = NULL;
848  ssize_t rc = 0;
849 
850  if(c == NULL) {
851  return -EDESTADDRREQ;
852  }
853  crm_ipc_init();
854 
855  rc = crm_ipc_prepare(request, message, &iov, ipc_buffer_max);
856  if (rc > 0) {
857  rc = crm_ipcs_sendv(c, iov, flags | crm_ipc_server_free);
858  } else {
859  pcmk_free_ipc_event(iov);
860  crm_notice("Message to pid %d failed: %s " CRM_XS " rc=%lld ipcs=%p",
861  c->pid, pcmk_strerror(rc), (long long) rc, c->ipcs);
862  }
863  return rc;
864 }
865 
866 void
867 crm_ipcs_send_ack(crm_client_t * c, uint32_t request, uint32_t flags, const char *tag, const char *function,
868  int line)
869 {
870  if (flags & crm_ipc_client_response) {
871  xmlNode *ack = create_xml_node(NULL, tag);
872 
873  crm_trace("Ack'ing msg from %s (%p)", crm_client_name(c), c);
874  c->request_id = 0;
875  crm_xml_add(ack, "function", function);
876  crm_xml_add_int(ack, "line", line);
877  crm_ipcs_send(c, request, ack, flags);
878  free_xml(ack);
879  }
880 }
881 
882 /* Client... */
883 
884 #define MIN_MSG_SIZE 12336 /* sizeof(struct qb_ipc_connection_response) */
885 #define MAX_MSG_SIZE 128*1024 /* 128k default */
886 
887 struct crm_ipc_s {
888  struct pollfd pfd;
889 
890  /* the max size we can send/receive over ipc */
891  unsigned int max_buf_size;
892  /* Size of the allocated 'buffer' */
893  unsigned int buf_size;
894  int msg_size;
895  int need_reply;
896  char *buffer;
897  char *name;
898 
899  qb_ipcc_connection_t *ipc;
900 
901 };
902 
903 static unsigned int
904 pick_ipc_buffer(unsigned int max)
905 {
906  static unsigned int global_max = 0;
907 
908  if (global_max == 0) {
909  const char *env = getenv("PCMK_ipc_buffer");
910 
911  if (env) {
912  int env_max = crm_parse_int(env, "0");
913 
914  global_max = (env_max > 0)? QB_MAX(MIN_MSG_SIZE, env_max) : MAX_MSG_SIZE;
915 
916  } else {
917  global_max = MAX_MSG_SIZE;
918  }
919  }
920 
921  return QB_MAX(max, global_max);
922 }
923 
924 crm_ipc_t *
925 crm_ipc_new(const char *name, size_t max_size)
926 {
927  crm_ipc_t *client = NULL;
928 
929  client = calloc(1, sizeof(crm_ipc_t));
930 
931  client->name = strdup(name);
932  client->buf_size = pick_ipc_buffer(max_size);
933  client->buffer = malloc(client->buf_size);
934 
935  /* Clients initiating connection pick the max buf size */
936  client->max_buf_size = client->buf_size;
937 
938  client->pfd.fd = -1;
939  client->pfd.events = POLLIN;
940  client->pfd.revents = 0;
941 
942  return client;
943 }
944 
954 bool
956 {
957  static uid_t cl_uid = 0;
958  static gid_t cl_gid = 0;
959  pid_t found_pid = 0; uid_t found_uid = 0; gid_t found_gid = 0;
960  int rv;
961 
962  client->need_reply = FALSE;
963  client->ipc = qb_ipcc_connect(client->name, client->buf_size);
964 
965  if (client->ipc == NULL) {
966  crm_debug("Could not establish %s connection: %s (%d)", client->name, pcmk_strerror(errno), errno);
967  return FALSE;
968  }
969 
970  client->pfd.fd = crm_ipc_get_fd(client);
971  if (client->pfd.fd < 0) {
972  rv = errno;
973  /* message already omitted */
974  crm_ipc_close(client);
975  errno = rv;
976  return FALSE;
977  }
978 
979  if (!cl_uid && !cl_gid
980  && (rv = crm_user_lookup(CRM_DAEMON_USER, &cl_uid, &cl_gid)) < 0) {
981  errno = -rv;
982  /* message already omitted */
983  crm_ipc_close(client);
984  errno = -rv;
985  return FALSE;
986  }
987 
988  if (!(rv = crm_ipc_is_authentic_process(client->pfd.fd, cl_uid, cl_gid,
989  &found_pid, &found_uid,
990  &found_gid))) {
991  crm_err("Daemon (IPC %s) is not authentic:"
992  " process %lld (uid: %lld, gid: %lld)",
993  client->name, (long long) PCMK__SPECIAL_PID_AS_0(found_pid),
994  (long long) found_uid, (long long) found_gid);
995  crm_ipc_close(client);
996  errno = ECONNABORTED;
997  return FALSE;
998 
999  } else if (rv < 0) {
1000  errno = -rv;
1001  crm_perror(LOG_ERR, "Could not verify authenticity of daemon (IPC %s)",
1002  client->name);
