diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2023-07-20 04:49:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2023-07-20 04:49:55 +0000 |
commit | ab1bb5b7f1c3c3a7b240ab7fc8661459ecd7decb (patch) | |
tree | 7a900833aad3ccc685712c6c2a7d87576d54f427 /libnetdata/socket | |
parent | Adding upstream version 1.40.1. (diff) | |
download | netdata-ab1bb5b7f1c3c3a7b240ab7fc8661459ecd7decb.tar.xz netdata-ab1bb5b7f1c3c3a7b240ab7fc8661459ecd7decb.zip |
Adding upstream version 1.41.0.upstream/1.41.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'libnetdata/socket')
-rw-r--r-- | libnetdata/socket/security.c | 26 | ||||
-rw-r--r-- | libnetdata/socket/socket.c | 243 | ||||
-rw-r--r-- | libnetdata/socket/socket.h | 13 |
3 files changed, 153 insertions, 129 deletions
diff --git a/libnetdata/socket/security.c b/libnetdata/socket/security.c index abae71c66..c1bb76345 100644 --- a/libnetdata/socket/security.c +++ b/libnetdata/socket/security.c @@ -406,7 +406,7 @@ bool netdata_ssl_accept(NETDATA_SSL *ssl) { static void netdata_ssl_info_callback(const SSL *ssl, int where, int ret __maybe_unused) { (void)ssl; if (where & SSL_CB_ALERT) { - debug(D_WEB_CLIENT,"SSL INFO CALLBACK %s %s", SSL_alert_type_string(ret), SSL_alert_desc_string_long(ret)); + netdata_log_debug(D_WEB_CLIENT,"SSL INFO CALLBACK %s %s", SSL_alert_type_string(ret), SSL_alert_desc_string_long(ret)); } } @@ -429,7 +429,7 @@ void netdata_ssl_initialize_openssl() { #else if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) != 1) { - error("SSL library cannot be initialized."); + netdata_log_error("SSL library cannot be initialized."); } #endif @@ -516,7 +516,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) { #if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_110 ctx = SSL_CTX_new(SSLv23_server_method()); if (!ctx) { - error("Cannot create a new SSL context, netdata won't encrypt communication"); + netdata_log_error("Cannot create a new SSL context, netdata won't encrypt communication"); return NULL; } @@ -524,7 +524,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) { #else ctx = SSL_CTX_new(TLS_server_method()); if (!ctx) { - error("Cannot create a new SSL context, netdata won't encrypt communication"); + netdata_log_error("Cannot create a new SSL context, netdata won't encrypt communication"); return NULL; } @@ -539,7 +539,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) { if(tls_ciphers && strcmp(tls_ciphers, "none") != 0) { if (!SSL_CTX_set_cipher_list(ctx, tls_ciphers)) { - error("SSL error. cannot set the cipher list"); + netdata_log_error("SSL error. cannot set the cipher list"); } } #endif @@ -548,7 +548,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) { if (!SSL_CTX_check_private_key(ctx)) { ERR_error_string_n(ERR_get_error(),lerror,sizeof(lerror)); - error("SSL cannot check the private key: %s",lerror); + netdata_log_error("SSL cannot check the private key: %s",lerror); SSL_CTX_free(ctx); return NULL; } @@ -559,7 +559,7 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) { #if (OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_095) SSL_CTX_set_verify_depth(ctx,1); #endif - debug(D_WEB_CLIENT,"SSL GLOBAL CONTEXT STARTED\n"); + netdata_log_debug(D_WEB_CLIENT,"SSL GLOBAL CONTEXT STARTED\n"); SSL_CTX_set_mode(ctx, mode); @@ -578,14 +578,14 @@ static SSL_CTX * netdata_ssl_create_server_ctx(unsigned long mode) { */ void netdata_ssl_initialize_ctx(int selector) { static SPINLOCK sp = NETDATA_SPINLOCK_INITIALIZER; - netdata_spinlock_lock(&sp); + spinlock_lock(&sp); switch (selector) { case NETDATA_SSL_WEB_SERVER_CTX: { if(!netdata_ssl_web_server_ctx) { struct stat statbuf; if (stat(netdata_ssl_security_key, &statbuf) || stat(netdata_ssl_security_cert, &statbuf)) - info("To use encryption it is necessary to set \"ssl certificate\" and \"ssl key\" in [web] !\n"); + netdata_log_info("To use encryption it is necessary to set \"ssl certificate\" and \"ssl key\" in [web] !\n"); else { netdata_ssl_web_server_ctx = netdata_ssl_create_server_ctx( SSL_MODE_ENABLE_PARTIAL_WRITE | @@ -628,7 +628,7 @@ void netdata_ssl_initialize_ctx(int selector) { } } - netdata_spinlock_unlock(&sp); + spinlock_unlock(&sp); } /** @@ -680,7 +680,7 @@ int security_test_certificate(SSL *ssl) { { char error[512]; ERR_error_string_n(ERR_get_error(), error, sizeof(error)); - error("SSL RFC4158 check: We have a invalid certificate, the tests result with %ld and message %s", status, error); + netdata_log_error("SSL RFC4158 check: We have a invalid certificate, the tests result with %ld and message %s", status, error); ret = -1; } else { ret = 0; @@ -705,13 +705,13 @@ int ssl_security_location_for_context(SSL_CTX *ctx, char *file, char *path) { int load_custom = 1, load_default = 1; if (file || path) { if(!SSL_CTX_load_verify_locations(ctx, file, path)) { - info("Netdata can not verify custom CAfile or CApath for parent's SSL certificate, so it will use the default OpenSSL configuration to validate certificates!"); + netdata_log_info("Netdata can not verify custom CAfile or CApath for parent's SSL certificate, so it will use the default OpenSSL configuration to validate certificates!"); load_custom = 0; } } if(!SSL_CTX_set_default_verify_paths(ctx)) { - info("Can not verify default OpenSSL configuration to validate certificates!"); + netdata_log_info("Can not verify default OpenSSL configuration to validate certificates!"); load_default = 0; } diff --git a/libnetdata/socket/socket.c b/libnetdata/socket/socket.c index 7f0b81fee..e7d0b4807 100644 --- a/libnetdata/socket/socket.c +++ b/libnetdata/socket/socket.c @@ -15,10 +15,10 @@ SOCKET_PEERS socket_peers(int sock_fd) { SOCKET_PEERS peers; if(sock_fd < 0) { - strncpyz(peers.peer.ip, "unknown", sizeof(peers.peer.ip) - 1); + strncpyz(peers.peer.ip, "not connected", sizeof(peers.peer.ip) - 1); peers.peer.port = 0; - strncpyz(peers.local.ip, "unknown", sizeof(peers.local.ip) - 1); + strncpyz(peers.local.ip, "not