#include <errno.h>
#include <fcntl.h>
-#include <inttypes.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <getopt.h>
#include "sd-daemon.h"
-#include "sd-event.h"
#include "journal-file.h"
#include "journald-native.h"
#include "socket-util.h"
#include "build.h"
#include "macro.h"
#include "strv.h"
-#include "hashmap.h"
#include "fileio.h"
#include "conf-parser.h"
-#include "microhttpd-util.h"
#include "siphash24.h"
#ifdef HAVE_GNUTLS
#include <gnutls/gnutls.h>
#endif
-#include "journal-remote-parse.h"
+#include "journal-remote.h"
#include "journal-remote-write.h"
#define REMOTE_JOURNAL_PATH "/var/log/journal/remote"
-#define KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
-#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
-#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
+#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
+#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
+#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
static char* arg_url = NULL;
static char* arg_getter = NULL;
static int http_socket = -1, https_socket = -1;
static char** arg_gnutls_log = NULL;
-static JournalWriteSplitMode arg_split_mode = JOURNAL_WRITE_SPLIT_NONE;
+static JournalWriteSplitMode arg_split_mode = JOURNAL_WRITE_SPLIT_HOST;
static char* arg_output = NULL;
static char *arg_key = NULL;
pid_t parent_pid, child_pid;
int r;
- if (pipe(fd) < 0) {
- log_error("Failed to create pager pipe: %m");
- return -errno;
- }
+ if (pipe(fd) < 0)
+ return log_error_errno(errno, "Failed to create pager pipe: %m");
parent_pid = getpid();
child_pid = fork();
if (child_pid < 0) {
r = -errno;
- log_error("Failed to fork: %m");
+ log_error_errno(errno, "Failed to fork: %m");
safe_close_pair(fd);
return r;
}
if (child_pid == 0) {
r = dup2(fd[1], STDOUT_FILENO);
if (r < 0) {
- log_error("Failed to dup pipe to stdout: %m");
+ log_error_errno(errno, "Failed to dup pipe to stdout: %m");
_exit(EXIT_FAILURE);
}
_exit(EXIT_SUCCESS);
execvp(child, argv);
- log_error("Failed to exec child %s: %m", child);
+ log_error_errno(errno, "Failed to exec child %s: %m", child);
_exit(EXIT_FAILURE);
}
r = close(fd[1]);
if (r < 0)
- log_warning("Failed to close write end of pipe: %m");
+ log_warning_errno(errno, "Failed to close write end of pipe: %m");
return fd[0];
}
r = spawn_child("curl", argv);
if (r < 0)
- log_error("Failed to spawn curl: %m");
+ log_error_errno(errno, "Failed to spawn curl: %m");
return r;
}
_cleanup_strv_free_ char **words = NULL;
assert(getter);
- words = strv_split_quoted(getter);
- if (!words)
- return log_oom();
+ r = strv_split_quoted(&words, getter, false);
+ if (r < 0)
+ return log_error_errno(r, "Failed to split getter option: %m");
r = strv_extend(&words, url);
- if (r < 0) {
- log_error("Failed to create command line: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to create command line: %m");
r = spawn_child(words[0], words);
if (r < 0)
- log_error("Failed to spawn getter %s: %m", getter);
+ log_error_errno(errno, "Failed to spawn getter %s: %m", getter);
return r;
}
-#define filename_escape(s) xescape((s), "./ ")
+#define filename_escape(s) xescape((s), "/ ")
static int open_output(Writer *w, const char* host) {
_cleanup_free_ char *_output = NULL;
w->mmap,
NULL, &w->journal);
if (r < 0)
- log_error("Failed to open output journal %s: %s",
- output, strerror(-r));
+ log_error_errno(r, "Failed to open output journal %s: %m",
+ output);
else
log_info("Opened output file %s", w->journal->path);
return r;
**********************************************************************
**********************************************************************/
-typedef struct MHDDaemonWrapper {
- uint64_t fd;
- struct MHD_Daemon *daemon;
+static int init_writer_hashmap(RemoteServer *s) {
