diff options
author | AdrianStoenescu <51166009+AdrianStoenescu@users.noreply.github.com> | 2019-07-25 13:36:49 +0300 |
---|---|---|
committer | Saya Sugiura <39760799+ssugiura@users.noreply.github.com> | 2019-07-25 19:36:49 +0900 |
commit | e8716cc5c950e50411b23a7a6cafa3c063c59e90 (patch) | |
tree | 98bffcc8f95e8cee9e77e80625e4b0e94c7525cd /src/daemon | |
parent | 923ba7d4ab9c73300a9ef54e0ac4d1d7c02e2ba7 (diff) | |
download | DLT-daemon-e8716cc5c950e50411b23a7a6cafa3c063c59e90.tar.gz |
Add option in dlt.conf for bindAddress to specific IPs (#130)
Add the possibility to have in dlt.conf an option that specifies a set
of IP addresses. The daemon will do a socket bind only for this list,
therefore external connections will be limited to this set of IP
addresses. If this option is not given, the default INADDR_ANY is used
("0.0.0.0") as before.
The option in dlt.conf can look like this:
BindAddress = 160.48.199.98;160.48.199.97;160.48.199.226,160.48.199.186;160.48.199.139;172.16.222.99
There can be as many addresses but only specified on one single line.
They have to be delimited by ',' or ';'. ' ' (space) delimiter does
not work. IPv6 addresses are supported as well. For instance:
BindAddress = fe80::255:7bff:feb5:7df7
IPv6 addresses are acceptable only if DLT_USE_IPv6 flag is ON at
compile time. IPv4 addresses are acceptable only if DLT_USE_IPv6 flag is
OFF at compile time. One cannot have both IPv4 and IPv6 format in the
same time.
Signed-off-by: Adrian Stoenescu Adrian.Stoenescu@harman.com
Diffstat (limited to 'src/daemon')
-rw-r--r-- | src/daemon/dlt-daemon.c | 121 | ||||
-rw-r--r-- | src/daemon/dlt-daemon.h | 1 | ||||
-rw-r--r-- | src/daemon/dlt.conf | 6 | ||||
-rw-r--r-- | src/daemon/dlt_daemon_socket.c | 92 | ||||
-rw-r--r-- | src/daemon/dlt_daemon_socket.h | 2 |
5 files changed, 152 insertions, 70 deletions
diff --git a/src/daemon/dlt-daemon.c b/src/daemon/dlt-daemon.c index b5d572d..7b80ef1 100644 --- a/src/daemon/dlt-daemon.c +++ b/src/daemon/dlt-daemon.c @@ -185,8 +185,9 @@ int option_handling(DltDaemonLocal *daemon_local, int argc, char *argv[]) fprintf (stderr, "Invalid option, this should never occur!\n"); return -1; } - } /* switch() */ + } + /* switch() */ #ifndef DLT_USE_UNIX_SOCKET_IPC snprintf(daemon_local->flags.userPipesDir, DLT_PATH_MAX, @@ -262,6 +263,7 @@ int option_file_parser(DltDaemonLocal *daemon_local) daemon_local->flags.contextLogLevel = DLT_LOG_INFO; daemon_local->flags.contextTraceStatus = DLT_TRACE_STATUS_OFF; daemon_local->flags.enforceContextLLAndTS = 0; /* default is off */ + daemon_local->flags.ipNodes = NULL; /* open configuration file */ if (daemon_local->flags.cvalue[0]) @@ -564,6 +566,50 @@ int option_file_parser(DltDaemonLocal *daemon_local) intval); } } + else if (strcmp(token, "BindAddress") == 0) + { + DltBindAddress_t *newNode = NULL; + DltBindAddress_t *temp = NULL; + + char *tok = strtok(value, ",;"); + + if (tok != NULL) { + daemon_local->flags.ipNodes = calloc(1, sizeof(DltBindAddress_t)); + + if (daemon_local->flags.ipNodes == NULL) { + dlt_vlog(LOG_ERR, "Could not allocate for IP list\n"); + return -1; + } + else { + strncpy(daemon_local->flags.ipNodes->ip, + tok, + sizeof(daemon_local->flags.ipNodes->ip) - 1); + daemon_local->flags.ipNodes->next = NULL; + temp = daemon_local->flags.ipNodes; + + tok = strtok(NULL, ",;"); + + while (tok != NULL) { + newNode = calloc(1, sizeof(DltBindAddress_t)); + + if (newNode == NULL) { + dlt_vlog(LOG_ERR, "Could not allocate for IP list\n"); + return -1; + } + else { + strncpy(newNode->ip, tok, sizeof(newNode->ip) - 1); + } + + temp->next = newNode; + temp = temp->next; + tok = strtok(NULL, ",;"); + } + } + } + else { + dlt_vlog(LOG_WARNING, "BindAddress option is empty\n"); + } + } else { fprintf(stderr, "Unknown option: %s=%s\n", token, value); } @@ -706,7 +752,7 @@ int main(int argc, char *argv[]) /* --- Daemon init phase 2 end --- */ - if (daemon_local.flags.offlineLogstorageDirPath[0]) { + if (daemon_local.flags.offlineLogstorageDirPath[0]) if (dlt_daemon_logstorage_setup_internal_storage( &daemon, &daemon_local, @@ -714,7 +760,6 @@ int main(int argc, char *argv[]) daemon_local.flags.vflag) == -1) dlt_log(LOG_INFO, "Setting up internal offline log storage failed!