int digest_data(digestctx_t *ctx, unsigned char *buf, int buflen)
{
switch (ctx->digesttype) {
case D_MD5:
myMD5_Update(ctx->mdctx, buf, buflen);
break;
case D_SHA1:
mySHA1_Update(ctx->mdctx, buf, buflen);
break;
}
return 0;
}
/*
* This generates a unique ID for an event.
* The ID is an MD5 hash of the hostname, testname and the
* event start-time.
*/
static char *make_alertid(char *hostname, char *testname, time_t eventstart)
{
static char result[33];
unsigned char id[16];
char *key;
void *md5handle;
int i, j;
key = (char *)malloc(strlen(hostname)+strlen(testname)+15);
sprintf(key, "%s|%s|%d", hostname, testname, (int)eventstart);
md5handle = (void *)malloc(myMD5_Size());
myMD5_Init(md5handle);
myMD5_Update(md5handle, key, strlen(key));
myMD5_Final(id, md5handle);
for (i=0, j=0; (i < 16); i++, j+=2) sprintf(result+j, "%02x", id[i]);
result[32] = '\0';
return result;
}
unsigned char *get_xymond_message(enum msgchannels_t chnid, char *id, int *seq, struct timespec *timeout)
{
static unsigned int seqnum = 0;
static char *idlemsg = NULL;
static char *buf = NULL;
static size_t bufsz = 0;
static size_t maxmsgsize = 0;
static int ioerror = 0;
static char *startpos; /* Where our unused data starts */
static char *endpos; /* Where the first message ends */
static char *fillpos; /* Where our unused data ends (the \0 byte) */
int truncated = 0;
struct timespec cutoff;
int maymove, needmoredata;
char *endsrch; /* Where in the buffer do we start looking for the end-message marker */
char *result;
/*
* The way this works is to read data from stdin into a
* buffer. Each read fetches as much data as possible,
* i.e. all that is available up to the amount of
* buffer space we have.
*
* When the buffer contains a complete message,
* we return a pointer to the message.
*
* Since a read into the buffer can potentially
* fetch multiple messages, we need to keep track of
* the start/end positions of the next message, and
* where in the buffer new data should be read in.
* As long as there is a complete message available
* in the buffer, we just return that message - only
* when there is no complete message do we read data
* from stdin.
*
* A message is normally NOT copied, we just return
* a pointer to our input buffer. The only time we
* need to shuffle data around is if the buffer
* does not have room left to hold a complete message.
*/
if (buf == NULL) {
/*
* Initial setup of the buffers.
* We allocate a buffer large enough for the largest message
* that can arrive on this channel, and add 4KB extra room.
* The EXTRABUFSPACE is to allow the memmove() that will be
* needed occasionally some room to work optimally.
*/
maxmsgsize = 1024*shbufsz(chnid);
bufsz = maxmsgsize + EXTRABUFSPACE;
buf = (char *)malloc(bufsz+1);
*buf = '\0';
startpos = fillpos = buf;
endpos = NULL;
/* idlemsg is used to return the idle message in case of timeouts. */
idlemsg = strdup("@@idle\n");
/* We dont want to block when reading data. */
fcntl(inputfd, F_SETFL, O_NONBLOCK);
}
/*
* If the start of the next message doesn't begin with "@" then
* there's something rotten.
*/
if (*startpos && (*startpos != '@')) {
errprintf("Bad data in channel, skipping it\n");
startpos = strstr(startpos, "\n@@");
endpos = (startpos ? strstr(startpos, "\n@@\n") : NULL);
if (startpos && (startpos == endpos)) {
startpos = endpos + 4;
endpos = strstr(startpos, "\n@@\n");
}
if (!startpos) {
/* We're lost - flush the buffer and try to recover */
errprintf("Buffer sync lost, flushing data\n");
*buf = '\0';
startpos = fillpos = buf;
endpos = NULL;
}
seqnum = 0; /* After skipping, we dont know what to expect */
}
startagain:
if (ioerror) {
errprintf("get_xymond_message: Returning NULL due to previous i/o error\n");
return NULL;
}
if (timeout) {
/* Calculate when the read should timeout. */
getntimer(&cutoff);
cutoff.tv_sec += timeout->tv_sec;
cutoff.tv_nsec += timeout->tv_nsec;
if (cutoff.tv_nsec > 1000000000) {
cutoff.tv_sec += 1;
cutoff.tv_nsec -= 1000000000;
}
}
/*
* Start looking for the end-of-message marker at the beginning of
* the message. The next scans will only look at the new data we've
* got when reading data in.