+ static const struct hash_ops *hash_ops[] = {
+ [JOURNAL_WRITE_SPLIT_NONE] = NULL,
+ [JOURNAL_WRITE_SPLIT_HOST] = &string_hash_ops,
+ };
+
+ assert(arg_split_mode >= 0 && arg_split_mode < (int) ELEMENTSOF(hash_ops));
+
+ s->writers = hashmap_new(hash_ops[arg_split_mode]);
+ if (!s->writers)
+ return log_oom();
+
+ return 0;
+}
+
+static int get_writer(RemoteServer *s, const char *host,
+ Writer **writer) {
+ const void *key;
+ _cleanup_writer_unref_ Writer *w = NULL;
+ int r;
+
+ switch(arg_split_mode) {
+ case JOURNAL_WRITE_SPLIT_NONE:
+ key = "one and only";
+ break;
+
+ case JOURNAL_WRITE_SPLIT_HOST:
+ assert(host);
+ key = host;
+ break;
+
+ default:
+ assert_not_reached("what split mode?");
+ }
- sd_event_source *event;
-} MHDDaemonWrapper;
+ w = hashmap_get(s->writers, key);
+ if (w)
+ writer_ref(w);
+ else {
+ w = writer_new(s);
+ if (!w)
+ return log_oom();
-typedef struct RemoteServer {
- RemoteSource **sources;
- size_t sources_size;
- size_t active;
+ if (arg_split_mode == JOURNAL_WRITE_SPLIT_HOST) {
+ w->hashmap_key = strdup(key);
+ if (!w->hashmap_key)
+ return log_oom();
+ }
- sd_event *events;
- sd_event_source *sigterm_event, *sigint_event, *listen_event;
+ r = open_output(w, host);
+ if (r < 0)
+ return r;
- Hashmap *writers;
+ r = hashmap_put(s->writers, w->hashmap_key ?: key, w);
+ if (r < 0)
+ return r;
+ }
- bool check_trust;
- Hashmap *daemons;
-} RemoteServer;
+ *writer = w;
+ w = NULL;
+ return 0;
+}
+
+/**********************************************************************
+ **********************************************************************
+ **********************************************************************/
/* This should go away as soon as µhttpd allows state to be passed around. */
static RemoteServer *server;
int fd,
uint32_t revents,
void *userdata);
+static int dispatch_blocking_source_event(sd_event_source *event,
+ void *userdata);
static int dispatch_raw_connection_event(sd_event_source *event,
int fd,
uint32_t revents,
uint32_t revents,
void *userdata);
-static int get_source_for_fd(RemoteServer *s, int fd, RemoteSource **source) {
+static int get_source_for_fd(RemoteServer *s,
+ int fd, char *name, RemoteSource **source) {
+ Writer *writer;
+ int r;
+
+ /* This takes ownership of name, but only on success. */
+
assert(fd >= 0);
assert(source);
if (!GREEDY_REALLOC0(s->sources, s->sources_size, fd + 1))
return log_oom();
+ r = get_writer(s, name, &writer);
+ if (r < 0)
+ return log_warning_errno(r, "Failed to get writer for source %s: %m",
+ name);
+
if (s->sources[fd] == NULL) {
- s->sources[fd] = new0(RemoteSource, 1);
- if (!s->sources[fd])
+ s->sources[fd] = source_new(fd, false, name, writer);
+ if (!s->sources[fd]) {
+ writer_unref(writer);
return log_oom();
- s->sources[fd]->fd = -1;
+ }
+
s->active++;
}
return 0;
}
-static int add_source(RemoteServer *s, int fd, const char* _name) {
+static int add_source(RemoteServer *s, int fd, char* name, bool own_name) {
RemoteSource *source;
- char *name;
int r;
+ /* This takes ownership of name, even on failure, if own_name is true. */
+
assert(s);
assert(fd >= 0);
- assert(_name);
-
- log_debug("Creating source for fd:%d (%s)", fd, _name);
+ assert(name);
- name = strdup(_name);
- if (!name)
- return log_oom();
+ if (!own_name) {
+ name = strdup(name);
+ if (!name)
+ return log_oom();
+ }
- r = get_source_for_fd(s, fd, &source);
+ r = get_source_for_fd(s, fd, name, &source);
if (r < 0) {
- log_error("Failed to create source for fd:%d (%s)", fd, name);
+ log_error_errno(r, "Failed to create source for fd:%d (%s): %m",
+ fd, name);
free(name);
return r;
}
- assert(source);
- assert(source->fd < 0);
- assert(!source->name);
-
- source->fd = fd;
- source->name = name;
