static enum cliret initial_comms(struct async *as,
enum action *action, char **incexc, struct conf **confs)
{
struct asfd *asfd;
char *server_version=NULL;
enum cliret ret=CLIENT_OK;
asfd=as->asfd;
if(authorise_client(asfd, &server_version,
get_string(confs[OPT_CNAME]),
get_string(confs[OPT_PASSWORD]),
get_cntr(confs)))
goto error;
if(server_version)
{
logp("Server version: %s\n", server_version);
// Servers before 1.3.2 did not tell us their versions.
// 1.3.2 and above can do the automatic CA stuff that
// follows.
switch(ca_client_setup(asfd, confs))
{
case 0:
break; // All OK.
case 1:
// Certificate signed successfully.
// Everything is OK, but we will reconnect now,
// in order to use the new keys/certificates.
goto reconnect;
default:
logp("Error with cert signing request\n");
goto error;
}
}
set_non_blocking(asfd->fd);
if(ssl_check_cert(asfd->ssl, NULL, confs))
{
logp("check cert failed\n");
goto error;
}
if(extra_comms(as, confs, action, incexc))
{
logp("extra comms failed\n");
goto error;
}
ret=CLIENT_OK; goto end;
error:
ret=CLIENT_ERROR; goto end;
reconnect:
ret=CLIENT_RECONNECT; goto end;
end:
free_w(&server_version);
return ret;
}
static enum cliret initial_comms(struct async *as,
enum action *action, char **incexc, long *name_max,
struct conf *conf)
{
struct asfd *asfd;
char *server_version=NULL;
enum cliret ret=CLIENT_OK;
asfd=as->asfd;
if(authorise_client(asfd, conf, &server_version))
goto error;
if(server_version)
{
int ca_ret=0;
logp("Server version: %s\n", server_version);
// Servers before 1.3.2 did not tell us their versions.
// 1.3.2 and above can do the automatic CA stuff that
// follows.
if((ca_ret=ca_client_setup(asfd, conf))<0)
{
// Error
logp("Error with certificate signing request\n");
goto error;
}
else if(ca_ret>0)
{
// Certificate signed successfully.
// Everything is OK, but we will reconnect now, in
// order to use the new keys/certificates.
goto reconnect;
}
}
set_non_blocking(asfd->fd);
if(ssl_check_cert(asfd->ssl, conf))
{
logp("check cert failed\n");
goto error;
}
if(extra_comms(as, conf, action, incexc, name_max))
{
logp("extra comms failed\n");
goto error;
}
ret=CLIENT_OK; goto end;
error:
ret=CLIENT_ERROR; goto end;
reconnect:
ret=CLIENT_RECONNECT; goto end;
end:
if(server_version) free(server_version);
return ret;
}
int child(struct async *as, int is_status_server,
int status_wfd, struct conf **confs, struct conf **cconfs)
{
int ret=-1;
int srestore=0;
int timer_ret=0;
char *incexc=NULL;
const char *confs_user;
const char *cconfs_user;
const char *confs_group;
const char *cconfs_group;
const char *s_script_pre;
const char *s_script_post;
// If we are not a status server, we are a normal child - set up the
// parent socket to write status to.
if(status_wfd>0)
{
if(!(wasfd=setup_asfd(as, "child status pipe", &status_wfd)))
goto end;
wasfd->attempt_reads=0;
}
/* Has to be before the chuser/chgrp stuff to allow clients to switch
to different clients when both clients have different user/group
settings. */
if(extra_comms(as, &incexc, &srestore, confs, cconfs))
{
log_and_send(as->asfd, "running extra comms failed on server");
goto end;
}
// Needs to happen after extra_comms, in case extra_comms resets them.
confs_user=get_string(confs[OPT_USER]);
cconfs_user=get_string(cconfs[OPT_USER]);
confs_group=get_string(confs[OPT_GROUP]);
cconfs_group=get_string(cconfs[OPT_GROUP]);
/* Now that the client conf is loaded, we might want to chuser or
chgrp.
The main process could have already done this, so we don't want
to try doing it again if cconfs has the same values, because it
will fail. */
if( (!confs_user || (cconfs_user && strcmp(confs_user, cconfs_user)))
||(!confs_group ||(cconfs_group && strcmp(confs_group,cconfs_group))))
{
if(chuser_and_or_chgrp(cconfs_user, cconfs_group))
{
log_and_send(as->asfd,
"chuser_and_or_chgrp failed on server");
goto end;
}
}
if(as->asfd->read(as->asfd)) goto end;
// If this is a status server, run the status server.
if(is_status_server)
{
ret=status_server(as, cconfs);
goto end;
}
ret=0;
s_script_pre=get_string(cconfs[OPT_S_SCRIPT_PRE]);
s_script_post=get_string(cconfs[OPT_S_SCRIPT_POST]);
// FIX THIS: Make the script components part of a struct, and just
// pass in the correct struct. Same below.
if(s_script_pre)
ret=run_server_script(as->asfd, "pre",
s_script_pre,
get_strlist(cconfs[OPT_S_SCRIPT_PRE_ARG]),
get_int(cconfs[OPT_S_SCRIPT_PRE_NOTIFY]),
cconfs, ret, timer_ret);
if(!ret)
ret=run_action_server(as, incexc, srestore, &timer_ret, cconfs);
if((!ret || get_int(cconfs[OPT_S_SCRIPT_POST_RUN_ON_FAIL]))
&& s_script_post)
ret=run_server_script(as->asfd, "post",
s_script_post,
get_strlist(cconfs[OPT_S_SCRIPT_POST_ARG]),
get_int(cconfs[OPT_S_SCRIPT_POST_NOTIFY]),
cconfs, ret, timer_ret);
end:
return ret;
}
