summaryrefslogtreecommitdiff
path: root/src/daemon
diff options
context:
space:
mode:
authorAdrianStoenescu <51166009+AdrianStoenescu@users.noreply.github.com>2019-07-25 13:36:49 +0300
committerSaya Sugiura <39760799+ssugiura@users.noreply.github.com>2019-07-25 19:36:49 +0900
commite8716cc5c950e50411b23a7a6cafa3c063c59e90 (patch)
tree98bffcc8f95e8cee9e77e80625e4b0e94c7525cd /src/daemon
parent923ba7d4ab9c73300a9ef54e0ac4d1d7c02e2ba7 (diff)
downloadDLT-daemon-e8716cc5c950e50411b23a7a6cafa3c063c59e90.tar.gz
Add option in dlt.conf for bindAddress to specific IPs (#130)
Add the possibility to have in dlt.conf an option that specifies a set of IP addresses. The daemon will do a socket bind only for this list, therefore external connections will be limited to this set of IP addresses. If this option is not given, the default INADDR_ANY is used ("0.0.0.0") as before. The option in dlt.conf can look like this: BindAddress = 160.48.199.98;160.48.199.97;160.48.199.226,160.48.199.186;160.48.199.139;172.16.222.99 There can be as many addresses but only specified on one single line. They have to be delimited by ',' or ';'. ' ' (space) delimiter does not work. IPv6 addresses are supported as well. For instance: BindAddress = fe80::255:7bff:feb5:7df7 IPv6 addresses are acceptable only if DLT_USE_IPv6 flag is ON at compile time. IPv4 addresses are acceptable only if DLT_USE_IPv6 flag is OFF at compile time. One cannot have both IPv4 and IPv6 format in the same time. Signed-off-by: Adrian Stoenescu Adrian.Stoenescu@harman.com
Diffstat (limited to 'src/daemon')
-rw-r--r--src/daemon/dlt-daemon.c121
-rw-r--r--src/daemon/dlt-daemon.h1
-rw-r--r--src/daemon/dlt.conf6
-rw-r--r--src/daemon/dlt_daemon_socket.c92
-rw-r--r--src/daemon/dlt_daemon_socket.h2
5 files changed, 152 insertions, 70 deletions
diff --git a/src/daemon/dlt-daemon.c b/src/daemon/dlt-daemon.c
index b5d572d..7b80ef1 100644
--- a/src/daemon/dlt-daemon.c
+++ b/src/daemon/dlt-daemon.c
@@ -185,8 +185,9 @@ int option_handling(DltDaemonLocal *daemon_local, int argc, char *argv[])
fprintf (stderr, "Invalid option, this should never occur!\n");
return -1;
}
- } /* switch() */
+ }
+ /* switch() */
#ifndef DLT_USE_UNIX_SOCKET_IPC
snprintf(daemon_local->flags.userPipesDir, DLT_PATH_MAX,
@@ -262,6 +263,7 @@ int option_file_parser(DltDaemonLocal *daemon_local)
daemon_local->flags.contextLogLevel = DLT_LOG_INFO;
daemon_local->flags.contextTraceStatus = DLT_TRACE_STATUS_OFF;
daemon_local->flags.enforceContextLLAndTS = 0; /* default is off */
+ daemon_local->flags.ipNodes = NULL;
/* open configuration file */
if (daemon_local->flags.cvalue[0])
@@ -564,6 +566,50 @@ int option_file_parser(DltDaemonLocal *daemon_local)
intval);
}
}
+ else if (strcmp(token, "BindAddress") == 0)
+ {
+ DltBindAddress_t *newNode = NULL;
+ DltBindAddress_t *temp = NULL;
+
+ char *tok = strtok(value, ",;");
+
+ if (tok != NULL) {
+ daemon_local->flags.ipNodes = calloc(1, sizeof(DltBindAddress_t));
+
+ if (daemon_local->flags.ipNodes == NULL) {
+ dlt_vlog(LOG_ERR, "Could not allocate for IP list\n");
+ return -1;
+ }
+ else {
