summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
b798e7b)
This makes them robust regarding truncation. Ideally, we'd export this
as an API, but given how messy SIGBUS handling is, and the uncertain
ownership logic of signal handlers we should not do this (unless libc
one day invents a scheme how to sanely install SIGBUS handlers for
specific memory areas only). However, for now we can still make all our
own tools robust.
Note that external tools will only have read-access to the journal
anyway, where SIGBUS is much more unlikely, given that only writes are
subject to disk full problems.
#include <gnutls/gnutls.h>
#endif
#include <gnutls/gnutls.h>
#endif
-#include "log.h"
-#include "util.h"
#include "sd-journal.h"
#include "sd-daemon.h"
#include "sd-bus.h"
#include "sd-journal.h"
#include "sd-daemon.h"
#include "sd-bus.h"
+#include "log.h"
+#include "util.h"
#include "bus-util.h"
#include "logs-show.h"
#include "microhttpd-util.h"
#include "build.h"
#include "fileio.h"
#include "bus-util.h"
#include "logs-show.h"
#include "microhttpd-util.h"
#include "build.h"
#include "fileio.h"
-static char *key_pem = NULL;
-static char *cert_pem = NULL;
-static char *trust_pem = NULL;
+static char *arg_key_pem = NULL;
+static char *arg_cert_pem = NULL;
+static char *arg_trust_pem = NULL;
typedef struct RequestMeta {
sd_journal *journal;
typedef struct RequestMeta {
sd_journal *journal;
r = check_permissions(connection, &code, NULL);
if (r < 0)
return code;
r = check_permissions(connection, &code, NULL);
if (r < 0)
return code;
log_error("Key file specified twice");
return -EINVAL;
}
log_error("Key file specified twice");
return -EINVAL;
}
- r = read_full_file(optarg, &key_pem, NULL);
+ r = read_full_file(optarg, &arg_key_pem, NULL);
if (r < 0)
return log_error_errno(r, "Failed to read key file: %m");
if (r < 0)
return log_error_errno(r, "Failed to read key file: %m");
log_error("Certificate file specified twice");
return -EINVAL;
}
log_error("Certificate file specified twice");
return -EINVAL;
}
- r = read_full_file(optarg, &cert_pem, NULL);
+ r = read_full_file(optarg, &arg_cert_pem, NULL);
if (r < 0)
return log_error_errno(r, "Failed to read certificate file: %m");
if (r < 0)
return log_error_errno(r, "Failed to read certificate file: %m");
break;
case ARG_TRUST:
#ifdef HAVE_GNUTLS
break;
case ARG_TRUST:
#ifdef HAVE_GNUTLS
log_error("CA certificate file specified twice");
return -EINVAL;
}
log_error("CA certificate file specified twice");
return -EINVAL;
}
- r = read_full_file(optarg, &trust_pem, NULL);
+ r = read_full_file(optarg, &arg_trust_pem, NULL);
if (r < 0)
return log_error_errno(r, "Failed to read CA certificate file: %m");
if (r < 0)
return log_error_errno(r, "Failed to read CA certificate file: %m");
break;
#else
log_error("Option --trust is not available.");
break;
#else
log_error("Option --trust is not available.");
- if (!!key_pem != !!cert_pem) {
+ if (!!arg_key_pem != !!arg_cert_pem) {
log_error("Certificate and key files must be specified together");
return -EINVAL;
}
log_error("Certificate and key files must be specified together");
return -EINVAL;
}
- if (trust_pem && !key_pem) {
+ if (arg_trust_pem && !arg_key_pem) {
log_error("CA certificate can only be used with certificate file");
return -EINVAL;
}
log_error("CA certificate can only be used with certificate file");
return -EINVAL;
}
if (r == 0)
return EXIT_SUCCESS;
if (r == 0)
return EXIT_SUCCESS;
#ifdef HAVE_GNUTLS
gnutls_global_set_log_function(log_func_gnutls);
log_reset_gnutls_level();
#ifdef HAVE_GNUTLS
gnutls_global_set_log_function(log_func_gnutls);
log_reset_gnutls_level();
if (n > 0)
opts[opts_pos++] = (struct MHD_OptionItem)
{MHD_OPTION_LISTEN_SOCKET, SD_LISTEN_FDS_START};
if (n > 0)
opts[opts_pos++] = (struct MHD_OptionItem)