1003  crm_ipc_close(client);
1004  errno = -rv;
1005  return FALSE;
1006  }
1007 
1008  qb_ipcc_context_set(client->ipc, client);
1009 
1010 #ifdef HAVE_IPCS_GET_BUFFER_SIZE
1011  client->max_buf_size = qb_ipcc_get_buffer_size(client->ipc);
1012  if (client->max_buf_size > client->buf_size) {
1013  free(client->buffer);
1014  client->buffer = calloc(1, client->max_buf_size);
1015  client->buf_size = client->max_buf_size;
1016  }
1017 #endif
1018 
1019  return TRUE;
1020 }
1021 
1022 void
1024 {
1025  if (client) {
1026  crm_trace("Disconnecting %s IPC connection %p (%p)", client->name, client, client->ipc);
1027 
1028  if (client->ipc) {
1029  qb_ipcc_connection_t *ipc = client->ipc;
1030 
1031  client->ipc = NULL;
1032  qb_ipcc_disconnect(ipc);
1033  }
1034  }
1035 }
1036 
1037 void
1039 {
1040  if (client) {
1041  if (client->ipc && qb_ipcc_is_connected(client->ipc)) {
1042  crm_notice("Destroying an active IPC connection to %s", client->name);
1043  /* The next line is basically unsafe
1044  *
1045  * If this connection was attached to mainloop and mainloop is active,
1046  * the 'disconnected' callback will end up back here and we'll end
1047  * up free'ing the memory twice - something that can still happen
1048  * even without this if we destroy a connection and it closes before
1049  * we call exit
1050  */
1051  /* crm_ipc_close(client); */
1052  }
1053  crm_trace("Destroying IPC connection to %s: %p", client->name, client);
1054  free(client->buffer);
1055  free(client->name);
1056  free(client);
1057  }
1058 }
1059 
1060 int
1062 {
1063  int fd = 0;
1064 
1065  if (client && client->ipc && (qb_ipcc_fd_get(client->ipc, &fd) == 0)) {
1066  return fd;
1067  }
1068  errno = EINVAL;
1069  crm_perror(LOG_ERR, "Could not obtain file IPC descriptor for %s",
1070  (client? client->name : "unspecified client"));
1071  return -errno;
1072 }
1073 
1074 bool
1076 {
1077  bool rc = FALSE;
1078 
1079  if (client == NULL) {
1080  crm_trace("No client");
1081  return FALSE;
1082 
1083  } else if (client->ipc == NULL) {
1084  crm_trace("No connection");
1085  return FALSE;
1086 
1087  } else if (client->pfd.fd < 0) {
1088  crm_trace("Bad descriptor");
1089  return FALSE;
1090  }
1091 
1092  rc = qb_ipcc_is_connected(client->ipc);
1093  if (rc == FALSE) {
1094  client->pfd.fd = -EINVAL;
1095  }
1096  return rc;
1097 }
1098 
1106 int
1108 {
1109  int rc;
1110 
1111  CRM_ASSERT(client != NULL);
1112 
1113  if (crm_ipc_connected(client) == FALSE) {
1114  return -ENOTCONN;
1115  }
1116 
1117  client->pfd.revents = 0;
1118  rc = poll(&(client->pfd), 1, 0);
1119  return (rc < 0)? -errno : rc;
1120 }
1121 
1122 static int
1123 crm_ipc_decompress(crm_ipc_t * client)
1124 {
1125  struct crm_ipc_response_header *header = (struct crm_ipc_response_header *)(void*)client->buffer;
1126 
1127  if (header->size_compressed) {
1128  int rc = 0;
1129  unsigned int size_u = 1 + header->size_uncompressed;
1130  /* never let buf size fall below our max size required for ipc reads. */
1131  unsigned int new_buf_size = QB_MAX((hdr_offset + size_u), client->max_buf_size);
1132  char *uncompressed = calloc(1, new_buf_size);
1133 
1134  crm_trace("Decompressing message data %u bytes into %u bytes",
1135  header->size_compressed, size_u);
1136 
1137  rc = BZ2_bzBuffToBuffDecompress(uncompressed + hdr_offset, &size_u,
1138  client->buffer + hdr_offset, header->size_compressed, 1, 0);
1139 
1140  if (rc != BZ_OK) {
1141  crm_err("Decompression failed: %s " CRM_XS " bzerror=%d",
1142  bz2_strerror(rc), rc);
1143  free(uncompressed);
1144  return -EILSEQ;
1145  }
1146 
1147  /*
1148  * This assert no longer holds true. For an identical msg, some clients may
1149  * require compression, and others may not. If that same msg (event) is sent
1150  * to multiple clients, it could result in some clients receiving a compressed
1151  * msg even though compression was not explicitly required for them.