+ strncpy(daemon_local->flags.ipNodes->ip,
+ tok,
+ sizeof(daemon_local->flags.ipNodes->ip) - 1);
+ daemon_local->flags.ipNodes->next = NULL;
+ temp = daemon_local->flags.ipNodes;
+
+ tok = strtok(NULL, ",;");
+
+ while (tok != NULL) {
+ newNode = calloc(1, sizeof(DltBindAddress_t));
+
+ if (newNode == NULL) {
+ dlt_vlog(LOG_ERR, "Could not allocate for IP list\n");
+ return -1;
+ }
+ else {
+ strncpy(newNode->ip, tok, sizeof(newNode->ip) - 1);
+ }
+
+ temp->next = newNode;
+ temp = temp->next;
+ tok = strtok(NULL, ",;");
+ }
+ }
+ }
+ else {
+ dlt_vlog(LOG_WARNING, "BindAddress option is empty\n");
+ }
+ }
else {
fprintf(stderr, "Unknown option: %s=%s\n", token, value);
}
@@ -706,7 +752,7 @@ int main(int argc, char *argv[])
/* --- Daemon init phase 2 end --- */
- if (daemon_local.flags.offlineLogstorageDirPath[0]) {
+ if (daemon_local.flags.offlineLogstorageDirPath[0])
if (dlt_daemon_logstorage_setup_internal_storage(
&daemon,
&daemon_local,
@@ -714,7 +760,6 @@ int main(int argc, char *argv[])
daemon_local.flags.vflag) == -1)
dlt_log(LOG_INFO,
"Setting up internal offline log storage failed!\n");
- }
/* create fd for watchdog */
#ifdef DLT_SYSTEMD_WATCHDOG_ENABLE
@@ -1081,6 +1126,7 @@ int dlt_daemon_local_connection_init(DltDaemon *daemon,
{
int fd = -1;
int mask = 0;
+ DltBindAddress_t *head = daemon_local->flags.ipNodes;
PRINT_FUNCTION_VERBOSE(verbose);
@@ -1124,19 +1170,43 @@ int dlt_daemon_local_connection_init(DltDaemon *daemon,
/* create and open socket to receive incoming connections from client */
daemon_local->client_connections = 0;
- if (dlt_daemon_socket_open(&fd, daemon_local->flags.port) == DLT_RETURN_OK) {
- if (dlt_connection_create(daemon_local,
- &daemon_local->pEvent,
- fd,
- POLLIN,
- DLT_CONNECTION_CLIENT_CONNECT)) {
+ if (head == NULL) { /* no IP set in BindAddress option, will use "0.0.0.0" as default */
+
+ if (dlt_daemon_socket_open(&fd, daemon_local->flags.port, "0.0.0.0") == DLT_RETURN_OK) {
+ if (dlt_connection_create(daemon_local,
+ &daemon_local->pEvent,
+ fd,
+ POLLIN,
+ DLT_CONNECTION_CLIENT_CONNECT)) {
+ dlt_log(LOG_ERR, "Could not initialize main socket.\n");
+ return DLT_RETURN_ERROR;
+ }
+ }
+ else {
dlt_log(LOG_ERR, "Could not initialize main socket.\n");
return DLT_RETURN_ERROR;
}
}
else {
- dlt_log(LOG_ERR, "Could not initialize main socket.\n");
- return DLT_RETURN_ERROR;
+ while (head != NULL) { /* open socket for each IP in the bindAddress list */
+
+ if (dlt_daemon_socket_open(&fd, daemon_local->flags.port, head->ip) == DLT_RETURN_OK) {
+ if (dlt_connection_create(daemon_local,
+ &daemon_local->pEvent,
+ fd,
+ POLLIN,
+ DLT_CONNECTION_CLIENT_CONNECT)) {
+ dlt_log(LOG_ERR, "Could not initialize main socket.\n");
+ return DLT_RETURN_ERROR;
+ }
+ }
+ else {
+ dlt_log(LOG_ERR, "Could not initialize main socket.\n");
+ return DLT_RETURN_ERROR;
+ }
+
+ head = head->next;
+ }
}
/* create and open unix socket to receive incoming connections from
@@ -1293,6 +1363,8 @@ void dlt_daemon_local_cleanup(DltDaemon *daemon, DltDaemonLocal *daemon_local, i
unlink(daemon_local->flags.ctrlSockPath);
+ /* free IP list */