\n"); - } /* create fd for watchdog */ #ifdef DLT_SYSTEMD_WATCHDOG_ENABLE @@ -1081,6 +1126,7 @@ int dlt_daemon_local_connection_init(DltDaemon *daemon, { int fd = -1; int mask = 0; + DltBindAddress_t *head = daemon_local->flags.ipNodes; PRINT_FUNCTION_VERBOSE(verbose); @@ -1124,19 +1170,43 @@ int dlt_daemon_local_connection_init(DltDaemon *daemon, /* create and open socket to receive incoming connections from client */ daemon_local->client_connections = 0; - if (dlt_daemon_socket_open(&fd, daemon_local->flags.port) == DLT_RETURN_OK) { - if (dlt_connection_create(daemon_local, - &daemon_local->pEvent, - fd, - POLLIN, - DLT_CONNECTION_CLIENT_CONNECT)) { + if (head == NULL) { /* no IP set in BindAddress option, will use "0.0.0.0" as default */ + + if (dlt_daemon_socket_open(&fd, daemon_local->flags.port, "0.0.0.0") == DLT_RETURN_OK) { + if (dlt_connection_create(daemon_local, + &daemon_local->pEvent, + fd, + POLLIN, + DLT_CONNECTION_CLIENT_CONNECT)) { + dlt_log(LOG_ERR, "Could not initialize main socket.\n"); + return DLT_RETURN_ERROR; + } + } + else { dlt_log(LOG_ERR, "Could not initialize main socket.\n"); return DLT_RETURN_ERROR; } } else { - dlt_log(LOG_ERR, "Could not initialize main socket.\n"); - return DLT_RETURN_ERROR; + while (head != NULL) { /* open socket for each IP in the bindAddress list */ + + if (dlt_daemon_socket_open(&fd, daemon_local->flags.port, head->ip) == DLT_RETURN_OK) { + if (dlt_connection_create(daemon_local, + &daemon_local->pEvent, + fd, + POLLIN, + DLT_CONNECTION_CLIENT_CONNECT)) { + dlt_log(LOG_ERR, "Could not initialize main socket.\n"); + return DLT_RETURN_ERROR; + } + } + else { + dlt_log(LOG_ERR, "Could not initialize main socket.\n"); + return DLT_RETURN_ERROR; + } + + head = head->next; + } } /* create and open unix socket to receive incoming connections from @@ -1293,6 +1363,8 @@ void dlt_daemon_local_cleanup(DltDaemon *daemon, DltDaemonLocal *daemon_local, i unlink(daemon_local->flags.ctrlSockPath); + /* free IP list */ + free(daemon_local->flags.ipNodes); } void dlt_daemon_exit_trigger() @@ -1480,17 +1552,15 @@ int dlt_daemon_log_internal(DltDaemon *daemon, DltDaemonLocal *daemon_local, cha } /* look if TCP connection to client is available */ - if ((daemon->mode == DLT_USER_MODE_EXTERNAL) || (daemon->mode == DLT_USER_MODE_BOTH)) { + if ((daemon->mode == DLT_USER_MODE_EXTERNAL) || (daemon->mode == DLT_USER_MODE_BOTH)) if ((ret = dlt_daemon_client_send(DLT_DAEMON_SEND_TO_ALL, daemon, daemon_local, msg.headerbuffer, sizeof(DltStorageHeader), msg.headerbuffer + sizeof(DltStorageHeader), msg.headersize - sizeof(DltStorageHeader), - msg.databuffer, msg.datasize, verbose))) { + msg.databuffer, msg.datasize, verbose))) if (ret == DLT_DAEMON_ERROR_BUFFER_FULL) daemon->overflow_counter++; - } - } } free(msg.databuffer); @@ -2295,9 +2365,8 @@ int dlt_daemon_process_user_message_register_context(DltDaemon *daemon, } /* Set log level */ - if (userctxt.log_level == DLT_USER_LOG_LEVEL_NOT_SET) { + if (userctxt.log_level == DLT_USER_LOG_LEVEL_NOT_SET) userctxt.log_level = DLT_LOG_DEFAULT; - } else /* Plausibility check */ if ((userctxt.log_level < DLT_LOG_DEFAULT) || @@ -2305,9 +2374,8 @@ int dlt_daemon_process_user_message_register_context(DltDaemon *daemon, return -1; /* Set trace status */ - if (userctxt.trace_status == DLT_USER_TRACE_STATUS_NOT_SET) { + if (userctxt.trace_status == DLT_USER_TRACE_STATUS_NOT_SET) userctxt.trace_status = DLT_TRACE_STATUS_DEFAULT; - } else /* Plausibility check */ if ((userctxt.trace_status < DLT_TRACE_STATUS_DEFAULT) || @@ -2647,7 +2715,8 @@ int dlt_daemon_process_user_message_log(DltDaemon *daemon, return DLT_DAEMON_ERROR_UNKNOWN; } } - else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == DLT_RETURN_ERROR) { + else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == DLT_RETURN_ERROR) + { dlt_log(LOG_WARNING, "Can't set storage header in process user message log\n"); return DLT_DAEMON_ERROR_UNKNOWN; } @@ -2686,10 +2755,9 @@ int dlt_daemon_process_user_message_log(DltDaemon *daemon, sizeof(DltStorageHeader), daemon_local->msg.headerbuffer + sizeof(DltStorageHeader), daemon_local->msg.headersize - sizeof(DltStorageHeader), - daemon_local->msg.databuffer, daemon_local->msg.datasize, verbose))) { + daemon_local->msg.databuffer, daemon_local->msg.datasize, verbose))) if (ret == DLT_DAEMON_ERROR_BUFFER_FULL) daemon->overflow_counter++; - } } /* keep not read data in buffer */ @@ -2785,7 +2853,8 @@ int dlt_daemon_process_user_message_log_shm(DltDaemon *daemon, return -1; } } - else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == -1) { + else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == -1) + { dlt_log(LOG_WARNING, "Can't set storage header in process user message log\n"); dlt_shm_remove(&(daemon_local->dlt_shm)); return -1; @@ -3081,14 +3150,14 @@ int create_timer_fd(DltDaemonLocal *daemon_local, return -1; } - if (period_sec <= 0 || starts_in <= 0 ) { + if ((period_sec <= 0) || (starts_in <= 0)) { /* timer not activated via the service file */ dlt_vlog(LOG_INFO, "<%s> not set: period=0\n", timer_name); local_fd = -1; } + #ifdef linux - else - { + else { struct itimerspec l_timer_spec; local_fd = timerfd_create(CLOCK_MONOTONIC, 0); diff --git a/src/daemon/dlt-daemon.h b/src/daemon/dlt-daemon.h index 2fd28d5..6c87335 100644 --- a/src/daemon/dlt-daemon.h +++ b/src/daemon/dlt-daemon.h @@ -131,6 +131,7 @@ typedef struct int contextLogLevel; /**< (int) log level sent to context if registered with default log-level or if enforced*/ int contextTraceStatus; /**< (int) trace status sent to context if registered with default trace status or if enforced*/ int enforceContextLLAndTS; /**< (Boolean) Enforce log-level, trace-status not to exceed contextLogLevel, contextTraceStatus */ + DltBindAddress_t *ipNodes; /**< (String: BindAddress) The daemon accepts connections only on this list of IP addresses */ } DltDaemonFlags; /** * The global parameters of a dlt daemon. diff --git a/src/daemon/dlt.conf b/src/daemon/dlt.conf index 1e4f566..746176d 100644 --- a/src/daemon/dlt.conf +++ b/src/daemon/dlt.conf @@ -176,3 +176,9 @@ ControlSocketPath = /tmp/dlt-ctrl.sock # Maximal used memory for Logstorage Cache in KB (Default: 30000 KB) # OfflineLogstorageCacheSize = 30000 + +# Accept connections only on this list of IP addresses (Default: "0.0.0.0" INADDR_ANY) +# The IP addresses must be separated with ',' or ';' but not with space character ' ' +# If DLT_USE_IPv6 flag is ON, then only IPv6 addresses are accepted +# If DLT_USE_IPv6 flag is OFF, then only IPv4 addresses are accepted +# BindAddress = 160.48.199.97;160.48.199.98
\ No newline at end of file diff --git a/src/daemon/dlt_daemon_socket.c b/src/daemon/dlt_daemon_socket.c index 6dfc264..2e4f9ea 100644 --- a/src/daemon/dlt_daemon_socket.c +++ b/src/daemon/dlt_daemon_socket.c @@ -57,66 +57,72 @@ #include "dlt_daemon_socket.h" -int dlt_daemon_socket_open(int *sock, unsigned int servPort) +int dlt_daemon_socket_open(int *sock, unsigned int servPort, char *ip) { int yes = 1; - char portnumbuffer[33]; - struct addrinfo hints, *servinfo, *p; - int rv; + int ret_inet_pton = 0; - memset(&hints, 0, sizeof hints); #ifdef DLT_USE_IPv6 - hints.ai_family = AF_INET6; /* force IPv6 - will still work with IPv4 */ -#else - hints.ai_family = AF_INET; -#endif - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = AI_PASSIVE; /* use my IP address */ - - snprintf(portnumbuffer, 32, "%d", servPort); - if ((rv = getaddrinfo(NULL, portnumbuffer, &hints, &servinfo)) != 0) { - dlt_vlog(LOG_WARNING, "getaddrinfo error %d: %s\n", rv, gai_strerror(rv)); - return -1; + /* create socket */ + if ((*sock = socket(AF_INET6, SOCK_STREAM, 0)) == -1) { + const int lastErrno = errno; + dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: socket() error %d: %s\n", lastErrno, strerror(lastErrno)); } - for (p = servinfo; p != NULL; p = p->ai_next) { - if ((*sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) { - const int lastErrno = errno; - dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: socket() error %d: %s\n", lastErrno, strerror(lastErrno)); - continue; - } +#else - dlt_vlog(LOG_INFO, "%s: Socket created - socket_family:%i, socket_type:%i, protocol:%i\n", - __FUNCTION__, p->ai_family, p->ai_socktype, p->ai_protocol); + if ((*sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) { + const int lastErrno = errno; + dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: socket() error %d: %s\n", lastErrno, strerror(lastErrno)); + } - if (setsockopt(*sock, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1) { - const int lastErrno = errno; - dlt_vlog(LOG_WARNING, - "dlt_daemon_socket_open: Setsockopt error %d in dlt_daemon_local_connection_init: %s\n", - lastErrno, - strerror(lastErrno)); - continue; - } +#endif - if (bind(*sock, p->ai_addr, p->ai_addrlen) == -1) { - const int lastErrno = errno; /*close() may set errno too */ - close(*sock); - dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: bind() error %d: %s\n", lastErrno, strerror(lastErrno)); - continue; - } + dlt_vlog(LOG_INFO, "%s: Socket created\n", __FUNCTION__); - break; + /* setsockpt SO_REUSEADDR */ + if (setsockopt(*sock, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1) { + const int lastErrno = errno; + dlt_vlog(LOG_WARNING, + "dlt_daemon_socket_open: Setsockopt error %d in dlt_daemon_local_connection_init: %s\n", + lastErrno, + strerror(lastErrno)); } - if (p == NULL) { - dlt_log(LOG_WARNING, "failed to bind socket\n"); + /* bind */ +#ifdef DLT_USE_IPv6 + struct sockaddr_in6 forced_addr; + memset(&forced_addr, 0, sizeof(forced_addr)); + forced_addr.sin6_family = AF_INET6; + forced_addr.sin6_port = htons(servPort); + ret_inet_pton = inet_pton(AF_INET6, ip, &forced_addr.sin6_addr); +#else + struct sockaddr_in forced_addr; + memset(&forced_addr, 0, sizeof(forced_addr)); + forced_addr.sin_family = AF_INET; + forced_addr.sin_port = htons(servPort); + ret_inet_pton = inet_pton(AF_INET, ip, &forced_addr.sin_addr); +#endif + + /* inet_pton returns 1 on success */ + if (ret_inet_pton != 1) { + dlt_vlog(LOG_WARNING, + "dlt_daemon_socket_open: inet_pton() error %d: %s. Cannot convert IP address: %s\n", + errno, + strerror(errno), + ip); return -1; } - freeaddrinfo(servinfo); + if (bind(*sock, (struct sockaddr *)&forced_addr, sizeof(forced_addr)) == -1) { + const int lastErrno = errno; /*close() may set errno too */ + close(*sock); + dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: bind() error %d: %s\n", lastErrno, strerror(lastErrno)); + } - dlt_vlog(LOG_INFO, "%s: Listening on port: %u\n", __func__, servPort); + /*listen */ + dlt_vlog(LOG_INFO, "%s: Listening on ip %s and port: %u\n", __FUNCTION__, ip, servPort); /* get socket buffer size */ dlt_vlog(LOG_INFO, "dlt_daemon_socket_open: Socket send queue size: %d\n", diff --git a/src/daemon/dlt_daemon_socket.h b/src/daemon/dlt_daemon_socket.h index cca8306..a180529 100644 --- a/src/daemon/dlt_daemon_socket.h +++ b/src/daemon/dlt_daemon_socket.h @@ -60,7 +60,7 @@ #include "dlt_common.h" #include "dlt_user.h" -int dlt_daemon_socket_open(int *sock, unsigned int servPort); +int dlt_daemon_socket_open(int *sock, unsigned int servPort, char *ip); int dlt_daemon_socket_close(int sock); int dlt_daemon_socket_get_send_qeue_max_size(int sock); |