diff options
Diffstat (limited to 'usr.sbin/hoststated')
-rw-r--r-- | usr.sbin/hoststated/check_icmp.c | 31 | ||||
-rw-r--r-- | usr.sbin/hoststated/check_tcp.c | 52 | ||||
-rw-r--r-- | usr.sbin/hoststated/hce.c | 28 | ||||
-rw-r--r-- | usr.sbin/hoststated/hoststated.c | 14 | ||||
-rw-r--r-- | usr.sbin/hoststated/hoststated.h | 48 | ||||
-rw-r--r-- | usr.sbin/hoststated/parse.y | 181 | ||||
-rw-r--r-- | usr.sbin/hoststated/pfe.c | 155 | ||||
-rw-r--r-- | usr.sbin/hoststated/pfe_filter.c | 38 | ||||
-rw-r--r-- | usr.sbin/hoststated/relay.c | 29 | ||||
-rw-r--r-- | usr.sbin/hoststated/ssl.c | 28 |
10 files changed, 323 insertions, 281 deletions
diff --git a/usr.sbin/hoststated/check_icmp.c b/usr.sbin/hoststated/check_icmp.c index 1f2bf1e71e5..3bec6056d89 100644 --- a/usr.sbin/hoststated/check_icmp.c +++ b/usr.sbin/hoststated/check_icmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: check_icmp.c,v 1.14 2007/02/23 00:28:06 deraadt Exp $ */ +/* $OpenBSD: check_icmp.c,v 1.15 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -78,7 +78,7 @@ schedule_icmp(struct hoststated *env, struct host *host) host->last_up = host->up; host->flags &= ~(F_CHECK_SENT|F_CHECK_DONE); - if (((struct sockaddr *)&host->ss)->sa_family == AF_INET) + if (((struct sockaddr *)&host->conf.ss)->sa_family == AF_INET) env->has_icmp = 1; else env->has_icmp6 = 1; @@ -120,10 +120,11 @@ icmp_checks_done(struct ctl_icmp_event *cie) struct host *host; TAILQ_FOREACH(table, &cie->env->tables, entry) { - if (table->flags & F_DISABLE || table->check != CHECK_ICMP) + if (table->conf.flags & F_DISABLE || + table->conf.check != CHECK_ICMP) continue; TAILQ_FOREACH(host, &table->hosts, entry) { - if (((struct sockaddr *)&host->ss)->sa_family != + if (((struct sockaddr *)&host->conf.ss)->sa_family != cie->af) continue; if (!(host->flags & F_CHECK_DONE)) @@ -140,10 +141,11 @@ icmp_checks_timeout(struct ctl_icmp_event *cie, const char *msg) struct host *host; TAILQ_FOREACH(table, &cie->env->tables, entry) { - if (table->flags & F_DISABLE || table->check != CHECK_ICMP) + if (table->conf.flags & F_DISABLE || + table->conf.check != CHECK_ICMP) continue; TAILQ_FOREACH(host, &table->hosts, entry) { - if (((struct sockaddr *)&host->ss)->sa_family != + if (((struct sockaddr *)&host->conf.ss)->sa_family != cie->af) continue; if (!(host->flags & F_CHECK_DONE)) @@ -190,28 +192,29 @@ send_icmp(int s, short event, void *arg) } TAILQ_FOREACH(table, &cie->env->tables, entry) { - if (table->check != CHECK_ICMP || table->flags & F_DISABLE) + if (table->conf.check != CHECK_ICMP || + table->conf.flags & F_DISABLE) continue; TAILQ_FOREACH(host, &table->hosts, entry) { if (host->flags & (F_DISABLE | F_CHECK_SENT)) continue; - if (((struct sockaddr *)&host->ss)->sa_family != + if (((struct sockaddr *)&host->conf.ss)->sa_family != cie->af) continue; i++; - to = (struct sockaddr *)&host->ss; + to = (struct sockaddr *)&host->conf.ss; if (cie->af == AF_INET) { icp->icmp_seq = htons(i); icp->icmp_cksum = 0; - memcpy(icp->icmp_data, &host->id, - sizeof(host->id)); + memcpy(icp->icmp_data, &host->conf.id, + sizeof(host->conf.id)); icp->icmp_cksum = in_cksum((u_short *)icp, sizeof(packet)); } else { icp6->icmp6_seq = htons(i); icp6->icmp6_cksum = 0; - memcpy(packet + sizeof(*icp6), &host->id, - sizeof(host->id)); + memcpy(packet + sizeof(*icp6), &host->conf.id, + sizeof(host->conf.id)); icp6->icmp6_cksum = in_cksum((u_short *)icp6, sizeof(packet)); } @@ -281,7 +284,7 @@ recv_icmp(int s, short event, void *arg) log_warn("recv_icmp: ping for unknown host received"); goto retry; } - if (bcmp(&ss, &host->ss, slen)) { + if (bcmp(&ss, &host->conf.ss, slen)) { log_warnx("recv_icmp: forged icmp packet?"); goto retry; } diff --git a/usr.sbin/hoststated/check_tcp.c b/usr.sbin/hoststated/check_tcp.c index 82bb01f7186..5b0b2521661 100644 --- a/usr.sbin/hoststated/check_tcp.c +++ b/usr.sbin/hoststated/check_tcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: check_tcp.c,v 1.23 2007/02/22 05:58:06 reyk Exp $ */ +/* $OpenBSD: check_tcp.c,v 1.24 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -56,20 +56,20 @@ check_tcp(struct ctl_tcp_event *cte) struct timeval tv; struct linger lng; - switch (cte->host->ss.ss_family) { + switch (cte->host->conf.ss.ss_family) { case AF_INET: - ((struct sockaddr_in *)&cte->host->ss)->sin_port = - cte->table->port; + ((struct sockaddr_in *)&cte->host->conf.ss)->sin_port = + cte->table->conf.port; break; case AF_INET6: - ((struct sockaddr_in6 *)&cte->host->ss)->sin6_port = - cte->table->port; + ((struct sockaddr_in6 *)&cte->host->conf.ss)->sin6_port = + cte->table->conf.port; break; } - len = ((struct sockaddr *)&cte->host->ss)->sa_len; + len = ((struct sockaddr *)&cte->host->conf.ss)->sa_len; - if ((s = socket(cte->host->ss.ss_family, SOCK_STREAM, 0)) == -1) + if ((s = socket(cte->host->conf.ss.ss_family, SOCK_STREAM, 0)) == -1) goto bad; bzero(&lng, sizeof(lng)); @@ -83,8 +83,8 @@ check_tcp(struct ctl_tcp_event *cte) if (fcntl(s, F_SETFL, O_NONBLOCK) == -1) goto bad; - bcopy(&cte->table->timeout, &tv, sizeof(tv)); - if (connect(s, (struct sockaddr *)&cte->host->ss, len) == -1) { + bcopy(&cte->table->conf.timeout, &tv, sizeof(tv)); + if (connect(s, (struct sockaddr *)&cte->host->conf.ss, len) == -1) { if (errno != EINPROGRESS) goto bad; } @@ -133,9 +133,9 @@ tcp_host_up(int s, struct ctl_tcp_event *cte) { cte->s = s; - switch (cte->table->check) { + switch (cte->table->conf.check) { case CHECK_TCP: - if (cte->table->flags & F_SSL) + if (cte->table->conf.flags & F_SSL) break; close(s); hce_notify_done(cte->host, "tcp_host_up: connect successful"); @@ -154,7 +154,7 @@ tcp_host_up(int s, struct ctl_tcp_event *cte) break; } - if (cte->table->flags & F_SSL) { + if (cte->table->conf.flags & F_SSL) { ssl_transaction(cte); return; } @@ -162,14 +162,14 @@ tcp_host_up(int s, struct ctl_tcp_event *cte) if (cte->table->sendbuf != NULL) { cte->req = cte->table->sendbuf; event_again(&cte->ev, s, EV_TIMEOUT|EV_WRITE, tcp_send_req, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); return; } if ((cte->buf = buf_dynamic(SMALL_READ_BUF_SIZE, UINT_MAX)) == NULL) fatalx("tcp_host_up: cannot create dynamic buffer"); event_again(&cte->ev, s, EV_TIMEOUT|EV_READ, tcp_read_buf, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); } void @@ -202,12 +202,12 @@ tcp_send_req(int s, short event, void *arg) if ((cte->buf = buf_dynamic(SMALL_READ_BUF_SIZE, UINT_MAX)) == NULL) fatalx("tcp_send_req: cannot create dynamic