This source file includes following definitions.
- cib_remote_perform_op
- cib_remote_callback_dispatch
- cib_remote_command_dispatch
- cib_tls_close
- cib_remote_connection_destroy
- cib_tls_signon
- cib_remote_signon
- cib_remote_signoff
- cib_remote_free
- cib_remote_inputfd
- cib_remote_register_notification
- cib_remote_set_connection_dnotify
- cib_remote_client_id
- cib_remote_new
- cib__set_output
1
2
3
4
5
6
7
8
9
10 #include <crm_internal.h>
11
12 #include <unistd.h>
13 #include <stdlib.h>
14 #include <stdio.h>
15 #include <stdarg.h>
16 #include <string.h>
17 #include <netdb.h>
18 #include <termios.h>
19 #include <sys/socket.h>
20
21 #include <glib.h>
22
23 #include <crm/crm.h>
24 #include <crm/cib/internal.h>
25 #include <crm/msg_xml.h>
26 #include <crm/common/ipc_internal.h>
27 #include <crm/common/mainloop.h>
28 #include <crm/common/remote_internal.h>
29 #include <crm/common/output_internal.h>
30
31 #ifdef HAVE_GNUTLS_GNUTLS_H
32
33 # include <gnutls/gnutls.h>
34
35 # define TLS_HANDSHAKE_TIMEOUT_MS 5000
36
37 static gnutls_anon_client_credentials_t anon_cred_c;
38 static gboolean remote_gnutls_credentials_init = FALSE;
39
40 #endif
41
42 #include <arpa/inet.h>
43
44 typedef struct cib_remote_opaque_s {
45 int port;
46 char *server;
47 char *user;
48 char *passwd;
49 gboolean encrypted;
50 pcmk__remote_t command;
51 pcmk__remote_t callback;
52 pcmk__output_t *out;
53 } cib_remote_opaque_t;
54
55 static int
56 cib_remote_perform_op(cib_t *cib, const char *op, const char *host,
57 const char *section, xmlNode *data,
58 xmlNode **output_data, int call_options, const char *name)
59 {
60 int rc;
61 int remaining_time = 0;
62 time_t start_time;
63
64 xmlNode *op_msg = NULL;
65 xmlNode *op_reply = NULL;
66
67 cib_remote_opaque_t *private = cib->variant_opaque;
68
69 if (cib->state == cib_disconnected) {
70 return -ENOTCONN;
71 }
72
73 if (output_data != NULL) {
74 *output_data = NULL;
75 }
76
77 if (op == NULL) {
78 crm_err("No operation specified");
79 return -EINVAL;
80 }
81
82 cib->call_id++;
83 if (cib->call_id < 1) {
84 cib->call_id = 1;
85 }
86
87 op_msg = cib_create_op(cib->call_id, op, host, section, data, call_options,
88 NULL);
89 if (op_msg == NULL) {
90 return -EPROTO;
91 }
92
93 crm_trace("Sending %s message to the CIB manager", op);
94 if (!(call_options & cib_sync_call)) {
95 pcmk__remote_send_xml(&private->callback, op_msg);
96 } else {
97 pcmk__remote_send_xml(&private->command, op_msg);
98 }
99 free_xml(op_msg);
100
101 if ((call_options & cib_discard_reply)) {
102 crm_trace("Discarding reply");
103 return pcmk_ok;
104
105 } else if (!(call_options & cib_sync_call)) {
106 return cib->call_id;
107 }
108
109 crm_trace("Waiting for a synchronous reply");
110
111 start_time = time(NULL);
112 remaining_time = cib->call_timeout ? cib->call_timeout : 60;
113
114 rc = pcmk_rc_ok;
115 while (remaining_time > 0 && (rc != ENOTCONN)) {
116 int reply_id = -1;
117 int msg_id = cib->call_id;
118
119 rc = pcmk__read_remote_message(&private->command,
120 remaining_time * 1000);
121 op_reply = pcmk__remote_message_xml(&private->command);
122
123 if (!op_reply) {
124 break;
125 }
126
127 crm_element_value_int(op_reply, F_CIB_CALLID, &reply_id);
