Merging upstream version 2.0.3+dfsg:

- does not include dygraphs anymore (Closes: #923993)
- does not include pako anymore (Closes: #1042533)
- does not include dashboard binaries anymore (Closes: #1045145)

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

4 files changed, 55 insertions, 90 deletions

diff --git a/src/libnetdata/socket/security.c b/src/libnetdata/socket/security.c
index 502998b79..33bf22d75 100644
--- a/src/libnetdata/socket/security.c
+++ b/src/libnetdata/socket/security.c
@@ -1,7 +1,5 @@
 #include "../libnetdata.h"
 
-#ifdef ENABLE_HTTPS
-
 SSL_CTX *netdata_ssl_exporting_ctx =NULL;
 SSL_CTX *netdata_ssl_streaming_sender_ctx =NULL;
 SSL_CTX *netdata_ssl_web_server_ctx =NULL;
@@ -732,7 +730,7 @@ int security_test_certificate(SSL *ssl) {
  *
  * @return It returns 0 on success and -1 otherwise.
  */
-int ssl_security_location_for_context(SSL_CTX *ctx, char *file, char *path) {
+int ssl_security_location_for_context(SSL_CTX *ctx, const char *file, const char *path) {
     int load_custom = 1, load_default = 1;
     if (file || path) {
         if(!SSL_CTX_load_verify_locations(ctx, file, path)) {
@@ -751,4 +749,3 @@ int ssl_security_location_for_context(SSL_CTX *ctx, char *file, char *path) {
 
     return 0;
 }
-#endif
diff --git a/src/libnetdata/socket/security.h b/src/libnetdata/socket/security.h
index 283d81db8..7deb1d797 100644
--- a/src/libnetdata/socket/security.h
+++ b/src/libnetdata/socket/security.h
@@ -1,5 +1,5 @@
 #ifndef NETDATA_SECURITY_H
-# define NETDATA_SECURITY_H
+#define NETDATA_SECURITY_H
 
 typedef enum __attribute__((packed)) {
     NETDATA_SSL_STATE_NOT_SSL = 1,  // This connection is not SSL
@@ -12,27 +12,6 @@ typedef enum __attribute__((packed)) {
 #define NETDATA_SSL_STREAMING_SENDER_CTX 1
 #define NETDATA_SSL_EXPORTING_CTX 2
 
-# ifdef ENABLE_HTTPS
-
-#define OPENSSL_VERSION_095 0x00905100L
-#define OPENSSL_VERSION_097 0x0907000L
-#define OPENSSL_VERSION_110 0x10100000L
-#define OPENSSL_VERSION_111 0x10101000L
-#define OPENSSL_VERSION_300 0x30000000L
-
-#  include <openssl/ssl.h>
-#  include <openssl/err.h>
-#  include <openssl/evp.h>
-#  include <openssl/pem.h>
-#  if (SSLEAY_VERSION_NUMBER >= OPENSSL_VERSION_097) && (OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_110)
-#   include <openssl/conf.h>
-#  endif
-
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_300
-#include <openssl/core_names.h>
-#include <openssl/decoder.h>
-#endif
-
 typedef struct netdata_ssl {
     SSL *conn;               // SSL connection
     NETDATA_SSL_STATE state; // The state for SSL connection
@@ -52,7 +31,7 @@ extern const char *tls_version;
 extern const char *tls_ciphers;
 extern bool netdata_ssl_validate_certificate;
 extern bool netdata_ssl_validate_certificate_sender;
-int ssl_security_location_for_context(SSL_CTX *ctx,char *file,char *path);
+int ssl_security_location_for_context(SSL_CTX *ctx, const char *file, const char *path);
 
 void netdata_ssl_initialize_openssl();
 void netdata_ssl_cleanup();
@@ -73,5 +52,4 @@ ssize_t netdata_ssl_write(NETDATA_SSL *ssl, const void *buf, size_t num);
 ssize_t netdata_ssl_pending(NETDATA_SSL *ssl);
 bool netdata_ssl_has_pending(NETDATA_SSL *ssl);
 
