#include "util.h"
#include "build.h"
#include "fileio.h"
+#include "conf-parser.h"
#include "journal-upload.h"
+#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-upload.pem"
+#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-upload.pem"
+#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
+
static const char* arg_url;
static void close_fd_input(Uploader *u);
"systemd-journal-upload " PACKAGE_STRING,
LOG_WARNING, );
- if (arg_key) {
+ if (arg_key || startswith(u->url, "https://")) {
assert(arg_cert);
- easy_setopt(curl, CURLOPT_SSLKEY, arg_key,
+ easy_setopt(curl, CURLOPT_SSLKEY, arg_key ?: PRIV_KEY_FILE,
LOG_ERR, return -EXFULL);
- easy_setopt(curl, CURLOPT_SSLCERT, arg_cert,
+ easy_setopt(curl, CURLOPT_SSLCERT, arg_cert ?: CERT_FILE,
LOG_ERR, return -EXFULL);
}
- if (arg_trust)
- easy_setopt(curl, CURLOPT_CAINFO, arg_trust,
+ if (arg_trust || startswith(u->url, "https://"))
+ easy_setopt(curl, CURLOPT_CAINFO, arg_trust ?: TRUST_FILE,
LOG_ERR, return -EXFULL);
if (arg_key || arg_trust)
Uploader *u = userp;
assert(u);
- assert(revents & EPOLLIN);
assert(fd >= 0);
+ if (revents & EPOLLHUP) {
+ log_debug("Received HUP");
+ close_fd_input(u);
+ return 0;
+ }
+
+ if (!(revents & EPOLLIN)) {
+ log_warning("Unexpected poll event %"PRIu32".", revents);
+ return -EINVAL;
+ }
+
if (u->uploading) {
log_warning("dispatch_fd_input called when uploading, ignoring.");
return 0;
return r;
}
+static int dispatch_sigterm(sd_event_source *event,
+ const struct signalfd_siginfo *si,
+ void *userdata) {
+ Uploader *u = userdata;
+
+ assert(u);
+
+ log_received_signal(LOG_INFO, si);
+
+ close_fd_input(u);
+ close_journal_input(u);
+
+ sd_event_exit(u->events, 0);
+ return 0;
+}
+
+static int setup_signals(Uploader *u) {
+ sigset_t mask;
+ int r;
+
+ assert(u);
+
+ assert_se(sigemptyset(&mask) == 0);
+ sigset_add_many(&mask, SIGINT, SIGTERM, -1);
+ assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
+
+ r = sd_event_add_signal(u->events, &u->sigterm_event, SIGTERM, dispatch_sigterm, u);
+ if (r < 0)
+ return r;
+
+ r = sd_event_add_signal(u->events, &u->sigint_event, SIGINT, dispatch_sigterm, u);
+ if (r < 0)
+ return r;
+
+ return 0;
+}
+
static int setup_uploader(Uploader *u, const char *url, const char *state_file) {
int r;
memzero(u, sizeof(Uploader));
u->input = -1;
- u->url = url;
+ if (!startswith(url, "http://") && !startswith(url, "https://"))
+ url = strappenda("https://", url);
+
+ u->url = strappend(url, "/upload");
+ if (!u->url)
+ return log_oom();
+
u->state_file = state_file;
r = sd_event_default(&u->events);
return r;
}
+ r = setup_signals(u);
+ if (r < 0) {
+ log_error("Failed to set up signals: %s", strerror(-r));
+ return r;
+ }
+
return load_cursor_state(u);
}
free(u->last_cursor);
free(u->current_cursor);
+ free(u->url);
+
u->input_event = sd_event_source_unref(u->input_event);
close_fd_input(u);
close_journal_input(u);
+ sd_event_source_unref(u->sigterm_event);
+ sd_event_source_unref(u->sigint_event);
sd_event_unref(u->events);
}
return update_cursor_state(u);
}
+static int parse_config(void) {
+ const ConfigTableItem items[] = {
+ { "Upload", "URL", config_parse_string, 0, &arg_url },
+ { "Upload", "ServerKeyFile", config_parse_path, 0, &arg_key },
+ { "Upload", "ServerCertificateFile", config_parse_path, 0, &arg_cert },
+ { "Upload", "TrustedCertificateFile", config_parse_path, 0, &arg_trust },
+ {}};
+
+ return config_parse(NULL, PKGSYSCONFDIR "/journal-upload.conf", NULL,
+ "Upload\0",
+ config_item_table_lookup, items,
+ false, false, true, NULL);
+}
+
static void help(void) {
printf("%s -u URL {FILE|-}...\n\n"
"Upload journal events to a remote server.\n\n"
"Options:\n"
- " --url=URL Upload to this address\n"
+ " -u --url=URL Upload to this address\n"
" --key=FILENAME Specify key in PEM format\n"
" --cert=FILENAME Specify certificate in PEM format\n"
" --trust=FILENAME Specify CA certificate in PEM format\n"
log_show_color(true);
log_parse_environment();
+ r = parse_config();
+ if (r <= 0)
+ goto finish;
+
r = parse_argv(argc, argv);
if (r <= 0)
goto finish;
if (r < 0)
goto cleanup;
+ sd_event_set_watchdog(u.events, true);
+
log_debug("%s running as pid "PID_FMT,
program_invocation_short_name, getpid());