+ free(daemon_local->flags.ipNodes);
}
void dlt_daemon_exit_trigger()
@@ -1480,17 +1552,15 @@ int dlt_daemon_log_internal(DltDaemon *daemon, DltDaemonLocal *daemon_local, cha
}
/* look if TCP connection to client is available */
- if ((daemon->mode == DLT_USER_MODE_EXTERNAL) || (daemon->mode == DLT_USER_MODE_BOTH)) {
+ if ((daemon->mode == DLT_USER_MODE_EXTERNAL) || (daemon->mode == DLT_USER_MODE_BOTH))
if ((ret =
dlt_daemon_client_send(DLT_DAEMON_SEND_TO_ALL, daemon, daemon_local, msg.headerbuffer,
sizeof(DltStorageHeader), msg.headerbuffer + sizeof(DltStorageHeader),
msg.headersize - sizeof(DltStorageHeader),
- msg.databuffer, msg.datasize, verbose))) {
+ msg.databuffer, msg.datasize, verbose)))
if (ret == DLT_DAEMON_ERROR_BUFFER_FULL)
daemon->overflow_counter++;
- }
- }
}
free(msg.databuffer);
@@ -2295,9 +2365,8 @@ int dlt_daemon_process_user_message_register_context(DltDaemon *daemon,
}
/* Set log level */
- if (userctxt.log_level == DLT_USER_LOG_LEVEL_NOT_SET) {
+ if (userctxt.log_level == DLT_USER_LOG_LEVEL_NOT_SET)
userctxt.log_level = DLT_LOG_DEFAULT;
- }
else
/* Plausibility check */
if ((userctxt.log_level < DLT_LOG_DEFAULT) ||
@@ -2305,9 +2374,8 @@ int dlt_daemon_process_user_message_register_context(DltDaemon *daemon,
return -1;
/* Set trace status */
- if (userctxt.trace_status == DLT_USER_TRACE_STATUS_NOT_SET) {
+ if (userctxt.trace_status == DLT_USER_TRACE_STATUS_NOT_SET)
userctxt.trace_status = DLT_TRACE_STATUS_DEFAULT;
- }
else
/* Plausibility check */
if ((userctxt.trace_status < DLT_TRACE_STATUS_DEFAULT) ||
@@ -2647,7 +2715,8 @@ int dlt_daemon_process_user_message_log(DltDaemon *daemon,
return DLT_DAEMON_ERROR_UNKNOWN;
}
}
- else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == DLT_RETURN_ERROR) {
+ else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == DLT_RETURN_ERROR)
+ {
dlt_log(LOG_WARNING, "Can't set storage header in process user message log\n");
return DLT_DAEMON_ERROR_UNKNOWN;
}
@@ -2686,10 +2755,9 @@ int dlt_daemon_process_user_message_log(DltDaemon *daemon,
sizeof(DltStorageHeader),
daemon_local->msg.headerbuffer + sizeof(DltStorageHeader),
daemon_local->msg.headersize - sizeof(DltStorageHeader),
- daemon_local->msg.databuffer, daemon_local->msg.datasize, verbose))) {
+ daemon_local->msg.databuffer, daemon_local->msg.datasize, verbose)))
if (ret == DLT_DAEMON_ERROR_BUFFER_FULL)
daemon->overflow_counter++;
- }
}
/* keep not read data in buffer */
@@ -2785,7 +2853,8 @@ int dlt_daemon_process_user_message_log_shm(DltDaemon *daemon,
return -1;
}
}
- else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == -1) {
+ else if (dlt_set_storageheader(daemon_local->msg.storageheader, daemon->ecuid) == -1)
+ {
dlt_log(LOG_WARNING, "Can't set storage header in process user message log\n");
dlt_shm_remove(&(daemon_local->dlt_shm));
return -1;
@@ -3081,14 +3150,14 @@ int create_timer_fd(DltDaemonLocal *daemon_local,
return -1;
}
- if (period_sec <= 0 || starts_in <= 0 ) {
+ if ((period_sec <= 0) || (starts_in <= 0)) {
/* timer not activated via the service file */
dlt_vlog(LOG_INFO, "<%s> not set: period=0\n", timer_name);