-
r = sd_event_add_io(s->events, &source->event,
fd, EPOLLIN|EPOLLRDHUP|EPOLLPRI,
dispatch_raw_source_event, s);
+ if (r == -EPERM) {
+ log_debug("Falling back to sd_event_add_defer for fd:%d (%s)", fd, name);
+ r = sd_event_add_defer(s->events, &source->event,
+ dispatch_blocking_source_event, source);
+ if (r == 0)
+ sd_event_source_set_enabled(source->event, SD_EVENT_ON);
+ }
if (r < 0) {
- log_error("Failed to register event source for fd:%d: %s",
- fd, strerror(-r));
+ log_error_errno(r, "Failed to register event source for fd:%d: %m",
+ fd);
+ goto error;
+ }
+
+ r = sd_event_source_set_description(source->event, name);
+ if (r < 0) {
+ log_error_errno(r, "Failed to set source name for fd:%d: %m", fd);
goto error;
}
static int add_raw_socket(RemoteServer *s, int fd) {
int r;
+ _cleanup_close_ int fd_ = fd;
+ char name[sizeof("raw-socket-")-1 + DECIMAL_STR_MAX(int) + 1];
+
+ assert(fd >= 0);
r = sd_event_add_io(s->events, &s->listen_event,
fd, EPOLLIN,
dispatch_raw_connection_event, s);
- if (r < 0) {
- close(fd);
+ if (r < 0)
+ return r;
+
+ xsprintf(name, "raw-socket-%d", fd);
+
+ r = sd_event_source_set_description(s->listen_event, name);
+ if (r < 0)
return r;
- }
+ fd_ = -1;
s->active ++;
return 0;
}
**********************************************************************
**********************************************************************/
-static int init_writer_hashmap(RemoteServer *s) {
- static const struct {
- hash_func_t hash_func;
- compare_func_t compare_func;
- } functions[] = {
- [JOURNAL_WRITE_SPLIT_NONE] = {trivial_hash_func,
- trivial_compare_func},
- [JOURNAL_WRITE_SPLIT_HOST] = {string_hash_func,
- string_compare_func},
- };
-
- assert(arg_split_mode >= 0 && arg_split_mode < (int) ELEMENTSOF(functions));
-
- s->writers = hashmap_new(functions[arg_split_mode].hash_func,
- functions[arg_split_mode].compare_func);
- if (!s->writers)
- return log_oom();
-
- return 0;
-}
-
-static int get_writer(RemoteServer *s, const char *host, sd_id128_t *machine,
- Writer **writer) {
- const void *key;
- Writer *w;
- int r;
-
- switch(arg_split_mode) {
- case JOURNAL_WRITE_SPLIT_NONE:
- key = "one and only";
- break;
-
- case JOURNAL_WRITE_SPLIT_HOST:
- assert(host);
- key = host;
- break;
-
- default:
- assert_not_reached("what split mode?");
- }
-
- w = hashmap_get(s->writers, key);
- if (!w) {
- w = new0(Writer, 1);
- if (!w)
- return -ENOMEM;
-
- r = writer_init(w);
- if (r < 0) {
- free(w);
- return r;
- }
-
- r = hashmap_put(s->writers, key, w);
- if (r < 0) {
- writer_close(w);
- free(w);
- return r;
- }
-
- r = open_output(w, host);
- if (r < 0)
- return r;
- }
-
- *writer = w;
- return 0;
-}
-
-/**********************************************************************
- **********************************************************************
- **********************************************************************/
-
-static RemoteSource *request_meta(void **connection_cls, int fd, char *hostname) {
+static int request_meta(void **connection_cls, int fd, char *hostname) {
RemoteSource *source;
+ Writer *writer;
+ int r;
assert(connection_cls);
- if (*connection_cls) {
- free(hostname);
- return *connection_cls;
- }
+ if (*connection_cls)
+ return 0;
- source = new0(RemoteSource, 1);
+ r = get_writer(server, hostname, &writer);
+ if (r < 0)
+ return log_warning_errno(r, "Failed to get writer for source %s: %m",
+ hostname);
+
+ source = source_new(fd, true, hostname, writer);
if (!source) {
- free(hostname);
- return NULL;
+ writer_unref(writer);
+ return log_oom();
}
- source->fd = -1; /* fd */
- source->name = hostname;
-
log_debug("Added RemoteSource as connection metadata %p", source);
*connection_cls = source;
- return source;
+ return 0;
}