-# endif //ENABLE_HTTPS
 #endif //NETDATA_SECURITY_H
diff --git a/src/libnetdata/socket/socket.c b/src/libnetdata/socket/socket.c
index f907fefeb..3b0d1f824 100644
--- a/src/libnetdata/socket/socket.c
+++ b/src/libnetdata/socket/socket.c
@@ -119,22 +119,17 @@ bool fd_is_socket(int fd) {
     return true;
 }
 
-bool sock_has_output_error(int fd) {
-    if(fd < 0) {
-        //internal_error(true, "invalid socket %d", fd);
-        return false;
-    }
+#ifdef POLLRDHUP
+bool is_socket_closed(int fd) {
+    if(fd < 0)
+        return true;
 
 //    if(!fd_is_socket(fd)) {
 //        //internal_error(true, "fd %d is not a socket", fd);
 //        return false;
 //    }
 
-    short int errors = POLLERR | POLLHUP | POLLNVAL;
-
-#ifdef POLLRDHUP
-    errors |= POLLRDHUP;
-#endif
+    short int errors = POLLERR | POLLHUP | POLLNVAL | POLLRDHUP;
 
     struct pollfd pfd = {
             .fd = fd,
@@ -149,6 +144,31 @@ bool sock_has_output_error(int fd) {
 
     return ((pfd.revents & errors) || !(pfd.revents & POLLOUT));
 }
+#else
+bool is_socket_closed(int fd) {
+    if(fd < 0)
+        return true;
+
+    char buffer;
+    ssize_t result = recv(fd, &buffer, 1, MSG_PEEK | MSG_DONTWAIT);
+    if (result == 0) {
+        // Connection closed
+        return true;
+    }
+    else if (result < 0) {
+        if (errno == EAGAIN || errno == EWOULDBLOCK) {
+            // No data available, but socket is still open
+            return false;
+        } else {
+            // An error occurred
+            return true;
+        }
+    }
+
+    // Data is available, socket is open
+    return false;
+}
+#endif
 
 int sock_setnonblock(int fd) {
     int flags;
@@ -515,7 +535,6 @@ HTTP_ACL socket_ssl_acl(char *acl) {
         //Due the format of the SSL command it is always the last command,
         //we finish it here to avoid problems with the ACLs
         *ssl = '\0';
-#ifdef ENABLE_HTTPS
         ssl++;
         if (!strncmp("SSL=",ssl,4)) {
             ssl += 4;
@@ -526,7 +545,6 @@ HTTP_ACL socket_ssl_acl(char *acl) {
                 return HTTP_ACL_SSL_FORCE;
             }
         }
-#endif
     }
 
     return HTTP_ACL_NONE;
@@ -558,7 +576,7 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition,
     char buffer2[10 + 1];
     snprintfz(buffer2, 10, "%d", default_port);
 
-    char *ip = buffer, *port = buffer2, *interface = "", *portconfig;
+    char *ip = buffer, *port = buffer2, *iface = "", *portconfig;
 
     int protocol = IPPROTO_TCP, socktype = SOCK_STREAM;
     const char *protocol_str = "tcp";
@@ -613,7 +631,7 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition,
     if(*e == '%') {
         *e = '\0';
         e++;
-        interface = e;
+        iface = e;
         while(*e && *e != ':' && *e != '=') e++;
     }
 
@@ -650,13 +668,13 @@ static inline int bind_to_this(LISTEN_SOCKETS *sockets, const char *definition,
     }
 
     uint32_t scope_id = 0;
-    if(*interface) {
-        scope_id = if_nametoindex(interface);
+    if(*iface) {
+        scope_id = if_nametoindex(iface);
         if(!scope_id)
             nd_log(NDLS_DAEMON, NDLP_ERR,
                    "LISTENER: Cannot find a network interface named '%s'. "
                    "Continuing with limiting the network interface",
-                   interface);
+                   iface);
     }
 
     if(!*ip || *ip == '*' || !strcmp(ip, "any") || !strcmp(ip, "all"))
@@ -750,9 +768,9 @@ int listen_sockets_setup(LISTEN_SOCKETS *sockets) {
     }
     else sockets->default_port = (uint16_t)new_port;
 