local_fd = -1;
}
+
#ifdef linux
- else
- {
+ else {
struct itimerspec l_timer_spec;
local_fd = timerfd_create(CLOCK_MONOTONIC, 0);
diff --git a/src/daemon/dlt-daemon.h b/src/daemon/dlt-daemon.h
index 2fd28d5..6c87335 100644
--- a/src/daemon/dlt-daemon.h
+++ b/src/daemon/dlt-daemon.h
@@ -131,6 +131,7 @@ typedef struct
int contextLogLevel; /**< (int) log level sent to context if registered with default log-level or if enforced*/
int contextTraceStatus; /**< (int) trace status sent to context if registered with default trace status or if enforced*/
int enforceContextLLAndTS; /**< (Boolean) Enforce log-level, trace-status not to exceed contextLogLevel, contextTraceStatus */
+ DltBindAddress_t *ipNodes; /**< (String: BindAddress) The daemon accepts connections only on this list of IP addresses */
} DltDaemonFlags;
/**
* The global parameters of a dlt daemon.
diff --git a/src/daemon/dlt.conf b/src/daemon/dlt.conf
index 1e4f566..746176d 100644
--- a/src/daemon/dlt.conf
+++ b/src/daemon/dlt.conf
@@ -176,3 +176,9 @@ ControlSocketPath = /tmp/dlt-ctrl.sock
# Maximal used memory for Logstorage Cache in KB (Default: 30000 KB)
# OfflineLogstorageCacheSize = 30000
+
+# Accept connections only on this list of IP addresses (Default: "0.0.0.0" INADDR_ANY)
+# The IP addresses must be separated with ',' or ';' but not with space character ' '
+# If DLT_USE_IPv6 flag is ON, then only IPv6 addresses are accepted
+# If DLT_USE_IPv6 flag is OFF, then only IPv4 addresses are accepted
+# BindAddress = 160.48.199.97;160.48.199.98 \ No newline at end of file
diff --git a/src/daemon/dlt_daemon_socket.c b/src/daemon/dlt_daemon_socket.c
index 6dfc264..2e4f9ea 100644
--- a/src/daemon/dlt_daemon_socket.c
+++ b/src/daemon/dlt_daemon_socket.c
@@ -57,66 +57,72 @@
#include "dlt_daemon_socket.h"
-int dlt_daemon_socket_open(int *sock, unsigned int servPort)
+int dlt_daemon_socket_open(int *sock, unsigned int servPort, char *ip)
{
int yes = 1;
- char portnumbuffer[33];
- struct addrinfo hints, *servinfo, *p;
- int rv;
+ int ret_inet_pton = 0;
- memset(&hints, 0, sizeof hints);
#ifdef DLT_USE_IPv6
- hints.ai_family = AF_INET6; /* force IPv6 - will still work with IPv4 */
-#else
- hints.ai_family = AF_INET;
-#endif
- hints.ai_socktype = SOCK_STREAM;
- hints.ai_flags = AI_PASSIVE; /* use my IP address */
-
- snprintf(portnumbuffer, 32, "%d", servPort);
- if ((rv = getaddrinfo(NULL, portnumbuffer, &hints, &servinfo)) != 0) {
- dlt_vlog(LOG_WARNING, "getaddrinfo error %d: %s\n", rv, gai_strerror(rv));
- return -1;
+ /* create socket */
+ if ((*sock = socket(AF_INET6, SOCK_STREAM, 0)) == -1) {
+ const int lastErrno = errno;
+ dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: socket() error %d: %s\n", lastErrno, strerror(lastErrno));
}
- for (p = servinfo; p != NULL; p = p->ai_next) {
- if ((*sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) {
- const int lastErrno = errno;
- dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: socket() error %d: %s\n", lastErrno, strerror(lastErrno));
- continue;
- }
+#else
- dlt_vlog(LOG_INFO, "%s: Socket created - socket_family:%i, socket_type:%i, protocol:%i\n",