1152  *
1153  * CRM_ASSERT((header->size_uncompressed + hdr_offset) >= ipc_buffer_max);
1154  */
1155  CRM_ASSERT(size_u == header->size_uncompressed);
1156 
1157  memcpy(uncompressed, client->buffer, hdr_offset); /* Preserve the header */
1158  header = (struct crm_ipc_response_header *)(void*)uncompressed;
1159 
1160  free(client->buffer);
1161  client->buf_size = new_buf_size;
1162  client->buffer = uncompressed;
1163  }
1164 
1165  CRM_ASSERT(client->buffer[hdr_offset + header->size_uncompressed - 1] == 0);
1166  return pcmk_ok;
1167 }
1168 
1169 long
1171 {
1172  struct crm_ipc_response_header *header = NULL;
1173 
1174  CRM_ASSERT(client != NULL);
1175  CRM_ASSERT(client->ipc != NULL);
1176  CRM_ASSERT(client->buffer != NULL);
1177 
1178  crm_ipc_init();
1179 
1180  client->buffer[0] = 0;
1181  client->msg_size = qb_ipcc_event_recv(client->ipc, client->buffer,
1182  client->buf_size, 0);
1183  if (client->msg_size >= 0) {
1184  int rc = crm_ipc_decompress(client);
1185 
1186  if (rc != pcmk_ok) {
1187  return rc;
1188  }
1189 
1190  header = (struct crm_ipc_response_header *)(void*)client->buffer;
1191  if(header->version > PCMK_IPC_VERSION) {
1192  crm_err("Filtering incompatible v%d IPC message, we only support versions <= %d",
1193  header->version, PCMK_IPC_VERSION);
1194  return -EBADMSG;
1195  }
1196 
1197  crm_trace("Received %s event %d, size=%u, rc=%d, text: %.100s",
1198  client->name, header->qb.id, header->qb.size, client->msg_size,
1199  client->buffer + hdr_offset);
1200 
1201  } else {
1202  crm_trace("No message from %s received: %s", client->name, pcmk_strerror(client->msg_size));
1203  }
1204 
1205  if (crm_ipc_connected(client) == FALSE || client->msg_size == -ENOTCONN) {
1206  crm_err("Connection to %s failed", client->name);
1207  }
1208 
1209  if (header) {
1210  /* Data excluding the header */
1211  return header->size_uncompressed;
1212  }
1213  return -ENOMSG;
1214 }
1215 
1216 const char *
1218 {
1219  CRM_ASSERT(client != NULL);
1220  return client->buffer + sizeof(struct crm_ipc_response_header);
1221 }
1222 
1223 uint32_t
1225 {
1226  struct crm_ipc_response_header *header = NULL;
1227 
1228  CRM_ASSERT(client != NULL);
1229  if (client->buffer == NULL) {
1230  return 0;
1231  }
1232 
1233  header = (struct crm_ipc_response_header *)(void*)client->buffer;
1234  return header->flags;
1235 }
1236 
1237 const char *
1239 {
1240  CRM_ASSERT(client != NULL);
1241  return client->name;
1242 }
1243 
1244 static int
1245 internal_ipc_send_recv(crm_ipc_t * client, const void *iov)
1246 {
1247  int rc = 0;
1248 
1249  do {
1250  rc = qb_ipcc_sendv_recv(client->ipc, iov, 2, client->buffer, client->buf_size, -1);
1251  } while (rc == -EAGAIN && crm_ipc_connected(client));
1252 
1253  return rc;
1254 }
1255 
1256 static int
1257 internal_ipc_send_request(crm_ipc_t * client, const void *iov, int ms_timeout)
1258 {
1259  int rc = 0;
1260  time_t timeout = time(NULL) + 1 + (ms_timeout / 1000);
1261 
1262  do {
1263  rc = qb_ipcc_sendv(client->ipc, iov, 2);
1264  } while (rc == -EAGAIN && time(NULL) < timeout && crm_ipc_connected(client));
1265 
1266  return rc;
1267 }
1268 
1269 static int
1270 internal_ipc_get_reply(crm_ipc_t * client, int request_id, int ms_timeout)
1271 {
1272  time_t timeout = time(NULL) + 1 + (ms_timeout / 1000);
1273  int rc = 0;
1274 
1275  crm_ipc_init();
1276 
1277  /* get the reply */
1278  crm_trace("client %s waiting on reply to msg id %d", client->name, request_id);
1279  do {
1280 
1281  rc = qb_ipcc_recv(client->ipc, client->buffer, client->buf_size, 1000);
1282  if (rc > 0) {
1283  struct crm_ipc_response_header *hdr = NULL;
1284 
1285  int rc = crm_ipc_decompress(client);
1286 
1287  if (rc != pcmk_ok) {
1288  return rc;
1289  }
1290 
1291  hdr = (struct crm_ipc_response_header *)(void*)client->buffer;