-    char *s = appconfig_get(sockets->config, sockets->config_section, "bind to", sockets->default_bind_to);
+    const char *s = appconfig_get(sockets->config, sockets->config_section, "bind to", sockets->default_bind_to);
     while(*s) {
-        char *e = s;
+        const char *e = s;
 
         // skip separators, moving both s(tart) and e(nd)
         while(isspace((uint8_t)*e) || *e == ',') s = ++e;
@@ -935,12 +953,10 @@ int connect_to_this_ip46(
                            hostBfr, servBfr);
 
                     // Convert 'struct timeval' to milliseconds for poll():
-                    int timeout_ms = timeout->tv_sec * 1000 + timeout->tv_usec / 1000;
+                    int timeout_ms = timeout ? (timeout->tv_sec * 1000 + timeout->tv_usec / 1000) : 1000;
 
                     switch(wait_on_socket_or_cancel_with_timeout(
-#ifdef ENABLE_HTTPS
-                    NULL,
-#endif
+                        NULL,
                         fd, timeout_ms, POLLOUT, NULL)) {
                         case  0: // proceed
                             nd_log(NDLS_DAEMON, NDLP_DEBUG,
@@ -1019,7 +1035,7 @@ int connect_to_this(const char *definition, int default_port, struct timeval *ti
     char default_service[10 + 1];
     snprintfz(default_service, 10, "%d", default_port);
 
-    char *host = buffer, *service = default_service, *interface = "";
+    char *host = buffer, *service = default_service, *iface = "";
     int protocol = IPPROTO_TCP, socktype = SOCK_STREAM;
     uint32_t scope_id = 0;
 
@@ -1058,7 +1074,7 @@ int connect_to_this(const char *definition, int default_port, struct timeval *ti
     if(*e == '%') {
         *e = '\0';
         e++;
-        interface = e;
+        iface = e;
         while(*e && *e != ':') e++;
     }
 
@@ -1076,12 +1092,12 @@ int connect_to_this(const char *definition, int default_port, struct timeval *ti
         return -1;
     }
 
-    if(*interface) {
-        scope_id = if_nametoindex(interface);
+    if(*iface) {
+        scope_id = if_nametoindex(iface);
         if(!scope_id)
             nd_log(NDLS_DAEMON, NDLP_ERR,
                    "Cannot find a network interface named '%s'. Continuing with limiting the network interface",
-                   interface);
+                   iface);
     }
 
     if(!*service)
@@ -1186,9 +1202,7 @@ int connect_to_one_of_urls(const char *destination, int default_port, struct tim
 // returns: -1 = thread cancelled, 0 = proceed to read/write, 1 = time exceeded, 2 = error on fd
 // timeout parameter can be zero to wait forever
 inline int wait_on_socket_or_cancel_with_timeout(
-#ifdef ENABLE_HTTPS
     NETDATA_SSL *ssl,
-#endif
     int fd, int timeout_ms, short int poll_events, short int *revents) {
     struct pollfd pfd = {
         .fd = fd,
@@ -1204,10 +1218,8 @@ inline int wait_on_socket_or_cancel_with_timeout(
             return -1;
         }
 
-#ifdef ENABLE_HTTPS
         if(poll_events == POLLIN && ssl && SSL_connection(ssl) && netdata_ssl_has_pending(ssl))
             return 0;
-#endif
 
         const int wait_ms = (timeout_ms >= ND_CHECK_CANCELLABILITY_WHILE_WAITING_EVERY_MS || forever) ?
                                             ND_CHECK_CANCELLABILITY_WHILE_WAITING_EVERY_MS : timeout_ms;
@@ -1247,16 +1259,10 @@ inline int wait_on_socket_or_cancel_with_timeout(
     return 1;
 }
 
