along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
#include <fcntl.h>
#include <getopt.h>
-
-#include <microhttpd.h>
-
#ifdef HAVE_GNUTLS
#include <gnutls/gnutls.h>
#endif
+#include <microhttpd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
-#include "log.h"
-#include "util.h"
-#include "sd-journal.h"
-#include "sd-daemon.h"
#include "sd-bus.h"
+#include "sd-daemon.h"
+#include "sd-journal.h"
+
#include "bus-util.h"
+#include "fd-util.h"
+#include "fileio.h"
+#include "hostname-util.h"
+#include "log.h"
#include "logs-show.h"
#include "microhttpd-util.h"
-#include "build.h"
-#include "fileio.h"
+#include "parse-util.h"
+#include "sigbus.h"
+#include "util.h"
-static char *key_pem = NULL;
-static char *cert_pem = NULL;
-static char *trust_pem = NULL;
+static char *arg_key_pem = NULL;
+static char *arg_cert_pem = NULL;
+static char *arg_trust_pem = NULL;
typedef struct RequestMeta {
sd_journal *journal;
if (!m)
return;
- if (m->journal)
- sd_journal_close(m->journal);
+ sd_journal_close(m->journal);
- if (m->tmp)
- fclose(m->tmp);
+ safe_fclose(m->tmp);
free(m->cursor);
free(m);
return sd_journal_open(&m->journal, SD_JOURNAL_LOCAL_ONLY|SD_JOURNAL_SYSTEM);
}
+static int request_meta_ensure_tmp(RequestMeta *m) {
+ if (m->tmp)
+ rewind(m->tmp);
+ else {
+ int fd;
+
+ fd = open_tmpfile("/tmp", O_RDWR|O_CLOEXEC);
+ if (fd < 0)
+ return fd;
+
+ m->tmp = fdopen(fd, "w+");
+ if (!m->tmp) {
+ safe_close(fd);
+ return -errno;
+ }
+ }
+
+ return 0;
+}
+
static ssize_t request_reader_entries(
void *cls,
uint64_t pos,
r = sd_journal_next(m->journal);
if (r < 0) {
- log_error("Failed to advance journal pointer: %s", strerror(-r));
+ log_error_errno(r, "Failed to advance journal pointer: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
} else if (r == 0) {
if (m->follow) {
r = sd_journal_wait(m->journal, (uint64_t) -1);
if (r < 0) {
- log_error("Couldn't wait for journal event: %s", strerror(-r));
+ log_error_errno(r, "Couldn't wait for journal event: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
r = sd_journal_test_cursor(m->journal, m->cursor);
if (r < 0) {
- log_error("Failed to test cursor: %s", strerror(-r));
+ log_error_errno(r, "Failed to test cursor: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
m->n_skip = 0;
- if (m->tmp)
- rewind(m->tmp);
- else {
- m->tmp = tmpfile();
- if (!m->tmp) {
- log_error("Failed to create temporary file: %m");
- return MHD_CONTENT_READER_END_WITH_ERROR;
- }
+ r = request_meta_ensure_tmp(m);
+ if (r < 0) {
+ log_error_errno(r, "Failed to create temporary file: %m");
+ return MHD_CONTENT_READER_END_WITH_ERROR;
}
r = output_journal(m->tmp, m->journal, m->mode, 0, OUTPUT_FULL_WIDTH, NULL);
if (r < 0) {
- log_error("Failed to serialize item: %s", strerror(-r));
+ log_error_errno(r, "Failed to serialize item: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
sz = ftello(m->tmp);
if (sz == (off_t) -1) {
- log_error("Failed to retrieve file position: %m");
+ log_error_errno(errno, "Failed to retrieve file position: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
}
if (fseeko(m->tmp, pos, SEEK_SET) < 0) {
- log_error("Failed to seek to position: %m");
+ log_error_errno(errno, "Failed to seek to position: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
return -ENOMEM;
m->cursor[strcspn(m->cursor, WHITESPACE)] = 0;
- if (isempty(m->cursor)) {
- free(m->cursor);