static void request_meta_free(void *cls,
assert(connection_cls);
s = *connection_cls;
- log_debug("Cleaning up connection metadata %p", s);
- source_free(s);
- *connection_cls = NULL;
+ if (s) {
+ log_debug("Cleaning up connection metadata %p", s);
+ source_free(s);
+ *connection_cls = NULL;
+ }
}
static int process_http_upload(
size_t *upload_data_size,
RemoteSource *source) {
- Writer *w;
- int r;
bool finished = false;
size_t remaining;
+ int r;
assert(source);
- log_debug("request_handler_upload: connection %p, %zu bytes",
- connection, *upload_data_size);
-
- r = get_writer(server, source->name, NULL, &w);
- if (r < 0) {
- log_warning("Failed to get writer for source %s (%s): %s",
- source->name, source->name, strerror(-r));
- return mhd_respondf(connection,
- MHD_HTTP_SERVICE_UNAVAILABLE,
- "Failed to get writer for connection: %s.\n",
- strerror(-r));
- }
+ log_trace("%s: connection %p, %zu bytes",
+ __func__, connection, *upload_data_size);
if (*upload_data_size) {
- log_info("Received %zu bytes", *upload_data_size);
+ log_trace("Received %zu bytes", *upload_data_size);
r = push_data(source, upload_data, *upload_data_size);
if (r < 0)
finished = true;
while (true) {
-
- r = process_source(source, w, arg_compress, arg_seal);
+ r = process_source(source, arg_compress, arg_seal);
if (r == -EAGAIN || r == -EWOULDBLOCK)
break;
else if (r < 0) {
const char *header;
int r, code, fd;
- char *hostname;
+ _cleanup_free_ char *hostname = NULL;
assert(connection);
assert(connection_cls);
assert(url);
assert(method);
- log_debug("Handling a connection %s %s %s", method, url, version);
+ log_trace("Handling a connection %s %s %s", method, url, version);
if (*connection_cls)
return process_http_upload(connection,
log_error("MHD_get_connection_info failed: cannot get remote fd");
return mhd_respond(connection, MHD_HTTP_INTERNAL_SERVER_ERROR,
"Cannot check remote address");
- return code;
}
fd = ci->connect_fd;
assert(hostname);
- if (!request_meta(connection_cls, fd, hostname))
+ r = request_meta(connection_cls, fd, hostname);
+ if (r == -ENOMEM)
return respond_oom(connection);
+ else if (r < 0)
+ return mhd_respond(connection, MHD_HTTP_INTERNAL_SERVER_ERROR,
+ strerror(-r));
+
+ hostname = NULL;
return MHD_YES;
}
assert(fd >= 0);
r = fd_nonblock(fd, true);
- if (r < 0) {
- log_error("Failed to make fd:%d nonblocking: %s", fd, strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to make fd:%d nonblocking: %m", fd);
if (key) {
assert(cert);
epoll_fd, EPOLLIN,
dispatch_http_event, d);
if (r < 0) {
- log_error("Failed to add event callback: %s", strerror(-r));
+ log_error_errno(r, "Failed to add event callback: %m");
+ goto error;
+ }
+
+ r = sd_event_source_set_description(d->event, "epoll-fd");
+ if (r < 0) {
+ log_error_errno(r, "Failed to set source name: %m");
goto error;
}
- r = hashmap_ensure_allocated(&s->daemons, uint64_hash_func, uint64_compare_func);
+ r = hashmap_ensure_allocated(&s->daemons, &uint64_hash_ops);
if (r < 0) {
log_oom();
goto error;
r = hashmap_put(s->daemons, &d->fd, d);
if (r < 0) {
- log_error("Failed to add daemon to hashmap: %s", strerror(-r));
+ log_error_errno(r, "Failed to add daemon to hashmap: %m");
goto error;
}
**********************************************************************
**********************************************************************/
-static int dispatch_sigterm(sd_event_source *event,
- const struct signalfd_siginfo *si,
- void *userdata) {
- RemoteServer *s = userdata;
-
- assert(s);
-
- log_received_signal(LOG_INFO, si);
-
- sd_event_exit(s->events, 0);
- return 0;
-}
-
static int setup_signals(RemoteServer *s) {
sigset_t mask;
int r;
sigset_add_many(&mask, SIGINT, SIGTERM, -1);
assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
