1 /*
2 * Copyright 2008-2025 the Pacemaker project contributors
3 *
4 * The version control history for this file may have further details.
5 *
6 * This source code is licensed under the GNU Lesser General Public License
7 * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
8 */
9
10 #include <crm_internal.h>
11
12 #include <unistd.h>
13 #include <stdlib.h>
14 #include <stdio.h>
15 #include <stdarg.h>
16 #include <string.h>
17 #include <netdb.h>
18 #include <termios.h>
19 #include <sys/socket.h>
20
21 #include <glib.h>
22
23 #include <crm/crm.h>
24 #include <crm/cib/internal.h>
25 #include <crm/common/ipc_internal.h>
26 #include <crm/common/mainloop.h>
27 #include <crm/common/xml.h>
28 #include <crm/common/remote_internal.h>
29 #include <crm/common/output_internal.h>
30
31 #ifdef HAVE_GNUTLS_GNUTLS_H
32
33 # include <gnutls/gnutls.h>
34
35 // GnuTLS handshake timeout in seconds
36 #define TLS_HANDSHAKE_TIMEOUT 5
37
38 static gnutls_anon_client_credentials_t anon_cred_c;
39 static gboolean remote_gnutls_credentials_init = FALSE;
40
41 #endif // HAVE_GNUTLS_GNUTLS_H
42
43 #include <arpa/inet.h>
44
45 typedef struct cib_remote_opaque_s {
46 int port;
47 char *server;
48 char *user;
49 char *passwd;
50 gboolean encrypted;
51 pcmk__remote_t command;
52 pcmk__remote_t callback;
53 pcmk__output_t *out;
54 time_t start_time;
55 int timeout_sec;
56 } cib_remote_opaque_t;
57
58 static int
59 cib_remote_perform_op(cib_t *cib, const char *op, const char *host,
60 const char *section, xmlNode *data,
61 xmlNode **output_data, int call_options,
62 const char *user_name)
63 {
64 int rc;
65 int remaining_time = 0;
66 time_t start_time;
67
68 xmlNode *op_msg = NULL;
69 xmlNode *op_reply = NULL;
70
71 cib_remote_opaque_t *private = cib->variant_opaque;
72
73 if (cib->state == cib_disconnected) {
74 return -ENOTCONN;
75 }
76
77 if (output_data != NULL) {
78 *output_data = NULL;
79 }
80
81 if (op == NULL) {
82 crm_err("No operation specified");
83 return -EINVAL;
84 }
85
86 rc = cib__create_op(cib, op, host, section, data, call_options, user_name,
87 NULL, &op_msg);
88 if (rc != pcmk_ok) {
89 return rc;
90 }
91
92 if (pcmk_is_set(call_options, cib_transaction)) {
93 rc = cib__extend_transaction(cib, op_msg);
94 free_xml(op_msg);
95 return rc;
96 }
97
98 crm_trace("Sending %s message to the CIB manager", op);
99 if (!(call_options & cib_sync_call)) {
100 pcmk__remote_send_xml(&private->callback, op_msg);
101 } else {
102 pcmk__remote_send_xml(&private->command, op_msg);
103 }
104 free_xml(op_msg);
105
106 if ((call_options & cib_discard_reply)) {
107 crm_trace("Discarding reply");
108 return pcmk_ok;
109
110 } else if (!(call_options & cib_sync_call)) {
111 return cib->call_id;
112 }
113
114 crm_trace("Waiting for a synchronous reply");
115
116 start_time = time(NULL);