- m->cursor = NULL;
- }
+ if (isempty(m->cursor))
+ m->cursor = mfree(m->cursor);
return 0;
}
r = sd_id128_get_boot(&bid);
if (r < 0) {
- log_error("Failed to get boot ID: %s", strerror(-r));
+ log_error_errno(r, "Failed to get boot ID: %m");
return MHD_NO;
}
r = sd_journal_enumerate_unique(m->journal, &d, &l);
if (r < 0) {
- log_error("Failed to advance field index: %s", strerror(-r));
+ log_error_errno(r, "Failed to advance field index: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
} else if (r == 0)
return MHD_CONTENT_READER_END_OF_STREAM;
if (m->n_fields_set)
m->n_fields -= 1;
- if (m->tmp)
- rewind(m->tmp);
- else {
- m->tmp = tmpfile();
- if (!m->tmp) {
- log_error("Failed to create temporary file: %m");
- return MHD_CONTENT_READER_END_WITH_ERROR;
- }
+ r = request_meta_ensure_tmp(m);
+ if (r < 0) {
+ log_error_errno(r, "Failed to create temporary file: %m");
+ return MHD_CONTENT_READER_END_WITH_ERROR;
}
r = output_field(m->tmp, m->mode, d, l);
if (r < 0) {
- log_error("Failed to serialize item: %s", strerror(-r));
+ log_error_errno(r, "Failed to serialize item: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
sz = ftello(m->tmp);
if (sz == (off_t) -1) {
- log_error("Failed to retrieve file position: %m");
+ log_error_errno(errno, "Failed to retrieve file position: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
}
if (fseeko(m->tmp, pos, SEEK_SET) < 0) {
- log_error("Failed to seek to position: %m");
+ log_error_errno(errno, "Failed to seek to position: %m");
return MHD_CONTENT_READER_END_WITH_ERROR;
}
RequestMeta *m = connection_cls;
int r;
_cleanup_free_ char* hostname = NULL, *os_name = NULL;
- uint64_t cutoff_from = 0, cutoff_to = 0, usage;
+ uint64_t cutoff_from = 0, cutoff_to = 0, usage = 0;
char *json;
sd_id128_t mid, bid;
_cleanup_free_ char *v = NULL;
return mhd_respondf(connection, MHD_HTTP_INTERNAL_SERVER_ERROR, "Failed to determine disk usage: %s\n", strerror(-r));
if (parse_env_file("/etc/os-release", NEWLINE, "PRETTY_NAME", &os_name, NULL) == -ENOENT)
- parse_env_file("/usr/lib/os-release", NEWLINE, "PRETTY_NAME", &os_name, NULL);
+ (void) parse_env_file("/usr/lib/os-release", NEWLINE, "PRETTY_NAME", &os_name, NULL);
get_virtualization(&v);
"\"cutoff_to_realtime\" : \"%"PRIu64"\" }\n",
SD_ID128_FORMAT_VAL(mid),
SD_ID128_FORMAT_VAL(bid),
- hostname_cleanup(hostname, false),
+ hostname_cleanup(hostname),
os_name ? os_name : "Linux",
v ? v : "bare",
usage,
return MHD_YES;
}
- if (trust_pem) {
- r = check_permissions(connection, &code);
+ if (arg_trust_pem) {
+ r = check_permissions(connection, &code, NULL);
if (r < 0)
return code;
}
return mhd_respond(connection, MHD_HTTP_NOT_FOUND, "Not found.\n");
}
-static int help(void) {
-
+static void help(void) {
printf("%s [OPTIONS...] ...\n\n"
"HTTP server for journal events.\n\n"
" -h --help Show this help\n"
" --key=KEY.PEM Server key in PEM format\n"
" --trust=CERT.PEM Certificat authority certificate in PEM format\n",
program_invocation_short_name);
-
- return 0;
}
static int parse_argv(int argc, char *argv[]) {
switch(c) {
case 'h':
- return help();
+ help();
+ return 0;
case ARG_VERSION:
- puts(PACKAGE_STRING);
- puts(SYSTEMD_FEATURES);
- return 0;
+ return version();
case ARG_KEY:
- if (key_pem) {
+ if (arg_key_pem) {
log_error("Key file specified twice");
return -EINVAL;
}
- r = read_full_file(optarg, &key_pem, NULL);