*/
endsrch = startpos;
/*
* See if the current available buffer space is enough to hold a full message.
* If not, then flag that we may do a memmove() of the buffer data.
*/
maymove = ((startpos + maxmsgsize) >= (buf + bufsz));
/* We only need to read data, if we do not have an end-of-message marker */
needmoredata = (endpos == NULL);
while (needmoredata) {
/* Fill buffer with more data until we get an end-of-message marker */
struct timespec now;
struct timeval selecttmo;
fd_set fdread;
int res;
size_t bufleft = bufsz - (fillpos - buf);
size_t usedbytes = (fillpos - startpos);
dbgprintf("Want msg %d, startpos %ld, fillpos %ld, endpos %ld, usedbytes=%ld, bufleft=%ld\n",
(seqnum+1), (startpos-buf), (fillpos-buf), (endpos ? (endpos-buf) : -1), usedbytes, bufleft);
if (usedbytes >= maxmsgsize) {
/* Over-size message. Truncate it. */
errprintf("Got over-size message, truncating at %d bytes (max: %d)\n", usedbytes, maxmsgsize);
endpos = startpos + usedbytes - 5;
memcpy(endpos, "\n@@\n", 4); /* Simulate end-of-message and flush data */
needmoredata = 0;
truncated = 1;
}
if (needmoredata) {
if (maymove && (bufleft < EXTRABUFSPACE)) {
/* Buffer is almost full - move data to accomodate a large message. */
dbgprintf("Moving %d bytes to start of buffer\n", usedbytes);
memmove(buf, startpos, usedbytes);
startpos = buf;
fillpos = startpos + usedbytes;
*fillpos = '\0';
endsrch = (usedbytes >= 4) ? (fillpos - 4) : startpos;
maymove = 0;
bufleft = bufsz - (fillpos - buf);
}
if (timeout) {
/* How long time until the timeout ? */
getntimer(&now);
selecttmo.tv_sec = cutoff.tv_sec - now.tv_sec;
selecttmo.tv_usec = (cutoff.tv_nsec - now.tv_nsec) / 1000;
if (selecttmo.tv_usec < 0) {
selecttmo.tv_sec--;
selecttmo.tv_usec += 1000000;
}
}
FD_ZERO(&fdread);
FD_SET(inputfd, &fdread);
res = select(inputfd+1, &fdread, NULL, NULL, (timeout ? &selecttmo : NULL));
if (res < 0) {
if (errno == EAGAIN) continue;
if (errno == EINTR) {
dbgprintf("get_xymond_message: Interrupted\n");
*seq = 0;
return idlemsg;
}
/* Some error happened */
ioerror = 1;
dbgprintf("get_xymond_message: Returning NULL due to select error %s\n",
strerror(errno));
return NULL;
}
else if (res == 0) {
/*
* Timeout - return the "idle" message.
