From owner-p4-projects@FreeBSD.ORG Wed Jun 23 03:11:21 2010 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 339DB1065672; Wed, 23 Jun 2010 03:11:21 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DEB42106564A for ; Wed, 23 Jun 2010 03:11:20 +0000 (UTC) (envelope-from ligregni@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id CB6E88FC0A for ; Wed, 23 Jun 2010 03:11:20 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o5N3BK5r028222 for ; Wed, 23 Jun 2010 03:11:20 GMT (envelope-from ligregni@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o5N3BKZg028220 for perforce@freebsd.org; Wed, 23 Jun 2010 03:11:20 GMT (envelope-from ligregni@FreeBSD.org) Date: Wed, 23 Jun 2010 03:11:20 GMT Message-Id: <201006230311.o5N3BKZg028220@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to ligregni@FreeBSD.org using -f From: Sergio Ligregni To: Perforce Change Reviews Precedence: bulk Cc: Subject: PERFORCE change 180137 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2010 03:11:21 -0000 http://p4web.freebsd.org/@@180137?ac=10 Change 180137 by ligregni@ligPhenom on 2010/06/23 03:10:23 Some work on the master daemon we can now connect to master and send the path and MD5 checksum of a file to ask server if the trail is there Affected files ... .. //depot/projects/soc2010/disaudit/damasterd.c#2 edit .. //depot/projects/soc2010/disaudit/damasterd.h#2 edit .. //depot/projects/soc2010/disaudit/msocket_work.c#2 edit .. //depot/projects/soc2010/disaudit/msocket_work.h#2 edit .. //depot/projects/soc2010/disaudit/shipd.c#5 edit .. //depot/projects/soc2010/disaudit/shipd.h#5 edit .. //depot/projects/soc2010/disaudit/ssocket_work.c#3 edit .. //depot/projects/soc2010/disaudit/ssocket_work.h#3 edit Differences ... ==== //depot/projects/soc2010/disaudit/damasterd.c#2 (text+ko) ==== @@ -27,8 +27,8 @@ /*** INCLUDES ***/ -#include "shipd.h" -#include "ssocket_work.h" +#include "damasterd.h" +#include "msocket_work.h" #include #include #include @@ -41,11 +41,66 @@ /*** DECLARATIONS ***/ +/* Directory settings took from audit_control */ +char slave_trails_dir[MAX_DIR_SIZE + 1]; +char *ptr_std; +int slave_dirs; + +/* The level of trust the shipping process will have (0 means disabled) */ +int panic_level; + +/* Port number */ +int port_number; + /* The destination of the messages are controlled by this variable */ int debug; +/* Socket buffer management */ +char buffer[MAX_BUF_SIZE + 1]; +int brecv; + main(int argc, char *argv[]) { + char cl_opt; + int last = 0; + + debug = 0; + + while ((cl_opt = getopt(argc, argv, "dl")) != -1) + switch (cl_opt) + { + case 'd': + /* Debug option */ + debug = 1; + break; + } + + /* If not debugging, daemonize the program */ + if (debug == 0 && daemon(0,0) != 0) + { + perror("Can't daemonize, exiting!"); + exit(1); + } + + /* Set the directory path, the host address, the panic level */ + if (get_parameters() == -1) + { + to_log("Can't get the parameters to work!"); + exit(1); + } + + ptr_std = slave_trails_dir + strlen(slave_trails_dir); + + /* There is no shipd enabled and it wasn't called by AUDIT (normally the unique way to get 'last' on) */ + if (panic_level == 0) + { + to_log("DAMasterd disabled"); + exit(0); + } + + if (do_master_daemon() == -1) + exit(1); + return 0; } @@ -59,3 +114,150 @@ } +do_master_daemon() +{ + int socketfd, newsockfd, childpid; + char message[256]; + char client_host[256]; + struct sockaddr clientinfo; + + if ((socketfd = init_socket(port_number)) < 0) + { + sprintf(message, "Error initializing socket on port %d", port_number); + to_log(message); + return -1; + } + + while (1) + { + newsockfd = accept_connection(socketfd, &clientinfo); + + if (newsockfd < 0) + { + sprintf(message, "Error accepting client connections"); + to_log(message); + return -1; + } + + if ((childpid = fork()) < 0) + { + to_log("Error forking the process"); + return -1; + } + else if (childpid == 0) + { + debug = 0; + if (process_request(newsockfd, &clientinfo) == -1) + { + to_log("Error processing client's request"); + return -1; + } + close(socketfd); + } + + close(newsockfd); + } + + return 0; +} + +get_parameters() +{ + /* GSoC: using an special file, intended to include