1292  if (hdr->qb.id == request_id) {
1293  /* Got it */
1294  break;
1295  } else if (hdr->qb.id < request_id) {
1296  xmlNode *bad = string2xml(crm_ipc_buffer(client));
1297 
1298  crm_err("Discarding old reply %d (need %d)", hdr->qb.id, request_id);
1299  crm_log_xml_notice(bad, "OldIpcReply");
1300 
1301  } else {
1302  xmlNode *bad = string2xml(crm_ipc_buffer(client));
1303 
1304  crm_err("Discarding newer reply %d (need %d)", hdr->qb.id, request_id);
1305  crm_log_xml_notice(bad, "ImpossibleReply");
1306  CRM_ASSERT(hdr->qb.id <= request_id);
1307  }
1308  } else if (crm_ipc_connected(client) == FALSE) {
1309  crm_err("Server disconnected client %s while waiting for msg id %d", client->name,
1310  request_id);
1311  break;
1312  }
1313 
1314  } while (time(NULL) < timeout);
1315 
1316  return rc;
1317 }
1318 
1319 int
1320 crm_ipc_send(crm_ipc_t * client, xmlNode * message, enum crm_ipc_flags flags, int32_t ms_timeout,
1321  xmlNode ** reply)
1322 {
1323  long rc = 0;
1324  struct iovec *iov;
1325  static uint32_t id = 0;
1326  static int factor = 8;
1327  struct crm_ipc_response_header *header;
1328 
1329  crm_ipc_init();
1330 
1331  if (client == NULL) {
1332  crm_notice("Invalid connection");
1333  return -ENOTCONN;
1334 
1335  } else if (crm_ipc_connected(client) == FALSE) {
1336  /* Don't even bother */
1337  crm_notice("Connection to %s closed", client->name);
1338  return -ENOTCONN;
1339  }
1340 
1341  if (ms_timeout == 0) {
1342  ms_timeout = 5000;
1343  }
1344 
1345  if (client->need_reply) {
1346  crm_trace("Trying again to obtain pending reply from %s", client->name);
1347  rc = qb_ipcc_recv(client->ipc, client->buffer, client->buf_size, ms_timeout);
1348  if (rc < 0) {
1349  crm_warn("Sending to %s (%p) is disabled until pending reply is received", client->name,
1350  client->ipc);
1351  return -EALREADY;
1352 
1353  } else {
1354  crm_notice("Lost reply from %s (%p) finally arrived, sending re-enabled", client->name,
1355  client->ipc);
1356  client->need_reply = FALSE;
1357  }
1358  }
1359 
1360  id++;
1361  CRM_LOG_ASSERT(id != 0); /* Crude wrap-around detection */
1362  rc = crm_ipc_prepare(id, message, &iov, client->max_buf_size);
1363  if(rc < 0) {
1364  return rc;
1365  }
1366 
1367  header = iov[0].iov_base;
1368  header->flags |= flags;
1369 
1370  if(is_set(flags, crm_ipc_proxied)) {
1371  /* Don't look for a synchronous response */
1373  }
1374 
1375  if(header->size_compressed) {
1376  if(factor < 10 && (client->max_buf_size / 10) < (rc / factor)) {
1377  crm_notice("Compressed message exceeds %d0%% of the configured ipc limit (%u bytes), "
1378  "consider setting PCMK_ipc_buffer to %u or higher",
1379  factor, client->max_buf_size, 2 * client->max_buf_size);
1380  factor++;
1381  }
1382  }
1383 
1384  crm_trace("Sending from client: %s request id: %d bytes: %u timeout:%d msg...",
1385  client->name, header->qb.id, header->qb.size, ms_timeout);
1386 
1387  if (ms_timeout > 0 || is_not_set(flags, crm_ipc_client_response)) {
1388 
1389  rc = internal_ipc_send_request(client, iov, ms_timeout);
1390 
1391  if (rc <= 0) {
1392  crm_trace("Failed to send from client %s request %d with %u bytes...",
1393  client->name, header->qb.id, header->qb.size);
1394  goto send_cleanup;
1395 
1396  } else if (is_not_set(flags, crm_ipc_client_response)) {
1397  crm_trace("Message sent, not waiting for reply to %d from %s to %u bytes...",
1398  header->qb.id, client->name, header->qb.size);
1399 
1400  goto send_cleanup;
1401  }
1402 
1403  rc = internal_ipc_get_reply(client, header->qb.id, ms_timeout);
1404  if (rc < 0) {
1405  /* No reply, for now, disable sending
1406  *
1407  * The alternative is to close the connection since we don't know
1408  * how to detect and discard out-of-sequence replies
1409  *