128
129 if (reply_id == msg_id) {
130 break;
131
132 } else if (reply_id < msg_id) {
133 crm_debug("Received old reply: %d (wanted %d)", reply_id, msg_id);
134 crm_log_xml_trace(op_reply, "Old reply");
135
136 } else if ((reply_id - 10000) > msg_id) {
137
138 crm_debug("Received old reply: %d (wanted %d)", reply_id, msg_id);
139 crm_log_xml_trace(op_reply, "Old reply");
140 } else {
141 crm_err("Received a __future__ reply:" " %d (wanted %d)", reply_id, msg_id);
142 }
143
144 free_xml(op_reply);
145 op_reply = NULL;
146
147
148 remaining_time = time(NULL) - start_time;
149 }
150
151
152
153
154
155
156
157 if (rc == ENOTCONN) {
158 crm_err("Disconnected while waiting for reply.");
159 return -ENOTCONN;
160 } else if (op_reply == NULL) {
161 crm_err("No reply message - empty");
162 return -ENOMSG;
163 }
164
165 crm_trace("Synchronous reply received");
166
167
168 if (crm_element_value_int(op_reply, F_CIB_RC, &rc) != 0) {
169 rc = -EPROTO;
170 }
171
172 if (rc == -pcmk_err_diff_resync) {
173
174 rc = pcmk_ok;
175 }
176
177 if (rc == pcmk_ok || rc == -EPERM) {
178 crm_log_xml_debug(op_reply, "passed");
179
180 } else {
181
182 crm_err("Call failed: %s", pcmk_strerror(rc));
183 crm_log_xml_warn(op_reply, "failed");
184 }
185
186 if (output_data == NULL) {
187
188
189 } else if (!(call_options & cib_discard_reply)) {
190 xmlNode *tmp = get_message_xml(op_reply, F_CIB_CALLDATA);
191
192 if (tmp == NULL) {
193 crm_trace("No output in reply to \"%s\" command %d", op, cib->call_id - 1);
194 } else {
195 *output_data = copy_xml(tmp);
196 }
197 }
198
199 free_xml(op_reply);
200
201 return rc;
202 }
203
204 static int
205 cib_remote_callback_dispatch(gpointer user_data)
206 {
207 int rc;
208 cib_t *cib = user_data;
209 cib_remote_opaque_t *private = cib->variant_opaque;
210
211 xmlNode *msg = NULL;
212
213 crm_info("Message on callback channel");
214
215 rc = pcmk__read_remote_message(&private->callback, -1);
216
217 msg = pcmk__remote_message_xml(&private->callback);
218 while (msg) {
219 const char *type = crm_element_value(msg, F_TYPE);
220
221 crm_trace("Activating %s callbacks...", type);
222
223 if (pcmk__str_eq(type, T_CIB, pcmk__str_casei)) {
224 cib_native_callback(cib, msg, 0, 0);
225
226 } else if (pcmk__str_eq(type, T_CIB_NOTIFY, pcmk__str_casei)) {
227 g_list_foreach(cib->notify_list, cib_native_notify, msg);
228
229 } else {
230 crm_err("Unknown message type: %s", type);
231 }
232
233 free_xml(msg);
234 msg = pcmk__remote_message_xml(&private->callback);
235 }
236
237 if (rc == ENOTCONN) {
238 return -1;
239 }
240
241 return 0;
242 }
243
244 static int
245 cib_remote_command_dispatch(gpointer user_data)
246 {
247 int rc;
248 cib_t *cib = user_data;
249 cib_remote_opaque_t *private = cib->variant_opaque;
250
251 rc = pcmk__read_remote_message(&private->command, -1);
252
253 free(private->command.buffer);
254 private->command.buffer = NULL;
255 crm_err("received late reply for remote cib connection, discarding");
256
257 if (rc == ENOTCONN) {
258 return -1;
259 }
260 return 0;
261 }
262
263 static int
264 cib_tls_close(cib_t *cib)
265 {
266 cib_remote_opaque_t *private = cib->variant_opaque;
