syslogs_8c_source.html

/*

 * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.

 *

 * This program is free software; you can redistribute it and/or

 * modify it under the terms of the GNU General Public License as

 * published by the Free Software Foundation; either version 2 of the

 * License, or any later version.

 *

 * This program is distributed in the hope that it will be useful, but

 * WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, write to the Free Software

 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

 * 02110-1301, USA.

 *

 * You can also choose to distribute this program under the terms of

 * the Unmodified Binary Distribution Licence (as given in the file

 * COPYING.UBDL), provided that you have satisfied its requirements.

 */


FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

FILE_SECBOOT ( PERMITTED );


/** @file

 *

 * Encrypted syslog protocol

 *

 */


#include <stdint.h>

#include <stdlib.h>

#include <string.h>

#include <errno.h>

#include <byteswap.h>

#include <ipxe/xfer.h>

#include <ipxe/open.h>

#include <ipxe/tcpip.h>

#include <ipxe/dhcp.h>

#include <ipxe/settings.h>

#include <ipxe/console.h>

#include <ipxe/lineconsole.h>

#include <ipxe/tls.h>

#include <ipxe/syslog.h>

#include <config/console.h>


/* Set default console usage if applicable */

#if ! ( defined ( CONSOLE_SYSLOGS ) && CONSOLE_EXPLICIT ( CONSOLE_SYSLOGS ) )

#undef CONSOLE_SYSLOGS

#define CONSOLE_SYSLOGS ( CONSOLE_USAGE_ALL & ~CONSOLE_USAGE_TUI )

#endif


struct console_driver syslogs_console __console_driver;


/** The encrypted syslog server */

static struct sockaddr_tcpip logserver;


/**

 * Handle encrypted syslog TLS interface close

 *

 * @v intf              Interface

 * @v rc                Reason for close

 */


static void syslogs_close ( struct interface *intf, int rc ) {


        DBG ( "SYSLOGS console disconnected: %s\n", strerror ( rc ) );

        intf_restart ( intf, rc );

}


/**

 * Handle encrypted syslog TLS interface window change

 *

 * @v intf              Interface

 */


static void syslogs_window_changed ( struct interface *intf ) {


        /* Mark console as enabled when window first opens, indicating

         * that TLS negotiation is complete.  (Do not disable console

         * when window closes again, since TCP will close the window

         * whenever there is unACKed data.)

         */

        if ( xfer_window ( intf ) ) {

                if ( syslogs_console.disabled )

                        DBG ( "SYSLOGS console connected\n" );

                syslogs_console.disabled = 0;

        }

}


/** Encrypted syslog TLS interface operations */


static struct interface_operation syslogs_operations[] = {

        INTF_OP ( xfer_window_changed, struct interface *,

                  syslogs_window_changed ),

        INTF_OP ( intf_close, struct interface *, syslogs_close ),

};


/** Encrypted syslog TLS interface descriptor */

static struct interface_descriptor syslogs_desc =

        INTF_DESC_PURE ( syslogs_operations );


/** The encrypted syslog TLS interface */

static struct interface syslogs = INTF_INIT ( syslogs_desc );


/******************************************************************************

 *

 * Console driver

 *

 ******************************************************************************

 */


/** Encrypted syslog line buffer */

static char syslogs_buffer[SYSLOG_BUFSIZE];


/** Encrypted syslog severity */

static unsigned int syslogs_severity = SYSLOG_DEFAULT_SEVERITY;


/**

 * Handle ANSI set encrypted syslog priority (private sequence)

 *

 * @v ctx               ANSI escape sequence context

 * @v count             Parameter count

 * @v params            List of graphic rendition aspects

 */


static void syslogs_handle_priority ( struct ansiesc_context *ctx __unused,

                                      unsigned int count __unused,

                                      int params[] ) {

        if ( params[0] >= 0 ) {

                syslogs_severity = params[0];

        } else {

                syslogs_severity = SYSLOG_DEFAULT_SEVERITY;

        }

}


/** Encrypted syslog ANSI escape sequence handlers */


static struct ansiesc_handler syslogs_handlers[] = {

        { ANSIESC_LOG_PRIORITY, syslogs_handle_priority },

        { 0, NULL }

};