-ssize_t recv_timeout(
-#ifdef ENABLE_HTTPS
-    NETDATA_SSL *ssl,
-#endif
-    int sockfd, void *buf, size_t len, int flags, int timeout) {
+ssize_t recv_timeout(NETDATA_SSL *ssl, int sockfd, void *buf, size_t len, int flags, int timeout) {
 
     switch(wait_on_socket_or_cancel_with_timeout(
-#ifdef ENABLE_HTTPS
-    ssl,
-#endif
+        ssl,
         sockfd, timeout * 1000, POLLIN, NULL)) {
         case 0: // data are waiting
             break;
@@ -1270,25 +1276,16 @@ ssize_t recv_timeout(
             return -1;
     }
 
-#ifdef ENABLE_HTTPS
-    if (SSL_connection(ssl)) {
+    if (SSL_connection(ssl))
         return netdata_ssl_read(ssl, buf, len);
-    }
-#endif
 
     return recv(sockfd, buf, len, flags);
 }
 
-ssize_t send_timeout(
-#ifdef ENABLE_HTTPS
-    NETDATA_SSL *ssl,
-#endif
-    int sockfd, void *buf, size_t len, int flags, int timeout) {
+ssize_t send_timeout(NETDATA_SSL *ssl, int sockfd, void *buf, size_t len, int flags, int timeout) {
 
     switch(wait_on_socket_or_cancel_with_timeout(
-#ifdef ENABLE_HTTPS
-    ssl,
-#endif
+        ssl,
         sockfd, timeout * 1000, POLLOUT, NULL)) {
         case 0: // data are waiting
             break;
@@ -1302,7 +1299,6 @@ ssize_t send_timeout(
             return -1;
     }
 
-#ifdef ENABLE_HTTPS
     if(ssl->conn) {
         if (SSL_connection(ssl)) {
             return netdata_ssl_write(ssl, buf, len);
@@ -1314,7 +1310,7 @@ ssize_t send_timeout(
             return -1;
         }
     }
-#endif
+
     return send(sockfd, buf, len, flags);
 }
 
diff --git a/src/libnetdata/socket/socket.h b/src/libnetdata/socket/socket.h
index 8147c9774..2c282c4c6 100644
--- a/src/libnetdata/socket/socket.h
+++ b/src/libnetdata/socket/socket.h
@@ -46,18 +46,12 @@ int connect_to_one_of(const char *destination, int default_port, struct timeval
 int connect_to_one_of_urls(const char *destination, int default_port, struct timeval *timeout, size_t *reconnects_counter, char *connected_to, size_t connected_to_size);
 
 
-#ifdef ENABLE_HTTPS
 ssize_t recv_timeout(NETDATA_SSL *ssl,int sockfd, void *buf, size_t len, int flags, int timeout);
 ssize_t send_timeout(NETDATA_SSL *ssl,int sockfd, void *buf, size_t len, int flags, int timeout);
 int wait_on_socket_or_cancel_with_timeout(NETDATA_SSL *ssl, int fd, int timeout_ms, short int poll_events, short int *revents);
-#else
-ssize_t recv_timeout(int sockfd, void *buf, size_t len, int flags, int timeout);
-ssize_t send_timeout(int sockfd, void *buf, size_t len, int flags, int timeout);
-int wait_on_socket_or_cancel_with_timeout(int fd, int timeout_ms, short int poll_events, short int *revents);
-#endif
 
 bool fd_is_socket(int fd);
-bool sock_has_output_error(int fd);
+bool is_socket_closed(int fd);
 
 int sock_setnonblock(int fd);
 int sock_delnonblock(int fd);
@@ -200,7 +194,7 @@ void poll_events(LISTEN_SOCKETS *sockets
 #define INET6_ADDRSTRLEN 46
 #endif
 
-typedef struct socket_peers {
+typedef struct {
     struct {
         char ip[INET6_ADDRSTRLEN];
         int port;