267
268 #ifdef HAVE_GNUTLS_GNUTLS_H
269 if (private->encrypted) {
270 if (private->command.tls_session) {
271 gnutls_bye(*(private->command.tls_session), GNUTLS_SHUT_RDWR);
272 gnutls_deinit(*(private->command.tls_session));
273 gnutls_free(private->command.tls_session);
274 }
275
276 if (private->callback.tls_session) {
277 gnutls_bye(*(private->callback.tls_session), GNUTLS_SHUT_RDWR);
278 gnutls_deinit(*(private->callback.tls_session));
279 gnutls_free(private->callback.tls_session);
280 }
281 private->command.tls_session = NULL;
282 private->callback.tls_session = NULL;
283 if (remote_gnutls_credentials_init) {
284 gnutls_anon_free_client_credentials(anon_cred_c);
285 gnutls_global_deinit();
286 remote_gnutls_credentials_init = FALSE;
287 }
288 }
289 #endif
290
291 if (private->command.tcp_socket) {
292 shutdown(private->command.tcp_socket, SHUT_RDWR);
293 close(private->command.tcp_socket);
294 }
295 if (private->callback.tcp_socket) {
296 shutdown(private->callback.tcp_socket, SHUT_RDWR);
297 close(private->callback.tcp_socket);
298 }
299 private->command.tcp_socket = 0;
300 private->callback.tcp_socket = 0;
301
302 free(private->command.buffer);
303 free(private->callback.buffer);
304 private->command.buffer = NULL;
305 private->callback.buffer = NULL;
306
307 return 0;
308 }
309
310 static void
311 cib_remote_connection_destroy(gpointer user_data)
312 {
313 crm_err("Connection destroyed");
314 #ifdef HAVE_GNUTLS_GNUTLS_H
315 cib_tls_close(user_data);
316 #endif
317 }
318
319 static int
320 cib_tls_signon(cib_t *cib, pcmk__remote_t *connection, gboolean event_channel)
321 {
322 cib_remote_opaque_t *private = cib->variant_opaque;
323 int rc;
324
325 xmlNode *answer = NULL;
326 xmlNode *login = NULL;
327
328 static struct mainloop_fd_callbacks cib_fd_callbacks = { 0, };
329
330 cib_fd_callbacks.dispatch =
331 event_channel ? cib_remote_callback_dispatch : cib_remote_command_dispatch;
332 cib_fd_callbacks.destroy = cib_remote_connection_destroy;
333
334 connection->tcp_socket = -1;
335 #ifdef HAVE_GNUTLS_GNUTLS_H
336 connection->tls_session = NULL;
337 #endif
338 rc = pcmk__connect_remote(private->server, private->port, 0, NULL,
339 &(connection->tcp_socket), NULL, NULL);
340 if (rc != pcmk_rc_ok) {
341 crm_info("Remote connection to %s:%d failed: %s " CRM_XS " rc=%d",
342 private->server, private->port, pcmk_rc_str(rc), rc);
343 return -ENOTCONN;
344 }
345
346 if (private->encrypted) {
347
348 #ifdef HAVE_GNUTLS_GNUTLS_H
349 if (remote_gnutls_credentials_init == FALSE) {
350 crm_gnutls_global_init();
351 gnutls_anon_allocate_client_credentials(&anon_cred_c);
352 remote_gnutls_credentials_init = TRUE;
353 }
354
355
356 connection->tls_session = pcmk__new_tls_session(connection->tcp_socket,
357 GNUTLS_CLIENT,
358 GNUTLS_CRD_ANON,
359 anon_cred_c);
360 if (connection->tls_session == NULL) {
361 cib_tls_close(cib);
362 return -1;
363 }
364
365 if (pcmk__tls_client_handshake(connection, TLS_HANDSHAKE_TIMEOUT_MS)
366 != pcmk_rc_ok) {
367 crm_err("Session creation for %s:%d failed", private->server, private->port);
368
369 gnutls_deinit(*connection->tls_session);
370 gnutls_free(connection->tls_session);
371 connection->tls_session = NULL;