/** Encrypted syslog line console */


static struct line_console syslogs_line = {

        .buffer = syslogs_buffer,

        .len = sizeof ( syslogs_buffer ),

        .ctx = {

                .handlers = syslogs_handlers,

        },

};


/** Encrypted syslog recursion marker */

static int syslogs_entered;


/**

 * Print a character to encrypted syslog console

 *

 * @v character         Character to be printed

 */


static void syslogs_putchar ( int character ) {

        int rc;


        /* Ignore if we are already mid-logging */

        if ( syslogs_entered )

                return;


        /* Fill line buffer */

        if ( line_putchar ( &syslogs_line, character ) == 0 )

                return;


        /* Guard against re-entry */

        syslogs_entered = 1;


        /* Send log message */

        if ( ( rc = syslog_send ( &syslogs, syslogs_severity,

                                  syslogs_buffer, "\n" ) ) != 0 ) {

                DBG ( "SYSLOGS could not send log message: %s\n",

                      strerror ( rc ) );

        }


        /* Clear re-entry flag */

        syslogs_entered = 0;

}


/** Encrypted syslog console driver */

struct console_driver syslogs_console __console_driver = {

        .putchar = syslogs_putchar,

        .disabled = CONSOLE_DISABLED,

        .usage = CONSOLE_SYSLOGS,

};


/******************************************************************************

 *

 * Settings

 *

 ******************************************************************************

 */


/** Encrypted syslog server setting */


const struct setting syslogs_setting __setting ( SETTING_MISC, syslogs ) = {

        .name = "syslogs",

        .description = "Encrypted syslog server",

        .tag = DHCP_EB_SYSLOGS_SERVER,

        .type = &setting_type_string,

};


/**

 * Apply encrypted syslog settings

 *

 * @ret rc              Return status code

 */


static int apply_syslogs_settings ( void ) {

        static char *old_server;

        char *server;

        char *sep;

        char *end;

        unsigned int port;

        int rc;


        /* Fetch log server */

        fetch_string_setting_copy ( NULL, &syslogs_setting, &server );


        /* Do nothing unless log server has changed */

        if ( ( ( server == NULL ) && ( old_server == NULL ) ) ||

             ( ( server != NULL ) && ( old_server != NULL ) &&

               ( strcmp ( server, old_server ) == 0 ) ) ) {

                rc = 0;

                goto out_no_change;

        }

        free ( old_server );

        old_server = NULL;


        /* Reset encrypted syslog connection */

        syslogs_console.disabled = CONSOLE_DISABLED;

        intf_restart ( &syslogs, 0 );


        /* Do nothing unless we have a log server */

        if ( ! server ) {

                DBG ( "SYSLOGS has no log server\n" );

                rc = 0;

                goto out_no_server;

        }


        /* Identify port */

        port = SYSLOG_PORT;

        if ( ( sep = strrchr ( server, ':' ) ) &&

             ( server[ strlen ( server ) - 1 ] != ']' ) ) {

                *(sep++) = '\0';

                port = strtoul ( sep, &end, 0 );

                if ( *end || ( ! *sep ) ) {

                        DBG ( "SYSLOGS log server %s:%s has invalid port\n",

                              server, sep );

                        rc = -EINVAL;

                        goto err_port;

                }

        }

        logserver.st_port = htons ( port );

        DBG ( "SYSLOGS using log server %s:%d\n", server, port );


        /* Connect to log server */

        if ( ( rc = xfer_open_named_socket ( &syslogs, SOCK_STREAM,

                                             (( struct sockaddr *) &logserver ),

                                             server, NULL ) ) != 0 ) {

                DBG ( "SYSLOGS cannot connect to log server: %s\n",

                      strerror ( rc ) );

                goto err_open_named_socket;

        }


        /* Add TLS filter */

        if ( ( rc = add_tls ( &syslogs, server, NULL, NULL ) ) != 0 ) {

                DBG ( "SYSLOGS cannot create TLS filter: %s\n",

                      strerror ( rc ) );

                goto err_add_tls;

        }


        /* Record log server */

        old_server = server;

        if ( sep )

