X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fjournal-remote%2Fjournal-upload.c;h=b178df2d34bb0e24cfcff9905fbdc771d3de6955;hb=d7bf74d9cccdc6ffa567ea0e08f814863610f88e;hp=0cab031985ae65ae034aa70e91dd468089b3b79a;hpb=eacbb4d33e2bb5c54311544851140efe3dd0f774;p=elogind.git diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c index 0cab03198..b178df2d3 100644 --- a/src/journal-remote/journal-upload.c +++ b/src/journal-remote/journal-upload.c @@ -30,8 +30,14 @@ #include "log.h" #include "util.h" #include "build.h" +#include "fileio.h" +#include "conf-parser.h" #include "journal-upload.h" +#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-upload.pem" +#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-upload.pem" +#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem" + static const char* arg_url; static void close_fd_input(Uploader *u); @@ -48,9 +54,12 @@ static int arg_journal_type = 0; static const char *arg_machine = NULL; static bool arg_merge = false; static int arg_follow = -1; +static const char *arg_save_state = NULL; #define SERVER_ANSWER_KEEP 2048 +#define STATE_FILE "/var/lib/systemd/journal-upload/state" + #define easy_setopt(curl, opt, value, level, cmd) \ { \ code = curl_easy_setopt(curl, opt, value); \ @@ -83,6 +92,59 @@ static size_t output_callback(char *buf, return size * nmemb; } +static int update_cursor_state(Uploader *u) { + _cleanup_free_ char *temp_path = NULL; + _cleanup_fclose_ FILE *f = NULL; + int r; + + if (!u->state_file || !u->last_cursor) + return 0; + + r = fopen_temporary(u->state_file, &f, &temp_path); + if (r < 0) + goto finish; + + fprintf(f, + "# This is private data. Do not parse.\n" + "LAST_CURSOR=%s\n", + u->last_cursor); + + fflush(f); + + if (ferror(f) || rename(temp_path, u->state_file) < 0) { + r = -errno; + unlink(u->state_file); + unlink(temp_path); + } + +finish: + if (r < 0) + log_error("Failed to save state %s: %s", u->state_file, strerror(-r)); + + return r; +} + +static int load_cursor_state(Uploader *u) { + int r; + + if (!u->state_file) + return 0; + + r = parse_env_file(u->state_file, NEWLINE, + "LAST_CURSOR", &u->last_cursor, + NULL); + + if (r < 0 && r != -ENOENT) { + log_error("Failed to read state file %s: %s", + u->state_file, strerror(-r)); + return r; + } + + return 0; +} + + + int start_upload(Uploader *u, size_t (*input_callback)(void *ptr, size_t size, @@ -157,17 +219,17 @@ int start_upload(Uploader *u, "systemd-journal-upload " PACKAGE_STRING, LOG_WARNING, ); - if (arg_key) { + if (arg_key || startswith(u->url, "https://")) { assert(arg_cert); - easy_setopt(curl, CURLOPT_SSLKEY, arg_key, + easy_setopt(curl, CURLOPT_SSLKEY, arg_key ?: PRIV_KEY_FILE, LOG_ERR, return -EXFULL); - easy_setopt(curl, CURLOPT_SSLCERT, arg_cert, + easy_setopt(curl, CURLOPT_SSLCERT, arg_cert ?: CERT_FILE, LOG_ERR, return -EXFULL); } - if (arg_trust) - easy_setopt(curl, CURLOPT_CAINFO, arg_trust, + if (arg_trust || startswith(u->url, "https://")) + easy_setopt(curl, CURLOPT_CAINFO, arg_trust ?: TRUST_FILE, LOG_ERR, return -EXFULL); if (arg_key || arg_trust) @@ -240,9 +302,19 @@ static int dispatch_fd_input(sd_event_source *event, Uploader *u = userp; assert(u); - assert(revents & EPOLLIN); assert(fd >= 0); + if (revents & EPOLLHUP) { + log_debug("Received HUP"); + close_fd_input(u); + return 0; + } + + if (!(revents & EPOLLIN)) { + log_warning("Unexpected poll event %"PRIu32".", revents); + return -EINVAL; + } + if (u->uploading) { log_warning("dispatch_fd_input called when uploading, ignoring."); return 0; @@ -283,7 +355,44 @@ static int open_file_for_upload(Uploader *u, const char *filename) { return r; } -static int setup_uploader(Uploader *u, const char *url) { +static int dispatch_sigterm(sd_event_source *event, + const struct signalfd_siginfo *si, + void *userdata) { + Uploader *u = userdata; + + assert(u); + + log_received_signal(LOG_INFO, si); + + close_fd_input(u); + close_journal_input(u); + + sd_event_exit(u->events, 0); + return 0; +} + +static int setup_signals(Uploader *u) { + sigset_t mask; + int r; + + assert(u); + + assert_se(sigemptyset(&mask) == 0); + sigset_add_many(&mask, SIGINT, SIGTERM, -1); + assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0); + + r = sd_event_add_signal(u->events, &u->sigterm_event, SIGTERM, dispatch_sigterm, u); + if (r < 0) + return r; + + r = sd_event_add_signal(u->events, &u->sigint_event, SIGINT, dispatch_sigterm, u); + if (r < 0) + return r; + + return 0; +} + +static int setup_uploader(Uploader *u, const char *url, const char *state_file) { int r; assert(u); @@ -292,7 +401,14 @@ static int setup_uploader(Uploader *u, const char *url) { memzero(u, sizeof(Uploader)); u->input = -1; - u->url = url; + if (!startswith(url, "http://") && !startswith(url, "https://")) + url = strappenda("https://", url); + + u->url = strappend(url, "/upload"); + if (!u->url) + return log_oom(); + + u->state_file = state_file; r = sd_event_default(&u->events); if (r < 0) { @@ -300,7 +416,13 @@ static int setup_uploader(Uploader *u, const char *url) { return r; } - return 0; + r = setup_signals(u); + if (r < 0) { + log_error("Failed to set up signals: %s", strerror(-r)); + return r; + } + + return load_cursor_state(u); } static void destroy_uploader(Uploader *u) { @@ -311,12 +433,17 @@ static void destroy_uploader(Uploader *u) { free(u->answer); free(u->last_cursor); + free(u->current_cursor); + + free(u->url); u->input_event = sd_event_source_unref(u->input_event); close_fd_input(u); close_journal_input(u); + sd_event_source_unref(u->sigterm_event); + sd_event_source_unref(u->sigint_event); sd_event_unref(u->events); } @@ -353,14 +480,33 @@ static int perform_upload(Uploader *u) { } else log_debug("Upload finished successfully with code %lu: %s", status, strna(u->answer)); - return 0; + + free(u->last_cursor); + u->last_cursor = u->current_cursor; + u->current_cursor = NULL; + + return update_cursor_state(u); +} + +static int parse_config(void) { + const ConfigTableItem items[] = { + { "Upload", "URL", config_parse_string, 0, &arg_url }, + { "Upload", "ServerKeyFile", config_parse_path, 0, &arg_key }, + { "Upload", "ServerCertificateFile", config_parse_path, 0, &arg_cert }, + { "Upload", "TrustedCertificateFile", config_parse_path, 0, &arg_trust }, + {}}; + + return config_parse(NULL, PKGSYSCONFDIR "/journal-upload.conf", NULL, + "Upload\0", + config_item_table_lookup, items, + false, false, true, NULL); } static void help(void) { printf("%s -u URL {FILE|-}...\n\n" "Upload journal events to a remote server.\n\n" "Options:\n" - " --url=URL Upload to this address\n" + " -u --url=URL Upload to this address\n" " --key=FILENAME Specify key in PEM format\n" " --cert=FILENAME Specify certificate in PEM format\n" " --trust=FILENAME Specify CA certificate in PEM format\n" @@ -373,6 +519,8 @@ static void help(void) { " --cursor=CURSOR Start at the specified cursor\n" " --after-cursor=CURSOR Start after the specified cursor\n" " --[no-]follow Do [not] wait for input\n" + " --save-state[=FILE] Save uploaded cursors (default \n" + " " STATE_FILE ")\n" " -h --help Show this help and exit\n" " --version Print version string and exit\n" , program_invocation_short_name); @@ -391,6 +539,7 @@ static int parse_argv(int argc, char *argv[]) { ARG_AFTER_CURSOR, ARG_FOLLOW, ARG_NO_FOLLOW, + ARG_SAVE_STATE, }; static const struct option options[] = { @@ -410,6 +559,7 @@ static int parse_argv(int argc, char *argv[]) { { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR }, { "follow", no_argument, NULL, ARG_FOLLOW }, { "no-follow", no_argument, NULL, ARG_NO_FOLLOW }, + { "save-state", optional_argument, NULL, ARG_SAVE_STATE }, {} }; @@ -532,6 +682,10 @@ static int parse_argv(int argc, char *argv[]) { arg_follow = false; break; + case ARG_SAVE_STATE: + arg_save_state = optarg ?: STATE_FILE; + break; + case '?': log_error("Unknown option %s.", argv[optind-1]); return -EINVAL; @@ -588,14 +742,20 @@ int main(int argc, char **argv) { log_show_color(true); log_parse_environment(); + r = parse_config(); + if (r <= 0) + goto finish; + r = parse_argv(argc, argv); if (r <= 0) goto finish; - r = setup_uploader(&u, arg_url); + r = setup_uploader(&u, arg_url, arg_save_state); if (r < 0) goto cleanup; + sd_event_set_watchdog(u.events, true); + log_debug("%s running as pid "PID_FMT, program_invocation_short_name, getpid()); @@ -606,7 +766,8 @@ int main(int argc, char **argv) { if (r < 0) goto finish; r = open_journal_for_upload(&u, j, - arg_cursor, arg_after_cursor, + arg_cursor ?: u.last_cursor, + arg_cursor ? arg_after_cursor : true, !!arg_follow); if (r < 0) goto finish;