- __FUNCTION__, p->ai_family, p->ai_socktype, p->ai_protocol);
+ if ((*sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+ const int lastErrno = errno;
+ dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: socket() error %d: %s\n", lastErrno, strerror(lastErrno));
+ }
- if (setsockopt(*sock, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1) {
- const int lastErrno = errno;
- dlt_vlog(LOG_WARNING,
- "dlt_daemon_socket_open: Setsockopt error %d in dlt_daemon_local_connection_init: %s\n",
- lastErrno,
- strerror(lastErrno));
- continue;
- }
+#endif
- if (bind(*sock, p->ai_addr, p->ai_addrlen) == -1) {
- const int lastErrno = errno; /*close() may set errno too */
- close(*sock);
- dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: bind() error %d: %s\n", lastErrno, strerror(lastErrno));
- continue;
- }
+ dlt_vlog(LOG_INFO, "%s: Socket created\n", __FUNCTION__);
- break;
+ /* setsockpt SO_REUSEADDR */
+ if (setsockopt(*sock, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1) {
+ const int lastErrno = errno;
+ dlt_vlog(LOG_WARNING,
+ "dlt_daemon_socket_open: Setsockopt error %d in dlt_daemon_local_connection_init: %s\n",
+ lastErrno,
+ strerror(lastErrno));
}
- if (p == NULL) {
- dlt_log(LOG_WARNING, "failed to bind socket\n");
+ /* bind */
+#ifdef DLT_USE_IPv6
+ struct sockaddr_in6 forced_addr;
+ memset(&forced_addr, 0, sizeof(forced_addr));
+ forced_addr.sin6_family = AF_INET6;
+ forced_addr.sin6_port = htons(servPort);
+ ret_inet_pton = inet_pton(AF_INET6, ip, &forced_addr.sin6_addr);
+#else
+ struct sockaddr_in forced_addr;
+ memset(&forced_addr, 0, sizeof(forced_addr));
+ forced_addr.sin_family = AF_INET;
+ forced_addr.sin_port = htons(servPort);
+ ret_inet_pton = inet_pton(AF_INET, ip, &forced_addr.sin_addr);
+#endif
+
+ /* inet_pton returns 1 on success */
+ if (ret_inet_pton != 1) {
+ dlt_vlog(LOG_WARNING,
+ "dlt_daemon_socket_open: inet_pton() error %d: %s. Cannot convert IP address: %s\n",
+ errno,
+ strerror(errno),
+ ip);
return -1;
}
- freeaddrinfo(servinfo);
+ if (bind(*sock, (struct sockaddr *)&forced_addr, sizeof(forced_addr)) == -1) {
+ const int lastErrno = errno; /*close() may set errno too */
+ close(*sock);
+ dlt_vlog(LOG_WARNING, "dlt_daemon_socket_open: bind() error %d: %s\n", lastErrno, strerror(lastErrno));
+ }
- dlt_vlog(LOG_INFO, "%s: Listening on port: %u\n", __func__, servPort);
+ /*listen */
+ dlt_vlog(LOG_INFO, "%s: Listening on ip %s and port: %u\n", __FUNCTION__, ip, servPort);
/* get socket buffer size */
dlt_vlog(LOG_INFO, "dlt_daemon_socket_open: Socket send queue size: %d\n",
diff --git a/src/daemon/dlt_daemon_socket.h b/src/daemon/dlt_daemon_socket.h
index cca8306..a180529 100644
--- a/src/daemon/dlt_daemon_socket.h
+++ b/src/daemon/dlt_daemon_socket.h
@@ -60,7 +60,7 @@
#include "dlt_common.h"
#include "dlt_user.h"
-int dlt_daemon_socket_open(int *sock, unsigned int servPort);
+int dlt_daemon_socket_open(int *sock, unsigned int servPort, char *ip);
int dlt_daemon_socket_close(int sock);
int dlt_daemon_socket_get_send_qeue_max_size(int sock);