372 cib_tls_close(cib);
373 return -1;
374 }
375 #else
376 return -EPROTONOSUPPORT;
377 #endif
378 }
379
380
381 login = create_xml_node(NULL, "cib_command");
382 crm_xml_add(login, "op", "authenticate");
383 crm_xml_add(login, "user", private->user);
384 crm_xml_add(login, "password", private->passwd);
385 crm_xml_add(login, "hidden", "password");
386
387 pcmk__remote_send_xml(connection, login);
388 free_xml(login);
389
390 rc = pcmk_ok;
391 if (pcmk__read_remote_message(connection, -1) == ENOTCONN) {
392 rc = -ENOTCONN;
393 }
394
395 answer = pcmk__remote_message_xml(connection);
396
397 crm_log_xml_trace(answer, "Reply");
398 if (answer == NULL) {
399 rc = -EPROTO;
400
401 } else {
402
403 const char *msg_type = crm_element_value(answer, F_CIB_OPERATION);
404 const char *tmp_ticket = crm_element_value(answer, F_CIB_CLIENTID);
405
406 if (!pcmk__str_eq(msg_type, CRM_OP_REGISTER, pcmk__str_casei)) {
407 crm_err("Invalid registration message: %s", msg_type);
408 rc = -EPROTO;
409
410 } else if (tmp_ticket == NULL) {
411 rc = -EPROTO;
412
413 } else {
414 connection->token = strdup(tmp_ticket);
415 }
416 }
417 free_xml(answer);
418 answer = NULL;
419
420 if (rc != 0) {
421 cib_tls_close(cib);
422 return rc;
423 }
424
425 crm_trace("remote client connection established");
426 connection->source = mainloop_add_fd("cib-remote", G_PRIORITY_HIGH,
427 connection->tcp_socket, cib,
428 &cib_fd_callbacks);
429 return rc;
430 }
431
432 static int
433 cib_remote_signon(cib_t *cib, const char *name, enum cib_conn_type type)
434 {
435 int rc = pcmk_ok;
436 cib_remote_opaque_t *private = cib->variant_opaque;
437
438 if (private->passwd == NULL) {
439 if (private->out == NULL) {
440
441
442
443 pcmk__text_prompt("Password", false, &(private->passwd));
444 } else {
445 private->out->prompt("Password", false, &(private->passwd));
446 }
447 }
448
449 if (private->server == NULL || private->user == NULL) {
450 rc = -EINVAL;
451 }
452
453 if (rc == pcmk_ok) {
454 rc = cib_tls_signon(cib, &(private->command), FALSE);
455 }
456
457 if (rc == pcmk_ok) {
458 rc = cib_tls_signon(cib, &(private->callback), TRUE);
459 }
460
461 if (rc == pcmk_ok) {
462 xmlNode *hello = cib_create_op(0, CRM_OP_REGISTER, NULL, NULL, NULL, 0,
463 NULL);
464 crm_xml_add(hello, F_CIB_CLIENTNAME, name);
465 pcmk__remote_send_xml(&private->command, hello);
466 free_xml(hello);
467 }
468
469 if (rc == pcmk_ok) {
470 crm_info("Opened connection to %s:%d for %s",
471 private->server, private->port, name);
472 cib->state = cib_connected_command;
473 cib->type = cib_command;
474
475 } else {
476 crm_info("Connection to %s:%d for %s failed: %s\n",
477 private->server, private->port, name, pcmk_strerror(rc));
478 }
479
480 return rc;
481 }
482
483 static int
484 cib_remote_signoff(cib_t *cib)
485 {
486 int rc = pcmk_ok;
487
488 crm_debug("Disconnecting from the CIB manager");
489 #ifdef HAVE_GNUTLS_GNUTLS_H
490 cib_tls_close(cib);
491 #endif
492
493 cib->state = cib_disconnected;
494 cib->type = cib_no_connection;
495
496 return rc;
497 }
498
499 static int
500 cib_remote_free(cib_t *cib)
501 {
502 int rc = pcmk_ok;
503
504 crm_warn("Freeing CIB");