117 remaining_time = cib->call_timeout ? cib->call_timeout : 60;
118
119 rc = pcmk_rc_ok;
120 while (remaining_time > 0 && (rc != ENOTCONN)) {
121 int reply_id = -1;
122 int msg_id = cib->call_id;
123
124 rc = pcmk__read_remote_message(&private->command,
125 remaining_time * 1000);
126 op_reply = pcmk__remote_message_xml(&private->command);
127
128 if (!op_reply) {
129 break;
130 }
131
132 crm_element_value_int(op_reply, PCMK__XA_CIB_CALLID, &reply_id);
133
134 if (reply_id == msg_id) {
135 break;
136
137 } else if (reply_id < msg_id) {
138 crm_debug("Received old reply: %d (wanted %d)", reply_id, msg_id);
139 crm_log_xml_trace(op_reply, "Old reply");
140
141 } else if ((reply_id - 10000) > msg_id) {
142 /* wrap-around case */
143 crm_debug("Received old reply: %d (wanted %d)", reply_id, msg_id);
144 crm_log_xml_trace(op_reply, "Old reply");
145 } else {
146 crm_err("Received a __future__ reply:" " %d (wanted %d)", reply_id, msg_id);
147 }
148
149 free_xml(op_reply);
150 op_reply = NULL;
151
152 /* wasn't the right reply, try and read some more */
153 remaining_time = time(NULL) - start_time;
154 }
155
156 if (rc == ENOTCONN) {
157 crm_err("Disconnected while waiting for reply.");
158 return -ENOTCONN;
159 } else if (op_reply == NULL) {
160 crm_err("No reply message - empty");
161 return -ENOMSG;
162 }
163
164 crm_trace("Synchronous reply received");
165
166 /* Start processing the reply... */
167 if (crm_element_value_int(op_reply, PCMK__XA_CIB_RC, &rc) != 0) {
168 rc = -EPROTO;
169 }
170
171 if (rc == -pcmk_err_diff_resync) {
172 /* This is an internal value that clients do not and should not care about */
173 rc = pcmk_ok;
174 }
175
176 if (rc == pcmk_ok || rc == -EPERM) {
177 crm_log_xml_debug(op_reply, "passed");
178
179 } else {
180 crm_err("Call failed: %s", pcmk_strerror(rc));
181 crm_log_xml_warn(op_reply, "failed");
182 }
183
184 if (output_data == NULL) {
185 /* do nothing more */
186
187 } else if (!(call_options & cib_discard_reply)) {
188 xmlNode *wrapper = pcmk__xe_first_child(op_reply, PCMK__XE_CIB_CALLDATA,
189 NULL, NULL);
190 xmlNode *tmp = pcmk__xe_first_child(wrapper, NULL, NULL, NULL);
191
192 if (tmp == NULL) {
193 crm_trace("No output in reply to \"%s\" command %d", op, cib->call_id - 1);
194 } else {
195 *output_data = pcmk__xml_copy(NULL, tmp);
196 }
197 }
198
199 free_xml(op_reply);
200
201 return rc;
202 }
203
204 static int
205 cib_remote_callback_dispatch(gpointer user_data)
206 {
207 int rc;
208 cib_t *cib = user_data;
209 cib_remote_opaque_t *private = cib->variant_opaque;
210
211 xmlNode *msg = NULL;
212 const char *type = NULL;
213
214 /* If start time is 0, we've previously handled a complete message and this
215 * connection is being reused for a new message. Reset the start_time,
216 * giving this new message timeout_sec from now to complete.