this values at audit_control */ + FILE *fpars = fopen("/etc/security/damasterd_control", "r"); + + char sslave_dirs[10]; + + if (!fpars) + return -1; + + if (feof(fpars)) + return -1; + + fscanf(fpars, "%s", slave_trails_dir); + fscanf(fpars, "%s", sslave_dirs); + fscanf(fpars, "%d", &panic_level); + fscanf(fpars, "%d", &port_number); + + if (strcmp(sslave_dirs, "no")) + slave_dirs = 1; + else + slave_dirs = 0; + + return 0; +} + +process_request(int sfd, struct sockaddr *clientinfo) +{ + int res = -1; + + char opt[1]; + + get_from_socket(sfd, opt); + + switch(opt[0]) + { + case '1': /* The request is about searching for a file */ + res = search_trail(sfd, clientinfo); + break; + case '2': /* The request is about receiving a trail */ + res = receive_trail(sfd, clientinfo); + break; + default: + to_log("Can't understand user's request!"); + } + + close(sfd); + + return res; +} + +search_trail(int sfd, struct sockaddr *clientinfo) +{ + char hbuf[NI_MAXHOST+1]; + char message[MAX_PATH_SIZE + 50]; + char hostname[NI_MAXHOST+1]; + char path[MAX_TRAILPATH_SIZE+1], md5slave[33]; + + get_from_socket(sfd, path); + get_from_socket(sfd, md5slave); + + strcpy(hostname, inet_ntoa(((struct sockaddr_in *) clientinfo)->sin_addr)); + + if (getnameinfo(clientinfo, clientinfo->sa_len, hbuf, sizeof(hbuf), NULL, 0, NI_NAMEREQD)) + to_log("Couldn't resolve hostname, using IP address"); + else + strcpy(hostname, hbuf); + + sprintf(message, "Looking for \"%s\" from \"%s\" with MD5: \"%s\"", path, hostname, md5slave); + to_log(message); + + return 1; +} + +void +get_from_socket(int sfd, char *dest) +{ + int len, left; + char *ptr; + brecv = recv(sfd, buffer, sizeof(int), 0); + strncpy((char *) &len, buffer, sizeof(int)); + + left = len; + ptr = dest; + + while (left > 0) + { + brecv = recv(sfd, buffer, min(MAX_BUF_SIZE, left), 0); + buffer[brecv] = 0; + strcpy(ptr, buffer); + ptr += brecv; + left -= brecv; + } +} + +receive_trail(int sfd, struct sockaddr *clientinfo) +{ + return 0; +} + ==== //depot/projects/soc2010/disaudit/damasterd.h#2 (text+ko) ==== @@ -28,6 +28,25 @@ #ifndef _DAMASTERD_H_ #define _DAMASTERD_H_ +#define MAX_DIR_SIZE 255 +#define MAX_BUF_SIZE 1024 +#define MAX_PATH_SIZE MAX_DIR_SIZE + 50 +#define MAX_HOST_SIZE 255 +#define MAX_TRAILPATH_SIZE 29 + +#define min(a,b) (a < b ? a : b) + +#include +#include +#include +#include + void to_log(char *); +int get_parameters(); +int do_master_daemon(); +int process_request(int, struct sockaddr *); +int search_trail(int, struct sockaddr *); +int receive_trail(int, struct sockaddr *); +void get_from_socket(int, char *); #endif ==== //depot/projects/soc2010/disaudit/msocket_work.c#2 (text+ko) ==== @@ -35,69 +35,14 @@ #include #include -int -do_socket_check_file(char *host, int port, char *path, char *fullpath, char *md5) +init_socket(int port) { + struct sockaddr_in sockaddr; int sockfd; - if (init_socket(host, port, &sockfd) == -1) - return -1; - - return -1; -} - -int -is_ipv4(char *address) -{ - int points=0, last_point=0, i, len=strlen(address); - - /* Here we will check if the string is a valid IPv4 address */ - - for(i=0; i last_point+1) /* Counting the points and making sure there are no two consecutive points */ - { - last_point = i; - ++points; - } - else if (!isdigit(address[i])) - break; - - if (points == 3 && i == len) - return 1; - return 0; -} - -int -init_socket(char *host, int port, int *sfd) -{ - struct sockaddr_in sockaddr; - struct in_addr inaddr; - struct hostent *hostentry = NULL; - char message[256]; - int sockfd, res; - char ipv4[16]; - - if (!is_ipv4(host)) - { - hostentry = gethostbyname(host); - if (!hostentry) - { - to_log("Error gettig the host"); - return -1; - } - - sprintf(message, "Got for the host: %s the IPv4 address: %s", host, inet_ntoa(*((struct in_addr *)hostentry->h_addr))); - to_log(message); - } - sockfd = socket(PF_INET, SOCK_STREAM, 0); - if (sockfd == -1) + if (sockfd < 0) { to_log("Cannot create socket!"); return -1; @@ -106,21 +51,31 @@ bzero(&sockaddr, sizeof(sockaddr)); sockaddr.sin_family = AF_INET; - sockaddr.sin_addr.s_addr = hostentry != NULL ? ((struct in_addr *) hostentry->h_addr)->s_addr : inet_addr(host); + sockaddr.sin_addr.s_addr = htonl(INADDR_ANY); sockaddr.sin_port = htons(port); - res = connect(sockfd, (struct sockaddr *) &sockaddr, sizeof(sockaddr)); - - if (res < 0) + if (bind(sockfd, (struct sockaddr *) &sockaddr, sizeof(sockaddr)) < 0) { - to_log("Can't connect to server!"); + to_log("Cannot bind to port"); return -1; } - sprintf(message, "Successfully connected to: %s", hostentry != NULL ? inet_ntoa(*((struct in_addr *) hostentry->h_addr)) : host); - to_log(message); + listen(sockfd, 500); + + return sockfd; +} + +accept_connection(int sfd, struct sockaddr *clientinfo) +{ + struct sockaddr_in clientaddr; + int clientlen = sizeof(clientaddr); + int retval = 0; + + retval = accept(sfd, (struct sockaddr *) &clientaddr, &clientlen); + + if (retval >= 0) + clientinfo = (struct sockaddr *) &clientaddr; - *sfd = sockfd; - return 0; + return retval; } ==== //depot/projects/soc2010/disaudit/msocket_work.h#2 (text+ko) ==== @@ -28,7 +28,9 @@ #ifndef _SSOCKET_WORK_H_ #define _SSOCKET_WORK_H_ -int do_socket_check_file(char *, int, char *, char *, char *); -int init_socket(char *, int, int *); +#include + +int init_socket(int); +int accept_connection(int, struct sockaddr *); #endif ==== //depot/projects/soc2010/disaudit/shipd.c#5 (text+ko) ==== @@ -125,6 +125,8 @@ fscanf(fpars, "%d", &msec_freq); fscanf(fpars, "%d", &port_number); + fclose(fpars); + return 0; } @@ -168,7 +170,6 @@ * closed trail in meaning of lexicographic * order (that is also a chronological one) */ -int get_last_trail(char *path) { DIR *dp; @@ -227,7 +228,6 @@ * so we must ensure we will only deal with the ones * that are trails */ -int is_audit_trail(char *path) { /* @@ -261,7 +261,6 @@ } } -int send_trail(char *path) { return 0; @@ -272,7 +271,8 @@ * newest correct trail and sync from it to the last * closed trail */ -void do_daemon_date() +void +do_daemon_date() { DIR *dp; struct dirent *dirp; @@ -384,7 +384,7 @@ * that an audit trail is older than the other one * according their lexicographic value */ -int cmp_trails (const void *A, const void *B) +cmp_trails (const void *A, const void *B) { if (strcmp(*((char **)A), *((char **)B)) < 0) return 1; @@ -399,7 +399,7 @@ * checksums on both systems are not equal, then the function * will return "false" since an incomplete trail is not valid here. */ -int is_in_master(char *path, char *fullpath) +is_in_master(char *path, char *fullpath) { char *md5 = (char *) malloc (sizeof(char) * 33); char message[MAX_PATH_SIZE + 33]; @@ -412,7 +412,7 @@ to_log(message); /* Included in socket_work.c, this intended to implement SSL later */ - if (do_socket_check_file(master_host, port_number, path, fullpath, md5) == -1) + if (do_socket_check_file(master_host, port_number, path, md5) == -1) ret_val = 0; free(md5); @@ -425,7 +425,8 @@ * This function will make sure that ALL the trails * of the slave system are on master system */ -void do_daemon_all() +void +do_daemon_all() { DIR *dp; struct dirent *dirp; ==== //depot/projects/soc2010/disaudit/shipd.h#5 (text+ko) ==== ==== //depot/projects/soc2010/disaudit/ssocket_work.c#3 (text+ko) ==== @@ -34,19 +34,33 @@ #include #include #include +#include "ssocket_work.h" -int -do_socket_check_file(char *host, int port, char *path, char *fullpath, char *md5) +do_socket_check_file(char *host, int port, char *path, char *md5) { int sockfd; if (init_socket(host, port, &sockfd) == -1) return -1; + send_to_socket(sockfd, "1"); + send_to_socket(sockfd, path); + send_to_socket(sockfd, md5); + + close(sockfd); + return -1; } -int +void +send_to_socket(int sfd, char *data) +{ + int len = strlen(data); + + send(sfd, &len, sizeof(int), 0); + send(sfd, data, len, 0); +} + is_ipv4(char *address) { int points=0, last_point=0, i, len=strlen(address); @@ -72,7 +86,6 @@ return 0; } -int init_socket(char *host, int port, int *sfd) { struct sockaddr_in sockaddr; ==== //depot/projects/soc2010/disaudit/ssocket_work.h#3 (text+ko) ==== @@ -28,7 +28,8 @@ #ifndef _SSOCKET_WORK_H_ #define _SSOCKET_WORK_H_ -int do_socket_check_file(char *, int, char *, char *, char *); +int do_socket_check_file(char *, int, char *, char *); int init_socket(char *, int, int *); +void send_to_socket(int, char *); #endif