buffer"); event_again(&cte->ev, s, EV_TIMEOUT|EV_READ, tcp_read_buf, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); return; retry: event_again(&cte->ev, s, EV_TIMEOUT|EV_WRITE, tcp_send_req, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); } void @@ -267,7 +267,7 @@ tcp_read_buf(int s, short event, void *arg) } retry: event_again(&cte->ev, s, EV_TIMEOUT|EV_READ, tcp_read_buf, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); } int @@ -282,7 +282,7 @@ check_send_expect(struct ctl_tcp_event *cte) if (b == NULL) fatal("out of memory"); *b = '\0'; - if (fnmatch(cte->table->exbuf, cte->buf->buf, 0) == 0) { + if (fnmatch(cte->table->conf.exbuf, cte->buf->buf, 0) == 0) { cte->host->up = HOST_UP; return (0); } @@ -318,7 +318,7 @@ check_http_code(struct ctl_tcp_event *cte) if (strncmp(head, "HTTP/1.1 ", strlen("HTTP/1.1 ")) && strncmp(head, "HTTP/1.0 ", strlen("HTTP/1.0 "))) { log_debug("check_http_code: %s failed " - "(cannot parse HTTP version)", host->name); + "(cannot parse HTTP version)", host->conf.name); host->up = HOST_DOWN; return (1); } @@ -331,13 +331,13 @@ check_http_code(struct ctl_tcp_event *cte) code = strtonum(scode, 100, 999, &estr); if (estr != NULL) { log_debug("check_http_code: %s failed " - "(cannot parse HTTP code)", host->name); + "(cannot parse HTTP code)", host->conf.name); host->up = HOST_DOWN; return (1); } - if (code != cte->table->retcode) { + if (code != cte->table->conf.retcode) { log_debug("check_http_code: %s failed " - "(invalid HTTP code returned)", host->name); + "(invalid HTTP code returned)", host->conf.name); host->up = HOST_DOWN; } else host->up = HOST_UP; @@ -364,16 +364,16 @@ check_http_digest(struct ctl_tcp_event *cte) host = cte->host; if ((head = strstr(head, "\r\n\r\n")) == NULL) { log_debug("check_http_digest: %s failed " - "(no end of headers)", host->name); + "(no end of headers)", host->conf.name); host->up = HOST_DOWN; return (1); } head += strlen("\r\n\r\n"); SHA1Data(head, strlen(head), digest); - if (strcmp(cte->table->digest, digest)) { + if (strcmp(cte->table->conf.digest, digest)) { log_warnx("check_http_digest: %s failed " - "(wrong digest)", host->name); + "(wrong digest)", host->conf.name); host->up = HOST_DOWN; } else host->up = HOST_UP; diff --git a/usr.sbin/hoststated/hce.c b/usr.sbin/hoststated/hce.c index e8f48b11cf8..8ae3c42110d 100644 --- a/usr.sbin/hoststated/hce.c +++ b/usr.sbin/hoststated/hce.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hce.c,v 1.19 2007/05/26 19:58:48 pyr Exp $ */ +/* $OpenBSD: hce.c,v 1.20 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -150,7 +150,7 @@ hce(struct hoststated *x_env, int pipe_parent2pfe[2], int pipe_parent2hce[2], if (env->flags & F_SSL) { ssl_init(env); TAILQ_FOREACH(table, &env->tables, entry) { - if (!(table->flags & F_SSL)) + if (!(table->conf.flags & F_SSL)) continue; table->ssl_ctx = ssl_ctx_create(env); } @@ -185,15 +185,15 @@ hce_launch_checks(int fd, short event, void *arg) fatal("hce_launch_checks: gettimeofday"); TAILQ_FOREACH(table, &env->tables, entry) { - if (table->flags & F_DISABLE) + if (table->conf.flags & F_DISABLE) continue; - if (table->check == CHECK_NOCHECK) + if (table->conf.check == CHECK_NOCHECK) fatalx("hce_launch_checks: unknown check type"); TAILQ_FOREACH(host, &table->hosts, entry) { if (host->flags & F_DISABLE) continue; - if (table->check == CHECK_ICMP) { + if (table->conf.check == CHECK_ICMP) { schedule_icmp(env, host); continue; } @@ -225,23 +225,23 @@ hce_notify_done(struct host *host, const char *msg) if (host->up == HOST_DOWN && host->retry_cnt) { log_debug("hce_notify_done: host %s retry %d", - host->name, host->retry_cnt); + host->conf.name, host->retry_cnt); host->up = host->last_up; host->retry_cnt--; } else - host->retry_cnt = host->retry; + host->retry_cnt = host->conf.retry; if (host->up != HOST_UNKNOWN) { host->check_cnt++; if (host->up == HOST_UP) host->up_cnt++; } - st.id = host->id; + st.id = host->conf.id; st.up = host->up; st.check_cnt = host->check_cnt; st.retry_cnt = host->retry_cnt; host->flags |= (F_CHECK_SENT|F_CHECK_DONE); if (msg) - log_debug("hce_notify_done: %s (%s)", host->name, msg); + log_debug("hce_notify_done: %s (%s)", host->conf.name, msg); imsg_compose(ibuf_pfe, IMSG_HOST_STATUS, 0, 0, &st, sizeof(st)); if (host->up != host->last_up) @@ -257,14 +257,14 @@ hce_notify_done(struct host *host, const char *msg) else duration = 0; - if ((table = table_find(env, host->tableid)) == NULL) + if ((table = table_find(env, host->conf.tableid)) == NULL) fatalx("hce_notify_done: invalid table id"); if (env->opts & logopt) { log_info("host %s, check %s%s (%lums), state %s -> %s, " "availability %s", - host->name, table_check(table->check), - (table->flags & F_SSL) ? " use ssl" : "", duration, + host->conf.name, table_check(table->conf.check), + (table->conf.flags & F_SSL) ? " use ssl" : "", duration, host_status(host->last_up), host_status(host->up), print_availability(host->check_cnt, host->up_cnt)); } @@ -333,7 +333,7 @@ hce_dispatch_imsg(int fd, short event, void *ptr) memcpy(&id, imsg.data, sizeof(id)); if ((table = table_find(env, id)) == NULL) fatalx("hce_dispatch_imsg: desynchronized"); - table->flags |= F_DISABLE; + table->conf.flags |= F_DISABLE; TAILQ_FOREACH(host, &table->hosts, entry) host->up = HOST_UNKNOWN; break; @@ -341,7 +341,7 @@ hce_dispatch_imsg(int fd, short event, void *ptr) memcpy(&id, imsg.data, sizeof(id)); if ((table = table_find(env, id)) == NULL) fatalx("hce_dispatch_imsg: desynchronized"); - table->flags &= ~(F_DISABLE); + table->conf.flags &= ~(F_DISABLE); TAILQ_FOREACH(host, &table->hosts, entry) host->up = HOST_UNKNOWN; break; diff --git a/usr.sbin/hoststated/hoststated.c b/usr.sbin/hoststated/hoststated.c index 494cc73834c..baf7c73e1a3 100644 --- a/usr.sbin/hoststated/hoststated.c +++ b/usr.sbin/hoststated/hoststated.