                *(--sep) = ':';


        return 0;


 err_add_tls:

 err_open_named_socket:

        syslogs_close ( &syslogs, rc );

 err_port:

 out_no_server:

 out_no_change:

        free ( server );

        return rc;

}


/** Encrypted syslog settings applicator */


struct settings_applicator syslogs_applicator __settings_applicator = {

        .apply = apply_syslogs_settings,

};


NULL
#define NULL
NULL pointer (VOID *)
Definition Base.h:322

ctx
struct golan_eq_context ctx
Definition CIB_PRM.h:0

port
u8 port
Port number.
Definition CIB_PRM.h:3

rc
struct arbelprm_rc_send_wqe rc
Definition arbel.h:3

console.h
Console configuration.

errno.h
Error codes.

ANSIESC_LOG_PRIORITY
#define ANSIESC_LOG_PRIORITY
Explicit log message priority.
Definition ansiesc.h:126

__unused
#define __unused
Declare a variable or data structure as unused.
Definition compiler.h:573

SOCK_STREAM
#define SOCK_STREAM
Definition socket.h:25

DBG
#define DBG(...)
Print a debugging message.
Definition compiler.h:498

DHCP_EB_SYSLOGS_SERVER
#define DHCP_EB_SYSLOGS_SERVER
Encrypted syslog server.
Definition dhcp.h:414

count
static unsigned int count
Number of entries.
Definition dwmac.h:220

FILE_LICENCE
#define FILE_LICENCE(_licence)
Declare a particular licence as applying to a file.
Definition compiler.h:896

EINVAL
#define EINVAL
Invalid argument.
Definition errno.h:429

FILE_SECBOOT
#define FILE_SECBOOT(_status)
Declare a file's UEFI Secure Boot permission status.
Definition compiler.h:926

SETTING_MISC
#define SETTING_MISC
Miscellaneous settings.
Definition settings.h:81

byteswap.h

htons
#define htons(value)
Definition byteswap.h:136

console.h
User interaction.

CONSOLE_DISABLED
#define CONSOLE_DISABLED
Console is disabled for all uses.
Definition console.h:112

__console_driver
#define __console_driver
Mark a  struct console_driver  as being part of the console drivers table.
Definition console.h:134

dhcp.h
Dynamic Host Configuration Protocol.

settings.h
Configuration settings.

__setting
#define __setting(setting_order, name)
Declare a configuration setting.
Definition settings.h:57

__settings_applicator
#define __settings_applicator
Declare a settings applicator.
Definition settings.h:265

tcpip.h
Transport-network layer interface.

stdint.h

string.h
String functions.

intf_close
void intf_close(struct interface *intf, int rc)
Close an object interface.
Definition interface.c:250

intf_restart
void intf_restart(struct interface *intf, int rc)
Shut down and restart an object interface.
Definition interface.c:344

INTF_DESC_PURE
#define INTF_DESC_PURE(operations)
Define an object interface descriptor for a pure-interface object.
Definition interface.h:116

INTF_INIT
#define INTF_INIT(descriptor)
Initialise a static object interface.
Definition interface.h:218

INTF_OP
#define INTF_OP(op_type, object_type, op_func)
Define an object interface operation.
Definition interface.h:33

syslog.h
Syslog protocol.

SYSLOG_DEFAULT_SEVERITY
#define SYSLOG_DEFAULT_SEVERITY
Syslog default severity.
Definition syslog.h:34

SYSLOG_PORT
#define SYSLOG_PORT
Syslog server port.
Definition syslog.h:16

SYSLOG_BUFSIZE
#define SYSLOG_BUFSIZE
Syslog line buffer size.
Definition syslog.h:22

line_putchar
size_t line_putchar(struct line_console *line, int character)
Print a character to a line-based console.
Definition lineconsole.c:44

lineconsole.h
Line-based console.

end
uint32_t end
Ending offset.
Definition netvsc.h:7

open.h
Data transfer interface opening.