1410  * TODO - implement the above
1411  */
1412  client->need_reply = TRUE;
1413  }
1414 
1415  } else {
1416  rc = internal_ipc_send_recv(client, iov);
1417  }
1418 
1419  if (rc > 0) {
1420  struct crm_ipc_response_header *hdr = (struct crm_ipc_response_header *)(void*)client->buffer;
1421 
1422  crm_trace("Received response %d, size=%u, rc=%ld, text: %.200s", hdr->qb.id, hdr->qb.size,
1423  rc, crm_ipc_buffer(client));
1424 
1425  if (reply) {
1426  *reply = string2xml(crm_ipc_buffer(client));
1427  }
1428 
1429  } else {
1430  crm_trace("Response not received: rc=%ld, errno=%d", rc, errno);
1431  }
1432 
1433  send_cleanup:
1434  if (crm_ipc_connected(client) == FALSE) {
1435  crm_notice("Connection to %s closed: %s (%ld)", client->name, pcmk_strerror(rc), rc);
1436 
1437  } else if (rc == -ETIMEDOUT) {
1438  crm_warn("Request %d to %s (%p) failed: %s (%ld) after %dms",
1439  header->qb.id, client->name, client->ipc, pcmk_strerror(rc), rc, ms_timeout);
1440  crm_write_blackbox(0, NULL);
1441 
1442  } else if (rc <= 0) {
1443  crm_warn("Request %d to %s (%p) failed: %s (%ld)",
1444  header->qb.id, client->name, client->ipc, pcmk_strerror(rc), rc);
1445  }
1446 
1447  pcmk_free_ipc_event(iov);
1448  return rc;
1449 }
1450 
1451 int
1452 crm_ipc_is_authentic_process(int sock, uid_t refuid, gid_t refgid,
1453  pid_t *gotpid, uid_t *gotuid, gid_t *gotgid) {
1454  int ret = 0;
1455  pid_t found_pid = 0; uid_t found_uid = 0; gid_t found_gid = 0;
1456 #if defined(US_AUTH_PEERCRED_UCRED)
1457  struct ucred ucred;
1458  socklen_t ucred_len = sizeof(ucred);
1459 
1460  if (!getsockopt(sock, SOL_SOCKET, SO_PEERCRED,
1461  &ucred, &ucred_len)
1462  && ucred_len == sizeof(ucred)) {
1463  found_pid = ucred.pid; found_uid = ucred.uid; found_gid = ucred.gid;
1464 
1465 #elif defined(US_AUTH_PEERCRED_SOCKPEERCRED)
1466  struct sockpeercred sockpeercred;
1467  socklen_t sockpeercred_len = sizeof(sockpeercred);
1468 
1469  if (!getsockopt(sock, SOL_SOCKET, SO_PEERCRED,
1470  &sockpeercred, &sockpeercred_len)
1471  && sockpeercred_len == sizeof(sockpeercred_len)) {
1472  found_pid = sockpeercred.pid;
1473  found_uid = sockpeercred.uid; found_gid = sockpeercred.gid;
1474 
1475 #elif defined(US_AUTH_GETPEEREID)
1476  if (!getpeereid(sock, &found_uid, &found_gid)) {
1477  found_pid = PCMK__SPECIAL_PID; /* cannot obtain PID (FreeBSD) */
1478 
1479 #elif defined(US_AUTH_GETPEERUCRED)
1480  ucred_t *ucred;
1481  if (!getpeerucred(sock, &ucred)) {
1482  errno = 0;
1483  found_pid = ucred_getpid(ucred);
1484  found_uid = ucred_geteuid(ucred); found_gid = ucred_getegid(ucred);
1485  ret = -errno;
1486  ucred_free(ucred);
1487  if (ret) {
1488  return (ret < 0) ? ret : -pcmk_err_generic;
1489  }
1490 
1491 #else
1492 # error "No way to authenticate a Unix socket peer"
1493  errno = 0;
1494  if (0) {
1495 #endif
1496  if (gotpid != NULL) {
1497  *gotpid = found_pid;
1498  }
1499  if (gotuid != NULL) {
1500  *gotuid = found_uid;
1501  }
1502  if (gotgid != NULL) {
1503  *gotgid = found_gid;
1504  }
1505  ret = (found_uid == 0 || found_uid == refuid || found_gid == refgid);
1506  } else {
1507  ret = (errno > 0) ? -errno : -pcmk_err_generic;
1508  }
1509 
1510  return ret;
1511 }
1512 
1513 int
1514 pcmk__ipc_is_authentic_process_active(const char *name, uid_t refuid,
1515  gid_t refgid, pid_t *gotpid) {
1516  static char last_asked_name[PATH_MAX / 2] = ""; /* log spam prevention */
1517  int fd, ret = 0;
1518  pid_t found_pid = 0; uid_t found_uid = 0; gid_t found_gid = 0;
1519  qb_ipcc_connection_t *c;
1520 
1521  if ((c = qb_ipcc_connect(name, 0)) == NULL) {
1522  crm_info("Could not connect to %s IPC: %s", name, strerror(errno));
1523 
1524  } else if ((ret = qb_ipcc_fd_get(c, &fd))) {
1525  crm_err("Could not get fd from %s IPC: %s (%d)", name,
1526  strerror(-ret), -ret);
