diff --git a/agent_pool.h b/agent_pool.h index 66379ad..ef41131 100644 --- a/agent_pool.h +++ b/agent_pool.h @@ -12,6 +12,6 @@ #define FAIL -1 //void agent_pool(int srv, SSL_CTX *ctx, int poolsize); -void* agent_pool(void *args); +void *agent_pool(void *args); #endif /* AGENT_POOL_H */ diff --git a/client_pool.c b/client_pool.c index db2a253..89e1381 100644 --- a/client_pool.c +++ b/client_pool.c @@ -15,24 +15,25 @@ struct client_args { char ip[16]; /* IPv4 */ }; -static void* servlet(void *args); +static void *servlet(void *args); static void send_reject_msg(SSL *ssl); -static void* servlet(void *args) /* Serve the connection -- threadable */ +static void *servlet(void *args) /* Serve the connection -- threadable */ { - struct msg_t buf; - int bytes, ret; + struct msg_t buf; + int bytes, ret; //unsigned short job[MAXJOBS] = { 0 }; - struct client_args *client = (struct client_args*)args; - + struct client_args *client = (struct client_args *)args; + SSL_load_error_strings(); ret = SSL_accept(client->ssl); /* We check for unclean (ret < 0) and clean (ret == 0) failures */ if (ret <= 0) { - log(WARNING, "SSL_accept() failed. Reason below:"); + log(WARNING, "SSL_accept() failed. Reason below:"); log_ssl(); } else { int queue_id = start_msg_queue(); + if (queue_id == FAIL) goto exit; do { @@ -44,10 +45,10 @@ static void* servlet(void *args) /* Serve the connection -- threadable */ if (bytes != sizeof(struct msg_t)) { log(WARNING, "Client [%s] sent non-standard data!", - client->ip ); + client->ip); continue; } - + log(VERBOSE, "Client msg: \"%s\"", buf.chunk.data); /* TODO: Insert msg handler here */ add_msg_to_queue(queue_id, buf); @@ -59,7 +60,7 @@ static void* servlet(void *args) /* Serve the connection -- threadable */ else { log(VERBOSE, "Client didn't send data! SSL error below:"); //log_ssl(); /* We actually don't have anything to log from SSL */ - sprintf((char*)buf.chunk.data, "%s", "Where's the data, m8?"); + sprintf((char *)buf.chunk.data, "%s", "Where's the data, m8?"); SSL_write(client->ssl, &buf, sizeof(struct msg_t)); } log(INFO, "Client [%s] disconnected.", client->ip); @@ -75,55 +76,57 @@ exit: static void send_reject_msg(SSL *ssl) { char *reply = "FAILURE - The connection queue is full!\n"; + SSL_write(ssl, reply, strlen(reply)); } -void* client_pool(void *args) +void *client_pool(void *args) { struct pool_data *pool = args; pthread_mutex_t mutex; pthread_attr_t attr; - pthread_t *client_thread = (pthread_t*)malloc(pool->size * sizeof(pthread_t)); + pthread_t *client_thread = (pthread_t *)malloc(pool->size * sizeof(pthread_t)); struct client_args *client_struct = - (struct client_args*)malloc(pool->size * sizeof(struct client_args)); + (struct client_args *)malloc(pool->size * sizeof(struct client_args)); int i; - + memset(client_thread, 0, sizeof(pthread_t) * pool->size); memset(client_struct, 0, sizeof(struct client_args) * pool->size); - + pthread_mutex_init(&mutex, NULL); pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); while (1) { struct sockaddr_in addr; - char address[INET6_ADDRSTRLEN]; - socklen_t len = sizeof(addr); - SSL *ssl; - int agent = accept(pool->srv, (struct sockaddr*)&addr, &len); - log(INFO, + char address[INET6_ADDRSTRLEN]; + socklen_t len = sizeof(addr); + SSL *ssl; + int agent = accept(pool->srv, (struct sockaddr *)&addr, &len); + + log(INFO, "Connection: %s:%d", inet_ntop(AF_INET, &addr.sin_addr, address, sizeof(address)), ntohs(addr.sin_port)); - + for (i = 0; i < pool->size; i++) { if (!client_struct[i].busy) { client_struct[i].busy = 1; client_struct[i].ssl = SSL_new(pool->ctx); client_struct[i].sd = agent; - memcpy( client_struct[i].ip, + memcpy(client_struct[i].ip, inet_ntop(AF_INET, &addr.sin_addr, address, sizeof(address)), - sizeof(client_struct[i].ip) ); + sizeof(client_struct[i].ip)); SSL_set_fd(client_struct[i].ssl, client_struct[i].sd); - pthread_create( &client_thread[i], + pthread_create(&client_thread[i], &attr, servlet, - &client_struct[i] ); + &client_struct[i]); break; } } if (i == pool->size) { - log( WARNING, + log(WARNING, "Agent [%s] dropped. Poolsize limit reached.", inet_ntop(AF_INET, &addr.sin_addr, address, sizeof(address)) ); diff --git a/client_pool.h b/client_pool.h index 40a5f2d..1ad61a5 100644 --- a/client_pool.h +++ b/client_pool.h @@ -12,6 +12,6 @@ #define FAIL -1 //void client_pool(int srv, SSL_CTX *ctx, int poolsize); -void* client_pool(void *args); +void *client_pool(void *args); #endif /* CLIENT_POOL_H */ diff --git a/confparser.c b/confparser.c index 092e191..ecafdcd 100644 --- a/confparser.c +++ b/confparser.c @@ -42,12 +42,12 @@ struct conf_table conf = { } }; -const char* conf_db_pass(void) +const char *conf_db_pass(void) { return conf.db.pass; } -const char* conf_db_hostname(void) +const char *conf_db_hostname(void) { return conf.db.hostname; } @@ -111,7 +111,7 @@ static int fopen_and_mkdir(const char *dir) for (p = tmp + 1; *p; p++) if (*p == '/') { *p = 0; - if (mkdir(tmp, S_IRWXU) == -1 && errno != EEXIST) { + if (mkdir(tmp, 0700) == -1 && errno != EEXIST) { log(ERROR, "Permission denied to create directory: %s", tmp); @@ -147,8 +147,8 @@ static int test_conf_perms(void) log(ERROR, confresult); return 1; } - if (!(S_IRUSR & s.st_mode) || - !(S_IXUSR & s.st_mode)) { + if (!(0400 & s.st_mode) || + !(0100 & s.st_mode)) { enumtostr(confresult, CONF_DIR_PERM); log(ERROR, confresult); return 1; @@ -159,8 +159,8 @@ static int test_conf_perms(void) } else if (s.st_gid != 0) { enumtostr(confresult, CONF_DIR_GID_INSECURE); log(WARNING, confresult); - } else if ((S_IROTH & s.st_mode) || - (S_IWOTH & s.st_mode)) { + } else if ((0004 & s.st_mode) || + (0002 & s.st_mode)) { enumtostr(confresult, CONF_DIR_PERM_INSECURE); log(WARNING, confresult); } @@ -180,7 +180,7 @@ static int test_conf_perms(void) log(ERROR, confresult); return 1; } - if (!(S_IRUSR & s.st_mode)) { + if (!(0400 & s.st_mode)) { enumtostr(confresult, CONF_PERM); log(ERROR, confresult); return 1; @@ -191,8 +191,8 @@ static int test_conf_perms(void) } else if (s.st_gid != 0) { enumtostr(confresult, CONF_FILE_GID_INSECURE); log(WARNING, confresult); - } else if ((S_IROTH & s.st_mode) || - (S_IWOTH & s.st_mode)) { + } else if ((0004 & s.st_mode) || + (0002 & s.st_mode)) { enumtostr(confresult, CONF_FILE_PERM_INSECURE); log(WARNING, confresult); } diff --git a/confparser.h b/confparser.h index b731727..2a9a141 100644 --- a/confparser.h +++ b/confparser.h @@ -47,8 +47,8 @@ struct conf_table { extern struct conf_table conf; extern int confparse(void); extern void confexport(void); -extern const char* conf_db_pass(void); -extern const char* conf_db_hostname(void); +extern const char *conf_db_pass(void); +extern const char *conf_db_hostname(void); #endif /* CONFPARSER_H */ diff --git a/job_queue.c b/job_queue.c index 49d3037..e3e136a 100644 --- a/job_queue.c +++ b/job_queue.c @@ -4,7 +4,7 @@ #include "job_queue.h" struct msg_t **slot; -int total_queues = 0; +int total_queues; int start_msg_queue(void) { diff --git a/rmps.c b/rmps.c index 26725fd..3510037 100644 --- a/rmps.c +++ b/rmps.c @@ -25,7 +25,7 @@ static void cleanup(void); static void signal_handler(int sig); static void load_certificates(SSL_CTX *ctx, const char *certfile, const char *keyfile, const char *cafile); -static SSL_CTX* init_server_ctx(const char *cipherlist, int mode); +static SSL_CTX *init_server_ctx(const char *cipherlist, int mode); static int pid_file_handle; @@ -199,7 +199,7 @@ exit: } /* Init server and create context */ -static SSL_CTX* init_server_ctx(const char *cipherlist, int mode) +static SSL_CTX *init_server_ctx(const char *cipherlist, int mode) { SSL_CTX *ctx; char ciphers[1024]; @@ -231,7 +231,7 @@ static SSL_CTX* init_server_ctx(const char *cipherlist, int mode) /*-------------------------------------------*/ /*--- LoadCertificates - load from files. ---*/ /*-------------------------------------------*/ -void load_certificates(SSL_CTX* ctx, const char *certfile, +void load_certificates(SSL_CTX *ctx, const char *certfile, const char *keyfile, const char *cafile) { /* set the local certificate from certfile */