Use json_is_true() in place of json_boolean_value() for compatibility

[trust_router.git] / mon / mons.c

/*
 * Copyright (c) 2018, JANET(UK)
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * 3. Neither the name of JANET(UK) nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

#include <talloc.h>
#include <fcntl.h>
#include <unistd.h>
#include <netdb.h>

#include <tr.h>
#include <tr_debug.h>
#include <mon_internal.h>
#include <tr_socket.h>
#include <sys/wait.h>
#include <sys/resource.h>
#include <tr_gss.h>

#include "mons_handlers.h"

static void mons_sweep_procs(MONS_INSTANCE *mons);

static int mons_destructor(void *object)
{
  MONS_INSTANCE *mons = talloc_get_type_abort(object, MONS_INSTANCE);
  if (mons->handlers)
    g_ptr_array_unref(mons->handlers);

  if (mons->pids)
    g_array_unref(mons->pids);

  return 0;
}

/**
 * Allocate a new MONS_INSTANCE
 *
 * @param mem_ctx talloc context for allocation
 * @return new MONS_INSTANCE or null on failure
 */
MONS_INSTANCE *mons_new(TALLOC_CTX *mem_ctx)
{
  MONS_INSTANCE *mons = talloc(mem_ctx, MONS_INSTANCE);

  if (mons) {
    mons->hostname = NULL;
    mons->mon_port = 0;
    mons->tids = NULL;
    mons->trps = NULL;
    mons->req_handler = NULL;
    mons->auth_handler = NULL;
    mons->cookie = NULL;

    /* Before any steps that may fail, install the destructor */
    talloc_set_destructor((void *)mons, mons_destructor);

    mons->authorized_gss_names = tr_gss_names_new(mons);
    if (mons->authorized_gss_names == NULL) {
      talloc_free(mons);
      return NULL;
    }

    mons->handlers = g_ptr_array_new();
    if (mons->handlers == NULL) {
      talloc_free(mons);
      return NULL;
    }

    mons->pids = g_array_new(FALSE, FALSE, sizeof(pid_t));
    if (mons->pids == NULL) {
      talloc_free(mons);
      return NULL;
    }
  }
  return mons;
}

/**
 * Callback to process a request and produce a response
 *
 * @param req_str JSON-encoded request
 * @param data pointer to a MONS_INSTANCE
 * @return pointer to the response string or null to send no response
 */
static TR_GSS_RC mons_req_cb(TALLOC_CTX *mem_ctx, TR_MSG *req_msg, TR_MSG **resp_msg, void *data)
{
  TALLOC_CTX *tmp_ctx = talloc_new(NULL);
  MONS_INSTANCE *mons = talloc_get_type_abort(data, MONS_INSTANCE);
  MON_REQ *req = NULL;
  MON_RESP *resp = NULL;
  TR_GSS_RC rc = TR_GSS_ERROR;

  /* Validate inputs */
  if (req_msg == NULL)
    goto cleanup;

  req = tr_msg_get_mon_req(req_msg);
  if (req == NULL) {
    /* this is an internal error */
    tr_err("mons_req_cb: Received incorrect message type (was %d, expected %d)",
           tr_msg_get_msg_type(req_msg),
           MON_REQUEST);
    /* TODO send an error response */
    goto cleanup;
  }

  /* Allocate a response message */
  *resp_msg = talloc(tmp_ctx, TR_MSG);
  if (*resp_msg == NULL) {
    /* can't return a message, just emit an error */
    tr_crit("mons_req_cb: Error allocating response message.");
    goto cleanup;
  }

  /* Handle the request */
  resp = mons_handle_request(*resp_msg, mons, req);
  if (resp == NULL) {
    /* error processing the request */
    /* TODO send back an error */
    *resp_msg = NULL; /* null this out so the caller doesn't mistake it for valid */
    goto cleanup;
  }

  /* Set the response message payload */
  tr_msg_set_mon_resp(*resp_msg, resp);

  /* Put the response message in the caller's context so it does not get freed when we exit */
  talloc_steal(mem_ctx, *resp_msg);
  rc = TR_GSS_SUCCESS;

cleanup:
  talloc_free(tmp_ctx);
  return rc;
}

/**
 * Create a listener for monitoring requests
 *
 * Accept connections with mons_accept()
 *
 * @param mons monitoring server instance
 * @param req_handler
 * @param auth_handler
 * @param hostname
 * @param port
 * @param cookie
 * @param fd_out
 * @param max_fd
 * @return
 */
int mons_get_listener(MONS_INSTANCE *mons,
                      MONS_REQ_FUNC *req_handler,
                      MONS_AUTH_FUNC *auth_handler,
                      const char *hostname,
                      int port,
                      void *cookie,
                      int *fd_out,
                      size_t max_fd)
{
  size_t n_fd=0;
  size_t ii=0;

  mons->mon_port = port;
  n_fd = tr_sock_listen_all(port, fd_out, max_fd);
  if (n_fd<=0)
    tr_err("mons_get_listener: Error opening port %d", port);
  else {
    /* opening port succeeded */
    tr_info("mons_get_listener: Opened port %d.", port);

