static xmlNode *
validate_crm_message(xmlNode * msg, const char *sys, const char *uuid, const char *msg_type)
{
const char *to = NULL;
const char *type = NULL;
const char *crm_msg_reference = NULL;
xmlNode *action = NULL;
const char *true_sys;
char *local_sys = NULL;
if (msg == NULL) {
return NULL;
}
to = crm_element_value(msg, F_CRM_SYS_TO);
type = crm_element_value(msg, F_CRM_MSG_TYPE);
crm_msg_reference = crm_element_value(msg, XML_ATTR_REFERENCE);
action = msg;
true_sys = sys;
if (uuid != NULL) {
local_sys = generate_hash_key(sys, uuid);
true_sys = local_sys;
}
if (to == NULL) {
crm_info("No sub-system defined.");
action = NULL;
} else if (true_sys != NULL && strcasecmp(to, true_sys) != 0) {
crm_trace("The message is not for this sub-system (%s != %s).", to, true_sys);
action = NULL;
}
crm_free(local_sys);
if (type == NULL) {
crm_info("No message type defined.");
return NULL;
} else if (msg_type != NULL && strcasecmp(msg_type, type) != 0) {
crm_info("Expecting a (%s) message but received a (%s).", msg_type, type);
action = NULL;
}
if (crm_msg_reference == NULL) {
crm_info("No message crm_msg_reference defined.");
action = NULL;
}
/*
if(action != NULL)
crm_trace(
"XML is valid and node with message type (%s) found.",
type);
crm_trace("Returning node (%s)", crm_element_name(action));
*/
return action;
}
xmlNode *
create_request_adv(const char *task, xmlNode *msg_data,
const char *host_to, const char *sys_to,
const char *sys_from, const char *uuid_from,
const char *origin)
{
char *true_from = NULL;
xmlNode *request = NULL;
char *reference = generateReference(task, sys_from);
if (uuid_from != NULL) {
true_from = generate_hash_key(sys_from, uuid_from);
} else if(sys_from != NULL) {
true_from = crm_strdup(sys_from);
} else {
crm_err("No sys from specified");
}
/* host_from will get set for us if necessary by CRMd when routed */
request = create_xml_node(NULL, __FUNCTION__);
crm_xml_add(request, F_CRM_ORIGIN, origin);
crm_xml_add(request, F_TYPE, T_CRM);
crm_xml_add(request, F_CRM_VERSION, CRM_FEATURE_SET);
crm_xml_add(request, F_CRM_MSG_TYPE, XML_ATTR_REQUEST);
crm_xml_add(request, XML_ATTR_REFERENCE, reference);
crm_xml_add(request, F_CRM_TASK, task);
crm_xml_add(request, F_CRM_SYS_TO, sys_to);
crm_xml_add(request, F_CRM_SYS_FROM, true_from);
/* HOSTTO will be ignored if it is to the DC anyway. */
if(host_to != NULL && strlen(host_to) > 0) {
crm_xml_add(request, F_CRM_HOST_TO, host_to);
}
if (msg_data != NULL) {
add_message_xml(request, F_CRM_DATA, msg_data);
}
crm_free(reference);
crm_free(true_from);
return request;
}
gboolean
crmd_authorize_message(xmlNode * client_msg, crmd_client_t * curr_client)
{
/* check the best case first */
const char *sys_from = crm_element_value(client_msg, F_CRM_SYS_FROM);
char *uuid = NULL;
char *client_name = NULL;
char *major_version = NULL;
char *minor_version = NULL;
const char *filtered_from;
gpointer table_key = NULL;
gboolean auth_result = FALSE;
gboolean can_reply = FALSE; /* no-one has registered with this id */
xmlNode *xml = NULL;
const char *op = crm_element_value(client_msg, F_CRM_TASK);
if (safe_str_neq(CRM_OP_HELLO, op)) {
if (sys_from == NULL) {
crm_warn("Message [%s] was had no value for %s... discarding",
crm_element_value(client_msg, XML_ATTR_REFERENCE), F_CRM_SYS_FROM);
return FALSE;
}
filtered_from = sys_from;
/* The CIB can have two names on the DC */
if (strcasecmp(sys_from, CRM_SYSTEM_DCIB) == 0)
filtered_from = CRM_SYSTEM_CIB;
if (g_hash_table_lookup(ipc_clients, filtered_from) != NULL) {
can_reply = TRUE; /* reply can be routed */
}
crm_trace("Message reply can%s be routed from %s.", can_reply ? "" : " not", sys_from);
if (can_reply == FALSE) {
crm_warn("Message [%s] not authorized",
crm_element_value(client_msg, XML_ATTR_REFERENCE));
}
return can_reply;
}
crm_trace("received client join msg");
crm_log_xml_trace(client_msg, "join");
xml = get_message_xml(client_msg, F_CRM_DATA);
auth_result = process_hello_message(xml, &uuid, &client_name, &major_version, &minor_version);
if (auth_result == TRUE) {
if (client_name == NULL || uuid == NULL) {
crm_err("Bad client details (client_name=%s, uuid=%s)",
crm_str(client_name), crm_str(uuid));
auth_result = FALSE;
}
}
if (auth_result == TRUE) {
/* check version */
int mav = atoi(major_version);
int miv = atoi(minor_version);
crm_trace("Checking client version number");
if (mav < 0 || miv < 0) {
crm_err("Client version (%d:%d) is not acceptable", mav, miv);
auth_result = FALSE;
}
}
table_key = (gpointer) generate_hash_key(client_name, uuid);
if (auth_result == TRUE) {
crm_trace("Accepted client %s", crm_str(table_key));
curr_client->table_key = table_key;
curr_client->sub_sys = strdup(client_name);
curr_client->uuid = strdup(uuid);