217 */
218 if (private->start_time == 0) {
219 private->start_time = time(NULL);
220 }
221
222 rc = pcmk__read_available_remote_data(&private->callback);
223 switch (rc) {
224 case pcmk_rc_ok:
225 /* We have the whole message so process it */
226 break;
227
228 case EAGAIN:
229 /* Have we timed out? */
230 if (time(NULL) >= private->start_time + private->timeout_sec) {
231 crm_info("Error reading from CIB manager connection: %s",
232 pcmk_rc_str(ETIME));
233 return -1;
234 }
235
236 /* We haven't read the whole message yet */
237 return 0;
238
239 default:
240 /* Error */
241 crm_info("Error reading from CIB manager connection: %s",
242 pcmk_rc_str(rc));
243 return -1;
244 }
245
246 // coverity[tainted_data] This can't easily be changed right now
247 msg = pcmk__remote_message_xml(&private->callback);
248 if (msg == NULL) {
249 private->start_time = 0;
250 return 0;
251 }
252
253 type = crm_element_value(msg, PCMK__XA_T);
254
255 crm_trace("Activating %s callbacks...", type);
256
257 if (pcmk__str_eq(type, PCMK__VALUE_CIB, pcmk__str_none)) {
258 cib_native_callback(cib, msg, 0, 0);
259 } else if (pcmk__str_eq(type, PCMK__VALUE_CIB_NOTIFY, pcmk__str_none)) {
260 g_list_foreach(cib->notify_list, cib_native_notify, msg);
261 } else {
262 crm_err("Unknown message type: %s", type);
263 }
264
265 free_xml(msg);
266 private->start_time = 0;
267 return 0;
268 }
269
270 static int
271 cib_remote_command_dispatch(gpointer user_data)
272 {
273 int rc;
274 cib_t *cib = user_data;
275 cib_remote_opaque_t *private = cib->variant_opaque;
276
277 /* See cib_remote_callback_dispatch */
278 if (private->start_time == 0) {
279 private->start_time = time(NULL);
280 }
281
282 rc = pcmk__read_available_remote_data(&private->command);
283 if (rc == EAGAIN) {
284 /* Have we timed out? */
285 if (time(NULL) >= private->start_time + private->timeout_sec) {
286 crm_info("Error reading from CIB manager connection: %s",
287 pcmk_rc_str(ETIME));
288 return -1;
289 }
290
291 /* We haven't read the whole message yet */
292 return 0;
293 }
294
295 free(private->command.buffer);
296 private->command.buffer = NULL;
297 crm_err("received late reply for remote cib connection, discarding");
298
299 if (rc != pcmk_rc_ok) {
300 crm_info("Error reading from CIB manager connection: %s",
301 pcmk_rc_str(rc));
302 return -1;
303 }
304
305 private->start_time = 0;
306 return 0;
307 }
308
309 static int
310 cib_tls_close(cib_t *cib)
311 {
312 cib_remote_opaque_t *private = cib->variant_opaque;
313
314 #ifdef HAVE_GNUTLS_GNUTLS_H
315 if (private->encrypted) {
316 if (private->command.tls_session) {
317 gnutls_bye(*(private->command.tls_session), GNUTLS_SHUT_RDWR);
318 gnutls_deinit(*(private->command.tls_session));
319 gnutls_free(private->command.tls_session);
320 }
321
322 if (private->callback.tls_session) {
323 gnutls_bye(*(private->callback.tls_session), GNUTLS_SHUT_RDWR);
324 gnutls_deinit(*(private->callback.tls_session));
325 gnutls_free(private->callback.tls_session);
326 }
327 private->command.tls_session = NULL;
328 private->callback.tls_session = NULL;
329 if (remote_gnutls_credentials_init) {
330 gnutls_anon_free_client_credentials(anon_cred_c);
331 gnutls_global_deinit();
332 remote_gnutls_credentials_init = FALSE;
333 }
334 }
335 #endif
336
337 if (private->command.tcp_socket) {
338 shutdown(private->command.tcp_socket, SHUT_RDWR); /* no more receptions */
339 close(private->command.tcp_socket);
340 }
341 if (private->callback.tcp_socket) {
342 shutdown(private->callback.tcp_socket, SHUT_RDWR); /* no more receptions */
343 close(private->callback.tcp_socket);
344 }
345 private->command.tcp_socket = 0;
346 private->callback.tcp_socket = 0;
347
348 free(private->command.buffer);
349 free(private->callback.buffer);
350 private->command.buffer = NULL;
351 private->callback.buffer = NULL;
352
353 return 0;
354 }
355
356 static void
357 cib_remote_connection_destroy(gpointer user_data)
358 {