- r = sd_event_add_signal(s->events, &s->sigterm_event, SIGTERM, dispatch_sigterm, s);
+ r = sd_event_add_signal(s->events, &s->sigterm_event, SIGTERM, NULL, s);
if (r < 0)
return r;
- r = sd_event_add_signal(s->events, &s->sigint_event, SIGINT, dispatch_sigterm, s);
+ r = sd_event_add_signal(s->events, &s->sigint_event, SIGINT, NULL, s);
if (r < 0)
return r;
return 0;
}
-static int fd_fd(const char *spec) {
+static int negative_fd(const char *spec) {
+ /* Return a non-positive number as its inverse, -EINVAL otherwise. */
+
int fd, r;
r = safe_atoi(spec, &fd);
if (r < 0)
return r;
- return -1;
+ if (fd > 0)
+ return -EINVAL;
+ else
+ return -fd;
}
-
static int remoteserver_init(RemoteServer *s,
const char* key,
const char* cert,
const char* trust) {
int r, n, fd;
- const char *output_name = NULL;
char **file;
assert(s);
-
if ((arg_listen_raw || arg_listen_http) && trust) {
log_error("Option --trust makes all non-HTTPS connections untrusted.");
return -EINVAL;
}
- sd_event_default(&s->events);
+ r = sd_event_default(&s->events);
+ if (r < 0)
+ return log_error_errno(r, "Failed to allocate event loop: %m");
setup_signals(s);
assert(server == NULL);
server = s;
+ r = init_writer_hashmap(s);
+ if (r < 0)
+ return r;
+
n = sd_listen_fds(true);
- if (n < 0) {
- log_error("Failed to read listening file descriptors from environment: %s",
- strerror(-n));
- return n;
- } else
+ if (n < 0)
+ return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
+ else
log_info("Received %d descriptors", n);
if (MAX(http_socket, https_socket) >= SD_LISTEN_FDS_START + n) {
}
for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
- if (sd_is_socket(fd, AF_UNSPEC, 0, false)) {
+ if (sd_is_socket(fd, AF_UNSPEC, 0, true)) {
log_info("Received a listening socket (fd:%d)", fd);
if (fd == http_socket)
r = setup_microhttpd_server(s, fd, key, cert, trust);
else
r = add_raw_socket(s, fd);
- } else if (sd_is_socket(fd, AF_UNSPEC, 0, true)) {
- _cleanup_free_ char *hostname = NULL;
+ } else if (sd_is_socket(fd, AF_UNSPEC, 0, false)) {
+ char *hostname;
r = getnameinfo_pretty(fd, &hostname);
- if (r < 0) {
- log_error("Failed to retrieve remote name: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to retrieve remote name: %m");
log_info("Received a connection socket (fd:%d) from %s", fd, hostname);
- r = add_source(s, fd, hostname);
+ r = add_source(s, fd, hostname, true);
} else {
log_error("Unknown socket passed on fd:%d", fd);
return -EINVAL;
}
- if(r < 0) {
- log_error("Failed to register socket (fd:%d): %s",
- fd, strerror(-r));
- return r;
- }
-
- output_name = "socket";
+ if (r < 0)
+ return log_error_errno(r, "Failed to register socket (fd:%d): %m",
+ fd);
}
if (arg_url) {
const char *url, *hostname;
- url = strappenda(arg_url, "/entries");
+ url = strjoina(arg_url, "/entries");
if (arg_getter) {
log_info("Spawning getter %s...", url);
startswith(arg_url, "http://") ?:
arg_url;
- r = add_source(s, fd, hostname);
+ r = add_source(s, fd, (char*) hostname, false);
if (r < 0)
return r;
-
- output_name = arg_url;
}
if (arg_listen_raw) {
r = setup_raw_socket(s, arg_listen_raw);
if (r < 0)
return r;
-
- output_name = arg_listen_raw;
}
if (arg_listen_http) {
r = setup_microhttpd_socket(s, arg_listen_http, NULL, NULL, NULL);
if (r < 0)
return r;
-
- output_name = arg_listen_http;
}
if (arg_listen_https) {
r = setup_microhttpd_socket(s, arg_listen_https, key, cert, trust);
if (r < 0)
return r;
-
- output_name = arg_listen_https;
}
STRV_FOREACH(file, arg_files) {
+ const char *output_name;
+
if (streq(*file, "-")) {
- log_info("Reading standard input...");
+ log_info("Using standard input as source.");
fd = STDIN_FILENO;
output_name = "stdin";
log_info("Reading file %s...", *file);
