This source file includes following definitions.
- cib_remote_inputfd
- cib_remote_set_connection_dnotify
- cib_remote_register_notification
- cib_remote_new
- cib_tls_close
- cib_tls_signon
- cib_remote_connection_destroy
- cib_remote_command_dispatch
- cib_remote_callback_dispatch
- cib_remote_signon
- cib_remote_signoff
- cib_remote_free
- cib_remote_perform_op
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 #include <crm_internal.h>
20
21 #include <unistd.h>
22 #include <stdlib.h>
23 #include <stdio.h>
24 #include <stdarg.h>
25 #include <string.h>
26 #include <netdb.h>
27 #include <termios.h>
28 #include <sys/socket.h>
29
30 #include <glib.h>
31
32 #include <crm/crm.h>
33 #include <crm/cib/internal.h>
34 #include <crm/msg_xml.h>
35 #include <crm/common/ipcs.h>
36 #include <crm/common/mainloop.h>
37
38 #ifdef HAVE_GNUTLS_GNUTLS_H
39 # undef KEYFILE
40 # include <gnutls/gnutls.h>
41 gnutls_anon_client_credentials_t anon_cred_c;
42
43 # define DEFAULT_CLIENT_HANDSHAKE_TIMEOUT 5000
44
45 const int kx_prio[] = {
46 GNUTLS_KX_ANON_DH,
47 0
48 };
49
50 static gboolean remote_gnutls_credentials_init = FALSE;
51 #else
52 typedef void gnutls_session_t;
53 #endif
54
55 #include <arpa/inet.h>
56 #ifndef ON_BSD
57 # include <sgtty.h>
58 #endif
59
60 #define DH_BITS 1024
61
62 typedef struct cib_remote_opaque_s {
63 int flags;
64 int socket;
65 int port;
66 char *server;
67 char *user;
68 char *passwd;
69 gboolean encrypted;
70 crm_remote_t command;
71 crm_remote_t callback;
72
73 } cib_remote_opaque_t;
74
75 void cib_remote_connection_destroy(gpointer user_data);
76 int cib_remote_callback_dispatch(gpointer user_data);
77 int cib_remote_command_dispatch(gpointer user_data);
78 int cib_remote_signon(cib_t * cib, const char *name, enum cib_conn_type type);
79 int cib_remote_signoff(cib_t * cib);
80 int cib_remote_free(cib_t * cib);
81
82 int cib_remote_perform_op(cib_t * cib, const char *op, const char *host, const char *section,
83 xmlNode * data, xmlNode ** output_data, int call_options,
84 const char *name);
85
86 static int
87 cib_remote_inputfd(cib_t * cib)
88 {
89 cib_remote_opaque_t *private = cib->variant_opaque;
90
91 return private->callback.tcp_socket;
92 }
93
94 static int
95 cib_remote_set_connection_dnotify(cib_t * cib, void (*dnotify) (gpointer user_data))
96 {
97 return -EPROTONOSUPPORT;
98 }
99
100 static int
101 cib_remote_register_notification(cib_t * cib, const char *callback, int enabled)
102 {
103 xmlNode *notify_msg = create_xml_node(NULL, "cib_command");
104 cib_remote_opaque_t *private = cib->variant_opaque;
105
106 crm_xml_add(notify_msg, F_CIB_OPERATION, T_CIB_NOTIFY);
107 crm_xml_add(notify_msg, F_CIB_NOTIFY_TYPE, callback);
108 crm_xml_add_int(notify_msg, F_CIB_NOTIFY_ACTIVATE, enabled);
109 crm_remote_send(&private->callback, notify_msg);
110 free_xml(notify_msg);
111 return pcmk_ok;
112 }
113
114 cib_t *
115 cib_remote_new(const char *server, const char *user, const char *passwd, int port,
116 gboolean encrypted)
117 {
118 cib_remote_opaque_t *private = NULL;
119 cib_t *cib = cib_new_variant();
120
121 private = calloc(1, sizeof(cib_remote_opaque_t));
122
123 cib->variant = cib_remote;
