#define REMOTE_JOURNAL_PATH "/var/log/journal/remote"
-#define KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
-#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
-#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
+#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
+#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
+#define TRUST_FILE CERTIFICATE_ROOT "/ca/trusted.pem"
static char* arg_url = NULL;
static char* arg_getter = NULL;
_cleanup_strv_free_ char **words = NULL;
assert(getter);
- words = strv_split_quoted(getter);
- if (!words)
- return log_oom();
+ r = strv_split_quoted(&words, getter);
+ if (r < 0) {
+ log_error("Failed to split getter option: %s", strerror(-r));
+ return r;
+ }
r = strv_extend(&words, url);
if (r < 0) {
r = safe_atoi(spec, &fd);
if (r < 0)
return r;
+ if (fd < 0)
+ return -EINVAL;
- return -1;
+ return fd;
}
-
static int remoteserver_init(RemoteServer *s,
const char* key,
const char* cert,
const char* trust) {
int r, n, fd;
- const char *output_name = NULL;
char **file;
assert(s);
-
if ((arg_listen_raw || arg_listen_http) && trust) {
log_error("Option --trust makes all non-HTTPS connections untrusted.");
return -EINVAL;
fd, strerror(-r));
return r;
}
-
- output_name = "socket";
}
if (arg_url) {
r = add_source(s, fd, (char*) hostname, false);
if (r < 0)
return r;
-
- output_name = arg_url;
}
if (arg_listen_raw) {
r = setup_raw_socket(s, arg_listen_raw);
if (r < 0)
return r;
-
- output_name = arg_listen_raw;
}
if (arg_listen_http) {
r = setup_microhttpd_socket(s, arg_listen_http, NULL, NULL, NULL);
if (r < 0)
return r;
-
- output_name = arg_listen_http;
}
if (arg_listen_https) {
r = setup_microhttpd_socket(s, arg_listen_https, key, cert, trust);
if (r < 0)
return r;
-
- output_name = arg_listen_https;
}
STRV_FOREACH(file, arg_files) {
+ const char *output_name;
+
if (streq(*file, "-")) {
log_info("Using standard input as source.");
return -EINVAL;
}
- if (!!n + !!arg_url + !!arg_listen_raw + !!arg_files)
- output_name = "multiple";
-
r = init_writer_hashmap(s);
if (r < 0)
return r;
{ "Remote", "ServerCertificateFile", config_parse_path, 0, &arg_cert },
{ "Remote", "TrustedCertificateFile", config_parse_path, 0, &arg_trust },
{}};
- int r;
-
- r = config_parse(NULL, PKGSYSCONFDIR "/journal-remote.conf", NULL,
- "Remote\0",
- config_item_table_lookup, items,
- false, false, NULL);
- if (r < 0)
- log_error("Failed to parse configuration file: %s", strerror(-r));
- return r;
+ return config_parse(NULL, PKGSYSCONFDIR "/journal-remote.conf", NULL,
+ "Remote\0",
+ config_item_table_lookup, items,
+ false, false, true, NULL);
}
static void help(void) {
" --[no-]compress Use XZ-compression in the output journal (default: yes)\n"
" --[no-]seal Use Event sealing in the output journal (default: no)\n"
" --key=FILENAME Specify key in PEM format (default:\n"
- " \"" KEY_FILE "\")\n"
+ " \"" PRIV_KEY_FILE "\")\n"
" --cert=FILENAME Specify certificate in PEM format (default:\n"
" \"" CERT_FILE "\")\n"
" --trust=FILENAME|all Specify CA certificate or disable checking (default:\n"
case ARG_GNUTLS_LOG: {
#ifdef HAVE_GNUTLS
- char *word, *state;
+ const char *word, *state;
size_t size;
FOREACH_WORD_SEPARATOR(word, size, optarg, ",", state) {
return -EINVAL;
default:
- log_error("Unknown option code %c", c);
- return -EINVAL;
+ assert_not_reached("Unknown option code.");
}
if (optind < argc)
static int load_certificates(char **key, char **cert, char **trust) {
int r;
- r = read_full_file(arg_key ?: KEY_FILE, key, NULL);
+ r = read_full_file(arg_key ?: PRIV_KEY_FILE, key, NULL);
if (r < 0) {
log_error("Failed to read key from file '%s': %s",
- arg_key ?: KEY_FILE, strerror(-r));
+ arg_key ?: PRIV_KEY_FILE, strerror(-r));
return r;
}