2 * Copyright (c) 2018, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
42 #include <mon_internal.h>
43 #include <tr_socket.h>
45 #include <sys/resource.h>
48 #include "mons_handlers.h"
50 static void mons_sweep_procs(MONS_INSTANCE *mons);
52 static int mons_destructor(void *object)
54 MONS_INSTANCE *mons = talloc_get_type_abort(object, MONS_INSTANCE);
56 g_ptr_array_unref(mons->handlers);
59 g_array_unref(mons->pids);
65 * Allocate a new MONS_INSTANCE
67 * @param mem_ctx talloc context for allocation
68 * @return new MONS_INSTANCE or null on failure
70 MONS_INSTANCE *mons_new(TALLOC_CTX *mem_ctx)
72 MONS_INSTANCE *mons = talloc(mem_ctx, MONS_INSTANCE);
75 mons->hostname = NULL;
79 mons->req_handler = NULL;
80 mons->auth_handler = NULL;
83 /* Before any steps that may fail, install the destructor */
84 talloc_set_destructor((void *)mons, mons_destructor);
86 mons->authorized_gss_names = tr_gss_names_new(mons);
87 if (mons->authorized_gss_names == NULL) {
92 mons->handlers = g_ptr_array_new();
93 if (mons->handlers == NULL) {
98 mons->pids = g_array_new(FALSE, FALSE, sizeof(pid_t));
99 if (mons->pids == NULL) {
108 * Callback to process a request and produce a response
110 * @param req_str JSON-encoded request
111 * @param data pointer to a MONS_INSTANCE
112 * @return pointer to the response string or null to send no response
114 static TR_GSS_RC mons_req_cb(TALLOC_CTX *mem_ctx, TR_MSG *req_msg, TR_MSG **resp_msg, void *data)
116 TALLOC_CTX *tmp_ctx = talloc_new(NULL);
117 MONS_INSTANCE *mons = talloc_get_type_abort(data, MONS_INSTANCE);
119 MON_RESP *resp = NULL;
120 TR_GSS_RC rc = TR_GSS_ERROR;
122 /* Validate inputs */
126 req = tr_msg_get_mon_req(req_msg);
128 /* this is an internal error */
129 tr_err("mons_req_cb: Received incorrect message type (was %d, expected %d)",
130 tr_msg_get_msg_type(req_msg),
132 /* TODO send an error response */
136 /* Allocate a response message */
137 *resp_msg = talloc(tmp_ctx, TR_MSG);
138 if (*resp_msg == NULL) {
139 /* can't return a message, just emit an error */
140 tr_crit("mons_req_cb: Error allocating response message.");
144 /* Handle the request */
145 resp = mons_handle_request(*resp_msg, mons, req);
147 /* error processing the request */
148 /* TODO send back an error */
152 /* Set the response message payload */
153 tr_msg_set_mon_resp(*resp_msg, resp);
155 /* Put the response message in the caller's context so it does not get freed when we exit */
156 talloc_steal(mem_ctx, *resp_msg);
160 talloc_free(tmp_ctx);
165 * Create a listener for monitoring requests
167 * Accept connections with mons_accept()
169 * @param mons monitoring server instance
171 * @param auth_handler
179 int mons_get_listener(MONS_INSTANCE *mons,
180 MONS_REQ_FUNC *req_handler,
181 MONS_AUTH_FUNC *auth_handler,
182 const char *hostname,
191 mons->mon_port = port;
192 n_fd = tr_sock_listen_all(port, fd_out, max_fd);
194 tr_err("mons_get_listener: Error opening port %d", port);
196 /* opening port succeeded */
197 tr_info("mons_get_listener: Opened port %d.", port);
199 /* make this socket non-blocking */
200 for (ii=0; ii<n_fd; ii++) {
201 if (0 != fcntl(fd_out[ii], F_SETFL, O_NONBLOCK)) {
202 tr_err("mons_get_listener: Error setting O_NONBLOCK.");
203 for (ii=0; ii<n_fd; ii++) {
214 /* store the caller's request handler & cookie */
215 mons->req_handler = req_handler;
216 mons->auth_handler = auth_handler;
217 mons->hostname = hostname;
218 mons->cookie = cookie;
225 * Process to handle an incoming monitoring request
227 * This should be run in a child process after fork(). Handles the request
228 * and terminates. Never returns to the caller.
230 * @param mons the monitoring server instance
231 * @param conn_fd file descriptor for the incoming connection
233 static void mons_handle_proc(MONS_INSTANCE *mons, int conn_fd)
235 struct rlimit rlim; /* for disabling core dump */
237 switch(tr_gss_handle_connection(conn_fd,
238 "trustmonitor", mons->hostname, /* acceptor name */
239 mons->auth_handler, mons->cookie, /* auth callback and cookie */
240 mons_req_cb, mons /* req callback and cookie */
247 tr_debug("mons_accept: Error returned by tr_gss_handle_connection()");
251 tr_err("mons_accept: Unexpected value returned by tr_gss_handle_connection()");
256 /* This ought to be an exit(0), but log4shib does not play well with fork() due to
257 * threading issues. To ensure we do not get stuck in the exit handler, we will
258 * abort. First disable core dump for this subprocess (the main process will still
259 * dump core if the environment allows). */
260 rlim.rlim_cur = 0; /* max core size of 0 */
261 rlim.rlim_max = 0; /* prevent the core size limit from being raised later */
262 setrlimit(RLIMIT_CORE, &rlim);
263 abort(); /* exit hard */
267 * Accept and process a connection on a port opened with mons_get_listener()
269 * @param mons monitoring interface instance
270 * @param listen FD of the connection socket
271 * @return 0 on success
273 int mons_accept(MONS_INSTANCE *mons, int listen)
278 if (0 > (conn = tr_sock_accept(listen))) {
279 tr_debug("mons_accept: Error accepting connection");
283 if (0 > (pid = fork())) {
284 perror("Error on fork()");
289 /* Only the child process gets here */
290 close(listen); /* this belongs to the parent */
291 mons_handle_proc(mons, conn); /* never returns */
294 /* Only the parent process gets here */
295 close(conn); /* this belongs to the child */
296 g_array_append_val(mons->pids, pid);
298 /* clean up any processes that have completed */
299 mons_sweep_procs(mons);
304 void mons_sweep_procs(MONS_INSTANCE *mons)
310 /* loop backwards over the array so we can remove elements as we go */
311 for (ii=mons->pids->len; ii > 0; ii--) {
312 /* ii-1 is the current index */
313 pid = g_array_index(mons->pids, pid_t, ii-1);
314 if (waitpid(pid, &status, WNOHANG) > 0) {
315 /* the process exited */
316 tr_debug("mons_sweep_procs: monitoring process %d terminated.", pid);
318 g_array_remove_index_fast(mons->pids, ii-1); /* disturbs only indices >= ii-1 which we've already handled */
319 if (WIFEXITED(status)) {
320 if (WEXITSTATUS(status) == 0)
321 tr_debug("mons_sweep_procs: monitoring process %d succeeded.", pid);
323 tr_debug("mons_sweep_procs: monitoring process %d exited with status %d.", pid, WTERMSIG(status));
324 } else if (WIFSIGNALED(status)) {
325 tr_debug("mons_sweep_procs: monitoring process %d terminated by signal %d.", pid, WTERMSIG(status));