From dd24e74edfbafc09eaeb2dde0fda7eb3e1e86d0b Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 14 Jun 2023 21:20:36 +0200 Subject: Merging upstream version 1.40.0. Signed-off-by: Daniel Baumann --- aclk/aclk_capas.c | 4 ++-- aclk/aclk_otp.c | 10 ++++++++-- aclk/aclk_query.c | 12 +----------- aclk/aclk_tx_msgs.c | 12 ++++++++---- aclk/aclk_tx_msgs.h | 2 +- aclk/https_client.c | 2 +- aclk/schema-wrappers/alarm_stream.cc | 4 ++++ aclk/schema-wrappers/alarm_stream.h | 3 +++ 8 files changed, 28 insertions(+), 21 deletions(-) (limited to 'aclk') diff --git a/aclk/aclk_capas.c b/aclk/aclk_capas.c index 55f6fd3b4..b38a928a5 100644 --- a/aclk/aclk_capas.c +++ b/aclk/aclk_capas.c @@ -13,7 +13,7 @@ const struct capability *aclk_get_agent_capas() { .name = "mc", .version = 0, .enabled = 0 }, { .name = "ctx", .version = 1, .enabled = 1 }, { .name = "funcs", .version = 1, .enabled = 1 }, - { .name = "http_api_v2", .version = 1, .enabled = 1 }, + { .name = "http_api_v2", .version = 3, .enabled = 1 }, { .name = "health", .version = 1, .enabled = 0 }, { .name = "req_cancel", .version = 1, .enabled = 1 }, { .name = NULL, .version = 0, .enabled = 0 } @@ -39,7 +39,7 @@ struct capability *aclk_get_node_instance_capas(RRDHOST *host) .enabled = enable_metric_correlations }, { .name = "ctx", .version = 1, .enabled = 1 }, { .name = "funcs", .version = 0, .enabled = 0 }, - { .name = "http_api_v2", .version = 2, .enabled = 1 }, + { .name = "http_api_v2", .version = 3, .enabled = 1 }, { .name = "health", .version = 1, .enabled = host->health.health_enabled }, { .name = "req_cancel", .version = 1, .enabled = 1 }, { .name = NULL, .version = 0, .enabled = 0 } diff --git a/aclk/aclk_otp.c b/aclk/aclk_otp.c index 391313ffe..66d751be6 100644 --- a/aclk/aclk_otp.c +++ b/aclk/aclk_otp.c @@ -444,11 +444,15 @@ static int private_decrypt(RSA *p_key, unsigned char * enc_data, int data_len, u if (!ctx) return 1; - if (EVP_PKEY_decrypt_init(ctx) <= 0) + if (EVP_PKEY_decrypt_init(ctx) <= 0) { + EVP_PKEY_CTX_free(ctx); return 1; + } - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) { + EVP_PKEY_CTX_free(ctx); return 1; + } *decrypted = mallocz(outlen); @@ -456,6 +460,8 @@ static int private_decrypt(RSA *p_key, unsigned char * enc_data, int data_len, u result = (int) outlen; else result = -1; + + EVP_PKEY_CTX_free(ctx); #else *decrypted = mallocz(RSA_size(p_key)); result = RSA_private_decrypt(data_len, enc_data, *decrypted, p_key, RSA_PKCS1_OAEP_PADDING); diff --git a/aclk/aclk_query.c b/aclk/aclk_query.c index 46d1e1e5e..0698c2d60 100644 --- a/aclk/aclk_query.c +++ b/aclk/aclk_query.c @@ -95,11 +95,9 @@ static int http_api_v2(struct aclk_query_thread *query_thr, aclk_query_t query) size_t size = 0; size_t sent = 0; -#ifdef NETDATA_WITH_ZLIB int z_ret; BUFFER *z_buffer = buffer_create(NETDATA_WEB_RESPONSE_INITIAL_SIZE, &netdata_buffers_statistics.buffers_aclk); char *start, *end; -#endif struct web_client *w = web_client_get_from_cache(); w->acl = WEB_CLIENT_ACL_ACLK; @@ -152,7 +150,6 @@ static int http_api_v2(struct aclk_query_thread *query_thr, aclk_query_t query) size = w->response.data->len; sent = size; -#ifdef NETDATA_WITH_ZLIB // check if gzip encoding can and should be used if ((start = strstr((char *)query->data.http_api_v2.payload, WEB_HDR_ACCEPT_ENC))) { start += strlen(WEB_HDR_ACCEPT_ENC); @@ -199,7 +196,6 @@ static int http_api_v2(struct aclk_query_thread *query_thr, aclk_query_t query) w->response.data = z_buffer; z_buffer = NULL; } -#endif w->response.data->date = w->timings.tv_ready.tv_sec; web_client_build_http_header(w); @@ -209,22 +205,18 @@ static int http_api_v2(struct aclk_query_thread *query_thr, aclk_query_t query) buffer_strcat(local_buffer, w->response.header_output->buffer); if (w->response.data->len) { -#ifdef NETDATA_WITH_ZLIB if (w->response.zinitialized) { buffer_need_bytes(local_buffer, w->response.data->len); memcpy(&local_buffer->buffer[local_buffer->len], w->response.data->buffer, w->response.data->len); local_buffer->len += w->response.data->len; sent = sent - size + w->response.data->len; } else { -#endif buffer_strcat(local_buffer, w->response.data->buffer); -#ifdef NETDATA_WITH_ZLIB } -#endif } // send msg. - aclk_http_msg_v2(query_thr->client, query->callback_topic, query->msg_id, t, query->created, w->response.code, local_buffer->buffer, local_buffer->len); + w->response.code = aclk_http_msg_v2(query_thr->client, query->callback_topic, query->msg_id, t, query->created, w->response.code, local_buffer->buffer, local_buffer->len); struct timeval tv; @@ -249,9 +241,7 @@ cleanup: pending_req_list_rm(query->msg_id); -#ifdef NETDATA_WITH_ZLIB buffer_free(z_buffer); -#endif buffer_free(local_buffer); return retval; } diff --git a/aclk/aclk_tx_msgs.c b/aclk/aclk_tx_msgs.c index 86ee818ed..d11e96cfb 100644 --- a/aclk/aclk_tx_msgs.c +++ b/aclk/aclk_tx_msgs.c @@ -83,7 +83,10 @@ static int aclk_send_message_with_bin_payload(mqtt_wss_client client, json_objec memcpy(&full_msg[len], payload, payload_len); } - mqtt_wss_publish5(client, (char*)topic, NULL, full_msg, &freez_aclk_publish5b, full_msg_len, MQTT_WSS_PUB_QOS1, &packet_id); + int rc = mqtt_wss_publish5(client, (char*)topic, NULL, full_msg, &freez_aclk_publish5b, full_msg_len, MQTT_WSS_PUB_QOS1, &packet_id); + + if (rc == MQTT_WSS_ERR_TOO_BIG_FOR_SERVER) + return HTTP_RESP_FORBIDDEN; #ifdef NETDATA_INTERNAL_CHECKS aclk_stats_msg_published(packet_id); @@ -169,11 +172,11 @@ void aclk_http_msg_v2_err(mqtt_wss_client client, const char *topic, const char json_object_object_add(msg, "error-description", tmp); if (aclk_send_message_with_bin_payload(client, msg, topic, payload, payload_len)) { - error("Failed to send cancelation message for http reply"); + error("Failed to send cancellation message for http reply %zu %s", payload_len, payload); } } -void aclk_http_msg_v2(mqtt_wss_client client, const char *topic, const char *msg_id, usec_t t_exec, usec_t created, int http_code, const char *payload, size_t payload_len) +int aclk_http_msg_v2(mqtt_wss_client client, const char *topic, const char *msg_id, usec_t t_exec, usec_t created, int http_code, const char *payload, size_t payload_len) { json_object *tmp, *msg; @@ -192,7 +195,7 @@ void aclk_http_msg_v2(mqtt_wss_client client, const char *topic, const char *msg switch (rc) { case HTTP_RESP_FORBIDDEN: - aclk_http_msg_v2_err(client, topic, msg_id, rc, CLOUD_EC_REQ_REPLY_TOO_BIG, CLOUD_EMSG_REQ_REPLY_TOO_BIG, payload, payload_len); + aclk_http_msg_v2_err(client, topic, msg_id, rc, CLOUD_EC_REQ_REPLY_TOO_BIG, CLOUD_EMSG_REQ_REPLY_TOO_BIG, NULL, 