mtev_reverse_acl_decision_t reverse_check_allow(const char *id, acceptor_closure_t *ac) { mtev_hash_table *config; noit_check_t *check; const char *key; uuid_t uuid; char uuid_str[UUID_STR_LEN+1]; char expected_id[256]; if(strncmp(id, "check/", 6)) return MTEV_ACL_ABSTAIN; strlcpy(uuid_str, id + 6, sizeof(uuid_str)); if(uuid_parse(uuid_str, uuid) != 0) return MTEV_ACL_DENY; uuid_unparse_lower(uuid, uuid_str); check = noit_poller_lookup(uuid); if(!check) return MTEV_ACL_DENY; config = noit_check_get_module_config(check, reverse_check_module_id); if(config && mtev_hash_retr_str(config, "secret_key", strlen("secret_key"), &key)) { snprintf(expected_id, sizeof(expected_id), "check/%s#%s", uuid_str, key); } else { snprintf(expected_id, sizeof(expected_id), "check/%s", uuid_str); } if(!strncmp(id, expected_id, strlen(id))) return MTEV_ACL_ALLOW; return MTEV_ACL_DENY; }
static mtev_hook_return_t reverse_check_hook_impl(void *closure, noit_check_t *check) { mtev_hash_table *config; config = noit_check_get_module_config(check, reverse_check_module_id); if(config && mtev_hash_size(config)) { mtev_hash_merge_as_dict(check->config, config); } return MTEV_HOOK_CONTINUE; }
static mtev_hook_return_t histogram_hook_special_impl(void *closure, noit_check_t *check, stats_t *stats, const char *metric_name, metric_type_t type, const char *v, mtev_boolean success) { void *vht; histotier *ht; mtev_hash_table *config, *metrics; const char *track = ""; mtev_dso_generic_t *self = closure; struct histogram_config *conf = mtev_image_get_userdata(&self->hdr); if(success) return MTEV_HOOK_CONTINUE; config = noit_check_get_module_config(check, histogram_module_id); if(!config || mtev_hash_size(config) == 0) return MTEV_HOOK_CONTINUE; mtev_hash_retr_str(config, metric_name, strlen(metric_name), &track); if(!track || strcmp(track, "add")) return MTEV_HOOK_CONTINUE; metrics = noit_check_get_module_metadata(check, histogram_module_id); if(!metrics) { metrics = calloc(1, sizeof(*metrics)); noit_check_set_module_metadata(check, histogram_module_id, metrics, free_hash_o_histotier); } if(!mtev_hash_retrieve(metrics, metric_name, strlen(metric_name), &vht)) { ht = calloc(1, sizeof(*ht)); vht = ht; mtev_hash_store(metrics, strdup(metric_name), strlen(metric_name), vht); } else ht = vht; if(v != NULL) { /* We expect: H[<float>]=%d */ const char *lhs; char *endptr; double bucket; u_int64_t cnt; if(v[0] != 'H' || v[1] != '[') return MTEV_HOOK_CONTINUE; if(NULL == (lhs = strchr(v+2, ']'))) return MTEV_HOOK_CONTINUE; lhs++; if(*lhs++ != '=') return MTEV_HOOK_CONTINUE; bucket = strtod(v+2, &endptr); if(endptr == v+2) return MTEV_HOOK_CONTINUE; cnt = strtoull(lhs, &endptr, 10); if(endptr == lhs) return MTEV_HOOK_CONTINUE; update_histotier(ht, time(NULL), conf, check, metric_name, bucket, cnt); } return MTEV_HOOK_CONTINUE; }
static mtev_hook_return_t histogram_hook_impl(void *closure, noit_check_t *check, stats_t *stats, metric_t *m) { void *vht; histotier *ht; mtev_hash_table *config, *metrics; const char *track = ""; mtev_dso_generic_t *self = closure; struct histogram_config *conf = mtev_image_get_userdata(&self->hdr); config = noit_check_get_module_config(check, histogram_module_id); if(!config || mtev_hash_size(config) == 0) return MTEV_HOOK_CONTINUE; mtev_hash_retr_str(config, m->metric_name, strlen(m->metric_name), &track); if(!track || strcmp(track, "add")) return