359 crm_err("Connection destroyed");
360 #ifdef HAVE_GNUTLS_GNUTLS_H
361 cib_tls_close(user_data);
362 #endif
363 }
364
365 static int
366 cib_tls_signon(cib_t *cib, pcmk__remote_t *connection, gboolean event_channel)
367 {
368 cib_remote_opaque_t *private = cib->variant_opaque;
369 int rc;
370
371 xmlNode *answer = NULL;
372 xmlNode *login = NULL;
373
374 static struct mainloop_fd_callbacks cib_fd_callbacks = { 0, };
375
376 cib_fd_callbacks.dispatch =
377 event_channel ? cib_remote_callback_dispatch : cib_remote_command_dispatch;
378 cib_fd_callbacks.destroy = cib_remote_connection_destroy;
379
380 connection->tcp_socket = -1;
381 #ifdef HAVE_GNUTLS_GNUTLS_H
382 connection->tls_session = NULL;
383 #endif
384 rc = pcmk__connect_remote(private->server, private->port, 0, NULL,
385 &(connection->tcp_socket), NULL, NULL);
386 if (rc != pcmk_rc_ok) {
387 crm_info("Remote connection to %s:%d failed: %s " CRM_XS " rc=%d",
388 private->server, private->port, pcmk_rc_str(rc), rc);
389 return -ENOTCONN;
390 }
391
392 if (private->encrypted) {
393 #ifdef HAVE_GNUTLS_GNUTLS_H
394 int tls_rc = GNUTLS_E_SUCCESS;
395
396 /* initialize GnuTls lib */
397 if (remote_gnutls_credentials_init == FALSE) {
398 crm_gnutls_global_init();
399 gnutls_anon_allocate_client_credentials(&anon_cred_c);
400 remote_gnutls_credentials_init = TRUE;
401 }
402
403 /* bind the socket to GnuTls lib */
404 connection->tls_session = pcmk__new_tls_session(connection->tcp_socket,
405 GNUTLS_CLIENT,
406 GNUTLS_CRD_ANON,
407 anon_cred_c);
408 if (connection->tls_session == NULL) {
409 cib_tls_close(cib);
410 return -1;
411 }
412
413 rc = pcmk__tls_client_handshake(connection, TLS_HANDSHAKE_TIMEOUT,
414 &tls_rc);
415 if (rc != pcmk_rc_ok) {
416 crm_err("Remote CIB session creation for %s:%d failed: %s",
417 private->server, private->port,
418 (rc == EPROTO)? gnutls_strerror(tls_rc) : pcmk_rc_str(rc));
419 gnutls_deinit(*connection->tls_session);
420 gnutls_free(connection->tls_session);
421 connection->tls_session = NULL;
422 cib_tls_close(cib);
423 return -1;
424 }
425 #else
426 return -EPROTONOSUPPORT;
427 #endif
428 }
429
430 /* login to server */
431 login = pcmk__xe_create(NULL, PCMK__XE_CIB_COMMAND);
432 crm_xml_add(login, PCMK_XA_OP, "authenticate");
433 crm_xml_add(login, PCMK_XA_USER, private->user);
434 crm_xml_add(login, PCMK__XA_PASSWORD, private->passwd);
435 crm_xml_add(login, PCMK__XA_HIDDEN, PCMK__VALUE_PASSWORD);
436
437 pcmk__remote_send_xml(connection, login);
438 free_xml(login);
439
440 rc = pcmk_ok;
441 if (pcmk__read_remote_message(connection, -1) == ENOTCONN) {
442 rc = -ENOTCONN;
443 }
444
445 answer = pcmk__remote_message_xml(connection);
446
447 crm_log_xml_trace(answer, "Reply");
448 if (answer == NULL) {
449 rc = -EPROTO;
450
451 } else {
452 /* grab the token */
453 const char *msg_type = crm_element_value(answer, PCMK__XA_CIB_OP);
454 const char *tmp_ticket = crm_element_value(answer,
455 PCMK__XA_CIB_CLIENTID);
456
457 if (!pcmk__str_eq(msg_type, CRM_OP_REGISTER, pcmk__str_casei)) {
458 crm_err("Invalid registration message: %s", msg_type);
459 rc = -EPROTO;
460
461 } else if (tmp_ticket == NULL) {
462 rc = -EPROTO;
463
464 } else {
465 connection->token = strdup(tmp_ticket);
466 }
467 }
468 free_xml(answer);
469 answer = NULL;
470
471 if (rc != 0) {
472 cib_tls_close(cib);
473 return rc;
474 }
475
476 crm_trace("remote client connection established");
477 private->timeout_sec = 60;
478 connection->source = mainloop_add_fd("cib-remote", G_PRIORITY_HIGH,
479 connection->tcp_socket, cib,
480 &cib_fd_callbacks);
481 return rc;
482 }
483
484 static int
485 cib_remote_signon(cib_t *cib, const char *name, enum cib_conn_type type)
486 {
487 int rc = pcmk_ok;
488 cib_remote_opaque_t *private = cib->variant_opaque;
489 xmlNode *hello = NULL;
490
491 if (private->passwd == NULL) {
492 if (private->out == NULL) {
493 /* If no pcmk__output_t is set, just assume that a text prompt
494 * is good enough.