* NB: If select() was not passed a timeout parameter, this cannot trigger
*/
*seq = 0;
return idlemsg;
}
else if (FD_ISSET(inputfd, &fdread)) {
res = read(inputfd, fillpos, bufleft);
if (res < 0) {
if ((errno == EAGAIN) || (errno == EINTR)) continue;
ioerror = 1;
dbgprintf("get_xymond_message: Returning NULL due to read error %s\n",
strerror(errno));
return NULL;
}
else if (res == 0) {
/* read() returns 0 --> End-of-file */
ioerror = 1;
dbgprintf("get_xymond_message: Returning NULL due to EOF\n");
return NULL;
}
else {
/*
* Got data - null-terminate it, and update fillpos
*/
dbgprintf("Got %d bytes\n", res);
*(fillpos+res) = '\0';
fillpos += res;
/* Did we get an end-of-message marker ? Then we're done. */
endpos = strstr(endsrch, "\n@@\n");
needmoredata = (endpos == NULL);
/*
* If not done, update endsrch. We need to look at the
* last 3 bytes of input we got - they could be "\n@@" so
* all that is missing is the final "\n".
*/
if (needmoredata && (res >= 3)) endsrch = fillpos-3;
}
}
}
}
/* We have a complete message between startpos and endpos */
result = startpos;
*endpos = '\0';
if (truncated) {
startpos = fillpos = buf;
endpos = NULL;
}
else {
startpos = endpos+4; /* +4 because we skip the "\n@@\n" end-marker from the previous message */
endpos = strstr(startpos, "\n@@\n"); /* To see if we already have a full message loaded */
/* fillpos stays where it is */
}
/* Check that it really is a message, and not just some garbled data */
if (strncmp(result, "@@", 2) != 0) {
errprintf("Dropping (more) garbled data\n");
goto startagain;
}
{
/*
* Get and check the message sequence number.
* We dont do this for network based workers, since the
* sequence number is globally generated (by xymond)
* but a network-based worker may only see some of the
* messages (those that are not handled by other network-based
* worker modules).
*/
char *p = result + strcspn(result, "#/|\n");
if (*p == '#') {
*seq = atoi(p+1);
if (debug) {
p = strchr(result, '\n'); if (p) *p = '\0';
dbgprintf("%s: Got message %u %s\n", id, *seq, result);
if (p) *p = '\n';
}
if ((seqnum == 0) || (*seq == (seqnum + 1))) {
/* First message, or the correct sequence # */
seqnum = *seq;
}
else if (*seq == seqnum) {
/* Duplicate message - drop it */
errprintf("%s: Duplicate message %d dropped\n", id, *seq);
goto startagain;
}
else {
/* Out-of-sequence message. Cant do much except accept it */
if (!locatorid) errprintf("%s: Got message %u, expected %u\n", id, *seq, seqnum+1);
seqnum = *seq;
}
if (seqnum == 999999) seqnum = 0;
}
}
/* Verify checksum - except for truncated messages, where it won't match since we overwrite bytes with the end-marker */
if (result && !truncated) {
static struct digestctx_t *ctx = NULL;
char *hashstr;
if (!ctx) {
ctx = (digestctx_t *) malloc(sizeof(digestctx_t));
ctx->digestname = strdup("md5");
ctx->digesttype = D_MD5;
ctx->mdctx = (void *)malloc(myMD5_Size());
}
hashstr = result + strcspn(result, ":#/|\n");
if (*hashstr == ':') {
unsigned char md_value[16];
char md_string[2*16+1];
int i;
char *p;
myMD5_Init(ctx->mdctx);
myMD5_Update(ctx->mdctx, result, (hashstr - result));
myMD5_Update(ctx->mdctx, hashstr + 33, strlen(hashstr + 33));
myMD5_Update(ctx->mdctx, "\n@@\n", 4); /* Stripped earlier */
myMD5_Final(md_value, ctx->mdctx);
for(i = 0, p = md_string; (i < sizeof(md_value)); i++)
p += sprintf(p, "%02x", md_value[i]);
*p = '\0';
if (memcmp(hashstr+1, md_string, 32) != 0) {
p = strchr(result, '\n'); if (p) *(p+1) = '\0';
errprintf("get_xymond_message: Invalid checksum, skipping message '%s'\n", result);
result = NULL;
goto startagain;
}
}
}
dbgprintf("startpos %ld, fillpos %ld, endpos %ld\n",
(startpos-buf), (fillpos-buf), (endpos ? (endpos-buf) : -1));
return result;
}