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hoststated.c,v 1.22 2007/05/26 19:58:49 pyr Exp $ */ +/* $OpenBSD: hoststated.c,v 1.23 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -483,7 +483,7 @@ host_find(struct hoststated *env, objid_t id) TAILQ_FOREACH(table, &env->tables, entry) TAILQ_FOREACH(host, &table->hosts, entry) - if (host->id == id) + if (host->conf.id == id) return (host); return (NULL); } @@ -494,7 +494,7 @@ table_find(struct hoststated *env, objid_t id) struct table *table; TAILQ_FOREACH(table, &env->tables, entry) - if (table->id == id) + if (table->conf.id == id) return (table); return (NULL); } @@ -505,7 +505,7 @@ service_find(struct hoststated *env, objid_t id) struct service *service; TAILQ_FOREACH(service, &env->services, entry) - if (service->id == id) + if (service->conf.id == id) return (service); return (NULL); } @@ -542,7 +542,7 @@ host_findbyname(struct hoststated *env, const char *name) TAILQ_FOREACH(table, &env->tables, entry) TAILQ_FOREACH(host, &table->hosts, entry) - if (strcmp(host->name, name) == 0) + if (strcmp(host->conf.name, name) == 0) return (host); return (NULL); } @@ -553,7 +553,7 @@ table_findbyname(struct hoststated *env, const char *name) struct table *table; TAILQ_FOREACH(table, &env->tables, entry) - if (strcmp(table->name, name) == 0) + if (strcmp(table->conf.name, name) == 0) return (table); return (NULL); } @@ -564,7 +564,7 @@ service_findbyname(struct hoststated *env, const char *name) struct service *service; TAILQ_FOREACH(service, &env->services, entry) - if (strcmp(service->name, name) == 0) + if (strcmp(service->conf.name, name) == 0) return (service); return (NULL); } diff --git a/usr.sbin/hoststated/hoststated.h b/usr.sbin/hoststated/hoststated.h index 2abea41057f..b233c090b1f 100644 --- a/usr.sbin/hoststated/hoststated.h +++ b/usr.sbin/hoststated/hoststated.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hoststated.h,v 1.42 2007/05/26 19:58:49 pyr Exp $ */ +/* $OpenBSD: hoststated.h,v 1.43 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -273,23 +273,27 @@ TAILQ_HEAD(addresslist, address); #define F_NATLOOK 0x1000 #define F_DEMOTE 0x2000 #define F_LOOKUP_PATH 0x4000 +#define F_DEMOTED 0x8000 -struct host { - u_int16_t flags; +struct host_config { objid_t id; objid_t tableid; - char *tablename; + int retry; char name[MAXHOSTNAMELEN]; + struct sockaddr_storage ss; +}; + +struct host { + TAILQ_ENTRY(host) entry; + struct host_config conf; + u_int16_t flags; + char *tablename; int up; int last_up; u_long check_cnt; u_long up_cnt; int retry_cnt; - int retry; - - struct sockaddr_storage ss; struct ctl_tcp_event cte; - TAILQ_ENTRY(host) entry; }; TAILQ_HEAD(hostlist, host); @@ -300,25 +304,29 @@ enum host_status { }; #define HOST_ISUP(x) (x == HOST_UP) -struct table { +struct table_config { objid_t id; objid_t serviceid; u_int16_t flags; int check; - int up; - int demoted; char demote_group[IFNAMSIZ]; + struct timeval timeout; in_port_t port; int retcode; - struct timeval timeout; char name[TABLE_NAME_SIZE]; char path[MAXPATHLEN]; - char *sendbuf; char exbuf[64]; char digest[41]; /* length of sha1 digest * 2 */ - SSL_CTX *ssl_ctx; - struct hostlist hosts; +}; + +struct table { TAILQ_ENTRY(table) entry; + struct table_config conf; + int up; + struct hostlist hosts; + SSL_CTX *ssl_ctx; + int sendbuf_len; + char *sendbuf; }; TAILQ_HEAD(tablelist, table); @@ -331,16 +339,22 @@ enum table_check { CHECK_SEND_EXPECT = 5 }; -struct service { +struct service_config { objid_t id; u_int16_t flags; in_port_t port; + objid_t table_id; + objid_t backup_id; char name[SRV_NAME_SIZE]; char tag[TAG_NAME_SIZE]; +}; + +struct service { + TAILQ_ENTRY(service) entry; + struct service_config conf; struct addresslist virts; struct table *table; struct table *backup; /* use this if no host up */ - TAILQ_ENTRY(service) entry; }; TAILQ_HEAD(servicelist, service); diff --git a/usr.sbin/hoststated/parse.y b/usr.sbin/hoststated/parse.y index 2cdcce3fa7a..bc02cf5a59a 100644 --- a/usr.sbin/hoststated/parse.y +++ b/usr.sbin/hoststated/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.40 2007/05/27 19:21:15 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.41 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -213,11 +213,13 @@ varset : STRING '=' STRING { sendbuf : NOTHING { table->sendbuf = NULL; + table->sendbuf_len = 0; } | STRING { table->sendbuf = strdup($1); if (table->sendbuf == NULL) fatal("out of memory"); + table->sendbuf_len = strlen(table->sendbuf); free($1); } ; @@ -261,7 +263,7 @@ service : SERVICE STRING { struct service *srv; TAILQ_FOREACH(srv, &conf->services, entry) - if (!strcmp(srv->name, $2)) + if (!strcmp(srv->conf.name, $2)) break; if (srv != NULL) { yyerror("service %s defined twice", $2); @@ -271,13 +273,14 @@ service : SERVICE STRING { if ((srv = calloc(1, sizeof (*srv))) == NULL) fatal("out of memory"); - if (strlcpy(srv->name, $2, sizeof(srv->name)) >= - sizeof(srv->name)) { + if (strlcpy(srv->conf.name, $2, + sizeof(srv->conf.name)) >= + sizeof(srv->conf.name)) { yyerror("service name truncated"); YYERROR; } free($2); - srv->id = last_service_id++; + srv->conf.id = last_service_id++; if (last_service_id == INT_MAX) { yyerror("too many services defined"); YYERROR; @@ -286,27 +289,29 @@ service : SERVICE STRING { } '{' optnl serviceopts_l '}' { if (service->table == NULL) { yyerror("service %s has no table", - service->name); + service->conf.name); YYERROR; } if (TAILQ_EMPTY(&service->virts)) { yyerror("service %s has no virtual ip", - service->name); + service->conf.name); YYERROR; } conf->servicecount++; - if (service->backup == NULL) + if (service->backup == NULL) { + service->conf.backup_id = + conf->empty_table.conf.id; service->backup = &conf->empty_table; - else if (service->backup->port != - service->table->port) { + } else if (service->backup->conf.port != + service->table->conf.port) { yyerror("service %s uses two different ports " "for its table and backup table", - service->name); + service->conf.name); YYERROR; } - if (!(service->flags & F_DISABLE)) - service->flags |= F_ADD; + if (!(service->conf.flags & F_DISABLE)) + service->conf.flags |= F_ADD; TAILQ_INSERT_HEAD(&conf->services, service, entry); } ; @@ -321,7 +326,7 @@ serviceoptsl : TABLE STRING dstport { port = $3; if (port == 0) - port = service->port; + port = service->conf.port; if ((tb = table_inherit($2, port)) == NULL) { free($2); YYERROR; @@ -329,8 +334,8 @@ serviceoptsl : TABLE STRING dstport { free($2); service->table = tb; - service->table->serviceid = service->id; - service->table->flags |= F_USED; + service->table->conf.serviceid = service->conf.id; + service->table->conf.flags |= F_USED; } | BACKUP TABLE STRING dstport { struct table *tb; @@ -344,7 +349,7 @@ serviceoptsl : TABLE STRING dstport { port = $4; if (port == 0) - port = service->port; + port = service->conf.port; if ((tb = table_inherit($3, port)) == NULL) { free($3); YYERROR; @@ -352,8 +357,8 @@ serviceoptsl : TABLE STRING dstport { free($3); service->backup = tb; - service->backup->serviceid = service->id; - service->backup->flags |= (F_USED|F_BACKUP); + service->backup->conf.serviceid = service->conf.id; + service->backup->conf.flags |= (F_USED|F_BACKUP); } | VIRTUAL HOST STRING port interface { if (host($3, &service->virts, @@ -365,14 +370,15 @@ serviceoptsl : TABLE STRING dstport { } free($3); free($5); - if (service->port == 0) - service->port = $4; + if (service->conf.port == 0) + service->conf.port = $4; } - | DISABLE { service->flags |= F_DISABLE; } - | STICKYADDR { service->flags |= F_STICKY; } + | DISABLE { service->conf.flags |= F_DISABLE; } + | STICKYADDR { service->conf.flags |= F_STICKY; } | TAG STRING { - if (strlcpy(service->tag, $2, sizeof(service->tag)) >= - sizeof(service->tag)) { + if (strlcpy(service->conf.tag, $2, + sizeof(service->conf.tag)) >= + sizeof(service->conf.tag)) { yyerror("service tag name truncated"); free($2); YYERROR; @@ -385,7 +391,7 @@ table : TABLE STRING { struct table *tb; TAILQ_FOREACH(tb, &conf->tables, entry) - if (!strcmp(tb->name, $2)) + if (!strcmp(tb->conf.name, $2)) break; if (tb != NULL) { yyerror("table %s defined twice"); @@ -396,13 +402,13 @@ table : TABLE STRING { if ((tb = calloc(1, sizeof (*tb))) == NULL) fatal("out of memory"); - if (strlcpy(tb->name, $2, sizeof(tb->name)) >= - sizeof(tb->name)) { + if (strlcpy(tb->conf.name, $2, sizeof(tb->conf.name)) >= + sizeof(tb->conf.name)) { yyerror("table name truncated"); YYERROR; } - tb->id = last_table_id++; - bcopy(&conf->timeout, &tb->timeout, + tb->conf.id = last_table_id++; + bcopy(&conf->timeout, &tb->conf.timeout, sizeof(struct timeval)); if (last_table_id == INT_MAX) { yyerror("too many tables defined"); @@ -412,11 +418,13 @@ table : TABLE STRING { table = tb; } '{' optnl tableopts_l '}' { if (TAILQ_EMPTY(&table->hosts)) { - yyerror("table %s has no hosts", table->name); + yyerror("table %s has no hosts", + table->conf.name); YYERROR; } - if (table->check == CHECK_NOCHECK) { - yyerror("table %s has no check", table->name); + if (table->conf.check == CHECK_NOCHECK) { + yyerror("table %s has no check", + table->conf.name); YYERROR; } conf->tablecount++; @@ -429,52 +437,56 @@ tableopts_l : tableopts_l tableoptsl nl ; tableoptsl : host { - $1->tableid = table->id; - $1->tablename = table->name; + $1->conf.tableid = table->conf.id; + $1->tablename = table->conf.name; TAILQ_INSERT_HEAD(&table->hosts, $1, entry); } | TIMEOUT timeout { - bcopy(&$2, &table->timeout, sizeof(struct timeval)); + bcopy(&$2, &table->conf.timeout, + sizeof(struct timeval)); } | CHECK ICMP { - table->check = CHECK_ICMP; + table->conf.check = CHECK_ICMP; } | CHECK TCP { - table->check = CHECK_TCP; + table->conf.check = CHECK_TCP; } | CHECK SSL { - table->check = CHECK_TCP; + table->conf.check = CHECK_TCP; conf->flags |= F_SSL; - table->flags |= F_SSL; + table->conf.flags |= F_SSL; } | CHECK http_type STRING CODE number { if ($2) { conf->flags |= F_SSL; - table->flags |= F_SSL; + table->conf.flags |= F_SSL; } - table->check = CHECK_HTTP_CODE; - table->retcode = $5; + table->conf.check = CHECK_HTTP_CODE; + table->conf.retcode = $5; if (asprintf(&table->sendbuf, "HEAD %s HTTP/1.0\r\n\r\n", $3) == -1) fatal("asprintf"); free($3); if (table->sendbuf == NULL) fatal("out of memory"); + table->sendbuf_len = strlen(table->sendbuf); } | CHECK http_type STRING DIGEST STRING { if ($2) { conf->flags |= F_SSL; - table->flags |= F_SSL; + table->conf.flags |= F_SSL; } - table->check = CHECK_HTTP_DIGEST; + table->conf.check = CHECK_HTTP_DIGEST; if (asprintf(&table->sendbuf, "GET %s HTTP/1.0\r\n\r\n", $3) == -1) fatal("asprintf"); free($3); if (table->sendbuf == NULL) fatal("out of memory"); - if (strlcpy(table->digest, $5, - sizeof(table->digest)) >= sizeof(table->digest)) { + table->sendbuf_len = strlen(table->sendbuf); + if (strlcpy(table->conf.digest, $5, + sizeof(table->conf.digest)) >= + sizeof(table->conf.digest)) { yyerror("http digest truncated"); free($5); YYERROR; @@ -482,13 +494,14 @@ tableoptsl : host { free($5); } | CHECK SEND sendbuf EXPECT STRING optssl { - table->check = CHECK_SEND_EXPECT; + table->conf.check = CHECK_SEND_EXPECT; if ($6) { conf->flags |= F_SSL; - table->flags |= F_SSL; + table->conf.flags |= F_SSL; } - if (strlcpy(table->exbuf, $5, sizeof(table->exbuf)) - >= sizeof(table->exbuf)) { + if (strlcpy(table->conf.exbuf, $5, + sizeof(table->conf.exbuf)) + >= sizeof(table->conf.exbuf)) { yyerror("yyparse: expect buffer truncated"); free($5); YYERROR; @@ -496,25 +509,28 @@ tableoptsl : host { free($5); } | REAL port { - table->port = $2; + table->conf.port = $2; } | DEMOTE STRING { - table->flags |= F_DEMOTE; - if (strlcpy(table->demote_group, $2, - sizeof(table->demote_group)) - >= sizeof(table->demote_group)) { + table->conf.flags |= F_DEMOTE; + if (strlcpy(table->conf.demote_group, $2, + sizeof(table->conf.demote_group)) + >= sizeof(table->conf.demote_group)) { yyerror("yyparse: demote group name too long"); free($2); YYERROR; } free($2); - if (carp_demote_init(table->demote_group, 1) == -1) { + if (carp_demote_init(table->conf.demote_group, 1) + == -1) { yyerror("yyparse: error initializing group " - "'%s'", table->demote_group); + "'%s'", table->conf.demote_group); YYERROR; } } - | DISABLE { table->flags |= F_DISABLE; } + | DISABLE { + table->conf.flags |= F_DISABLE; + } ; proto : PROTO STRING { @@ -951,7 +967,7 @@ relayoptsl : LISTEN ON STRING port optssl { rlay->dsttable = tb; rlay->dstmode = $4; rlay->dstcheck = $5; - rlay->dsttable->flags |= F_USED; + rlay->dsttable->conf.flags |= F_USED; } | PROTO STRING { struct protocol *p; @@ -1009,19 +1025,19 @@ host : HOST STRING retry { YYERROR; } a = TAILQ_FIRST(&al); - memcpy(&$$->ss, &a->ss, sizeof($$->ss)); + memcpy(&$$->conf.ss, &a->ss, sizeof($$->conf.ss)); free(a); - if (strlcpy($$->name, $2, sizeof($$->name)) >= - sizeof($$->name)) { + if (strlcpy($$->conf.name, $2, sizeof($$->conf.name)) >= + sizeof($$->conf.name)) { yyerror("host name truncated"); free($2); free($$); YYERROR; } free($2); - $$->id = last_host_id++; - $$->retry = $3; + $$->conf.id = last_host_id++; + $$->conf.retry = $3; if (last_host_id == INT_MAX) { yyerror("too many hosts defined"); free($$); @@ -1379,10 +1395,10 @@ parse_config(const char *filename, int opts) TAILQ_INIT(&conf->relays); memset(&conf->empty_table, 0, sizeof(conf->empty_table)); - conf->empty_table.id = EMPTY_TABLE; - conf->empty_table.flags |= F_DISABLE; - (void)strlcpy(conf->empty_table.name, "empty", - sizeof(conf->empty_table.name)); + conf->empty_table.conf.id = EMPTY_TABLE; + conf->empty_table.conf.flags |= F_DISABLE; + (void)strlcpy(conf->empty_table.conf.name, "empty", + sizeof(conf->empty_table.conf.name)); bzero(&conf->proto_default, sizeof(conf->proto_default)); conf->proto_default.flags = F_USED; @@ -1441,7 +1457,7 @@ parse_config(const char *filename, int opts) for (table = TAILQ_FIRST(&conf->tables); table != NULL; table = nexttb) { nexttb = TAILQ_NEXT(table, entry); - if (table->port == 0) { + if (table->conf.port == 0) { TAILQ_REMOVE(&conf->tables, table, entry); while ((h = TAILQ_FIRST(&table->hosts)) != NULL) { TAILQ_REMOVE(&table->hosts, h, entry); @@ -1452,13 +1468,13 @@ parse_config(const char *filename, int opts) free(table); continue; } - if (!