1527  ret = -1;
1528 
1529  } else if ((ret = crm_ipc_is_authentic_process(fd, refuid, refgid,
1530  &found_pid, &found_uid,
1531  &found_gid)) < 0) {
1532  if (ret == -pcmk_err_generic) {
1533  crm_err("Could not get peer credentials from %s IPC", name);
1534  } else {
1535  crm_err("Could not get peer credentials from %s IPC: %s (%d)",
1536  name, strerror(-ret), -ret);
1537  }
1538  ret = -1;
1539 
1540  } else {
1541  if (gotpid != NULL) {
1542  *gotpid = found_pid;
1543  }
1544 
1545  if (!ret) {
1546  crm_err("Daemon (IPC %s) effectively blocked with unauthorized"
1547  " process %lld (uid: %lld, gid: %lld)",
1548  name, (long long) PCMK__SPECIAL_PID_AS_0(found_pid),
1549  (long long) found_uid, (long long) found_gid);
1550  ret = -2;
1551  } else if ((found_uid != refuid || found_gid != refgid)
1552  && strncmp(last_asked_name, name, sizeof(last_asked_name))) {
1553  if (!found_uid && refuid) {
1554  crm_warn("Daemon (IPC %s) runs as root, whereas the expected"
1555  " credentials are %lld:%lld, hazard of violating"
1556  " the least privilege principle",
1557  name, (long long) refuid, (long long) refgid);
1558  } else {
1559  crm_notice("Daemon (IPC %s) runs as %lld:%lld, whereas the"
1560  " expected credentials are %lld:%lld, which may"
1561  " mean a different set of privileges than expected",
1562  name, (long long) found_uid, (long long) found_gid,
1563  (long long) refuid, (long long) refgid);
1564  }
1565  memccpy(last_asked_name, name, '\0', sizeof(last_asked_name));
1566  }
1567  }
1568 
1569  if (ret) { /* here, !ret only when we could not initially connect */
1570  qb_ipcc_disconnect(c);
1571  }
1572 
1573  return ret;
1574 }
1575 
1576 
1577 /* Utils */
1578 
1579 xmlNode *
1580 create_hello_message(const char *uuid,
1581  const char *client_name, const char *major_version, const char *minor_version)
1582 {
1583  xmlNode *hello_node = NULL;
1584  xmlNode *hello = NULL;
1585 
1586  if (uuid == NULL || strlen(uuid) == 0
1587  || client_name == NULL || strlen(client_name) == 0
1588  || major_version == NULL || strlen(major_version) == 0
1589  || minor_version == NULL || strlen(minor_version) == 0) {
1590  crm_err("Missing fields, Hello message will not be valid.");
1591  return NULL;
1592  }
1593 
1594  hello_node = create_xml_node(NULL, XML_TAG_OPTIONS);
1595  crm_xml_add(hello_node, "major_version", major_version);
1596  crm_xml_add(hello_node, "minor_version", minor_version);
1597  crm_xml_add(hello_node, "client_name", client_name);
1598  crm_xml_add(hello_node, "client_uuid", uuid);
1599 
1600  crm_trace("creating hello message");
1601  hello = create_request(CRM_OP_HELLO, hello_node, NULL, NULL, client_name, uuid);
1602  free_xml(hello_node);
1603 
1604  return hello;
1605 }
#define F_CRM_TASK
Definition: msg_xml.h:52
#define CRM_CHECK(expr, failure_action)
Definition: logging.h:156
void crm_client_destroy(crm_client_t *c)
Definition: ipc.c:450
#define F_CRM_REFERENCE
Definition: msg_xml.h:58
void crm_write_blackbox(int nsig, struct qb_log_callsite *callsite)
Definition: logging.c:457
bool crm_ipc_connect(crm_ipc_t *client)
Establish an IPC connection to a Pacemaker component.
Definition: ipc.c:955
A dumping ground.
client_type
Definition: ipcs.h:29
#define F_TYPE
Definition: msg_xml.h:30
#define crm_notice(fmt, args...)
Definition: logging.h:242
const char * pcmk_strerror(int rc)
Definition: results.c:188
const char * bz2_strerror(int rc)
Definition: results.c:443
char * crm_generate_uuid(void)
Definition: utils.c:1078
GQueue * event_queue
Definition: ipcs.h:82
#define F_CRM_HOST_TO
Definition: msg_xml.h:53
#define XML_TAG_OPTIONS
Definition: msg_xml.h:112
int crm_ipc_get_fd(crm_ipc_t *client)
Definition: ipc.c:1061
crm_client_t * crm_client_alloc(void *key)
Allocate a new crm_client_t object and generate its ID.