MTEV_HOOK_CONTINUE; metrics = noit_check_get_module_metadata(check, histogram_module_id); if(!metrics) { metrics = calloc(1, sizeof(*metrics)); noit_check_set_module_metadata(check, histogram_module_id, metrics, free_hash_o_histotier); } if(!mtev_hash_retrieve(metrics, m->metric_name, strlen(m->metric_name), &vht)) { ht = calloc(1, sizeof(*ht)); vht = ht; mtev_hash_store(metrics, strdup(m->metric_name), strlen(m->metric_name), vht); } else ht = vht; if(m->metric_value.vp != NULL) { #define UPDATE_HISTOTIER(a) update_histotier(ht, time(NULL), conf, check, m->metric_name, *m->metric_value.a, 1) switch(m->metric_type) { case METRIC_UINT64: UPDATE_HISTOTIER(L); break; case METRIC_INT64: UPDATE_HISTOTIER(l); break; case METRIC_UINT32: UPDATE_HISTOTIER(I); break; case METRIC_INT32: UPDATE_HISTOTIER(i); break; case METRIC_DOUBLE: UPDATE_HISTOTIER(n); break; default: /*noop*/ break; } } return MTEV_HOOK_CONTINUE; }
static mtev_hook_return_t _histogram_logger_impl(void *closure, noit_check_t *check, mtev_boolean passive) { const char *track = ""; mtev_hash_table *config; config = noit_check_get_module_config(check, histogram_module_id); if(!config || mtev_hash_size(config) == 0) return MTEV_HOOK_CONTINUE; mtev_hash_retr_str(config, "metrics", strlen("metrics"), &track); if(!track || strcmp(track, "replace")) return MTEV_HOOK_CONTINUE; /* If we're replacing other metrics, then we prevent logging */ if(strcmp(track, "replace") == 0) return MTEV_HOOK_DONE; return MTEV_HOOK_CONTINUE; }
static mtev_boolean cross_module_reverse_allowed(noit_check_t *check, const char *secret) { void *vstr; mtev_hash_table *config; static int reverse_check_module_id = -1; if(reverse_check_module_id < 0) { reverse_check_module_id = noit_check_registered_module_by_name("reverse"); if(reverse_check_module_id < 0) return mtev_false; } config = noit_check_get_module_config(check, reverse_check_module_id); if(!config) return mtev_false; if(mtev_hash_retrieve(config, "key", strlen("key"), &vstr)) { if(!strcmp((const char *)vstr, secret)) return mtev_true; } return mtev_false; }
static noit_hook_return_t ip_acl_hook_impl(void *closure, noit_module_t *self, noit_check_t *check, noit_check_t *cause) { char deny_msg[128]; stats_t current; noit_hash_table *config; noit_hash_iter iter = NOIT_HASH_ITER_ZERO; const char *k = NULL; int klen; void *data; config = noit_check_get_module_config(check, ip_acl_module_id); if(!config || config->size == 0) return NOIT_HOOK_CONTINUE; while(noit_hash_next(config, &iter, &k, &klen, &data)) { if(k) { void *dir = NULL; unsigned char mask; if(noit_hash_retrieve(&acls, k, strlen(k), &data)) { btrie *acl = data; if(check->target_family == AF_INET) { dir = noit_find_bpm_route_ipv4(acl, &check->target_addr.addr, &mask); if(dir == DENY_PTR) goto prevent; else if(dir == ALLOW_PTR) return NOIT_HOOK_CONTINUE; } else if(check->target_family == AF_INET6) { dir = noit_find_bpm_route_ipv6(acl, &check->target_addr.addr6, &mask); if(dir == DENY_PTR) goto prevent; else if(dir == ALLOW_PTR) return NOIT_HOOK_CONTINUE; } } } } return NOIT_HOOK_CONTINUE; prevent: memset(¤t, 0, sizeof(current)); current.available = NP_UNAVAILABLE; current.state = NP_BAD; gettimeofday(¤t.whence, NULL); snprintf(deny_msg, sizeof(deny_msg), "prevented by ACL '%s'", k ? k : "unknown"); current.status = deny_msg; noit_check_set_stats(check, ¤t); return NOIT_HOOK_DONE; }