connected", sizeof(peers.local.ip) - 1); peers.local.port = 0; return peers; @@ -124,7 +124,7 @@ int sock_setnonblock(int fd) { int ret = fcntl(fd, F_SETFL, flags); if(ret < 0) - error("Failed to set O_NONBLOCK on socket %d", fd); + netdata_log_error("Failed to set O_NONBLOCK on socket %d", fd); return ret; } @@ -137,7 +137,7 @@ int sock_delnonblock(int fd) { int ret = fcntl(fd, F_SETFL, flags); if(ret < 0) - error("Failed to remove O_NONBLOCK on socket %d", fd); + netdata_log_error("Failed to remove O_NONBLOCK on socket %d", fd); return ret; } @@ -146,7 +146,7 @@ int sock_setreuse(int fd, int reuse) { int ret = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &reuse, sizeof(reuse)); if(ret == -1) - error("Failed to set SO_REUSEADDR on socket %d", fd); + netdata_log_error("Failed to set SO_REUSEADDR on socket %d", fd); return ret; } @@ -157,7 +157,7 @@ int sock_setreuse_port(int fd, int reuse) { #ifdef SO_REUSEPORT ret = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &reuse, sizeof(reuse)); if(ret == -1 && errno != ENOPROTOOPT) - error("failed to set SO_REUSEPORT on socket %d", fd); + netdata_log_error("failed to set SO_REUSEPORT on socket %d", fd); #else ret = -1; #endif @@ -171,7 +171,7 @@ int sock_enlarge_in(int fd) { ret = setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &bs, sizeof(bs)); if(ret == -1) - error("Failed to set SO_RCVBUF on socket %d", fd); + netdata_log_error("Failed to set SO_RCVBUF on socket %d", fd); return ret; } @@ -181,7 +181,7 @@ int sock_enlarge_out(int fd) { ret = setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &bs, sizeof(bs)); if(ret == -1) - error("Failed to set SO_SNDBUF on socket %d", fd); + netdata_log_error("Failed to set SO_SNDBUF on socket %d", fd); return ret; } @@ -216,11 +216,11 @@ char *strdup_client_description(int family, const char *protocol, const char *ip int create_listen_socket_unix(const char *path, int listen_backlog) { int sock; - debug(D_LISTENER, "LISTENER: UNIX creating new listening socket on path '%s'", path); + netdata_log_debug(D_LISTENER, "LISTENER: UNIX creating new listening socket on path '%s'", path); sock = socket(AF_UNIX, SOCK_STREAM, 0); if(sock < 0) { - error("LISTENER: UNIX socket() on path '%s' failed.", path); + netdata_log_error("LISTENER: UNIX socket() on path '%s' failed.", path); return -1; } @@ -234,37 +234,37 @@ int create_listen_socket_unix(const char *path, int listen_backlog) { errno = 0; if (unlink(path) == -1 && errno != ENOENT) - error("LISTENER: failed to remove existing (probably obsolete or left-over) file on UNIX socket path '%s'.", path); + netdata_log_error("LISTENER: failed to remove existing (probably obsolete or left-over) file on UNIX socket path '%s'.", path); if(bind (sock, (struct sockaddr *) &name, sizeof (name)) < 0) { close(sock); - error("LISTENER: UNIX bind() on path '%s' failed.", path); + netdata_log_error("LISTENER: UNIX bind() on path '%s' failed.", path); return -1; } // we have to chmod this to 0777 so that the client will be able // to read from and write to this socket. if(chmod(path, 0777) == -1) - error("LISTENER: failed to chmod() socket file '%s'.", path); + netdata_log_error("LISTENER: failed to chmod() socket file '%s'.", path); if(listen(sock, listen_backlog) < 0) { close(sock); - error("LISTENER: UNIX listen() on path '%s' failed.", path); + netdata_log_error("LISTENER: UNIX listen() on path '%s' failed.", path); return -1; } - debug(D_LISTENER, "LISTENER: Listening on UNIX path '%s'", path); + netdata_log_debug(D_LISTENER, "LISTENER: Listening on UNIX path '%s'", path); return sock; } int create_listen_socket4(int socktype, const char *ip, uint16_t port, int listen_backlog) { int sock; - debug(D_LISTENER, "LISTENER: IPv4 creating new listening socket on ip '%s' port %d, socktype %d", ip, port, socktype); + netdata_log_debug(D_LISTENER, "LISTENER: IPv4 creating new listening socket on ip '%s' port %d, socktype %d", ip, port, socktype); sock = socket(AF_INET, socktype, 0); if(sock < 0) { - error("LISTENER: IPv4 socket() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); + netdata_log_error("LISTENER: IPv4 socket() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); return -1; } @@ -280,24 +280,24 @@ int create_listen_socket4(int socktype, const char *ip, uint16_t port, int liste int ret = inet_pton(AF_INET, ip, (void *)&name.sin_addr.s_addr); if(ret != 1) { - error("LISTENER: Failed to convert IP '%s' to a valid IPv4 address.", ip); + netdata_log_error("LISTENER: Failed to convert IP '%s' to a valid IPv4 address.", ip); close(sock); return -1; } if(bind (sock, (struct sockaddr *) &name, sizeof (name)) < 0) { close(sock); - error("LISTENER: IPv4 bind() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); + netdata_log_error("LISTENER: IPv4 bind() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); return -1; } if(socktype == SOCK_STREAM && listen(sock, listen_backlog) < 0) { close(sock); - error("LISTENER: IPv4 listen() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); + netdata_log_error("LISTENER: IPv4 listen() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); return -1; } - debug(D_LISTENER, "LISTENER: Listening on IPv4 ip '%s' port %d, socktype %d", ip, port, socktype); + netdata_log_debug(D_LISTENER, "LISTENER: Listening on IPv4 ip '%s' port %d, socktype %d", ip, port, socktype); return sock; } @@ -305,11 +305,11 @@ int create_listen_socket6(int socktype, uint32_t scope_id, const char *ip, int p int sock; int ipv6only = 1; - debug(D_LISTENER, "LISTENER: IPv6 creating new listening socket on ip '%s' port %d, socktype %d", ip, port, socktype); + netdata_log_debug(D_LISTENER, "LISTENER: IPv6 creating new listening socket on ip '%s' port %d, socktype %d", ip, port, socktype); sock = socket(AF_INET6, socktype, 0); if (sock < 0) { - error("LISTENER: IPv6 socket() on ip '%s' port %d, socktype %d, failed.", ip, port, socktype); + netdata_log_error("LISTENER: IPv6 socket() on ip '%s' port %d, socktype %d, failed.", ip, port, socktype); return -1; } @@ -320,7 +320,7 @@ int create_listen_socket6(int socktype, uint32_t scope_id, const char *ip, int p /* IPv6 only */ if(setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (void*)&ipv6only, sizeof(ipv6only)) != 0) - error("LISTENER: Cannot set IPV6_V6ONLY on ip '%s' port %d, socktype %d.", ip, port, socktype); + netdata_log_error("LISTENER: Cannot set IPV6_V6ONLY on ip '%s' port %d, socktype %d.", ip, port, socktype); struct sockaddr_in6 name; memset(&name, 0, sizeof(struct sockaddr_in6)); @@ -330,7 +330,7 @@ int create_listen_socket6(int socktype, uint32_t scope_id, const char *ip, int p int ret = inet_pton(AF_INET6, ip, (void *)&name.sin6_addr.s6_addr); if(ret != 1) { - error("LISTENER: Failed to convert IP '%s' to a valid IPv6 address.", ip); + netdata_log_error("LISTENER: Failed to convert IP '%s' to a valid IPv6 address.", ip); close(sock); return -1; } @@ -339,23 +339,23 @@ int create_listen_socket6(int socktype, uint32_t scope_id, const char *ip, int p if (bind (sock, (struct sockaddr *) &name, sizeof (name)) < 0) { close(sock); - error("LISTENER: IPv6 bind() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); + netdata_log_error("LISTENER: IPv6 bind() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); return -1; } if (socktype == SOCK_STREAM && listen(sock, listen_backlog) < 0) { close(sock); - error("LISTENER: IPv6 listen() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); + netdata_log_error("LISTENER: IPv6 listen() on ip '%s' port %d, socktype %d failed.", ip, port, socktype); return -1; } - debug(D_LISTENER, "LISTENER: Listening on IPv6 ip '%s' port %d, socktype %d", ip, port, socktype); + netdata_log_debug(D_LISTENER, "LISTENER: Listening on IPv6 ip '%s' port %d, socktype %d", ip, port, socktype); return sock; } static inline int listen_sockets_add(LISTEN_SOCKETS *sockets, int fd, int family, int socktype, const char *protocol, const char *ip, uint16_t port, int acl_flags) { if(sockets->opened >= MAX_LISTEN_FDS) { - error("LISTENER: Too many listening sockets. Failed to add listening %s socket at ip '%s' port %d, protocol %s, socktype %d", protocol, ip, port, protocol, socktype); + netdata_log_error("LISTENER: Too many listening sockets. Failed to add listening %s socket at ip '%s' port %d, protocol %s, socktype %d", protocol, ip, port, protocol, socktype); close(fd); return -1; } @@ -485,7 +485,7 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition, protocol_str = "unix"; int fd = create_listen_socket_unix(path, listen_backlog); if (fd == -1) { - error("LISTENER: Cannot create unix socket '%s'", path); + netdata_log_error("LISTENER: Cannot create unix socket '%s'", path); sockets->failed++; } else { acl_flags = WEB_CLIENT_ACL_DASHBOARD | WEB_CLIENT_ACL_REGISTRY | WEB_CLIENT_ACL_BADGE | WEB_CLIENT_ACL_MGMT | WEB_CLIENT_ACL_NETDATACONF | WEB_CLIENT_ACL_STREAMING | WEB_CLIENT_ACL_SSL_DEFAULT; @@ -551,7 +551,7 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition, if(*interface) { scope_id = if_nametoindex(interface); if(!scope_id) - error("LISTENER: Cannot find a network interface named '%s'. Continuing with limiting the network interface", interface); + netdata_log_error("LISTENER: Cannot find a network interface named '%s'. Continuing with limiting the network interface", interface); } if(!*ip || *ip == '*' || !strcmp(ip, "any") || !strcmp(ip, "all")) @@ -571,7 +571,7 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition, int r = getaddrinfo(ip, port, &hints, &result); if (r != 0) { - error("LISTENER: getaddrinfo('%s', '%s'): %s\n", ip, port, gai_strerror(r)); + netdata_log_error("LISTENER: getaddrinfo('%s', '%s'): %s\n", ip, port, gai_strerror(r)); return -1; } @@ -588,7 +588,7 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition, struct sockaddr_in *sin = (struct sockaddr_in *) rp->ai_addr; inet_ntop(AF_INET, &sin->sin_addr, rip, INET_ADDRSTRLEN); rport = ntohs(sin->sin_port); - // info("Attempting to listen on IPv4 '%s' ('%s'), port %d ('%s'), socktype %d", rip, ip, rport, port, socktype); + // netdata_log_info("Attempting to listen on IPv4 '%s' ('%s'), port %d ('%s'), socktype %d", rip, ip, rport, port, socktype); fd = create_listen_socket4(socktype, rip, rport, listen_backlog); break; } @@ -597,18 +597,18 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition, struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) rp->ai_addr; inet_ntop(AF_INET6, &sin6->sin6_addr, rip, INET6_ADDRSTRLEN); rport = ntohs(sin6->sin6_port); - // info("Attempting to listen on IPv6 '%s' ('%s'), port %d ('%s'), socktype %d", rip, ip, rport, port, socktype); + // netdata_log_info("Attempting to listen on IPv6 '%s' ('%s'), port %d ('%s'), socktype %d", rip, ip, rport, port, socktype); fd = create_listen_socket6(socktype, scope_id, rip, rport, listen_backlog); break; } default: - debug(D_LISTENER, "LISTENER: Unknown socket family %d", family); + netdata_log_debug(D_LISTENER, "LISTENER: Unknown socket family %d", family); break; } if (fd == -1) { - error("LISTENER: Cannot bind to ip '%s', port %d", rip, rport); + netdata_log_error("LISTENER: Cannot bind to ip '%s', port %d", rip, rport); sockets->failed++; } else { @@ -630,12 +630,12 @@ int listen_sockets_setup(LISTEN_SOCKETS *sockets) { long long int old_port = sockets->default_port; long long int new_port = appconfig_get_number(sockets->config, sockets->config_section, "default port", sockets->default_port); if(new_port < 1 || new_port > 65535) { - error("LISTENER: Invalid listen port %lld given. Defaulting to %lld.", new_port, old_port); + netdata_log_error("LISTENER: Invalid listen port %lld given. Defaulting to %lld.", new_port, old_port); sockets->default_port = (uint16_t) appconfig_set_number(sockets->config, sockets->config_section, "default port", old_port); } else sockets->default_port = (uint16_t)new_port; - debug(D_OPTIONS, "LISTENER: Default listen port set to %d.", sockets->default_port); + netdata_log_debug(D_OPTIONS, "LISTENER: Default listen port set to %d.", sockets->default_port); char *s = appconfig_get(sockets->config, sockets->config_section, "bind to", sockets->default_bind_to); while(*s) { @@ -660,7 +660,7 @@ int listen_sockets_setup(LISTEN_SOCKETS *sockets) { if(sockets->failed) { size_t i; for(i = 0; i < sockets->opened ;i++) - info("LISTENER: Listen socket %s opened successfully.", sockets->fds_names[i]); + netdata_log_info("LISTENER: Listen socket %s opened successfully.", sockets->fds_names[i]); } return (int)sockets->opened; @@ -677,13 +677,13 @@ int listen_sockets_setup(LISTEN_SOCKETS *sockets) { static inline int connect_to_unix(const char *path, struct timeval *timeout) { int fd = socket(AF_UNIX, SOCK_STREAM, 0); if(fd == -1) { - error("Failed to create UNIX socket() for '%s'", path); + netdata_log_error("Failed to create UNIX socket() for '%s'", path); return -1; } if(timeout) { if(setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, (char *) timeout, sizeof(struct timeval)) < 0) - error("Failed to set timeout on UNIX socket '%s'", path); + netdata_log_error("Failed to set timeout on UNIX socket '%s'", path); } struct sockaddr_un addr; @@ -692,12 +692,12 @@ static inline int connect_to_unix(const char *path, struct timeval *timeout) { strncpy(addr.sun_path, path, sizeof(addr.sun_path)-1); if (connect(fd, (struct sockaddr*)&addr, sizeof(addr)) == -1) { - error("Cannot connect to UNIX socket on path '%s'.", path); + netdata_log_error("Cannot connect to UNIX socket on path '%s'.", path); close(fd); return -1; } - debug(D_CONNECT_TO, "Connected to UNIX socket on path '%s'.", path); + netdata_log_debug(D_CONNECT_TO, "Connected to UNIX socket on path '%s'.", path); return fd; } @@ -723,7 +723,7 @@ int connect_to_this_ip46(int protocol, int socktype, const char *host, uint32_t int ai_err = getaddrinfo(host, service, &hints, &ai_head); if (ai_err != 0) { - error("Cannot resolve host '%s', port '%s': %s", host, service, gai_strerror(ai_err)); + netdata_log_error("Cannot resolve host '%s', port '%s': %s", host, service, gai_strerror(ai_err)); return -1; } @@ -748,7 +748,7 @@ int connect_to_this_ip46(int protocol, int socktype, const char *host, uint32_t sizeof(servBfr), NI_NUMERICHOST | NI_NUMERICSERV); - debug(D_CONNECT_TO, "Address info: host = '%s', service = '%s', ai_flags = 0x%02X, ai_family = %d (PF_INET = %d, PF_INET6 = %d), ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM = %d), ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP = %d), ai_addrlen = %lu (sockaddr_in = %lu, sockaddr_in6 = %lu)", + netdata_log_debug(D_CONNECT_TO, "Address info: host = '%s', service = '%s', ai_flags = 0x%02X, ai_family = %d (PF_INET = %d, PF_INET6 = %d), ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM = %d), ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP = %d), ai_addrlen = %lu (sockaddr_in = %lu, sockaddr_in6 = %lu)", hostBfr, servBfr, (unsigned int)ai->ai_flags, @@ -770,7 +770,7 @@ int connect_to_this_ip46(int protocol, int socktype, const char *host, uint32_t struct sockaddr_in *pSadrIn = (struct sockaddr_in *)ai->ai_addr; (void)pSadrIn; - debug(D_CONNECT_TO, "ai_addr = sin_family: %d (AF_INET = %d, AF_INET6 = %d), sin_addr: '%s', sin_port: '%s'", + netdata_log_debug(D_CONNECT_TO, "ai_addr = sin_family: %d (AF_INET = %d, AF_INET6 = %d), sin_addr: '%s', sin_port: '%s'", pSadrIn->sin_family, AF_INET, AF_INET6, @@ -783,7 +783,7 @@ int connect_to_this_ip46(int protocol, int socktype, const char *host, uint32_t struct sockaddr_in6 *pSadrIn6 = (struct sockaddr_in6 *) ai->ai_addr; (void)pSadrIn6; - debug(D_CONNECT_TO,"ai_addr = sin6_family: %d (AF_INET = %d, AF_INET6 = %d), sin6_addr: '%s', sin6_port: '%s', sin6_flowinfo: %u, sin6_scope_id: %u", + netdata_log_debug(D_CONNECT_TO,"ai_addr = sin6_family: %d (AF_INET = %d, AF_INET6 = %d), sin6_addr: '%s', sin6_port: '%s', sin6_flowinfo: %u, sin6_scope_id: %u", pSadrIn6->sin6_family, AF_INET, AF_INET6, @@ -795,7 +795,7 @@ int connect_to_this_ip46(int protocol, int socktype, const char *host, uint32_t } default: { - debug(D_CONNECT_TO, "Unknown protocol family %d.", ai->ai_family); + netdata_log_debug(D_CONNECT_TO, "Unknown protocol family %d.", ai->ai_family); continue; } } @@ -804,42 +804,57 @@ int connect_to_this_ip46(int protocol, int socktype, const char *host, uint32_t if(fd != -1) { if(timeout) { if(setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, (char *) timeout, sizeof(struct timeval)) < 0) - error("Failed to set timeout on the socket to ip '%s' port '%s'", hostBfr, servBfr); + netdata_log_error("Failed to set timeout on the socket to ip '%s' port '%s'", hostBfr, servBfr); } errno = 0; if(connect(fd, ai->ai_addr, ai->ai_addrlen) < 0) { if(errno == EALREADY || errno == EINPROGRESS) { - info("Waiting for connection to ip %s port %s to be established", hostBfr, servBfr); + netdata_log_info("Waiting for connection to ip %s port %s to be established", hostBfr, servBfr); + + // Convert 'struct timeval' to milliseconds for poll(): + int timeout_milliseconds = timeout->tv_sec * 1000 + timeout->tv_usec / 1000; - fd_set fds; - FD_ZERO(&fds); - FD_SET(0, &fds); - int rc = select (1, NULL, &fds, NULL, timeout); + struct pollfd fds[1]; + fds[0].fd = fd; + fds[0].events = POLLOUT; // We are looking for the ability to write to the socket - if(rc > 0 && FD_ISSET(fd, &fds)) { - info("connect() to ip %s port %s completed successfully", hostBfr, servBfr); + int ret = poll(fds, 1, timeout_milliseconds); + if (ret > 0) { + // poll() completed normally. We can check the revents to see what happened + if (fds[0].revents & POLLOUT) { + // connect() completed successfully, socket is writable. + netdata_log_info("connect() to ip %s port %s completed successfully", hostBfr, servBfr); + } + else { + // This means that the socket is in error. We will close it and set fd to -1 + netdata_log_error("Failed to connect to '%s', port '%s'.", hostBfr, servBfr); + close(fd); + fd = -1; + } } - else if(rc == -1) { - error("Failed to connect to '%s', port '%s'. select() returned %d", hostBfr, servBfr, rc); + else if (ret == 0) { + // poll() timed out, the connection is not established within the specified timeout. + netdata_log_error("Timed out while connecting to '%s', port '%s'.", hostBfr, servBfr); close(fd); fd = -1; } else { - error("Timed out while connecting to '%s', port '%s'. select() returned %d", hostBfr, servBfr, rc); + // poll() returned an error. + netdata_log_error("Failed to connect to '%s', port '%s'. poll() returned %d", hostBfr, servBfr, ret); close(fd); fd = -1; } } else { - error("Failed to connect to '%s', port '%s'", hostBfr, servBfr); + netdata_log_error("Failed to connect to '%s', port '%s'", hostBfr, servBfr); close(fd); fd = -1; } } if(fd != -1) - debug(D_CONNECT_TO, "Connected to '%s' on port '%s'.", hostBfr, servBfr); + netdata_log_debug(D_CONNECT_TO, "Connected to '%s' on port '%s'.", hostBfr, servBfr); } } @@ -915,17 +930,17 @@ int connect_to_this(const char *definition, int default_port, struct timeval *ti service = e; } - debug(D_CONNECT_TO, "Attempting connection to host = '%s', service = '%s', interface = '%s', protocol = %d (tcp = %d, udp = %d)", host, service, interface, protocol, IPPROTO_TCP, IPPROTO_UDP); + netdata_log_debug(D_CONNECT_TO, "Attempting connection to host = '%s', service = '%s', interface = '%s', protocol = %d (tcp = %d, udp = %d)", host, service, interface, protocol, IPPROTO_TCP, IPPROTO_UDP); if(!*host) { - error("Definition '%s' does not specify a host.", definition); + netdata_log_error("Definition '%s' does not specify a host.", definition); return -1; } if(*interface) { scope_id = if_nametoindex(interface); if(!scope_id) - error("Cannot find a network interface named '%s'. Continuing with limiting the network interface", interface); + netdata_log_error("Cannot find a network interface named '%s'. Continuing with limiting the network interface", interface); } if(!*service) @@ -1110,7 +1125,7 @@ ssize_t send_timeout(int sockfd, void *buf, size_t len, int flags, int timeout) return netdata_ssl_write(ssl, buf, len); } else { - error("cannot write to SSL connection - connection is not ready."); + netdata_log_error("cannot write to SSL connection - connection is not ready."); return -1; } } @@ -1174,7 +1189,7 @@ int accept4(int sock, struct sockaddr *addr, socklen_t *addrlen, int flags) { int connection_allowed(int fd, char *client_ip, char *client_host, size_t hostsize, SIMPLE_PATTERN *access_list, const char *patname, int allow_dns) { - debug(D_LISTENER,"checking %s... (allow_dns=%d)", patname, allow_dns); + netdata_log_debug(D_LISTENER,"checking %s... (allow_dns=%d)", patname, allow_dns); if (!access_list) return 1; if (simple_pattern_matches(access_list, client_ip)) @@ -1189,7 +1204,7 @@ int connection_allowed(int fd, char *client_ip, char *client_host, size_t hostsi if (err != 0 || (err = getnameinfo((struct sockaddr *)&sadr, addrlen, client_host, (socklen_t)hostsize, NULL, 0, NI_NAMEREQD)) != 0) { - error("Incoming %s on '%s' does not match a numeric pattern, and host could not be resolved (err=%s)", + netdata_log_error("Incoming %s on '%s' does not match a numeric pattern, and host could not be resolved (err=%s)", patname, client_ip, gai_strerror(err)); if (hostsize >= 8) strcpy(client_host,"UNKNOWN"); @@ -1197,7 +1212,7 @@ int connection_allowed(int fd, char *client_ip, char *client_host, size_t hostsi } struct addrinfo *addr_infos = NULL; if (getaddrinfo(client_host, NULL, NULL, &addr_infos) !=0 ) { - error("LISTENER: cannot validate hostname '%s' from '%s' by resolving it", + netdata_log_error("LISTENER: cannot validate hostname '%s' from '%s' by resolving it", client_host, client_ip); if (hostsize >= 8) strcpy(client_host,"UNKNOWN"); @@ -1216,7 +1231,7 @@ int connection_allowed(int fd, char *client_ip, char *client_host, size_t hostsi inet_ntop(AF_INET6, &((struct sockaddr_in6*)(scan->ai_addr))->sin6_addr, address, INET6_ADDRSTRLEN); break; } - debug(D_LISTENER, "Incoming ip %s rev-resolved onto %s, validating against forward-resolution %s", + netdata_log_debug(D_LISTENER, "Incoming ip %s rev-resolved onto %s, validating against forward-resolution %s", client_ip, client_host, address); if (!strcmp(client_ip, address)) { validated = 1; @@ -1225,7 +1240,7 @@ int connection_allowed(int fd, char *client_ip, char *client_host, size_t hostsi scan = scan->ai_next; } if (!validated) { - error("LISTENER: Cannot validate '%s' as ip of '%s', not listed in DNS", client_ip, client_host); + netdata_log_error("LISTENER: Cannot validate '%s' as ip of '%s', not listed in DNS", client_ip, client_host); if (hostsize >= 8) strcpy(client_host,"UNKNOWN"); } @@ -1233,7 +1248,7 @@ int connection_allowed(int fd, char *client_ip, char *client_host, size_t hostsi freeaddrinfo(addr_infos); } if (!simple_pattern_matches(access_list, client_host)) { - debug(D_LISTENER, "Incoming connection on '%s' (%s) does not match allowed pattern for %s", + netdata_log_debug(D_LISTENER, "Incoming connection on '%s' (%s) does not match allowed pattern for %s", client_ip, client_host, patname); return 0; } @@ -1251,7 +1266,7 @@ int accept_socket(int fd, int flags, char *client_ip, size_t ipsize, char *clien if (likely(nfd >= 0)) { if (getnameinfo((struct sockaddr *)&sadr, addrlen, client_ip, (socklen_t)ipsize, client_port, (socklen_t)portsize, NI_NUMERICHOST | NI_NUMERICSERV) != 0) { - error("LISTENER: cannot getnameinfo() on received client connection."); + netdata_log_error("LISTENER: cannot getnameinfo() on received client connection."); strncpyz(client_ip, "UNKNOWN", ipsize); strncpyz(client_port, "UNKNOWN", portsize); } @@ -1269,31 +1284,31 @@ int accept_socket(int fd, int flags, char *client_ip, size_t ipsize, char *clien switch (((struct sockaddr *)&sadr)->sa_family) { case AF_UNIX: - debug(D_LISTENER, "New UNIX domain web client from %s on socket %d.", client_ip, fd); + netdata_log_debug(D_LISTENER, "New UNIX domain web client from %s on socket %d.", client_ip, fd); // set the port - certain versions of libc return garbage on unix sockets strncpyz(client_port, "UNIX", portsize); break; case AF_INET: - debug(D_LISTENER, "New IPv4 web client from %s port %s on socket %d.", client_ip, client_port, fd); + netdata_log_debug(D_LISTENER, "New IPv4 web client from %s port %s on socket %d.", client_ip, client_port, fd); break; case AF_INET6: if (strncmp(client_ip, "::ffff:", 7) == 0) { memmove(client_ip, &client_ip[7], strlen(&client_ip[7]) + 1); - debug(D_LISTENER, "New IPv4 web client from %s port %s on socket %d.", client_ip, client_port, fd); + netdata_log_debug(D_LISTENER, "New IPv4 web client from %s port %s on socket %d.", client_ip, client_port, fd); } else - debug(D_LISTENER, "New IPv6 web client from %s port %s on socket %d.", client_ip, client_port, fd); + netdata_log_debug(D_LISTENER, "New IPv6 web client from %s port %s on socket %d.", client_ip, client_port, fd); break; default: - debug(D_LISTENER, "New UNKNOWN web client from %s port %s on socket %d.", client_ip, client_port, fd); + netdata_log_debug(D_LISTENER, "New UNKNOWN web client from %s port %s on socket %d.", client_ip, client_port, fd); break; } if (!connection_allowed(nfd, client_ip, client_host, hostsize, access_list, "connection", allow_dns)) { errno = 0; - error("Permission denied for client '%s', port '%s'", client_ip, client_port); + netdata_log_error("Permission denied for client '%s', port '%s'", client_ip, client_port); close(nfd); nfd = -1; errno = EPERM; @@ -1301,7 +1316,7 @@ int accept_socket(int fd, int flags, char *client_ip, size_t ipsize, char *clien } #ifdef HAVE_ACCEPT4 else if (errno == ENOSYS) - error("netdata has been compiled with the assumption that the system has the accept4() call, but it is not here. Recompile netdata like this: ./configure --disable-accept4 ..."); + netdata_log_error("netdata has been compiled with the assumption that the system has the accept4() call, but it is not here. Recompile netdata like this: ./configure --disable-accept4 ..."); #endif return nfd; @@ -1329,19 +1344,19 @@ inline POLLINFO *poll_add_fd(POLLJOB *p , int (*snd_callback)(POLLINFO * /*pi*/, short int * /*events*/) , void *data ) { - debug(D_POLLFD, "POLLFD: ADD: request to add fd %d, slots = %zu, used = %zu, min = %zu, max = %zu, next free = %zd", fd, p->slots, p->used, p->min, p->max, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); + netdata_log_debug(D_POLLFD, "POLLFD: ADD: request to add fd %d, slots = %zu, used = %zu, min = %zu, max = %zu, next free = %zd", fd, p->slots, p->used, p->min, p->max, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); if(unlikely(fd < 0)) return NULL; //if(p->limit && p->used >= p->limit) { - // info("Max sockets limit reached (%zu sockets), dropping connection", p->used); + // netdata_log_info("Max sockets limit reached (%zu sockets), dropping connection", p->used); // close(fd); // return NULL; //} if(unlikely(!p->first_free)) { size_t new_slots = p->slots + POLL_FDS_INCREASE_STEP; - debug(D_POLLFD, "POLLFD: ADD: increasing size (current = %zu, new = %zu, used = %zu, min = %zu, max = %zu)", p->slots, new_slots, p->used, p->min, p->max); + netdata_log_debug(D_POLLFD, "POLLFD: ADD: increasing size (current = %zu, new = %zu, used = %zu, min = %zu, max = %zu)", p->slots, new_slots, p->used, p->min, p->max); p->fds = reallocz(p->fds, sizeof(struct pollfd) * new_slots); p->inf = reallocz(p->inf, sizeof(POLLINFO) * new_slots); @@ -1349,7 +1364,7 @@ inline POLLINFO *poll_add_fd(POLLJOB *p // reset all the newly added slots ssize_t i; for(i = new_slots - 1; i >= (ssize_t)p->slots ; i--) { - debug(D_POLLFD, "POLLFD: ADD: resetting new slot %zd", i); + netdata_log_debug(D_POLLFD, "POLLFD: ADD: resetting new slot %zd", i); p->fds[i].fd = -1; p->fds[i].events = 0; p->fds[i].revents = 0; @@ -1380,7 +1395,7 @@ inline POLLINFO *poll_add_fd(POLLJOB *p POLLINFO *pi = p->first_free; p->first_free = p->first_free->next; - debug(D_POLLFD, "POLLFD: ADD: selected slot %zu, next free is %zd", pi->slot, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); + netdata_log_debug(D_POLLFD, "POLLFD: ADD: selected slot %zu, next free is %zd", pi->slot, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); struct pollfd *pf = &p->fds[pi->slot]; pf->fd = fd; @@ -1422,7 +1437,7 @@ inline POLLINFO *poll_add_fd(POLLJOB *p } netdata_thread_enable_cancelability(); - debug(D_POLLFD, "POLLFD: ADD: completed, slots = %zu, used = %zu, min = %zu, max = %zu, next free = %zd", p->slots, p->used, p->min, p->max, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); + netdata_log_debug(D_POLLFD, "POLLFD: ADD: completed, slots = %zu, used = %zu, min = %zu, max = %zu, next free = %zd", p->slots, p->used, p->min, p->max, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); return pi; } @@ -1431,7 +1446,7 @@ inline void poll_close_fd(POLLINFO *pi) { POLLJOB *p = pi->p; struct pollfd *pf = &p->fds[pi->slot]; - debug(D_POLLFD, "POLLFD: DEL: request to clear slot %zu (fd %d), old next free was %zd", pi->slot, pf->fd, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); + netdata_log_debug(D_POLLFD, "POLLFD: DEL: request to clear slot %zu (fd %d), old next free was %zd", pi->slot, pf->fd, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); if(unlikely(pf->fd == -1)) return; @@ -1442,7 +1457,7 @@ inline void poll_close_fd(POLLINFO *pi) { if(likely(!(pi->flags & POLLINFO_FLAG_DONT_CLOSE))) { if(close(pf->fd) == -1) - error("Failed to close() poll_events() socket %d", pf->fd); + netdata_log_error("Failed to close() poll_events() socket %d", pf->fd); } } @@ -1484,7 +1499,7 @@ inline void poll_close_fd(POLLINFO *pi) { } netdata_thread_enable_cancelability(); - debug(D_POLLFD, "POLLFD: DEL: completed, slots = %zu, used = %zu, min = %zu, max = %zu, next free = %zd", p->slots, p->used, p->min, p->max, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); + netdata_log_debug(D_POLLFD, "POLLFD: DEL: completed, slots = %zu, used = %zu, min = %zu, max = %zu, next free = %zd", p->slots, p->used, p->min, p->max, p->first_free?