X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fjournal-remote%2Fjournal-upload.c;h=b178df2d34bb0e24cfcff9905fbdc771d3de6955;hb=d7bf74d9cccdc6ffa567ea0e08f814863610f88e;hp=264f915a789d825b76b3814253f0a0cc00c0b02f;hpb=a3152e7655231b94fa7b9582906fb86ab00b9c99;p=elogind.git diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c index 264f915a7..b178df2d3 100644 --- a/src/journal-remote/journal-upload.c +++ b/src/journal-remote/journal-upload.c @@ -31,8 +31,13 @@ #include "util.h" #include "build.h" #include "fileio.h" +#include "conf-parser.h" #include "journal-upload.h" +#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-upload.pem" +#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-upload.pem" +#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem" + static const char* arg_url; static void close_fd_input(Uploader *u); @@ -214,17 +219,17 @@ int start_upload(Uploader *u, "systemd-journal-upload " PACKAGE_STRING, LOG_WARNING, ); - if (arg_key) { + if (arg_key || startswith(u->url, "https://")) { assert(arg_cert); - easy_setopt(curl, CURLOPT_SSLKEY, arg_key, + easy_setopt(curl, CURLOPT_SSLKEY, arg_key ?: PRIV_KEY_FILE, LOG_ERR, return -EXFULL); - easy_setopt(curl, CURLOPT_SSLCERT, arg_cert, + easy_setopt(curl, CURLOPT_SSLCERT, arg_cert ?: CERT_FILE, LOG_ERR, return -EXFULL); } - if (arg_trust) - easy_setopt(curl, CURLOPT_CAINFO, arg_trust, + if (arg_trust || startswith(u->url, "https://")) + easy_setopt(curl, CURLOPT_CAINFO, arg_trust ?: TRUST_FILE, LOG_ERR, return -EXFULL); if (arg_key || arg_trust) @@ -297,9 +302,19 @@ static int dispatch_fd_input(sd_event_source *event, Uploader *u = userp; assert(u); - assert(revents & EPOLLIN); assert(fd >= 0); + if (revents & EPOLLHUP) { + log_debug("Received HUP"); + close_fd_input(u); + return 0; + } + + if (!(revents & EPOLLIN)) { + log_warning("Unexpected poll event %"PRIu32".", revents); + return -EINVAL; + } + if (u->uploading) { log_warning("dispatch_fd_input called when uploading, ignoring."); return 0; @@ -386,7 +401,13 @@ static int setup_uploader(Uploader *u, const char *url, const char *state_file) memzero(u, sizeof(Uploader)); u->input = -1; - u->url = url; + if (!startswith(url, "http://") && !startswith(url, "https://")) + url = strappenda("https://", url); + + u->url = strappend(url, "/upload"); + if (!u->url) + return log_oom(); + u->state_file = state_file; r = sd_event_default(&u->events); @@ -414,6 +435,8 @@ static void destroy_uploader(Uploader *u) { free(u->last_cursor); free(u->current_cursor); + free(u->url); + u->input_event = sd_event_source_unref(u->input_event); close_fd_input(u); @@ -465,11 +488,25 @@ static int perform_upload(Uploader *u) { return update_cursor_state(u); } +static int parse_config(void) { + const ConfigTableItem items[] = { + { "Upload", "URL", config_parse_string, 0, &arg_url }, + { "Upload", "ServerKeyFile", config_parse_path, 0, &arg_key }, + { "Upload", "ServerCertificateFile", config_parse_path, 0, &arg_cert }, + { "Upload", "TrustedCertificateFile", config_parse_path, 0, &arg_trust }, + {}}; + + return config_parse(NULL, PKGSYSCONFDIR "/journal-upload.conf", NULL, + "Upload\0", + config_item_table_lookup, items, + false, false, true, NULL); +} + static void help(void) { printf("%s -u URL {FILE|-}...\n\n" "Upload journal events to a remote server.\n\n" "Options:\n" - " --url=URL Upload to this address\n" + " -u --url=URL Upload to this address\n" " --key=FILENAME Specify key in PEM format\n" " --cert=FILENAME Specify certificate in PEM format\n" " --trust=FILENAME Specify CA certificate in PEM format\n" @@ -705,6 +742,10 @@ int main(int argc, char **argv) { log_show_color(true); log_parse_environment(); + r = parse_config(); + if (r <= 0) + goto finish; + r = parse_argv(argc, argv); if (r <= 0) goto finish;