{MHD_OPTION_LISTEN_SOCKET, SD_LISTEN_FDS_START};
- if (key_pem) {
- assert(cert_pem);
+ if (arg_key_pem) {
+ assert(arg_cert_pem);
opts[opts_pos++] = (struct MHD_OptionItem)
opts[opts_pos++] = (struct MHD_OptionItem)
- {MHD_OPTION_HTTPS_MEM_KEY, 0, key_pem};
+ {MHD_OPTION_HTTPS_MEM_KEY, 0, arg_key_pem};
opts[opts_pos++] = (struct MHD_OptionItem)
opts[opts_pos++] = (struct MHD_OptionItem)
- {MHD_OPTION_HTTPS_MEM_CERT, 0, cert_pem};
+ {MHD_OPTION_HTTPS_MEM_CERT, 0, arg_cert_pem};
assert(flags & MHD_USE_SSL);
opts[opts_pos++] = (struct MHD_OptionItem)
assert(flags & MHD_USE_SSL);
opts[opts_pos++] = (struct MHD_OptionItem)
- {MHD_OPTION_HTTPS_MEM_TRUST, 0, trust_pem};
+ {MHD_OPTION_HTTPS_MEM_TRUST, 0, arg_trust_pem};
}
d = MHD_start_daemon(flags, 19531,
}
d = MHD_start_daemon(flags, 19531,
#include <getopt.h>
#include "sd-daemon.h"
#include <getopt.h>
#include "sd-daemon.h"
#include "log.h"
#include "util.h"
#include "build.h"
#include "fileio.h"
#include "mkdir.h"
#include "conf-parser.h"
#include "log.h"
#include "util.h"
#include "build.h"
#include "fileio.h"
#include "mkdir.h"
#include "conf-parser.h"
#include "journal-upload.h"
#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-upload.pem"
#include "journal-upload.h"
#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-upload.pem"
#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
#define DEFAULT_PORT 19532
#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
#define DEFAULT_PORT 19532
-static const char* arg_url;
-
-static void close_fd_input(Uploader *u);
-
+static const char* arg_url = NULL;
static const char *arg_key = NULL;
static const char *arg_cert = NULL;
static const char *arg_trust = NULL;
static const char *arg_key = NULL;
static const char *arg_cert = NULL;
static const char *arg_trust = NULL;
static const char *arg_directory = NULL;
static char **arg_file = NULL;
static const char *arg_cursor = NULL;
static const char *arg_directory = NULL;
static char **arg_file = NULL;
static const char *arg_cursor = NULL;
static int arg_follow = -1;
static const char *arg_save_state = NULL;
static int arg_follow = -1;
static const char *arg_save_state = NULL;
+static void close_fd_input(Uploader *u);
+
#define SERVER_ANSWER_KEEP 2048
#define STATE_FILE "/var/lib/systemd/journal-upload/state"
#define SERVER_ANSWER_KEEP 2048
#define STATE_FILE "/var/lib/systemd/journal-upload/state"
r = setup_uploader(&u, arg_url, arg_save_state);
if (r < 0)
goto cleanup;
r = setup_uploader(&u, arg_url, arg_save_state);
if (r < 0)
goto cleanup;
#include <fcntl.h>
#include <unistd.h>
#include <fcntl.h>
#include <unistd.h>
-#include "systemd/sd-journal.h"
-
#include "build.h"
#include "set.h"
#include "util.h"
#include "build.h"
#include "set.h"
#include "util.h"
#include "journal-internal.h"
#include "copy.h"
#include "compress.h"
#include "journal-internal.h"
#include "copy.h"
#include "compress.h"
static enum {
ACTION_NONE,
static enum {
ACTION_NONE,
if (arg_action == ACTION_NONE)
goto end;
if (arg_action == ACTION_NONE)
goto end;
r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY);
if (r < 0) {
log_error_errno(r, "Failed to open journal: %m");
r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY);
if (r < 0) {
log_error_errno(r, "Failed to open journal: %m");
#include "pager.h"
#include "strv.h"
#include "set.h"
#include "pager.h"
#include "strv.h"
#include "set.h"
#include "journal-internal.h"
#include "journal-def.h"
#include "journal-verify.h"
#include "journal-internal.h"
#include "journal-def.h"
#include "journal-verify.h"
goto finish;
signal(SIGWINCH, columns_lines_cache_reset);
goto finish;
signal(SIGWINCH, columns_lines_cache_reset);
if (arg_action == ACTION_NEW_ID128) {
r = generate_new_id128();
if (arg_action == ACTION_NEW_ID128) {
r = generate_new_id128();