(table->flags & F_USED)) { - log_warnx("unused table: %s", table->name); + if (!(table->conf.flags & F_USED)) { + log_warnx("unused table: %s", table->conf.name); errors++; } - if (timercmp(&table->timeout, &conf->interval, >=)) { + if (timercmp(&table->conf.timeout, &conf->interval, >=)) { log_warnx("table timeout exceeds interval: %s", - table->name); + table->conf.name); errors++; } } @@ -1696,7 +1712,7 @@ table_inherit(const char *name, in_port_t port) yyerror("unknown table or template %s", name); return (NULL); } - if (dsttb->port != 0) + if (dsttb->conf.port != 0) return (dsttb); if (port == 0) { @@ -1707,7 +1723,7 @@ table_inherit(const char *name, in_port_t port) /* Check if a matching table already exists */ snprintf(pname, sizeof(pname), "%s:%u", name, ntohs(port)); if ((tb = table_findbyname(conf, pname)) != NULL) { - if (tb->port == 0) { + if (tb->conf.port == 0) { yyerror("invalid table"); return (NULL); } @@ -1718,15 +1734,16 @@ table_inherit(const char *name, in_port_t port) if ((tb = calloc(1, sizeof (*tb))) == NULL) fatal("out of memory"); bcopy(dsttb, tb, sizeof(*tb)); - if (strlcpy(tb->name, pname, sizeof(tb->name)) >= sizeof(tb->name)) { + if (strlcpy(tb->conf.name, pname, sizeof(tb->conf.name)) + >= sizeof(tb->conf.name)) { yyerror("table name truncated"); return (NULL); } if (dsttb->sendbuf != NULL && (tb->sendbuf = strdup(dsttb->sendbuf)) == NULL) fatal("out of memory"); - tb->port = port; - tb->id = last_table_id++; + tb->conf.port = port; + tb->conf.id = last_table_id++; if (last_table_id == INT_MAX) { yyerror("too many tables defined"); return (NULL); @@ -1739,13 +1756,13 @@ table_inherit(const char *name, in_port_t port) calloc(1, sizeof (*h))) == NULL) fatal("out of memory"); bcopy(dsth, h, sizeof(*h)); - h->id = last_host_id++; + h->conf.id = last_host_id++; if (last_host_id == INT_MAX) { yyerror("too many hosts defined"); return (NULL); } - h->tableid = tb->id; - h->tablename = tb->name; + h->conf.tableid = tb->conf.id; + h->tablename = tb->conf.name; TAILQ_INSERT_HEAD(&tb->hosts, h, entry); } diff --git a/usr.sbin/hoststated/pfe.c b/usr.sbin/hoststated/pfe.c index 7af9476e231..738ffc1952c 100644 --- a/usr.sbin/hoststated/pfe.c +++ b/usr.sbin/hoststated/pfe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfe.c,v 1.22 2007/05/26 19:58:49 pyr Exp $ */ +/* $OpenBSD: pfe.c,v 1.23 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -228,7 +228,7 @@ pfe_dispatch_imsg(int fd, short event, void *ptr) } if (host->check_cnt != st.check_cnt) { log_debug("pfe_dispatch_imsg: host %d => %d", - host->id, host->up); + host->conf.id, host->up); fatalx("pfe_dispatch_imsg: desynchronized"); } @@ -240,11 +240,12 @@ pfe_dispatch_imsg(int fd, short event, void *ptr) imsg_compose(&ibuf_relay[n], IMSG_HOST_STATUS, 0, 0, &st, sizeof(st)); - if ((table = table_find(env, host->tableid)) == NULL) + if ((table = table_find(env, host->conf.tableid)) + == NULL) fatalx("pfe_dispatch_imsg: invalid table id"); log_debug("pfe_dispatch_imsg: state %d for host %u %s", - st.up, host->id, host->name); + st.up, host->conf.id, host->conf.name); if ((st.up == HOST_UNKNOWN && !HOST_ISUP(host->up)) || (!HOST_ISUP(st.up) && host->up == HOST_UNKNOWN)) { @@ -253,14 +254,14 @@ pfe_dispatch_imsg(int fd, short event, void *ptr) } if (st.up == HOST_UP) { - table->flags |= F_CHANGED; + table->conf.flags |= F_CHANGED; table->up++; host->flags |= F_ADD; host->flags &= ~(F_DEL); host->up = HOST_UP; } else { table->up--; - table->flags |= F_CHANGED; + table->conf.flags |= F_CHANGED; host->flags |= F_DEL; host->flags &= ~(F_ADD); } @@ -398,21 +399,21 @@ show(struct ctl_conn *c) TAILQ_FOREACH(service, &env->services, entry) { imsg_compose(&c->ibuf, IMSG_CTL_SERVICE, 0, 0, service, sizeof(*service)); - if (service->flags & F_DISABLE) + if (service->conf.flags & F_DISABLE) continue; imsg_compose(&c->ibuf, IMSG_CTL_TABLE, 0, 0, service->table, sizeof(*service->table)); - if (!(service->table->flags & F_DISABLE)) + if (!(service->table->conf.flags & F_DISABLE)) TAILQ_FOREACH(host, &service->table->hosts, entry) imsg_compose(&c->ibuf, IMSG_CTL_HOST, 0, 0, host, sizeof(*host)); - if (service->backup->id == EMPTY_TABLE) + if (service->backup->conf.id == EMPTY_TABLE) continue; imsg_compose(&c->ibuf, IMSG_CTL_TABLE, 0, 0, service->backup, sizeof(*service->backup)); - if (!(service->backup->flags & F_DISABLE)) + if (!(service->backup->conf.flags & F_DISABLE)) TAILQ_FOREACH(host, &service->backup->hosts, entry) imsg_compose(&c->ibuf, IMSG_CTL_HOST, 0, 0, host, sizeof(*host)); @@ -428,7 +429,7 @@ show(struct ctl_conn *c) continue; imsg_compose(&c->ibuf, IMSG_CTL_TABLE, 0, 0, rlay->dsttable, sizeof(*rlay->dsttable)); - if (!(rlay->dsttable->flags & F_DISABLE)) + if (!(rlay->dsttable->conf.flags & F_DISABLE)) TAILQ_FOREACH(host, &rlay->dsttable->hosts, entry) imsg_compose(&c->ibuf, IMSG_CTL_HOST, 0, 0, host, sizeof(*host)); @@ -449,16 +450,16 @@ disable_service(struct ctl_conn *c, struct ctl_id *id) service = service_find(env, id->id); if (service == NULL) return (-1); - id->id = service->id; + id->id = service->conf.id; - if (service->flags & F_DISABLE) + if (service->conf.flags & F_DISABLE) return (0); - service->flags |= F_DISABLE; - service->flags &= ~(F_ADD); - service->flags |= F_DEL; - service->table->flags |= F_DISABLE; - log_debug("disable_service: disabled service %d", service->id); + service->conf.flags |= F_DISABLE; + service->conf.flags &= ~(F_ADD); + service->conf.flags |= F_DEL; + service->table->conf.flags |= F_DISABLE; + log_debug("disable_service: disabled service %d", service->conf.id); pfe_sync(); return (0); } @@ -475,25 +476,25 @@ enable_service(struct ctl_conn *c, struct ctl_id *id) service = service_find(env, id->id); if (service == NULL) return (-1); - id->id = service->id; + id->id = service->conf.id; - if (!(service->flags & F_DISABLE)) + if (!