495 */
496 pcmk__text_prompt("Password", false, &(private->passwd));
497 } else {
498 private->out->prompt("Password", false, &(private->passwd));
499 }
500 }
501
502 if (private->server == NULL || private->user == NULL) {
503 rc = -EINVAL;
504 }
505
506 if (rc == pcmk_ok) {
507 rc = cib_tls_signon(cib, &(private->command), FALSE);
508 }
509
510 if (rc == pcmk_ok) {
511 rc = cib_tls_signon(cib, &(private->callback), TRUE);
512 }
513
514 if (rc == pcmk_ok) {
515 rc = cib__create_op(cib, CRM_OP_REGISTER, NULL, NULL, NULL, cib_none,
516 NULL, name, &hello);
517 }
518
519 if (rc == pcmk_ok) {
520 rc = pcmk__remote_send_xml(&private->command, hello);
521 rc = pcmk_rc2legacy(rc);
522 free_xml(hello);
523 }
524
525 if (rc == pcmk_ok) {
526 crm_info("Opened connection to %s:%d for %s",
527 private->server, private->port, name);
528 cib->state = cib_connected_command;
529 cib->type = cib_command;
530
531 } else {
532 crm_info("Connection to %s:%d for %s failed: %s\n",
533 private->server, private->port, name, pcmk_strerror(rc));
534 }
535
536 return rc;
537 }
538
539 static int
540 cib_remote_signoff(cib_t *cib)
541 {
542 int rc = pcmk_ok;
543
544 crm_debug("Disconnecting from the CIB manager");
545 #ifdef HAVE_GNUTLS_GNUTLS_H
546 cib_tls_close(cib);
547 #endif
548
549 cib->cmds->end_transaction(cib, false, cib_none);
550 cib->state = cib_disconnected;
551 cib->type = cib_no_connection;
552
553 return rc;
554 }
555
556 static int
557 cib_remote_free(cib_t *cib)
558 {
559 int rc = pcmk_ok;
560
561 crm_warn("Freeing CIB");
562 if (cib->state != cib_disconnected) {
563 rc = cib_remote_signoff(cib);
564 if (rc == pcmk_ok) {
565 cib_remote_opaque_t *private = cib->variant_opaque;
566
567 free(private->server);
568 free(private->user);
569 free(private->passwd);
570 free(cib->cmds);
571 free(cib->user);
572 free(private);
573 free(cib);
574 }
575 }
576
577 return rc;
578 }
579
580 static int
581 cib_remote_inputfd(cib_t * cib)
582 {
583 cib_remote_opaque_t *private = cib->variant_opaque;
584
585 return private->callback.tcp_socket;
586 }
587
588 static int
589 cib_remote_register_notification(cib_t * cib, const char *callback, int enabled)
590 {
591 xmlNode *notify_msg = pcmk__xe_create(NULL, PCMK__XE_CIB_COMMAND);
592 cib_remote_opaque_t *private = cib->variant_opaque;
593
594 crm_xml_add(notify_msg, PCMK__XA_CIB_OP, PCMK__VALUE_CIB_NOTIFY);
595 crm_xml_add(notify_msg, PCMK__XA_CIB_NOTIFY_TYPE, callback);
596 crm_xml_add_int(notify_msg, PCMK__XA_CIB_NOTIFY_ACTIVATE, enabled);
597 pcmk__remote_send_xml(&private->callback, notify_msg);
598 free_xml(notify_msg);
599 return pcmk_ok;
600 }
601
602 static int
603 cib_remote_set_connection_dnotify(cib_t * cib, void (*dnotify) (gpointer user_data))
604 {
605 return -EPROTONOSUPPORT;
606 }
607
608 /*!
