X-Git-Url: https://git.tokkee.org/?p=sysdb.git;a=blobdiff_plain;f=src%2Fclient%2Fsock.c;h=b1efe58e189700fd46c7b77b46c55278c39a150d;hp=65b6b0e3a3bc20c530b096ec72a2c61ffdf8c80d;hb=b75718ea9fe4d6c90f1794e517a0712729553c0c;hpb=2db6eca73081252f6af31f17c84e892cc4d33e36 diff --git a/src/client/sock.c b/src/client/sock.c index 65b6b0e..b1efe58 100644 --- a/src/client/sock.c +++ b/src/client/sock.c @@ -29,6 +29,7 @@ # include "config.h" #endif /* HAVE_CONFIG_H */ +#include "sysdb.h" #include "client/sock.h" #include "utils/error.h" #include "utils/strbuf.h" @@ -116,7 +117,7 @@ connect_unixsock(sdb_client_t *client, const char *address) client->fd = socket(AF_UNIX, SOCK_STREAM, /* protocol = */ 0); if (client->fd < 0) { char errbuf[1024]; - sdb_log(SDB_LOG_ERR, "Failed to open socket: %s", + sdb_log(SDB_LOG_ERR, "client: Failed to open socket: %s", sdb_strerror(errno, errbuf, sizeof(errbuf))); return -1; } @@ -128,7 +129,7 @@ connect_unixsock(sdb_client_t *client, const char *address) if (connect(client->fd, (struct sockaddr *)&sa, sizeof(sa))) { char errbuf[1024]; sdb_client_close(client); - sdb_log(SDB_LOG_ERR, "Failed to connect to '%s': %s", + sdb_log(SDB_LOG_ERR, "client: Failed to connect to '%s': %s", sa.sun_path, sdb_strerror(errno, errbuf, sizeof(errbuf))); return -1; } @@ -138,11 +139,13 @@ connect_unixsock(sdb_client_t *client, const char *address) static int connect_tcp(sdb_client_t *client, const char *address) { + char host[SDB_MAX(strlen("localhost"), (address ? strlen(address) : 0)) + 1]; struct addrinfo *ai, *ai_list = NULL; + char *peer, *tmp; int status; if ((status = sdb_resolve(SDB_NET_TCP, address, &ai_list))) { - sdb_log(SDB_LOG_ERR, "Failed to resolve '%s': %s", + sdb_log(SDB_LOG_ERR, "client: Failed to resolve '%s': %s", address, gai_strerror(status)); return -1; } @@ -151,18 +154,18 @@ connect_tcp(sdb_client_t *client, const char *address) client->fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); if (client->fd < 0) { char errbuf[1024]; - sdb_log(SDB_LOG_ERR, "Failed to open socket: %s", + sdb_log(SDB_LOG_ERR, "client: Failed to open socket: %s", sdb_strerror(errno, errbuf, sizeof(errbuf))); continue; } if (connect(client->fd, ai->ai_addr, ai->ai_addrlen)) { - char host[1024], port[32], errbuf[1024]; + char h[1024], p[32], errbuf[1024]; sdb_client_close(client); - getnameinfo(ai->ai_addr, ai->ai_addrlen, host, sizeof(host), - port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV); - sdb_log(SDB_LOG_ERR, "Failed to connect to '%s:%s': %s", - host, port, sdb_strerror(errno, errbuf, sizeof(errbuf))); + getnameinfo(ai->ai_addr, ai->ai_addrlen, h, sizeof(h), + p, sizeof(p), NI_NUMERICHOST | NI_NUMERICSERV); + sdb_log(SDB_LOG_ERR, "client: Failed to connect to '%s:%s': %s", + h, p, sdb_strerror(errno, errbuf, sizeof(errbuf))); continue; } break; @@ -183,6 +186,24 @@ connect_tcp(sdb_client_t *client, const char *address) return -1; } + strncpy(host, address, sizeof(host)); + if ((tmp = strrchr(host, (int)':'))) + *tmp = '\0'; + if (! host[0]) + strncpy(host, "localhost", sizeof(host)); + peer = sdb_ssl_session_peer(client->ssl_session); + if ((! peer) || strcasecmp(peer, host)) { + /* TODO: also check alt-name */ + sdb_log(SDB_LOG_ERR, "client: Failed to connect to '%s': " + "peer name '%s' does not match host address", + address, peer); + sdb_client_close(client); + if (peer) + free(peer); + return -1; + } + free(peer); + client->read = ssl_read; client->write = ssl_write; return client->fd; @@ -202,7 +223,7 @@ sdb_client_create(const char *address) client = malloc(sizeof(*client)); if (! client) { - sdb_log(SDB_LOG_ERR, "Out of memory"); + sdb_log(SDB_LOG_ERR, "client: Out of memory"); return NULL; } memset(client, 0, sizeof(*client)); @@ -216,7 +237,7 @@ sdb_client_create(const char *address) client->address = strdup(address); if (! client->address) { sdb_client_destroy(client); - sdb_log(SDB_LOG_ERR, "Out of memory"); + sdb_log(SDB_LOG_ERR, "client: Out of memory"); return NULL; } @@ -316,23 +337,23 @@ sdb_client_connect(sdb_client_t *client, const char *username) } if (status < 0) { - sdb_log(SDB_LOG_ERR, "%s", sdb_strbuf_string(buf)); + sdb_log(SDB_LOG_ERR, "client: %s", sdb_strbuf_string(buf)); sdb_client_close(client); sdb_strbuf_destroy(buf); return (int)status; } if (client->eof) - sdb_log(SDB_LOG_ERR, "Encountered end-of-file while waiting " + sdb_log(SDB_LOG_ERR, "client: Encountered end-of-file while waiting " "for server response"); if (rstatus == SDB_CONNECTION_ERROR) { - sdb_log(SDB_LOG_ERR, "Access denied for user '%s': %s", + sdb_log(SDB_LOG_ERR, "client: Access denied for user '%s': %s", username, sdb_strbuf_string(buf)); status = -((int)rstatus); } else if (rstatus != SDB_CONNECTION_OK) { - sdb_log(SDB_LOG_ERR, "Received unsupported authentication request " - "(status %d) during startup", (int)rstatus); + sdb_log(SDB_LOG_ERR, "client: Received unsupported authentication " + "request (status %d) during startup", (int)rstatus); status = -((int)rstatus); } @@ -422,11 +443,11 @@ sdb_client_rpc(sdb_client_t *client, if (rcode == SDB_CONNECTION_LOG) { uint32_t prio = 0; if (sdb_proto_unmarshal_int32(SDB_STRBUF_STR(buf), &prio) < 0) { - sdb_log(SDB_LOG_WARNING, "Received a LOG message " + sdb_log(SDB_LOG_WARNING, "client: Received a LOG message " "with invalid or missing priority"); prio = (uint32_t)SDB_LOG_ERR; } - sdb_log((int)prio, "%s", sdb_strbuf_string(buf) + offset); + sdb_log((int)prio, "client: %s", sdb_strbuf_string(buf) + offset); sdb_strbuf_skip(buf, offset, sdb_strbuf_len(buf) - offset); continue; }