(service->conf.flags & F_DISABLE)) return (0); - service->flags &= ~(F_DISABLE); - service->flags &= ~(F_DEL); - service->flags |= F_ADD; - log_debug("enable_service: enabled service %d", service->id); + service->conf.flags &= ~(F_DISABLE); + service->conf.flags &= ~(F_DEL); + service->conf.flags |= F_ADD; + log_debug("enable_service: enabled service %d", service->conf.id); bzero(&eid, sizeof(eid)); /* XXX: we're syncing twice */ - eid.id = service->table->id; + eid.id = service->table->conf.id; if (enable_table(c, &eid) == -1) return (-1); - if (service->backup->id == EMPTY_ID) + if (service->backup->conf.id == EMPTY_ID) return (0); - eid.id = service->backup->id; + eid.id = service->backup->conf.id; if (enable_table(c, &eid) == -1) return (-1); return (0); @@ -512,19 +513,19 @@ disable_table(struct ctl_conn *c, struct ctl_id *id) table = table_find(env, id->id); if (table == NULL) return (-1); - id->id = table->id; - if ((service = service_find(env, table->serviceid)) == NULL) + id->id = table->conf.id; + if ((service = service_find(env, table->conf.serviceid)) == NULL) fatalx("disable_table: desynchronised"); - if (table->flags & F_DISABLE) + if (table->conf.flags & F_DISABLE) return (0); - table->flags |= (F_DISABLE|F_CHANGED); + table->conf.flags |= (F_DISABLE|F_CHANGED); table->up = 0; TAILQ_FOREACH(host, &table->hosts, entry) host->up = HOST_UNKNOWN; imsg_compose(ibuf_hce, IMSG_TABLE_DISABLE, 0, 0, - &table->id, sizeof(table->id)); - log_debug("disable_table: disabled table %d", table->id); + &table->conf.id, sizeof(table->conf.id)); + log_debug("disable_table: disabled table %d", table->conf.id); pfe_sync(); return (0); } @@ -542,21 +543,21 @@ enable_table(struct ctl_conn *c, struct ctl_id *id) table = table_find(env, id->id); if (table == NULL) return (-1); - id->id = table->id; + id->id = table->conf.id; - if ((service = service_find(env, table->serviceid)) == NULL) + if ((service = service_find(env, table->conf.serviceid)) == NULL) fatalx("enable_table: desynchronised"); - if (!(table->flags & F_DISABLE)) + if (!(table->conf.flags & F_DISABLE)) return (0); - table->flags &= ~(F_DISABLE); - table->flags |= F_CHANGED; + table->conf.flags &= ~(F_DISABLE); + table->conf.flags |= F_CHANGED; table->up = 0; TAILQ_FOREACH(host, &table->hosts, entry) host->up = HOST_UNKNOWN; imsg_compose(ibuf_hce, IMSG_TABLE_ENABLE, 0, 0, - &table->id, sizeof(table->id)); - log_debug("enable_table: enabled table %d", table->id); + &table->conf.id, sizeof(table->conf.id)); + log_debug("enable_table: enabled table %d", table->conf.id); pfe_sync(); return (0); } @@ -574,16 +575,16 @@ disable_host(struct ctl_conn *c, struct ctl_id *id) host = host_find(env, id->id); if (host == NULL) return (-1); - id->id = host->id; + id->id = host->conf.id; if (host->flags & F_DISABLE) return (0); if (host->up == HOST_UP) { - if ((table = table_find(env, host->tableid)) == NULL) + if ((table = table_find(env, host->conf.tableid)) == NULL) fatalx("disable_host: invalid table id"); table->up--; - table->flags |= F_CHANGED; + table->conf.flags |= F_CHANGED; } host->up = HOST_UNKNOWN; @@ -594,12 +595,13 @@ disable_host(struct ctl_conn *c, struct ctl_id *id) host->up_cnt = 0; imsg_compose(ibuf_hce, IMSG_HOST_DISABLE, 0, 0, - &host->id, sizeof(host->id)); + &host->conf.id, sizeof(host->conf.id)); /* Forward to relay engine(s) */ for (n = 0; n < env->prefork_relay; n++) imsg_compose(&ibuf_relay[n], - IMSG_HOST_DISABLE, 0, 0, &host->id, sizeof(host->id)); - log_debug("disable_host: disabled host %d", host->id); + IMSG_HOST_DISABLE, 0, 0, + &host->conf.id, sizeof(host->conf.id)); + log_debug("disable_host: disabled host %d", host->conf.id); pfe_sync(); return (0); } @@ -616,7 +618,7 @@ enable_host(struct ctl_conn *c, struct ctl_id *id) host = host_find(env, id->id); if (host == NULL) return (-1); - id->id = host->id; + id->id = host->conf.id; if (!(host->flags & F_DISABLE)) return (0); @@ -627,12 +629,13 @@ enable_host(struct ctl_conn *c, struct ctl_id *id) host->flags &= ~(F_ADD); imsg_compose(ibuf_hce, IMSG_HOST_ENABLE, 0, 0, - &host->id, sizeof (host->id)); + &host->conf.id, sizeof (host->conf.id)); /* Forward to relay engine(s) */ for (n = 0; n < env->prefork_relay; n++) imsg_compose(&ibuf_relay[n], - IMSG_HOST_ENABLE, 0, 0, &host->id, sizeof(host->id)); - log_debug("enable_host: enabled host %d", host->id); + IMSG_HOST_ENABLE, 0, 0, + &host->conf.id, sizeof(host->conf.id)); + log_debug("enable_host: enabled host %d", host->conf.id); pfe_sync(); return (0); } @@ -650,23 +653,25 @@ pfe_sync(void) bzero(&id, sizeof(id)); bzero(&imsg, sizeof(imsg)); TAILQ_FOREACH(service, &env->services, entry) { - service->flags &= ~(F_BACKUP); - service->flags &= ~(F_DOWN); + service->conf.flags &= ~(F_BACKUP); + service->conf.flags &= ~(F_DOWN); - if (service->flags & F_DISABLE || + if (service->conf.flags & F_DISABLE || (service->table->up == 0 && service->backup->up == 0)) { - service->flags |= F_DOWN; + service->conf.flags |= F_DOWN; active = NULL; } else if (service->table->up == 0 && service->backup->up > 0) { - service->flags |= F_BACKUP; + service->conf.flags |= F_BACKUP; active = service->backup; - active->flags |= service->table->flags & F_CHANGED; - active->flags |= service->backup->flags & F_CHANGED; + active->conf.flags |= + service->table->conf.flags & F_CHANGED; + active->conf.flags |= + service->backup->conf.flags & F_CHANGED; } else active = service->table; - if (active != NULL && active->flags & F_CHANGED) { - id.id = active->id; + if (active != NULL && active->conf.flags & F_CHANGED) { + id.id = active->conf.id; imsg.hdr.type = IMSG_CTL_TABLE_CHANGED; imsg.hdr.len = sizeof(id) + IMSG_HEADER_SIZE; imsg.data = &id; @@ -674,25 +679,25 @@ pfe_sync(void) control_imsg_forward(&imsg); } - service->table->flags &= ~(F_CHANGED); - service->backup->flags &= ~(F_CHANGED); + service->table->conf.flags &= ~(F_CHANGED); + service->backup->conf.flags &= ~(F_CHANGED); - if (service->flags & F_DOWN) { - if (service->flags & F_ACTIVE_RULESET) { + if (service->conf.flags & F_DOWN) { + if (service->conf.flags & F_ACTIVE_RULESET) { flush_table(env, service); log_debug("pfe_sync: disabling ruleset"); - service->flags &= ~(F_ACTIVE_RULESET); - id.id = service->id; + service->conf.flags &= ~(F_ACTIVE_RULESET); + id.id = service->conf.id; imsg.hdr.type = IMSG_CTL_PULL_RULESET; imsg.hdr.len = sizeof(id) + IMSG_HEADER_SIZE; imsg.data = &id; sync_ruleset(env, service, 0); control_imsg_forward(&imsg); } - } else if (!(service->flags & F_ACTIVE_RULESET)) { + } else if (!