Definition: ipc.c:356
void crm_client_disconnect_all(qb_ipcs_service_t *s)
Definition: ipc.c:274
uint32_t flags
Definition: ipcs.h:78
qb_ipcs_connection_t * ipcs
Definition: ipcs.h:89
#define F_CRM_MSG_TYPE
Definition: msg_xml.h:54
uint32_t size
Definition: internal.h:86
const char * crm_xml_add_int(xmlNode *node, const char *name, int value)
Create an XML attribute with specified name and integer value.
Definition: nvpair.c:383
int request_id
Definition: ipcs.h:77
xmlNode * crm_ipcs_recv(crm_client_t *c, void *data, size_t size, uint32_t *id, uint32_t *flags)
Definition: ipc.c:524
#define CRM_FEATURE_SET
Definition: crm.h:32
#define F_CRM_HOST_FROM
Definition: msg_xml.h:57
#define T_CRM
Definition: msg_xml.h:42
long long crm_int_helper(const char *text, char **end_text)
Definition: strings.c:34
xmlNode * create_reply_adv(xmlNode *request, xmlNode *xml_response_data, const char *origin)
Definition: ipc.c:133
char * buffer
Definition: ipcs.h:39
unsigned int queue_max
Definition: ipcs.h:94
#define PCMK__SPECIAL_PID_AS_0(p)
Definition: ipc_internal.h:34
const char * crm_xml_add(xmlNode *node, const char *name, const char *value)
Create an XML attribute with specified name and value.
Definition: nvpair.c:275
#define pcmk_err_generic
Definition: results.h:60
int crm_parse_int(const char *text, const char *default_text)
Parse an integer value from a string.
Definition: strings.c:110
#define PCMK_IPC_VERSION
Definition: ipc.c:42
#define PCMK__SPECIAL_PID
Definition: ipc_internal.h:25
struct crm_remote_s * remote
Definition: ipcs.h:91
int crm_user_lookup(const char *name, uid_t *uid, gid_t *gid)
Definition: utils.c:402
#define CRM_LOG_ASSERT(expr)
Definition: logging.h:142
long crm_ipc_read(crm_ipc_t *client)
Definition: ipc.c:1170
#define clear_bit(word, bit)
Definition: crm_internal.h:168
char * strerror(int errnum)
xmlNode * create_hello_message(const char *uuid, const char *client_name, const char *major_version, const char *minor_version)
Definition: ipc.c:1580
uint32_t crm_ipc_buffer_flags(crm_ipc_t *client)
Definition: ipc.c:1224
crm_client_t * crm_client_get(qb_ipcs_connection_t *c)
Definition: ipc.c:190
char * user
Definition: ipcs.h:71
ssize_t crm_ipcs_flush_events(crm_client_t *c)
Definition: ipc.c:609
void crm_client_init(void)
Definition: ipc.c:252
xmlNode * string2xml(const char *input)
Definition: xml.c:2058
const char * crm_ipc_buffer(crm_ipc_t *client)
Definition: ipc.c:1217
#define MAX_MSG_SIZE
Definition: ipc.c:885
#define XML_ATTR_REQUEST
Definition: msg_xml.h:115
void crm_ipcs_send_ack(crm_client_t *c, uint32_t request, uint32_t flags, const char *tag, const char *function, int line)
Definition: ipc.c:867
const char * crm_client_type_text(enum client_type client_type)
Definition: ipc.c:235
#define crm_warn(fmt, args...)
Definition: logging.h:241
#define set_bit(word, bit)
Definition: crm_internal.h:167
#define crm_debug(fmt, args...)
Definition: logging.h:245
#define F_CRM_SYS_TO
Definition: msg_xml.h:55
struct crm_ipc_s crm_ipc_t
Definition: ipc.h:58
const char * crm_element_value(const xmlNode *data, const char *name)
Retrieve the value of an XML attribute.
Definition: nvpair.c:423
#define crm_trace(fmt, args...)