(ssize_t)p->first_free->slot:(ssize_t)-1); } void *poll_default_add_callback(POLLINFO *pi, short int *events, void *data) { @@ -1492,14 +1507,14 @@ void *poll_default_add_callback(POLLINFO *pi, short int *events, void *data) { (void)events; (void)data; - // error("POLLFD: internal error: poll_default_add_callback() called"); + // netdata_log_error("POLLFD: internal error: poll_default_add_callback() called"); return NULL; } void poll_default_del_callback(POLLINFO *pi) { if(pi->data) - error("POLLFD: internal error: del_callback_default() called with data pointer - possible memory leak"); + netdata_log_error("POLLFD: internal error: del_callback_default() called with data pointer - possible memory leak"); } int poll_default_rcv_callback(POLLINFO *pi, short int *events) { @@ -1513,12 +1528,12 @@ int poll_default_rcv_callback(POLLINFO *pi, short int *events) { if (rc < 0) { // read failed if (errno != EWOULDBLOCK && errno != EAGAIN) { - error("POLLFD: poll_default_rcv_callback(): recv() failed with %zd.", rc); + netdata_log_error("POLLFD: poll_default_rcv_callback(): recv() failed with %zd.", rc); return -1; } } else if (rc) { // data received - info("POLLFD: internal error: poll_default_rcv_callback() is discarding %zd bytes received on socket %d", rc, pi->fd); + netdata_log_info("POLLFD: internal error: poll_default_rcv_callback() is discarding %zd bytes received on socket %d", rc, pi->fd); } } while (rc != -1); @@ -1528,7 +1543,7 @@ int poll_default_rcv_callback(POLLINFO *pi, short int *events) { int poll_default_snd_callback(POLLINFO *pi, short int *events) { *events &= ~POLLOUT; - info("POLLFD: internal error: poll_default_snd_callback(): nothing to send on socket %d", pi->fd); + netdata_log_info("POLLFD: internal error: poll_default_snd_callback(): nothing to send on socket %d", pi->fd); return 0; } @@ -1550,7 +1565,7 @@ static void poll_events_cleanup(void *data) { } static int poll_process_error(POLLINFO *pi, struct pollfd *pf, short int revents) { - error("POLLFD: LISTENER: received %s %s %s on socket at slot %zu (fd %d) client '%s' port '%s' expecting %s %s %s, having %s %s %s" + netdata_log_error("POLLFD: LISTENER: received %s %s %s on socket at slot %zu (fd %d) client '%s' port '%s' expecting %s %s %s, having %s %s %s" , revents & POLLERR ? "POLLERR" : "" , revents & POLLHUP ? "POLLHUP" : "" , revents & POLLNVAL ? "POLLNVAL" : "" @@ -1571,7 +1586,7 @@ static inline int poll_process_send(POLLJOB *p, POLLINFO *pi, struct pollfd *pf, pi->last_sent_t = now; pi->send_count++; - debug(D_POLLFD, "POLLFD: LISTENER: sending data to socket on slot %zu (fd %d)", pi->slot, pf->fd); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: sending data to socket on slot %zu (fd %d)", pi->slot, pf->fd); pf->events = 0; @@ -1592,7 +1607,7 @@ static inline int poll_process_tcp_read(POLLJOB *p, POLLINFO *pi, struct pollfd pi->last_received_t = now; pi->recv_count++; - debug(D_POLLFD, "POLLFD: LISTENER: reading data from TCP client slot %zu (fd %d)", pi->slot, pf->fd); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: reading data from TCP client slot %zu (fd %d)", pi->slot, pf->fd); pf->events = 0; @@ -1613,7 +1628,7 @@ static inline int poll_process_udp_read(POLLINFO *pi, struct pollfd *pf, time_t pi->last_received_t = now; pi->recv_count++; - debug(D_POLLFD, "POLLFD: LISTENER: reading data from UDP slot %zu (fd %d)", pi->slot, pf->fd); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: reading data from UDP slot %zu (fd %d)", pi->slot, pf->fd); // TODO: access_list is not applied to UDP // but checking the access list on every UDP packet will destroy @@ -1633,13 +1648,13 @@ static int poll_process_new_tcp_connection(POLLJOB *p, POLLINFO *pi, struct poll pi->last_received_t = now; pi->recv_count++; - debug(D_POLLFD, "POLLFD: LISTENER: accepting connections from slot %zu (fd %d)", pi->slot, pf->fd); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: accepting connections from slot %zu (fd %d)", pi->slot, pf->fd); char client_ip[INET6_ADDRSTRLEN] = ""; char client_port[NI_MAXSERV] = ""; char client_host[NI_MAXHOST] = ""; - debug(D_POLLFD, "POLLFD: LISTENER: calling accept4() slot %zu (fd %d)", pi->slot, pf->fd); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: calling accept4() slot %zu (fd %d)", pi->slot, pf->fd); int nfd = accept_socket( pf->fd,SOCK_NONBLOCK, @@ -1650,7 +1665,7 @@ static int poll_process_new_tcp_connection(POLLJOB *p, POLLINFO *pi, struct poll if (unlikely(nfd < 0)) { // accept failed - debug(D_POLLFD, "POLLFD: LISTENER: accept4() slot %zu (fd %d) failed.", pi->slot, pf->fd); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: accept4() slot %zu (fd %d) failed.", pi->slot, pf->fd); if(unlikely(errno == EMFILE)) { error_limit_static_global_var(erl, 10, 1000); @@ -1658,7 +1673,7 @@ static int poll_process_new_tcp_connection(POLLJOB *p, POLLINFO *pi, struct poll p->used, p->limit); } else if(unlikely(errno != EWOULDBLOCK && errno != EAGAIN)) - error("POLLFD: LISTENER: accept() failed."); + netdata_log_error("POLLFD: LISTENER: accept() failed."); } else { @@ -1705,7 +1720,7 @@ void poll_events(LISTEN_SOCKETS *sockets , size_t max_tcp_sockets ) { if(!sockets || !sockets->opened) { - error("POLLFD: internal error: no listening sockets are opened"); + netdata_log_error("POLLFD: internal error: no listening sockets are opened"); return; } @@ -1758,7 +1773,7 @@ void poll_events(LISTEN_SOCKETS *sockets ); pi->data = data; - info("POLLFD: LISTENER: listening on '%s'", (sockets->fds_names[i])?sockets->fds_names[i]:"UNKNOWN"); + netdata_log_info("POLLFD: LISTENER: listening on '%s'", (sockets->fds_names[i])?sockets->fds_names[i]:"UNKNOWN"); } int listen_sockets_active = 1; @@ -1782,7 +1797,7 @@ void poll_events(LISTEN_SOCKETS *sockets