g_hash_table_insert(ipc_clients, table_key, curr_client->ipc);
crm_trace("Updated client list with %s", crm_str(table_key));
crm_trace("Triggering FSA: %s", __FUNCTION__);
mainloop_set_trigger(fsa_source);
} else {
free(table_key);
crm_warn("Rejected client logon request");
qb_ipcs_disconnect(curr_client->ipc);
}
free(uuid);
free(minor_version);
free(major_version);
free(client_name);
/* hello messages should never be processed further */
return FALSE;
}
gboolean
crmd_authorize_message(xmlNode * client_msg, crmd_client_t * curr_client)
{
/* check the best case first */
const char *sys_from = crm_element_value(client_msg, F_CRM_SYS_FROM);
char *uuid = NULL;
char *client_name = NULL;
char *major_version = NULL;
char *minor_version = NULL;
const char *filtered_from;
gpointer table_key = NULL;
gboolean auth_result = FALSE;
struct crm_subsystem_s *the_subsystem = NULL;
gboolean can_reply = FALSE; /* no-one has registered with this id */
xmlNode *xml = NULL;
const char *op = crm_element_value(client_msg, F_CRM_TASK);
if (safe_str_neq(CRM_OP_HELLO, op)) {
if (sys_from == NULL) {
crm_warn("Message [%s] was had no value for %s... discarding",
crm_element_value(client_msg, XML_ATTR_REFERENCE), F_CRM_SYS_FROM);
return FALSE;
}
filtered_from = sys_from;
/* The CIB can have two names on the DC */
if (strcasecmp(sys_from, CRM_SYSTEM_DCIB) == 0)
filtered_from = CRM_SYSTEM_CIB;
if (g_hash_table_lookup(ipc_clients, filtered_from) != NULL) {
can_reply = TRUE; /* reply can be routed */
}
crm_debug_2("Message reply can%s be routed from %s.", can_reply ? "" : " not", sys_from);
if (can_reply == FALSE) {
crm_warn("Message [%s] not authorized",
crm_element_value(client_msg, XML_ATTR_REFERENCE));
}
return can_reply;
}
crm_debug_3("received client join msg");
crm_log_xml(LOG_MSG, "join", client_msg);
xml = get_message_xml(client_msg, F_CRM_DATA);
auth_result = process_hello_message(xml, &uuid, &client_name, &major_version, &minor_version);
if (auth_result == TRUE) {
if (client_name == NULL || uuid == NULL) {
crm_err("Bad client details (client_name=%s, uuid=%s)",
crm_str(client_name), crm_str(uuid));
auth_result = FALSE;
}
}
if (auth_result == TRUE) {
/* check version */
int mav = atoi(major_version);
int miv = atoi(minor_version);
crm_debug_3("Checking client version number");
if (mav < 0 || miv < 0) {
crm_err("Client version (%d:%d) is not acceptable", mav, miv);
auth_result = FALSE;
}
crm_free(major_version);
crm_free(minor_version);
}
if (safe_str_eq(CRM_SYSTEM_PENGINE, client_name)) {
the_subsystem = pe_subsystem;
} else if (safe_str_eq(CRM_SYSTEM_TENGINE, client_name)) {
the_subsystem = te_subsystem;
}
/* TODO: Is this code required anymore?? */
if (auth_result == TRUE && the_subsystem != NULL) {
/* if we already have one of those clients
* only applies to te, pe etc. not admin clients
*/
crm_err("Checking if %s is required/already connected", client_name);
table_key = (gpointer) crm_strdup(client_name);
if (is_set(fsa_input_register, the_subsystem->flag_connected)) {
auth_result = FALSE;
crm_free(table_key);
table_key = NULL;
crm_warn("Bit\t%.16llx set in %.16llx",
the_subsystem->flag_connected, fsa_input_register);
crm_err("Client %s is already connected", client_name);
} else if (FALSE == is_set(fsa_input_register, the_subsystem->flag_required)) {
crm_warn("Bit\t%.16llx not set in %.16llx",
the_subsystem->flag_connected, fsa_input_register);
crm_warn("Client %s joined but we dont need it", client_name);
stop_subsystem(the_subsystem, TRUE);
} else {
the_subsystem->ipc = curr_client->client_channel;
set_bit_inplace(fsa_input_register, the_subsystem->flag_connected);
}
} else {
table_key = (gpointer) generate_hash_key(client_name, uuid);
}
if (auth_result == TRUE) {
crm_debug_2("Accepted client %s", crm_str(table_key));
curr_client->table_key = table_key;
curr_client->sub_sys = crm_strdup(client_name);
curr_client->uuid = crm_strdup(uuid);
g_hash_table_insert(ipc_clients, table_key, curr_client->client_channel);
send_hello_message(curr_client->client_channel, "n/a", CRM_SYSTEM_CRMD, "0", "1");
crm_debug_3("Updated client list with %s", crm_str(table_key));
crm_debug_3("Triggering FSA: %s", __FUNCTION__);
mainloop_set_trigger(fsa_source);
if (the_subsystem != NULL) {
CRM_CHECK(the_subsystem->client == NULL,
process_client_disconnect(the_subsystem->client));
the_subsystem->client = curr_client;
}
} else {
crm_free(table_key);
crm_warn("Rejected client logon request");
curr_client->client_channel->ch_status = IPC_DISC_PENDING;
}
if (uuid != NULL)
crm_free(uuid);
if (minor_version != NULL)
crm_free(minor_version);
if (major_version != NULL)
crm_free(major_version);
if (client_name != NULL)
crm_free(client_name);
/* hello messages should never be processed further */
return FALSE;
}