124 cib->variant_opaque = private;
125
126 if (server) {
127 private->server = strdup(server);
128 }
129
130 if (user) {
131 private->user = strdup(user);
132 }
133
134 if (passwd) {
135 private->passwd = strdup(passwd);
136 }
137
138 private->port = port;
139 private->encrypted = encrypted;
140
141
142 cib->delegate_fn = cib_remote_perform_op;
143 cib->cmds->signon = cib_remote_signon;
144 cib->cmds->signoff = cib_remote_signoff;
145 cib->cmds->free = cib_remote_free;
146 cib->cmds->inputfd = cib_remote_inputfd;
147
148 cib->cmds->register_notification = cib_remote_register_notification;
149 cib->cmds->set_connection_dnotify = cib_remote_set_connection_dnotify;
150
151 return cib;
152 }
153
154 static int
155 cib_tls_close(cib_t * cib)
156 {
157 cib_remote_opaque_t *private = cib->variant_opaque;
158
159 #ifdef HAVE_GNUTLS_GNUTLS_H
160 if (private->encrypted) {
161 if (private->command.tls_session) {
162 gnutls_bye(*(private->command.tls_session), GNUTLS_SHUT_RDWR);
163 gnutls_deinit(*(private->command.tls_session));
164 gnutls_free(private->command.tls_session);
165 }
166
167 if (private->callback.tls_session) {
168 gnutls_bye(*(private->callback.tls_session), GNUTLS_SHUT_RDWR);
169 gnutls_deinit(*(private->callback.tls_session));
170 gnutls_free(private->callback.tls_session);
171 }
172 private->command.tls_session = NULL;
173 private->callback.tls_session = NULL;
174 if (remote_gnutls_credentials_init) {
175 gnutls_anon_free_client_credentials(anon_cred_c);
176 gnutls_global_deinit();
177 remote_gnutls_credentials_init = FALSE;
178 }
179 }
180 #endif
181
182 if (private->command.tcp_socket) {
183 shutdown(private->command.tcp_socket, SHUT_RDWR);
184 close(private->command.tcp_socket);
185 }
186 if (private->callback.tcp_socket) {
187 shutdown(private->callback.tcp_socket, SHUT_RDWR);
188 close(private->callback.tcp_socket);
189 }
190 private->command.tcp_socket = 0;
191 private->callback.tcp_socket = 0;
192
193 free(private->command.buffer);
194 free(private->callback.buffer);
195 private->command.buffer = NULL;
196 private->callback.buffer = NULL;
197
198 return 0;
199 }
200
201 static int
202 cib_tls_signon(cib_t * cib, crm_remote_t * connection, gboolean event_channel)
203 {
204 int sock;
205 cib_remote_opaque_t *private = cib->variant_opaque;
206 int rc = 0;
207 int disconnected = 0;
208
209 xmlNode *answer = NULL;
210 xmlNode *login = NULL;
211
212 static struct mainloop_fd_callbacks cib_fd_callbacks = { 0, };
213
214 cib_fd_callbacks.dispatch =
215 event_channel ? cib_remote_callback_dispatch : cib_remote_command_dispatch;
216 cib_fd_callbacks.destroy = cib_remote_connection_destroy;
217
218 connection->tcp_socket = 0;
219 #ifdef HAVE_GNUTLS_GNUTLS_H
220 connection->tls_session = NULL;
221 #endif
222 sock = crm_remote_tcp_connect(private->server, private->port);
223 if (sock < 0) {
224 crm_perror(LOG_ERR, "remote tcp connection to %s:%d failed", private->server,
225 private->port);
226 return -ENOTCONN;
227 }
228
229 connection->tcp_socket = sock;
230
231 if (private->encrypted) {
232
233 #ifdef HAVE_GNUTLS_GNUTLS_H
234 if (remote_gnutls_credentials_init == FALSE) {
235 crm_gnutls_global_init();