0); break; case HTTP_RESP_INTERNAL_SERVER_ERROR: aclk_http_msg_v2_err(client, topic, msg_id, rc, CLOUD_EC_FAIL_TOPIC, CLOUD_EMSG_FAIL_TOPIC, payload, payload_len); @@ -201,6 +204,7 @@ void aclk_http_msg_v2(mqtt_wss_client client, const char *topic, const char *msg aclk_http_msg_v2_err(client, topic, msg_id, rc, CLOUD_EC_SND_TIMEOUT, CLOUD_EMSG_SND_TIMEOUT, payload, payload_len); break; } + return rc ? rc : http_code; } uint16_t aclk_send_agent_connection_update(mqtt_wss_client client, int reachable) { diff --git a/aclk/aclk_tx_msgs.h b/aclk/aclk_tx_msgs.h index 31e592410..9e7d89077 100644 --- a/aclk/aclk_tx_msgs.h +++ b/aclk/aclk_tx_msgs.h @@ -12,7 +12,7 @@ uint16_t aclk_send_bin_message_subtopic_pid(mqtt_wss_client client, char *msg, size_t msg_len, enum aclk_topics subtopic, const char *msgname); void aclk_http_msg_v2_err(mqtt_wss_client client, const char *topic, const char *msg_id, int http_code, int ec, const char* emsg, const char *payload, size_t payload_len); -void aclk_http_msg_v2(mqtt_wss_client client, const char *topic, const char *msg_id, usec_t t_exec, usec_t created, int http_code, const char *payload, size_t payload_len); +int aclk_http_msg_v2(mqtt_wss_client client, const char *topic, const char *msg_id, usec_t t_exec, usec_t created, int http_code, const char *payload, size_t payload_len); uint16_t aclk_send_agent_connection_update(mqtt_wss_client client, int reachable); char *aclk_generate_lwt(size_t *size); diff --git a/aclk/https_client.c b/aclk/https_client.c index e2a42eef3..345cf65a8 100644 --- a/aclk/https_client.c +++ b/aclk/https_client.c @@ -528,7 +528,7 @@ int https_request(https_req_t *request, https_req_response_t *response) { } ctx->request = request; - ctx->ssl_ctx = security_initialize_openssl_client(); + ctx->ssl_ctx = netdata_ssl_create_client_ctx(0); if (ctx->ssl_ctx==NULL) { error("Cannot allocate SSL context"); goto exit_sock; diff --git a/aclk/schema-wrappers/alarm_stream.cc b/aclk/schema-wrappers/alarm_stream.cc index af0b891ca..11b9284f5 100644 --- a/aclk/schema-wrappers/alarm_stream.cc +++ b/aclk/schema-wrappers/alarm_stream.cc @@ -86,6 +86,7 @@ void destroy_alarm_log_entry(struct alarm_log_entry *entry) freez(entry->rendered_info); freez(entry->chart_context); + freez(entry->transition_id); } static void fill_alarm_log_entry(struct alarm_log_entry *data, AlarmLogEntry *proto) @@ -134,6 +135,9 @@ static void fill_alarm_log_entry(struct alarm_log_entry *data, AlarmLogEntry *pr proto->set_rendered_info(data->rendered_info); proto->set_chart_context(data->chart_context); + + proto->set_event_id(data->event_id); + proto->set_transition_id(data->transition_id); } char *generate_alarm_log_entry(size_t *len, struct alarm_log_entry *data) diff --git a/aclk/schema-wrappers/alarm_stream.h b/aclk/schema-wrappers/alarm_stream.h index 83e7c1bce..e0bf31ce6 100644 --- a/aclk/schema-wrappers/alarm_stream.h +++ b/aclk/schema-wrappers/alarm_stream.h @@ -73,6 +73,9 @@ struct alarm_log_entry { char *rendered_info; char *chart_context; + + uint64_t event_id; + char *transition_id; }; struct send_alarm_checkpoint { -- cgit v1.2.3