now_usec = now_boottime_usec(); if(unlikely(timer_usec && now_usec >= next_timer_usec)) { - debug(D_POLLFD, "Calling timer callback after %zu usec", (size_t)(now_usec - last_timer_usec)); + netdata_log_debug(D_POLLFD, "Calling timer callback after %zu usec", (size_t)(now_usec - last_timer_usec)); last_timer_usec = now_usec; p.tmr_callback(p.timer_data); now_usec = now_boottime_usec(); @@ -1799,7 +1814,7 @@ void poll_events(LISTEN_SOCKETS *sockets // enable or disable the TCP listening sockets, based on the current number of sockets used and the limit set if((listen_sockets_active && (p.limit && p.used >= p.limit)) || (!listen_sockets_active && (!p.limit || p.used < p.limit))) { listen_sockets_active = !listen_sockets_active; - info("%s listening sockets (used TCP sockets %zu, max allowed for this worker %zu)", (listen_sockets_active)?"ENABLING":"DISABLING", p.used, p.limit); + netdata_log_info("%s listening sockets (used TCP sockets %zu, max allowed for this worker %zu)", (listen_sockets_active)?"ENABLING":"DISABLING", p.used, p.limit); for (i = 0; i <= p.max; i++) { if(p.inf[i].flags & POLLINFO_FLAG_SERVER_SOCKET && p.inf[i].socktype == SOCK_STREAM) { p.fds[i].events = (short int) ((listen_sockets_active) ? POLLIN : 0); @@ -1807,16 +1822,16 @@ void poll_events(LISTEN_SOCKETS *sockets } } - debug(D_POLLFD, "POLLFD: LISTENER: Waiting on %zu sockets for %zu ms...", p.max + 1, (size_t)timeout_ms); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: Waiting on %zu sockets for %zu ms...", p.max + 1, (size_t)timeout_ms); retval = poll(p.fds, p.max + 1, timeout_ms); time_t now = now_boottime_sec(); if(unlikely(retval == -1)) { - error("POLLFD: LISTENER: poll() failed while waiting on %zu sockets.", p.max + 1); + netdata_log_error("POLLFD: LISTENER: poll() failed while waiting on %zu sockets.", p.max + 1); break; } else if(unlikely(!retval)) { - debug(D_POLLFD, "POLLFD: LISTENER: poll() timeout."); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: poll() timeout."); } else { POLLINFO *pi; @@ -1870,7 +1885,7 @@ void poll_events(LISTEN_SOCKETS *sockets conns[conns_max++] = i; } else - error("POLLFD: LISTENER: server slot %zu (fd %d) connection from %s port %s using unhandled socket type %d." + netdata_log_error("POLLFD: LISTENER: server slot %zu (fd %d) connection from %s port %s using unhandled socket type %d." , i , pi->fd , pi->client_ip ? pi->client_ip : "<undefined-ip>" @@ -1879,7 +1894,7 @@ void poll_events(LISTEN_SOCKETS *sockets ); } else - error("POLLFD: LISTENER: client slot %zu (fd %d) data from %s port %s using flags %08X is neither client nor server." + netdata_log_error("POLLFD: LISTENER: client slot %zu (fd %d) data from %s port %s using flags %08X is neither client nor server." , i , pi->fd , pi->client_ip ? pi->client_ip : "<undefined-ip>" @@ -1888,7 +1903,7 @@ void poll_events(LISTEN_SOCKETS *sockets ); } else - error("POLLFD: LISTENER: socket slot %zu (fd %d) client %s port %s unhandled event id %d." + netdata_log_error("POLLFD: LISTENER: socket slot %zu (fd %d) client %s port %s unhandled event id %d." , i , pi->fd , pi->client_ip ? pi->client_ip : "<undefined-ip>" @@ -1947,7 +1962,7 @@ void poll_events(LISTEN_SOCKETS *sockets if(likely(pi->flags & POLLINFO_FLAG_CLIENT_SOCKET)) { if (unlikely(pi->send_count == 0 && p.complete_request_timeout > 0 && (now - pi->connected_t) >= p.complete_request_timeout)) { - info("POLLFD: LISTENER: client slot %zu (fd %d) from %s port %s has not sent a complete request in %zu seconds - closing it. " + netdata_log_info("POLLFD: LISTENER: client slot %zu (fd %d) from %s port %s has not sent a complete request in %zu seconds - closing it. " , i , pi->fd , pi->client_ip ? pi->client_ip : "<undefined-ip>" @@ -1957,7 +1972,7 @@ void poll_events(LISTEN_SOCKETS *sockets poll_close_fd(pi); } else if(unlikely(pi->recv_count && p.idle_timeout > 0 && now - ((pi->last_received_t > pi->last_sent_t) ? pi->last_received_t : pi->last_sent_t) >= p.idle_timeout )) { - info("POLLFD: LISTENER: client slot %zu (fd %d) from %s port %s is idle for more than %zu seconds - closing it. " + netdata_log_info("POLLFD: LISTENER: client slot %zu (fd %d) from %s port %s is idle for more than %zu seconds - closing it. " , i , pi->fd , pi->client_ip ? pi->client_ip : "<undefined-ip>" @@ -1972,5 +1987,5 @@ void poll_events(LISTEN_SOCKETS *sockets } netdata_thread_cleanup_pop(1); - debug(D_POLLFD, "POLLFD: LISTENER: cleanup completed"); + netdata_log_debug(D_POLLFD, "POLLFD: LISTENER: cleanup completed"); } diff --git a/libnetdata/socket/socket.h b/libnetdata/socket/socket.h index 0e29711e0..8331ecbbe 100644 --- a/libnetdata/socket/socket.h +++ b/libnetdata/socket/socket.h @@ -11,7 +11,7 @@ typedef enum web_client_acl { WEB_CLIENT_ACL_NONE = (0), - WEB_CLIENT_ACL_NOCHECK = (0), + WEB_CLIENT_ACL_NOCHECK = (0), // Don't check anything - this should work on all channels WEB_CLIENT_ACL_DASHBOARD = (1 << 0), WEB_CLIENT_ACL_REGISTRY = (1 << 1), WEB_CLIENT_ACL_BADGE = (1 << 2), @@ -23,9 +23,18 @@ typedef enum web_client_acl { WEB_CLIENT_ACL_SSL_DEFAULT = (1 << 8), WEB_CLIENT_ACL_ACLK = (1 << 9), WEB_CLIENT_ACL_WEBRTC = (1 << 10), + WEB_CLIENT_ACL_BEARER_OPTIONAL = (1 << 11), // allow unprotected access if bearer is not enabled in netdata + WEB_CLIENT_ACL_BEARER_REQUIRED = (1 << 12), // allow access only if a valid bearer is used } WEB_CLIENT_ACL; -#define WEB_CLIENT_ACL_DASHBOARD_ACLK_WEBRTC (WEB_CLIENT_ACL_DASHBOARD | WEB_CLIENT_ACL_ACLK | WEB_CLIENT_ACL_WEBRTC) +#define WEB_CLIENT_ACL_DASHBOARD_ACLK_WEBRTC (WEB_CLIENT_ACL_DASHBOARD | WEB_CLIENT_ACL_ACLK | WEB_CLIENT_ACL_WEBRTC | WEB_CLIENT_ACL_BEARER_OPTIONAL) +#define WEB_CLIENT_ACL_ACLK_WEBRTC_DASHBOARD_WITH_BEARER (WEB_CLIENT_ACL_DASHBOARD | WEB_CLIENT_ACL_ACLK | WEB_CLIENT_ACL_WEBRTC | WEB_CLIENT_ACL_BEARER_REQUIRED) + +#ifdef NETDATA_DEV_MODE +#define ACL_DEV_OPEN_ACCESS WEB_CLIENT_ACL_DASHBOARD +#else +#define ACL_DEV_OPEN_ACCESS 0 +#endif #define WEB_CLIENT_ACL_ALL 0xFFFF |