236 gnutls_anon_allocate_client_credentials(&anon_cred_c);
237 remote_gnutls_credentials_init = TRUE;
238 }
239
240
241 connection->tls_session = crm_create_anon_tls_session(sock, GNUTLS_CLIENT, anon_cred_c);
242
243 if (crm_initiate_client_tls_handshake(connection, DEFAULT_CLIENT_HANDSHAKE_TIMEOUT) != 0) {
244 crm_err("Session creation for %s:%d failed", private->server, private->port);
245
246 gnutls_deinit(*connection->tls_session);
247 gnutls_free(connection->tls_session);
248 connection->tls_session = NULL;
249 cib_tls_close(cib);
250 return -1;
251 }
252 #else
253 return -EPROTONOSUPPORT;
254 #endif
255 }
256
257
258 login = create_xml_node(NULL, "cib_command");
259 crm_xml_add(login, "op", "authenticate");
260 crm_xml_add(login, "user", private->user);
261 crm_xml_add(login, "password", private->passwd);
262 crm_xml_add(login, "hidden", "password");
263
264 crm_remote_send(connection, login);
265 free_xml(login);
266
267 crm_remote_recv(connection, -1, &disconnected);
268
269 if (disconnected) {
270 rc = -ENOTCONN;
271 }
272
273 answer = crm_remote_parse_buffer(connection);
274
275 crm_log_xml_trace(answer, "Reply");
276 if (answer == NULL) {
277 rc = -EPROTO;
278
279 } else {
280
281 const char *msg_type = crm_element_value(answer, F_CIB_OPERATION);
282 const char *tmp_ticket = crm_element_value(answer, F_CIB_CLIENTID);
283
284 if (safe_str_neq(msg_type, CRM_OP_REGISTER)) {
285 crm_err("Invalid registration message: %s", msg_type);
286 rc = -EPROTO;
287
288 } else if (tmp_ticket == NULL) {
289 rc = -EPROTO;
290
291 } else {
292 connection->token = strdup(tmp_ticket);
293 }
294 }
295 free_xml(answer);
296 answer = NULL;
297
298 if (rc != 0) {
299 cib_tls_close(cib);
300 return rc;
301 }
302
303 crm_trace("remote client connection established");
304 connection->source =
305 mainloop_add_fd("cib-remote", G_PRIORITY_HIGH, sock, cib,
306 &cib_fd_callbacks);
307 return rc;
308 }
309
310 void
311 cib_remote_connection_destroy(gpointer user_data)
312 {
313 crm_err("Connection destroyed");
314 #ifdef HAVE_GNUTLS_GNUTLS_H
315 cib_tls_close(user_data);
316 #endif
317 return;
318 }
319
320 int
321 cib_remote_command_dispatch(gpointer user_data)
322 {
323 int disconnected = 0;
324 cib_t *cib = user_data;
325 cib_remote_opaque_t *private = cib->variant_opaque;
326
327 crm_remote_recv(&private->command, -1, &disconnected);
328
329 free(private->command.buffer);
330 private->command.buffer = NULL;
331 crm_err("received late reply for remote cib connection, discarding");
332
333 if (disconnected) {
334 return -1;
335 }
336 return 0;
337 }
338
339 int
340 cib_remote_callback_dispatch(gpointer user_data)
341 {
342 cib_t *cib = user_data;
343 cib_remote_opaque_t *private = cib->variant_opaque;
344
345 xmlNode *msg = NULL;
346 int disconnected = 0;
347
348 crm_info("Message on callback channel");
349
350 crm_remote_recv(&private->callback, -1, &disconnected);
351
352 msg = crm_remote_parse_buffer(&private->callback);
353 while (msg) {
354 const char *type = crm_element_value(msg, F_TYPE);
355
356 crm_trace("Activating %s callbacks...", type);
357
358 if (safe_str_eq(type, T_CIB)) {
359 cib_native_callback(cib, msg, 0, 0);
360
361 } else if (safe_str_eq(type, T_CIB_NOTIFY)) {