fd = open(*file, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK);
- if (fd < 0) {
- log_error("Failed to open %s: %m", *file);
- return -errno;
- }
+ if (fd < 0)
+ return log_error_errno(errno, "Failed to open %s: %m", *file);
output_name = *file;
}
- r = add_source(s, fd, output_name);
+ r = add_source(s, fd, (char*) output_name, false);
if (r < 0)
return r;
}
return -EINVAL;
}
- if (!!n + !!arg_url + !!arg_listen_raw + !!arg_files)
- output_name = "multiple";
-
- r = init_writer_hashmap(s);
- if (r < 0)
- return r;
-
if (arg_split_mode == JOURNAL_WRITE_SPLIT_NONE) {
/* In this case we know what the writer will be
called, so we can create it and verify that we can
create output as expected. */
- Writer *w;
-
- r = get_writer(s, NULL, NULL, &w);
+ r = get_writer(s, NULL, &s->_single_writer);
if (r < 0)
return r;
}
return 0;
}
-static int server_destroy(RemoteServer *s, uint64_t *event_count) {
- int r;
+static void server_destroy(RemoteServer *s) {
size_t i;
- Writer *w;
MHDDaemonWrapper *d;
- *event_count = 0;
-
- while ((w = hashmap_steal_first(s->writers))) {
- log_info("seqnum %"PRIu64, w->seqnum);
- *event_count += w->seqnum;
-
- r = writer_close(w);
- if (r < 0)
- log_warning("Failed to close writer: %s", strerror(-r));
- free(w);
- }
-
- hashmap_free(s->writers);
-
while ((d = hashmap_steal_first(s->daemons))) {
MHD_stop_daemon(d->daemon);
sd_event_source_unref(d->event);
assert(s->sources_size == 0 || s->sources);
for (i = 0; i < s->sources_size; i++)
remove_source(s, i);
-
free(s->sources);
+ writer_unref(s->_single_writer);
+ hashmap_free(s->writers);
+
sd_event_source_unref(s->sigterm_event);
sd_event_source_unref(s->sigint_event);
sd_event_source_unref(s->listen_event);
sd_event_unref(s->events);
/* fds that we're listening on remain open... */
-
- return r;
}
/**********************************************************************
uint32_t revents,
void *userdata) {
- Writer *w;
RemoteServer *s = userdata;
RemoteSource *source;
int r;
source = s->sources[fd];
assert(source->fd == fd);
- r = get_writer(s, source->name, NULL, &w);
- if (r < 0) {
- log_warning("Failed to get writer for source %s (%s): %s",
- source->name, source->name, strerror(-r));
- return r;
- }
-
- r = process_source(source, w, arg_compress, arg_seal);
+ r = process_source(source, arg_compress, arg_seal);
if (source->state == STATE_EOF) {
size_t remaining;
if (remaining > 0)
log_warning("Premature EOF. %zu bytes lost.", remaining);
remove_source(s, source->fd);
- log_info("%zd active source remaining", s->active);
+ log_info("%zu active sources remaining", s->active);
return 0;
} else if (r == -E2BIG) {
log_error("Entry too big, skipped");
} else if (r == -EAGAIN) {
return 0;
} else if (r < 0) {
- log_info("Closing connection: %s", strerror(-r));
+ log_info_errno(r, "Closing connection: %m");
remove_source(server, fd);
return 0;
} else
return 1;
}
+static int dispatch_blocking_source_event(sd_event_source *event,
+ void *userdata) {
+ RemoteSource *source = userdata;
+
+ return dispatch_raw_source_event(event, source->fd, EPOLLIN, server);
+}
+
static int accept_connection(const char* type, int fd,
SocketAddress *addr, char **hostname) {
int fd2, r;
log_debug("Accepting new %s connection on fd:%d", type, fd);
fd2 = accept4(fd, &addr->sockaddr.sa, &addr->size, SOCK_NONBLOCK|SOCK_CLOEXEC);
- if (fd2 < 0) {
- log_error("accept() on fd:%d failed: %m", fd);
- return -errno;
- }
+ if (fd2 < 0)
+ return log_error_errno(errno, "accept() on fd:%d failed: %m", fd);
switch(socket_address_family(addr)) {
case AF_INET:
r = socket_address_print(addr, &a);
if (r < 0) {
- log_error("socket_address_print(): %s", strerror(-r));
+ log_error_errno(r, "socket_address_print(): %m");
close(fd2);
return r;