609 * \internal
610 * \brief Get the given CIB connection's unique client identifiers
611 *
612 * These can be used to check whether this client requested the action that
613 * triggered a CIB notification.
614 *
615 * \param[in] cib CIB connection
616 * \param[out] async_id If not \p NULL, where to store asynchronous client ID
617 * \param[out] sync_id If not \p NULL, where to store synchronous client ID
618 *
619 * \return Legacy Pacemaker return code (specifically, \p pcmk_ok)
620 *
621 * \note This is the \p cib_remote variant implementation of
622 * \p cib_api_operations_t:client_id().
623 * \note The client IDs are assigned during CIB sign-on.
624 */
625 static int
626 cib_remote_client_id(const cib_t *cib, const char **async_id,
627 const char **sync_id)
628 {
629 cib_remote_opaque_t *private = cib->variant_opaque;
630
631 if (async_id != NULL) {
632 // private->callback is the channel for async requests
633 *async_id = private->callback.token;
634 }
635 if (sync_id != NULL) {
636 // private->command is the channel for sync requests
637 *sync_id = private->command.token;
638 }
639 return pcmk_ok;
640 }
641
642 cib_t *
643 cib_remote_new(const char *server, const char *user, const char *passwd, int port,
644 gboolean encrypted)
645 {
646 cib_remote_opaque_t *private = NULL;
|
(1) Event alloc_arg: |
"cib_new_variant" allocates memory that is stored into "cib_new_variant()->cmds". [details] |
|
(2) Event var_assign: |
Assigning: "cib->cmds" = "cib_new_variant()->cmds". |
| Also see events: |
[leaked_storage] |
647 cib_t *cib = cib_new_variant();
648
|
(3) Event path: |
Condition "cib == NULL", taking false branch. |
649 if (cib == NULL) {
650 return NULL;
651 }
652
653 private = calloc(1, sizeof(cib_remote_opaque_t));
654
|
(4) Event path: |
Condition "private == NULL", taking true branch. |
655 if (private == NULL) {
|
CID (unavailable; MK=4a12853161e2d8c167707dd391f8150b) (#1 of 1): Resource leak (RESOURCE_LEAK): |
|
(5) Event leaked_storage: |
Freeing "cib" without freeing its pointer field "cmds" leaks the storage that "cmds" points to. |
| Also see events: |
[alloc_arg][var_assign] |
656 free(cib);
657 return NULL;
658 }
659
660 cib->variant = cib_remote;
661 cib->variant_opaque = private;
662
663 private->server = pcmk__str_copy(server);
664 private->user = pcmk__str_copy(user);
665 private->passwd = pcmk__str_copy(passwd);
666 private->port = port;
667 private->encrypted = encrypted;
668
669 /* assign variant specific ops */
670 cib->delegate_fn = cib_remote_perform_op;
671 cib->cmds->signon = cib_remote_signon;
672 cib->cmds->signoff = cib_remote_signoff;
673 cib->cmds->free = cib_remote_free;
674 cib->cmds->inputfd = cib_remote_inputfd; // Deprecated method
675
676 cib->cmds->register_notification = cib_remote_register_notification;
677 cib->cmds->set_connection_dnotify = cib_remote_set_connection_dnotify;
678
679 cib->cmds->client_id = cib_remote_client_id;
680
681 return cib;
682 }
683
684 void
685 cib__set_output(cib_t *cib, pcmk__output_t *out)
686 {
687 cib_remote_opaque_t *private;
688
689 if (cib->variant != cib_remote) {
690 return;
691 }
692
693 private = cib->variant_opaque;
694 private->out = out;
695 }
696