362 g_list_foreach(cib->notify_list, cib_native_notify, msg);
363
364 } else {
365 crm_err("Unknown message type: %s", type);
366 }
367
368 free_xml(msg);
369 msg = crm_remote_parse_buffer(&private->callback);
370 }
371
372 if (disconnected) {
373 return -1;
374 }
375
376 return 0;
377 }
378
379 int
380 cib_remote_signon(cib_t * cib, const char *name, enum cib_conn_type type)
381 {
382 int rc = pcmk_ok;
383 cib_remote_opaque_t *private = cib->variant_opaque;
384
385 if (private->passwd == NULL) {
386 struct termios settings;
387
388 rc = tcgetattr(0, &settings);
389 if(rc == 0) {
390 settings.c_lflag &= ~ECHO;
391 rc = tcsetattr(0, TCSANOW, &settings);
392 }
393
394 if(rc == 0) {
395 fprintf(stderr, "Password: ");
396 private->passwd = calloc(1, 1024);
397 rc = scanf("%1023s", private->passwd);
398 fprintf(stderr, "\n");
399 }
400
401
402 if (rc < 1) {
403 private->passwd = NULL;
404 }
405
406 settings.c_lflag |= ECHO;
407 rc = tcsetattr(0, TCSANOW, &settings);
408 }
409
410 if (private->server == NULL || private->user == NULL) {
411 rc = -EINVAL;
412 }
413
414 if (rc == pcmk_ok) {
415 rc = cib_tls_signon(cib, &(private->command), FALSE);
416 }
417
418 if (rc == pcmk_ok) {
419 rc = cib_tls_signon(cib, &(private->callback), TRUE);
420 }
421
422 if (rc == pcmk_ok) {
423 xmlNode *hello =
424 cib_create_op(0, private->callback.token, CRM_OP_REGISTER, NULL, NULL, NULL, 0, NULL);
425 crm_xml_add(hello, F_CIB_CLIENTNAME, name);
426 crm_remote_send(&private->command, hello);
427 free_xml(hello);
428 }
429
430 if (rc == pcmk_ok) {
431 crm_notice("%s: Opened connection to %s:%d", name, private->server, private->port);
432 cib->state = cib_connected_command;
433 cib->type = cib_command;
434
435 } else {
436 fprintf(stderr, "%s: Connection to %s:%d failed: %s\n",
437 name, private->server, private->port, pcmk_strerror(rc));
438 }
439
440 return rc;
441 }
442
443 int
444 cib_remote_signoff(cib_t * cib)
445 {
446 int rc = pcmk_ok;
447
448
449
450 crm_debug("Signing out of the CIB Service");
451 #ifdef HAVE_GNUTLS_GNUTLS_H
452 cib_tls_close(cib);
453 #endif
454
455 cib->state = cib_disconnected;
456 cib->type = cib_no_connection;
457
458 return rc;
459 }
460
461 int
462 cib_remote_free(cib_t * cib)
463 {
464 int rc = pcmk_ok;
465
466 crm_warn("Freeing CIB");
467 if (cib->state != cib_disconnected) {
468 rc = cib_remote_signoff(cib);
469 if (rc == pcmk_ok) {
470 cib_remote_opaque_t *private = cib->variant_opaque;
471
472 free(private->server);
473 free(private->user);
474 free(private->passwd);
475 free(cib->cmds);
476 free(private);
477 free(cib);
478 }
479 }
480
481 return rc;
482 }
483
484 int
485 cib_remote_perform_op(cib_t * cib, const char *op, const char *host, const char *section,
486 xmlNode * data, xmlNode ** output_data, int call_options, const char *name)
487 {
488 int rc = pcmk_ok;
489 int disconnected = 0;
490 int remaining_time = 0;
491 time_t start_time;
492
493 xmlNode *op_msg = NULL;
494 xmlNode *op_reply = NULL;
495
496 cib_remote_opaque_t *private = cib->variant_opaque;
497
498 if (cib->state == cib_disconnected) {
499 return -ENOTCONN;
500 }
501
502 if (output_data != NULL) {
503 *output_data = NULL;