}
if (fd2 < 0)
return fd2;
- return add_source(s, fd2, hostname);
+ return add_source(s, fd2, hostname, true);
}
/**********************************************************************
{ "Remote", "ServerCertificateFile", config_parse_path, 0, &arg_cert },
{ "Remote", "TrustedCertificateFile", config_parse_path, 0, &arg_trust },
{}};
- int r;
-
- r = config_parse(NULL, PKGSYSCONFDIR "/journal-remote.conf", NULL,
- "Remote\0",
- config_item_table_lookup, items,
- false, false, NULL);
- if (r < 0)
- log_error("Failed to parse configuration file: %s", strerror(-r));
- return r;
+ return config_parse_many(PKGSYSCONFDIR "/journal-remote.conf",
+ CONF_DIRS_NULSTR("systemd/journal-remote.conf"),
+ "Remote\0", config_item_table_lookup, items,
+ false, NULL);
}
static void help(void) {
printf("%s [OPTIONS...] {FILE|-}...\n\n"
- "Write external journal events to a journal file.\n\n"
- "Options:\n"
- " --url=URL Read events from systemd-journal-gatewayd at URL\n"
- " --getter=COMMAND Read events from the output of COMMAND\n"
- " --listen-raw=ADDR Listen for connections at ADDR\n"
- " --listen-http=ADDR Listen for HTTP connections at ADDR\n"
- " --listen-https=ADDR Listen for HTTPS connections at ADDR\n"
- " -o --output=FILE|DIR Write output to FILE or DIR/external-*.journal\n"
- " --[no-]compress Use XZ-compression in the output journal (default: yes)\n"
- " --[no-]seal Use Event sealing in the output journal (default: no)\n"
- " --key=FILENAME Specify key in PEM format (default:\n"
- " \"" KEY_FILE "\")\n"
- " --cert=FILENAME Specify certificate in PEM format (default:\n"
- " \"" CERT_FILE "\")\n"
- " --trust=FILENAME|all Specify CA certificate or disable checking (default:\n"
- " \"" TRUST_FILE "\")\n"
- " --gnutls-log=CATEGORY...\n"
- " Specify a list of gnutls logging categories\n"
- " -h --help Show this help and exit\n"
- " --version Print version string and exit\n"
+ "Write external journal events to journal file(s).\n\n"
+ " -h --help Show this help\n"
+ " --version Show package version\n"
+ " --url=URL Read events from systemd-journal-gatewayd at URL\n"
+ " --getter=COMMAND Read events from the output of COMMAND\n"
+ " --listen-raw=ADDR Listen for connections at ADDR\n"
+ " --listen-http=ADDR Listen for HTTP connections at ADDR\n"
+ " --listen-https=ADDR Listen for HTTPS connections at ADDR\n"
+ " -o --output=FILE|DIR Write output to FILE or DIR/external-*.journal\n"
+ " --compress[=BOOL] XZ-compress the output journal (default: yes)\n"
+ " --seal[=BOOL] Use event sealing (default: no)\n"
+ " --key=FILENAME SSL key in PEM format (default:\n"
+ " \"" PRIV_KEY_FILE "\")\n"
+ " --cert=FILENAME SSL certificate in PEM format (default:\n"
+ " \"" CERT_FILE "\")\n"
+ " --trust=FILENAME|all SSL CA certificate or disable checking (default:\n"
+ " \"" TRUST_FILE "\")\n"
+ " --gnutls-log=CATEGORY...\n"
+ " Specify a list of gnutls logging categories\n"
+ " --split-mode=none|host How many output files to create\n"
"\n"
"Note: file descriptors from sd_listen_fds() will be consumed, too.\n"
, program_invocation_short_name);
ARG_GETTER,
ARG_SPLIT_MODE,
ARG_COMPRESS,
- ARG_NO_COMPRESS,
ARG_SEAL,
- ARG_NO_SEAL,
ARG_KEY,
ARG_CERT,
ARG_TRUST,
{ "listen-https", required_argument, NULL, ARG_LISTEN_HTTPS },
{ "output", required_argument, NULL, 'o' },
{ "split-mode", required_argument, NULL, ARG_SPLIT_MODE },
- { "compress", no_argument, NULL, ARG_COMPRESS },
- { "no-compress", no_argument, NULL, ARG_NO_COMPRESS },
- { "seal", no_argument, NULL, ARG_SEAL },
- { "no-seal", no_argument, NULL, ARG_NO_SEAL },
+ { "compress", optional_argument, NULL, ARG_COMPRESS },
+ { "seal", optional_argument, NULL, ARG_SEAL },
{ "key", required_argument, NULL, ARG_KEY },
{ "cert", required_argument, NULL, ARG_CERT },