    /* make this socket non-blocking */
    for (ii=0; ii<n_fd; ii++) {
      if (0 != fcntl(fd_out[ii], F_SETFL, O_NONBLOCK)) {
        tr_err("mons_get_listener: Error setting O_NONBLOCK.");
        for (ii=0; ii<n_fd; ii++) {
          close(fd_out[ii]);
          fd_out[ii]=-1;
        }
        n_fd=0;
        break;
      }
    }
  }

  if (n_fd>0) {
    /* store the caller's request handler & cookie */
    mons->req_handler = req_handler;
    mons->auth_handler = auth_handler;
    mons->hostname = hostname;
    mons->cookie = cookie;
  }

  return (int) n_fd;
}

/**
 * Process to handle an incoming monitoring request
 *
 * This should be run in a child process after fork(). Handles the request
 * and terminates. Never returns to the caller.
 *
 * @param mons the monitoring server instance
 * @param conn_fd file descriptor for the incoming connection
 */
static void mons_handle_proc(MONS_INSTANCE *mons, int conn_fd)
{
  struct rlimit rlim; /* for disabling core dump */

  switch(tr_gss_handle_connection(conn_fd,
                                  "trustmonitor", mons->hostname, /* acceptor name */
                                  mons->auth_handler, mons->cookie, /* auth callback and cookie */
                                  mons_req_cb, mons /* req callback and cookie */
  )) {
    case TR_GSS_SUCCESS:
      /* do nothing */
      break;

    case TR_GSS_ERROR:
      tr_debug("mons_accept: Error returned by tr_gss_handle_connection()");
      break;

    default:
      tr_err("mons_accept: Unexpected value returned by tr_gss_handle_connection()");
      break;
  }
  close(conn_fd);

  /* This ought to be an exit(0), but log4shib does not play well with fork() due to
   * threading issues. To ensure we do not get stuck in the exit handler, we will
   * abort. First disable core dump for this subprocess (the main process will still
   * dump core if the environment allows). */
  rlim.rlim_cur = 0; /* max core size of 0 */
  rlim.rlim_max = 0; /* prevent the core size limit from being raised later */
  setrlimit(RLIMIT_CORE, &rlim);
  abort(); /* exit hard */
}

/**
 * Accept and process a connection on a port opened with mons_get_listener()
 *
 * @param mons monitoring interface instance
 * @param listen FD of the connection socket
 * @return 0 on success
 */
int mons_accept(MONS_INSTANCE *mons, int listen)
{
  int conn=-1;
  int pid=-1;

  if (0 > (conn = tr_sock_accept(listen))) {
    tr_debug("mons_accept: Error accepting connection");
    return 1;
  }

  if (0 > (pid = fork())) {
    perror("Error on fork()");
    return 1;
  }

  if (pid == 0) {
    /* Only the child process gets here */
    close(listen); /* this belongs to the parent */
    mons_handle_proc(mons, conn); /* never returns */
  }

  /* Only the parent process gets here */
  close(conn); /* this belongs to the child */
  g_array_append_val(mons->pids, pid);

  /* clean up any processes that have completed */
  mons_sweep_procs(mons);

  return 0;
}

void mons_sweep_procs(MONS_INSTANCE *mons)
{
  guint ii;
  pid_t pid;
  int status;

  /* loop backwards over the array so we can remove elements as we go */
  for (ii=mons->pids->len; ii > 0; ii--) {
    /* ii-1 is the current index */
    pid = g_array_index(mons->pids, pid_t, ii-1);
    if (waitpid(pid, &status, WNOHANG) > 0) {
      /* the process exited */
      tr_debug("mons_sweep_procs: monitoring process %d terminated.", pid);

      g_array_remove_index_fast(mons->pids, ii-1); /* disturbs only indices >= ii-1 which we've already handled */
      if (WIFEXITED(status)) {
        if (WEXITSTATUS(status) == 0)
          tr_debug("mons_sweep_procs: monitoring process %d succeeded.", pid);
        else
          tr_debug("mons_sweep_procs: monitoring process %d exited with status %d.", pid, WTERMSIG(status));
      } else if (WIFSIGNALED(status)) {
        tr_debug("mons_sweep_procs: monitoring process %d terminated by signal %d.", pid, WTERMSIG(status));
      }
    }
  }
}