(service->conf.flags & F_ACTIVE_RULESET)) { log_debug("pfe_sync: enabling ruleset"); - service->flags |= F_ACTIVE_RULESET; - id.id = service->id; + service->conf.flags |= F_ACTIVE_RULESET; + id.id = service->conf.id; imsg.hdr.type = IMSG_CTL_PUSH_RULESET; imsg.hdr.len = sizeof(id) + IMSG_HEADER_SIZE; imsg.data = &id; @@ -702,22 +707,22 @@ pfe_sync(void) } TAILQ_FOREACH(table, &env->tables, entry) { - if ((table->flags & F_DEMOTE) == 0) + if ((table->conf.flags & F_DEMOTE) == 0) continue; demote.level = 0; - if (table->up && table->demoted) { + if (table->up && table->conf.flags & F_DEMOTED) { demote.level = -1; - table->demoted = 0; + table->conf.flags &= ~F_DEMOTED; } - else if (!table->up && !table->demoted) { + else if (!table->up && !(table->conf.flags & F_DEMOTED)) { demote.level = 1; - table->demoted = 1; + table->conf.flags |= F_DEMOTED; } if (demote.level == 0) continue; log_debug("pfe_sync: demote %d table '%s' group '%s'", - demote.level, table->name, table->demote_group); - (void)strlcpy(demote.group, table->demote_group, + demote.level, table->conf.name, table->conf.demote_group); + (void)strlcpy(demote.group, table->conf.demote_group, sizeof(demote.group)); imsg_compose(ibuf_main, IMSG_DEMOTE, 0, 0, &demote, sizeof(demote)); diff --git a/usr.sbin/hoststated/pfe_filter.c b/usr.sbin/hoststated/pfe_filter.c index 2688089c1fb..a71c7c1f2d4 100644 --- a/usr.sbin/hoststated/pfe_filter.c +++ b/usr.sbin/hoststated/pfe_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfe_filter.c,v 1.15 2007/02/22 05:58:06 reyk Exp $ */ +/* $OpenBSD: pfe_filter.c,v 1.16 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -82,10 +82,10 @@ init_tables(struct hoststated *env) if (strlcpy(tables[i].pfrt_anchor, HOSTSTATED_ANCHOR "/", sizeof(tables[i].pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcat(tables[i].pfrt_anchor, service->name, + if (strlcat(tables[i].pfrt_anchor, service->conf.name, sizeof(tables[i].pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcpy(tables[i].pfrt_name, service->name, + if (strlcpy(tables[i].pfrt_name, service->conf.name, sizeof(tables[i].pfrt_name)) >= sizeof(tables[i].pfrt_name)) goto toolong; @@ -131,7 +131,7 @@ kill_tables(struct hoststated *env) { if (strlcpy(io.pfrio_table.pfrt_anchor, HOSTSTATED_ANCHOR "/", sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcat(io.pfrio_table.pfrt_anchor, service->name, + if (strlcat(io.pfrio_table.pfrt_anchor, service->conf.name, sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; if (ioctl(env->pf->dev, DIOCRCLRTABLES, &io) == -1) @@ -173,10 +173,10 @@ sync_table(struct hoststated *env, struct service *service, struct table *table) if (strlcpy(io.pfrio_table.pfrt_anchor, HOSTSTATED_ANCHOR "/", sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcat(io.pfrio_table.pfrt_anchor, service->name, + if (strlcat(io.pfrio_table.pfrt_anchor, service->conf.name, sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcpy(io.pfrio_table.pfrt_name, service->name, + if (strlcpy(io.pfrio_table.pfrt_name, service->conf.name, sizeof(io.pfrio_table.pfrt_name)) >= sizeof(io.pfrio_table.pfrt_name)) goto toolong; @@ -186,16 +186,16 @@ sync_table(struct hoststated *env, struct service *service, struct table *table) if (host->up != HOST_UP) continue; memset(&(addlist[i]), 0, sizeof(addlist[i])); - switch (host->ss.ss_family) { + switch (host->conf.ss.ss_family) { case AF_INET: - sain = (struct sockaddr_in *)&host->ss; + sain = (struct sockaddr_in *)&host->conf.ss; addlist[i].pfra_af = AF_INET; memcpy(&(addlist[i].pfra_ip4addr), &sain->sin_addr, sizeof(sain->sin_addr)); addlist[i].pfra_net = 32; break; case AF_INET6: - sain6 = (struct sockaddr_in6 *)&host->ss; + sain6 = (struct sockaddr_in6 *)&host->conf.ss; addlist[i].pfra_af = AF_INET6; memcpy(&(addlist[i].pfra_ip6addr), &sain6->sin6_addr, sizeof(sain6->sin6_addr)); @@ -233,16 +233,16 @@ flush_table(struct hoststated *env, struct service *service) if (strlcpy(io.pfrio_table.pfrt_anchor, HOSTSTATED_ANCHOR "/", sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcat(io.pfrio_table.pfrt_anchor, service->name, + if (strlcat(io.pfrio_table.pfrt_anchor, service->conf.name, sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcpy(io.pfrio_table.pfrt_name, service->name, + if (strlcpy(io.pfrio_table.pfrt_name, service->conf.name, sizeof(io.pfrio_table.pfrt_name)) >= sizeof(io.pfrio_table.pfrt_name)) goto toolong; if (ioctl(env->pf->dev, DIOCRCLRADDRS, &io) == -1) fatal("flush_table: cannot flush table"); - log_debug("flush_table: flushed table %s", service->name); + log_debug("flush_table: flushed table %s", service->conf.name); return; toolong: @@ -287,7 +287,7 @@ sync_ruleset(struct hoststated *env, struct service *service, int enable) if (strlcpy(anchor, HOSTSTATED_ANCHOR "/", sizeof(anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcat(anchor, service->name, sizeof(anchor)) >= + if (strlcat(anchor, service->conf.name, sizeof(anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; if (transaction_init(env, anchor) == -1) { @@ -322,8 +322,8 @@ sync_ruleset(struct hoststated *env, struct service *service, int enable) rio.rule.dst.port[0] = address->port; rio.rule.rtableid = -1; /* stay in the main routing table */ rio.rule.action = PF_RDR; - if (strlen(service->tag)) - (void)strlcpy(rio.rule.tagname, service->tag, + if (strlen(service->conf.tag)) + (void)strlcpy(rio.rule.tagname, service->conf.tag, sizeof(rio.rule.tagname)); if (strlen(address->ifname)) (void)strlcpy(rio.rule.ifname, address->ifname, @@ -346,17 +346,17 @@ sync_ruleset(struct hoststated *env, struct service *service, int enable) } pio.addr.addr.type = PF_ADDR_TABLE; - if (strlcpy(pio.addr.addr.v.tblname, service->name, + if (strlcpy(pio.addr.addr.v.tblname, service->conf.name, sizeof(pio.addr.addr.v.tblname)) >= sizeof(pio.addr.addr.v.tblname)) fatal("sync_ruleset: table name too long"); if (ioctl(env->pf->dev, DIOCADDADDR, &pio) == -1) fatal("sync_ruleset: cannot add address to pool"); - rio.rule.rpool.proxy_port[0] = ntohs(service->table->port); + rio.rule.rpool.proxy_port[0] = ntohs(service->table->conf.port); rio.rule.rpool.port_op = PF_OP_EQ; rio.rule.rpool.opts = PF_POOL_ROUNDROBIN; - if (service->flags & F_STICKY) + if (service->conf.flags & F_STICKY) rio.rule.rpool.opts |= PF_POOL_STICKYADDR; if (ioctl(env->pf->dev, DIOCADDRULE, &rio) == -1) @@ -382,7 +382,7 @@ flush_rulesets(struct hoststated *env) if (strlcpy(anchor, HOSTSTATED_ANCHOR "/", sizeof(anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; - if (strlcat(anchor, service->name, sizeof(anchor)) >= + if (strlcat(anchor, service->conf.name, sizeof(anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; if (transaction_init(env, anchor) == -1 || diff --git a/usr.sbin/hoststated/relay.c b/usr.sbin/hoststated/relay.c index 1289b33a566..8b5fa3b1906 100644 --- a/usr.sbin/hoststated/relay.c +++ b/usr.sbin/hoststated/relay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: relay.c,v 1.28 2007/05/26 19:58:49 pyr Exp $ */ +/* $OpenBSD: relay.c,v 1.29 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006, 2007 Reyk Floeter <reyk@openbsd.org> @@ -391,7 +391,7 @@ relay_init(void) rlay->dstkey = hash32_str(rlay->name, HASHINIT); rlay->dstkey = - hash32_str(rlay->dsttable->name, + hash32_str(rlay->dsttable->conf.name, rlay->dstkey); break; } @@ -403,7 +403,7 @@ relay_init(void) rlay->dsthost[rlay->dstnhosts++] = host; } log_info("adding %d hosts from table %s%s", - rlay->dstnhosts, rlay->dsttable->name, + rlay->dstnhosts, rlay->dsttable->conf.name, rlay->dstcheck ? "" : " (no check)"); } } @@ -1594,15 +1594,15 @@ relay_from_table(struct session *con) } host = rlay->dsthost[idx]; DPRINTF("relay_from_table: host %s, p 0x%08x, idx %d", - host->name, p, idx); + host->conf.name, p, idx); while (host != NULL) { - DPRINTF("relay_from_table: host %s", host->name); + DPRINTF("relay_from_table: host %s", host->conf.name); if (!rlay->dstcheck || host->up == HOST_UP) goto found; host = TAILQ_NEXT(host, entry); } TAILQ_FOREACH(host, &rlay->dsttable->hosts, entry) { - DPRINTF("relay_from_table: next host %s", host->name); + DPRINTF("relay_from_table: next host %s", host->conf.name); if (!rlay->dstcheck || host->up == HOST_UP) goto found; } @@ -1611,9 +1611,9 @@ relay_from_table(struct session *con) fatalx("relay_from_table: no active hosts, desynchronized"); found: - con->retry = host->retry; - con->out.port = table->port; - bcopy(&host->ss, &con->out.ss, sizeof(con->out.ss)); + con->retry = host->conf.retry; + con->out.port = table->conf.port; + bcopy(&host->conf.ss, &con->out.ss, sizeof(con->out.ss)); return (0); } @@ -1829,7 +1829,8 @@ relay_dispatch_pfe(int fd, short event, void *ptr) memcpy(&id, imsg.data, sizeof(id)); if ((host = host_find(env, id)) == NULL) fatalx("relay_dispatch_pfe: desynchronized"); - if ((table = table_find(env, host->tableid)) == NULL) + if ((table = table_find(env, host->conf.tableid)) == + NULL) fatalx("relay_dispatch_pfe: invalid table id"); if (host->up == HOST_UP) table->up--; @@ -1853,15 +1854,17 @@ relay_dispatch_pfe(int fd, short event, void *ptr) break; if (host->up == st.up) { log_debug("relay_dispatch_pfe: host %d => %d", - host->id, host->up); + host->conf.id, host->up); fatalx("relay_dispatch_pfe: desynchronized"); } - if ((table = table_find(env, host->tableid)) == NULL) + if ((table = table_find(env, host->conf.tableid)) + == NULL) fatalx("relay_dispatch_pfe: invalid table id"); DPRINTF("relay_dispatch_pfe: [%d] state %d for " - "host %u %s", proc_id, st.up, host->id, host->name); + "host %u %s", proc_id, st.up, + host->conf.id, host->conf.name); if ((st.up == HOST_UNKNOWN && host->up == HOST_DOWN) || (st.up == HOST_DOWN && host->up == HOST_UNKNOWN)) { diff --git a/usr.sbin/hoststated/ssl.c b/usr.sbin/hoststated/ssl.c index c42e4b3e999..9c822d2984e 100644 --- a/usr.sbin/hoststated/ssl.c +++ b/usr.sbin/hoststated/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.8 2007/02/22 05:58:06 reyk Exp $ */ +/* $OpenBSD: ssl.c,v 1.9 2007/05/27 20:53:10 pyr Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@spootnik.org> @@ -88,7 +88,7 @@ ssl_read(int s, short event, void *arg) /* FALLTHROUGH */ default: cte->host->up = HOST_DOWN; - ssl_error(cte->host->name, "cannot read"); + ssl_error(cte->host->conf.name, "cannot read"); ssl_cleanup(cte); hce_notify_done(cte->host, "ssl_read: SSL error"); break; @@ -111,7 +111,7 @@ ssl_read(int s, short event, void *arg) retry: event_again(&cte->ev, s, EV_TIMEOUT|retry_flag, ssl_read, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); return; } @@ -146,7 +146,7 @@ ssl_write(int s, short event, void *arg) goto retry; default: cte->host->up = HOST_DOWN; - ssl_error(cte->host->name, "cannot write"); + ssl_error(cte->host->conf.name, "cannot write"); ssl_cleanup(cte); hce_notify_done(cte->host, "ssl_write: SSL error"); return; @@ -156,11 +156,11 @@ ssl_write(int s, short event, void *arg) fatalx("ssl_write: cannot create dynamic buffer"); event_again(&cte->ev, s, EV_TIMEOUT|EV_READ, ssl_read, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); return; retry: event_again(&cte->ev, s, EV_TIMEOUT|retry_flag, ssl_write, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); } void @@ -191,14 +191,14 @@ ssl_connect(int s, short event, void *arg) goto retry; default: cte->host->up = HOST_DOWN; - ssl_error(cte->host->name, "cannot connect"); + ssl_error(cte->host->conf.name, "cannot connect"); hce_notify_done(cte->host, "ssl_connect: SSL error"); ssl_cleanup(cte); return; } } - if (cte->table->check == CHECK_TCP) { + if (cte->table->conf.check == CHECK_TCP) { cte->host->up = HOST_UP; hce_notify_done(cte->host, "ssl_connect: connect successful"); ssl_cleanup(cte); @@ -206,19 +206,19 @@ ssl_connect(int s, short event, void *arg) } if (cte->table->sendbuf != NULL) { event_again(&cte->ev, cte->s, EV_TIMEOUT|EV_WRITE, ssl_write, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); return; } if ((cte->buf = buf_dynamic(SMALL_READ_BUF_SIZE, UINT_MAX)) == NULL) fatalx("ssl_connect: cannot create dynamic buffer"); event_again(&cte->ev, cte->s, EV_TIMEOUT|EV_READ, ssl_read, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); return; retry: event_again(&cte->ev, s, EV_TIMEOUT|retry_flag, ssl_connect, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); } void @@ -262,13 +262,13 @@ ssl_transaction(struct ctl_tcp_event *cte) { cte->ssl = SSL_new(cte->table->ssl_ctx); if (cte->ssl == NULL) { - ssl_error(cte->host->name, "cannot create object"); + ssl_error(cte->host->conf.name, "cannot create object"); fatal("cannot create SSL object"); } if (SSL_set_fd(cte->ssl, cte->s) == 0) { cte->host->up = HOST_UNKNOWN; - ssl_error(cte->host->name, "cannot set fd"); + ssl_error(cte->host->conf.name, "cannot set fd"); ssl_cleanup(cte); hce_notify_done(cte->host, "ssl_transaction: cannot set SSL fd"); @@ -277,7 +277,7 @@ ssl_transaction(struct ctl_tcp_event *cte) SSL_set_connect_state(cte->ssl); event_again(&cte->ev, cte->s, EV_TIMEOUT|EV_WRITE, ssl_connect, - &cte->tv_start, &cte->table->timeout, cte); + &cte->tv_start, &cte->table->conf.timeout, cte); } SSL_CTX * |