{ "trust", required_argument, NULL, ARG_TRUST },
return -EINVAL;
}
- r = fd_fd(optarg);
+ r = negative_fd(optarg);
if (r >= 0)
http_socket = r;
else
return -EINVAL;
}
- r = fd_fd(optarg);
+ r = negative_fd(optarg);
if (r >= 0)
https_socket = r;
else
break;
case ARG_COMPRESS:
- arg_compress = true;
- break;
- case ARG_NO_COMPRESS:
- arg_compress = false;
+ if (optarg) {
+ r = parse_boolean(optarg);
+ if (r < 0) {
+ log_error("Failed to parse --compress= parameter.");
+ return -EINVAL;
+ }
+
+ arg_compress = !!r;
+ } else
+ arg_compress = true;
+
break;
+
case ARG_SEAL:
- arg_seal = true;
- break;
- case ARG_NO_SEAL:
- arg_seal = false;
+ if (optarg) {
+ r = parse_boolean(optarg);
+ if (r < 0) {
+ log_error("Failed to parse --seal= parameter.");
+ return -EINVAL;
+ }
+
+ arg_seal = !!r;
+ } else
+ arg_seal = true;
+
break;
case ARG_GNUTLS_LOG: {
#ifdef HAVE_GNUTLS
- char *word, *state;
+ const char *word, *state;
size_t size;
FOREACH_WORD_SEPARATOR(word, size, optarg, ",", state) {
return -EINVAL;
default:
- log_error("Unknown option code %c", c);
- return -EINVAL;
+ assert_not_reached("Unknown option code.");
}
if (optind < argc)
static int load_certificates(char **key, char **cert, char **trust) {
int r;
- r = read_full_file(arg_key ?: KEY_FILE, key, NULL);
- if (r < 0) {
- log_error("Failed to read key from file '%s': %s",
- arg_key ?: KEY_FILE, strerror(-r));
- return r;
- }
+ r = read_full_file(arg_key ?: PRIV_KEY_FILE, key, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to read key from file '%s': %m",
+ arg_key ?: PRIV_KEY_FILE);
r = read_full_file(arg_cert ?: CERT_FILE, cert, NULL);
- if (r < 0) {
- log_error("Failed to read certificate from file '%s': %s",
- arg_cert ?: CERT_FILE, strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to read certificate from file '%s': %m",
+ arg_cert ?: CERT_FILE);
if (arg_trust_all)
log_info("Certificate checking disabled.");
else {
r = read_full_file(arg_trust ?: TRUST_FILE, trust, NULL);
- if (r < 0) {
- log_error("Failed to read CA certificate file '%s': %s",
- arg_trust ?: TRUST_FILE, strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to read CA certificate file '%s': %m",
+ arg_trust ?: TRUST_FILE);
}
return 0;
gnutls_global_set_log_function(log_func_gnutls);
- if (categories)
+ if (categories) {
STRV_FOREACH(cat, categories) {
r = log_enable_gnutls_category(*cat);
if (r < 0)
return r;
}
- else
+ } else
log_reset_gnutls_level();
}
#endif
int main(int argc, char **argv) {
RemoteServer s = {};
- int r, r2;
+ int r;
_cleanup_free_ char *key = NULL, *cert = NULL, *trust = NULL;
- uint64_t entry_count;
log_show_color(true);
log_parse_environment();
if (remoteserver_init(&s, key, cert, trust) < 0)
return EXIT_FAILURE;
- sd_event_set_watchdog(s.events, true);
+ r = sd_event_set_watchdog(s.events, true);
+ if (r < 0)
+ log_error_errno(r, "Failed to enable watchdog: %m");
+ else
+ log_debug("Watchdog is %s.", r > 0 ? "enabled" : "disabled");
log_debug("%s running as pid "PID_FMT,
program_invocation_short_name, getpid());
r = sd_event_run(s.events, -1);
if (r < 0) {
- log_error("Failed to run event loop: %s", strerror(-r));
+ log_error_errno(r, "Failed to run event loop: %m");
break;
}
}
- r2 = server_destroy(&s, &entry_count);
- log_info("Finishing after writing %" PRIu64 " entries", entry_count);
+ sd_notifyf(false,
+ "STOPPING=1\n"
+ "STATUS=Shutting down after writing %" PRIu64 " entries...", s.event_count);
+ log_info("Finishing after writing %" PRIu64 " entries", s.event_count);
- sd_notify(false, "STATUS=Shutting down...");
+ server_destroy(&s);
free(arg_key);
free(arg_cert);
free(arg_trust);
- return r >= 0 && r2 >= 0 ? EXIT_SUCCESS : EXIT_FAILURE;
+ return r >= 0 ? EXIT_SUCCESS : EXIT_FAILURE;
}