504 }
505
506 if (op == NULL) {
507 crm_err("No operation specified");
508 return -EINVAL;
509 }
510
511 cib->call_id++;
512
513
514
515
516 if (cib->call_id < 1) {
517 cib->call_id = 1;
518 }
519
520 op_msg =
521 cib_create_op(cib->call_id, private->callback.token, op, host, section, data, call_options,
522 NULL);
523 if (op_msg == NULL) {
524 return -EPROTO;
525 }
526
527 crm_trace("Sending %s message to CIB service", op);
528 if (!(call_options & cib_sync_call)) {
529 crm_remote_send(&private->callback, op_msg);
530 } else {
531 crm_remote_send(&private->command, op_msg);
532 }
533 free_xml(op_msg);
534
535 if ((call_options & cib_discard_reply)) {
536 crm_trace("Discarding reply");
537 return pcmk_ok;
538
539 } else if (!(call_options & cib_sync_call)) {
540 return cib->call_id;
541 }
542
543 crm_trace("Waiting for a synchronous reply");
544
545 start_time = time(NULL);
546 remaining_time = cib->call_timeout ? cib->call_timeout : 60;
547
548 while (remaining_time > 0 && !disconnected) {
549 int reply_id = -1;
550 int msg_id = cib->call_id;
551
552 crm_remote_recv(&private->command, remaining_time * 1000, &disconnected);
553 op_reply = crm_remote_parse_buffer(&private->command);
554
555 if (!op_reply) {
556 break;
557 }
558
559 crm_element_value_int(op_reply, F_CIB_CALLID, &reply_id);
560
561 if (reply_id == msg_id) {
562 break;
563
564 } else if (reply_id < msg_id) {
565 crm_debug("Received old reply: %d (wanted %d)", reply_id, msg_id);
566 crm_log_xml_trace(op_reply, "Old reply");
567
568 } else if ((reply_id - 10000) > msg_id) {
569
570 crm_debug("Received old reply: %d (wanted %d)", reply_id, msg_id);
571 crm_log_xml_trace(op_reply, "Old reply");
572 } else {
573 crm_err("Received a __future__ reply:" " %d (wanted %d)", reply_id, msg_id);
574 }
575
576 free_xml(op_reply);
577 op_reply = NULL;
578
579
580 remaining_time = time(NULL) - start_time;
581 }
582
583
584
585
586
587
588
589 if (disconnected) {
590 crm_err("Disconnected while waiting for reply.");
591 return -ENOTCONN;
592 } else if (op_reply == NULL) {
593 crm_err("No reply message - empty");
594 return -ENOMSG;
595 }
596
597 crm_trace("Synchronous reply received");
598
599
600 if (crm_element_value_int(op_reply, F_CIB_RC, &rc) != 0) {
601 rc = -EPROTO;
602 }
603
604 if (rc == -pcmk_err_diff_resync) {
605
606 rc = pcmk_ok;
607 }
608
609 if (rc == pcmk_ok || rc == -EPERM) {
610 crm_log_xml_debug(op_reply, "passed");
611
612 } else {
613
614 crm_err("Call failed: %s", pcmk_strerror(rc));
615 crm_log_xml_warn(op_reply, "failed");
616 }
617
618 if (output_data == NULL) {
619
620
621 } else if (!(call_options & cib_discard_reply)) {
622 xmlNode *tmp = get_message_xml(op_reply, F_CIB_CALLDATA);
623
624 if (tmp == NULL) {
625 crm_trace("No output in reply to \"%s\" command %d", op, cib->call_id - 1);
626 } else {
627 *output_data = copy_xml(tmp);
628 }
629 }
630
631 free_xml(op_reply);
632
633 return rc;
634 }
![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
![[next]](../icons/right.png)
![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
![[previous]](../icons/left.png)
![[last]](../icons/n_last.png)
![[bottom]](../icons/n_bottom.png){kind=icon}