free
static void(* free)(struct refcnt *refcnt))
Definition refcnt.h:55

xfer_open_named_socket
int xfer_open_named_socket(struct interface *xfer, int semantics, struct sockaddr *peer, const char *name, struct sockaddr *local)
Open named socket.
Definition resolv.c:403

fetch_string_setting_copy
int fetch_string_setting_copy(struct settings *settings, const struct setting *setting, char **data)
Fetch value of string setting.
Definition settings.c:874

stdlib.h

strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition strerror.c:79

strtoul
unsigned long strtoul(const char *string, char **endp, int base)
Convert string to numeric value.
Definition string.c:485

strcmp
int strcmp(const char *first, const char *second)
Compare strings.
Definition string.c:174

strrchr
char * strrchr(const char *src, int character)
Find rightmost character within a string.
Definition string.c:290

strlen
size_t strlen(const char *src)
Get length of string.
Definition string.c:244

ansiesc_context
ANSI escape sequence context.
Definition ansiesc.h:74

ansiesc_handler
A handler for an escape sequence.
Definition ansiesc.h:35

console_driver
A console driver.
Definition console.h:56

interface_descriptor
An object interface descriptor.
Definition interface.h:56

interface_operation
An object interface operation.
Definition interface.h:18

interface
An object interface.
Definition interface.h:125

line_console
A line-based console.
Definition lineconsole.h:17

setting
A setting.
Definition settings.h:24

settings_applicator
A settings applicator.
Definition settings.h:252

sockaddr_tcpip
TCP/IP socket address.
Definition tcpip.h:76

sockaddr
Generalized socket address structure.
Definition socket.h:97

syslog_send
int syslog_send(struct interface *xfer, unsigned int severity, const char *message, const char *terminator)
Transmit formatted syslog message.
Definition syslog.c:99

syslogs_putchar
static void syslogs_putchar(int character)
Print a character to encrypted syslog console.
Definition syslogs.c:158

syslogs_buffer
static char syslogs_buffer[SYSLOG_BUFSIZE]
Encrypted syslog line buffer.
Definition syslogs.c:113

syslogs_handlers
static struct ansiesc_handler syslogs_handlers[]
Encrypted syslog ANSI escape sequence handlers.
Definition syslogs.c:136

syslogs_operations
static struct interface_operation syslogs_operations[]
Encrypted syslog TLS interface operations.
Definition syslogs.c:92

syslogs_handle_priority
static void syslogs_handle_priority(struct ansiesc_context *ctx __unused, unsigned int count __unused, int params[])
Handle ANSI set encrypted syslog priority (private sequence)
Definition syslogs.c:125

logserver
static struct sockaddr_tcpip logserver
The encrypted syslog server.
Definition syslogs.c:58

syslogs_window_changed
static void syslogs_window_changed(struct interface *intf)
Handle encrypted syslog TLS interface window change.
Definition syslogs.c:77

syslogs
static struct interface syslogs
The encrypted syslog TLS interface.
Definition syslogs.c:103

syslogs_line
static struct line_console syslogs_line
Encrypted syslog line console.
Definition syslogs.c:142

syslogs_severity
static unsigned int syslogs_severity
Encrypted syslog severity.
Definition syslogs.c:116

apply_syslogs_settings
static int apply_syslogs_settings(void)
Apply encrypted syslog settings.
Definition syslogs.c:210

syslogs_desc
static struct interface_descriptor syslogs_desc
Encrypted syslog TLS interface descriptor.
Definition syslogs.c:99

syslogs_entered
static int syslogs_entered
Encrypted syslog recursion marker.
Definition syslogs.c:151

syslogs_close
static void syslogs_close(struct interface *intf, int rc)
Handle encrypted syslog TLS interface close.
Definition syslogs.c:66

CONSOLE_SYSLOGS
#define CONSOLE_SYSLOGS
Definition syslogs.c:52

add_tls
int add_tls(struct interface *xfer, const char *name, struct x509_root *root, struct private_key *key)
Add TLS on an interface.
Definition tls.c:3962

tls.h
Transport Layer Security Protocol.

xfer_window
size_t xfer_window(struct interface *intf)
Check flow control window.
Definition xfer.c:117

xfer_window_changed
void xfer_window_changed(struct interface *intf)
Report change of flow control window.
Definition xfer.c:147

xfer.h
Data transfer interfaces.