- if (r < 0) {
- log_error("Failed to read key file: %s", strerror(-r));
- return r;
- }
- assert(key_pem);
+ r = read_full_file(optarg, &arg_key_pem, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to read key file: %m");
+ assert(arg_key_pem);
break;
case ARG_CERT:
- if (cert_pem) {
+ if (arg_cert_pem) {
log_error("Certificate file specified twice");
return -EINVAL;
}
- r = read_full_file(optarg, &cert_pem, NULL);
- if (r < 0) {
- log_error("Failed to read certificate file: %s", strerror(-r));
- return r;
- }
- assert(cert_pem);
+ r = read_full_file(optarg, &arg_cert_pem, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to read certificate file: %m");
+ assert(arg_cert_pem);
break;
case ARG_TRUST:
#ifdef HAVE_GNUTLS
- if (trust_pem) {
+ if (arg_trust_pem) {
log_error("CA certificate file specified twice");
return -EINVAL;
}
- r = read_full_file(optarg, &trust_pem, NULL);
- if (r < 0) {
- log_error("Failed to read CA certificate file: %s", strerror(-r));
- return r;
- }
- assert(trust_pem);
+ r = read_full_file(optarg, &arg_trust_pem, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to read CA certificate file: %m");
+ assert(arg_trust_pem);
break;
#else
log_error("Option --trust is not available.");
return -EINVAL;
}
- if (!!key_pem != !!cert_pem) {
+ if (!!arg_key_pem != !!arg_cert_pem) {
log_error("Certificate and key files must be specified together");
return -EINVAL;
}
- if (trust_pem && !key_pem) {
+ if (arg_trust_pem && !arg_key_pem) {
log_error("CA certificate can only be used with certificate file");
return -EINVAL;
}
if (r == 0)
return EXIT_SUCCESS;
-#ifdef HAVE_GNUTLS
- gnutls_global_set_log_function(log_func_gnutls);
- log_reset_gnutls_level();
-#endif
+ sigbus_install();
+
+ r = setup_gnutls_logger(NULL);
+ if (r < 0)
+ return EXIT_FAILURE;
n = sd_listen_fds(1);
if (n < 0) {
- log_error("Failed to determine passed sockets: %s", strerror(-n));
+ log_error_errno(n, "Failed to determine passed sockets: %m");
goto finish;
} else if (n > 1) {
log_error("Can't listen on more than one socket.");
{ MHD_OPTION_END, 0, NULL },
{ MHD_OPTION_END, 0, NULL }};
int opts_pos = 2;
- int flags = MHD_USE_THREAD_PER_CONNECTION|MHD_USE_POLL|MHD_USE_DEBUG;
+
+ /* We force MHD_USE_PIPE_FOR_SHUTDOWN here, in order
+ * to make sure libmicrohttpd doesn't use shutdown()
+ * on our listening socket, which would break socket
+ * re-activation. See
+ *
+ * https://lists.gnu.org/archive/html/libmicrohttpd/2015-09/msg00014.html
+ * https://github.com/systemd/systemd/pull/1286
+ */
+
+ int flags =
+ MHD_USE_DEBUG |
+ MHD_USE_DUAL_STACK |
+ MHD_USE_PIPE_FOR_SHUTDOWN |
+ MHD_USE_POLL |
+ MHD_USE_THREAD_PER_CONNECTION;
if (n > 0)
opts[opts_pos++] = (struct MHD_OptionItem)
{MHD_OPTION_LISTEN_SOCKET, SD_LISTEN_FDS_START};
- if (key_pem) {
- assert(cert_pem);
+ if (arg_key_pem) {
+ assert(arg_cert_pem);
opts[opts_pos++] = (struct MHD_OptionItem)
- {MHD_OPTION_HTTPS_MEM_KEY, 0, key_pem};
+ {MHD_OPTION_HTTPS_MEM_KEY, 0, arg_key_pem};
opts[opts_pos++] = (struct MHD_OptionItem)
- {MHD_OPTION_HTTPS_MEM_CERT, 0, cert_pem};
+ {MHD_OPTION_HTTPS_MEM_CERT, 0, arg_cert_pem};
flags |= MHD_USE_SSL;
}
- if (trust_pem) {
+ if (arg_trust_pem) {
assert(flags & MHD_USE_SSL);
opts[opts_pos++] = (struct MHD_OptionItem)
- {MHD_OPTION_HTTPS_MEM_TRUST, 0, trust_pem};
+ {MHD_OPTION_HTTPS_MEM_TRUST, 0, arg_trust_pem};
}
d = MHD_start_daemon(flags, 19531,