505 if (cib->state != cib_disconnected) {
506 rc = cib_remote_signoff(cib);
507 if (rc == pcmk_ok) {
508 cib_remote_opaque_t *private = cib->variant_opaque;
509
510 free(private->server);
511 free(private->user);
512 free(private->passwd);
513 free(cib->cmds);
514 free(private);
515 free(cib);
516 }
517 }
518
519 return rc;
520 }
521
522 static int
523 cib_remote_inputfd(cib_t * cib)
524 {
525 cib_remote_opaque_t *private = cib->variant_opaque;
526
527 return private->callback.tcp_socket;
528 }
529
530 static int
531 cib_remote_register_notification(cib_t * cib, const char *callback, int enabled)
532 {
533 xmlNode *notify_msg = create_xml_node(NULL, "cib_command");
534 cib_remote_opaque_t *private = cib->variant_opaque;
535
536 crm_xml_add(notify_msg, F_CIB_OPERATION, T_CIB_NOTIFY);
537 crm_xml_add(notify_msg, F_CIB_NOTIFY_TYPE, callback);
538 crm_xml_add_int(notify_msg, F_CIB_NOTIFY_ACTIVATE, enabled);
539 pcmk__remote_send_xml(&private->callback, notify_msg);
540 free_xml(notify_msg);
541 return pcmk_ok;
542 }
543
544 static int
545 cib_remote_set_connection_dnotify(cib_t * cib, void (*dnotify) (gpointer user_data))
546 {
547 return -EPROTONOSUPPORT;
548 }
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567 static int
568 cib_remote_client_id(const cib_t *cib, const char **async_id,
569 const char **sync_id)
570 {
571 cib_remote_opaque_t *private = cib->variant_opaque;
572
573 if (async_id != NULL) {
574
575 *async_id = private->callback.token;
576 }
577 if (sync_id != NULL) {
578
579 *sync_id = private->command.token;
580 }
581 return pcmk_ok;
582 }
583
584 cib_t *
585 cib_remote_new(const char *server, const char *user, const char *passwd, int port,
586 gboolean encrypted)
587 {
588 cib_remote_opaque_t *private = NULL;
589 cib_t *cib = cib_new_variant();
590
591 if (cib == NULL) {
592 return NULL;
593 }
594
595 private = calloc(1, sizeof(cib_remote_opaque_t));
596
597 if (private == NULL) {
598 free(cib);
599 return NULL;
600 }
601
602 cib->variant = cib_remote;
603 cib->variant_opaque = private;
604
605 pcmk__str_update(&private->server, server);
606 pcmk__str_update(&private->user, user);
607 pcmk__str_update(&private->passwd, passwd);
608
609 private->port = port;
610 private->encrypted = encrypted;
611
612
613 cib->delegate_fn = cib_remote_perform_op;
614 cib->cmds->signon = cib_remote_signon;
615 cib->cmds->signoff = cib_remote_signoff;
616 cib->cmds->free = cib_remote_free;
617 cib->cmds->inputfd = cib_remote_inputfd;
618
619 cib->cmds->register_notification = cib_remote_register_notification;
620 cib->cmds->set_connection_dnotify = cib_remote_set_connection_dnotify;
621
622 cib->cmds->client_id = cib_remote_client_id;
623
624 return cib;
625 }
626
627 void
628 cib__set_output(cib_t *cib, pcmk__output_t *out)
629 {
630 cib_remote_opaque_t *private;
631
632 if (cib->variant != cib_remote) {
633 return;
634 }
635
636 private = cib->variant_opaque;
637 private->out = out;
638 }
![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
![[next]](../icons/right.png)
![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
![[previous]](../icons/left.png)
![[last]](../icons/n_last.png)
![[bottom]](../icons/n_bottom.png){kind=icon}