Definition: logging.h:246
xmlNode * create_xml_node(xmlNode *parent, const char *name)
Definition: xml.c:1890
ssize_t crm_ipcs_send(crm_client_t *c, uint32_t request, xmlNode *message, enum crm_ipc_flags flags)
Definition: ipc.c:844
#define CRM_DAEMON_USER
Definition: config.h:32
unsigned int crm_ipc_default_buffer_size(void)
Definition: ipc.c:71
void crm_ipc_destroy(crm_ipc_t *client)
Definition: ipc.c:1038
gboolean add_message_xml(xmlNode *msg, const char *field, xmlNode *xml)
Definition: xml.c:2512
void free_xml(xmlNode *child)
Definition: xml.c:2014
void pcmk_free_ipc_event(struct iovec *event)
Free an I/O vector created by crm_ipc_prepare()
Definition: ipc.c:425
unsigned int queue_backlog
Definition: ipcs.h:93
int auth_timeout
Definition: ipcs.h:42
bool crm_ipc_connected(crm_ipc_t *client)
Definition: ipc.c:1075
#define F_CRM_DATA
Definition: msg_xml.h:51
#define CRM_XS
Definition: logging.h:34
bool crm_compress_string(const char *data, int length, int max, char **result, unsigned int *result_len)
Definition: strings.c:427
int crm_ipc_ready(crm_ipc_t *client)
Check whether an IPC connection is ready to be read.
Definition: ipc.c:1107
#define PCMK_IPC_DEFAULT_QUEUE_MAX
Definition: ipc.c:45
const char * crm_ipc_name(crm_ipc_t *client)
Definition: ipc.c:1238
uint pid
Definition: ipcs.h:64
int event_timer
Definition: ipcs.h:81
#define crm_perror(level, fmt, args...)
Log a system error message.
Definition: logging.h:218
#define CRM_OP_HELLO
Definition: crm.h:113
#define crm_err(fmt, args...)
Definition: logging.h:240
#define CRM_ASSERT(expr)
Definition: results.h:42
int crm_ipc_send(crm_ipc_t *client, xmlNode *message, enum crm_ipc_flags flags, int32_t ms_timeout, xmlNode **reply)
Definition: ipc.c:1320
xmlNode * create_request_adv(const char *task, xmlNode *xml_data, const char *host_to, const char *sys_to, const char *sys_from, const char *uuid_from, const char *origin)
Definition: ipc.c:88
#define F_CRM_SYS_FROM
Definition: msg_xml.h:56
#define crm_log_xml_notice(xml, text)
Definition: logging.h:251
crm_ipc_t * crm_ipc_new(const char *name, size_t max_size)
Definition: ipc.c:925
crm_client_t * crm_client_get_by_id(const char *id)
Definition: ipc.c:201
char * dump_xml_unformatted(xmlNode *msg)
Definition: xml.c:3196
GHashTable * client_connections
Definition: ipc.c:187
#define XML_ATTR_RESPONSE
Definition: msg_xml.h:116
char data[0]
Definition: internal.h:92
ssize_t crm_ipc_prepare(uint32_t request, xmlNode *message, struct iovec **result, uint32_t max_send_size)
Definition: ipc.c:697
void crm_client_cleanup(void)
Definition: ipc.c:261
char * id
Definition: ipcs.h:69
bool crm_set_client_queue_max(crm_client_t *client, const char *qmax)
Raise IPC eviction threshold for a client, if allowed.
Definition: ipc.c:500
int crm_ipcs_client_pid(qb_ipcs_connection_t *c)
Definition: ipc.c:514
#define pcmk_ok
Definition: results.h:57
Wrappers for and extensions to libqb IPC.
char * generate_hash_key(const char *crm_msg_reference, const char *sys)
Definition: utils.c:392
#define F_CRM_ORIGIN
Definition: msg_xml.h:60
#define crm_log_xml_trace(xml, text)
Definition: logging.h:254
const char * crm_client_name(crm_client_t *c)
Definition: ipc.c:221
enum client_type kind
Definition: ipcs.h:87
crm_client_t * crm_client_new(qb_ipcs_connection_t *c, uid_t uid, gid_t gid)
Definition: ipc.c:365
char * name
Definition: ipcs.h:70
crm_ipc_flags
Definition: ipc.h:39
void crm_ipc_close(crm_ipc_t *client)
Definition: ipc.c:1023
int pcmk__ipc_is_authentic_process_active(const char *name, uid_t refuid, gid_t refgid, pid_t *gotpid)
Definition: ipc.c:1514
char * crm_strdup_printf(char const *format,...) __attribute__((__format__(__printf__
#define create_request(task, xml_data, host_to, sys_to, sys_from, uuid_from)
Definition: ipc.h:32
ssize_t crm_ipcs_sendv(crm_client_t *c, struct iovec *iov, enum crm_ipc_flags flags)
Definition: ipc.c:771
#define crm_info(fmt, args...)
Definition: logging.h:243
char * uid2username(uid_t uid)
#define F_CRM_VERSION
Definition: msg_xml.h:59
uint32_t version
Definition: remote.c:146
uint64_t flags
Definition: remote.c:148
#define MIN_MSG_SIZE
Definition: ipc.c:884
enum crm_ais_msg_types type
Definition: internal.h:85
int crm_ipc_is_authentic_process(int sock, uid_t refuid, gid_t refgid, pid_t *gotpid, uid_t *gotuid, gid_t *gotgid)
Check the authenticity of the IPC socket peer process.
Definition: ipc.c:1452