[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[monit-dev] [monit] r386 committed - moved to branch
From: |
monit |
Subject: |
[monit-dev] [monit] r386 committed - moved to branch |
Date: |
Sun, 12 Jun 2011 00:31:10 +0000 |
Revision: 386
Author: address@hidden
Date: Sat Jun 11 17:06:43 2011
Log: moved to branch
http://code.google.com/p/monit/source/detail?r=386
Deleted:
/trunk/AUTHORS
/trunk/CHANGES.txt
/trunk/COPYING
/trunk/LICENSE
/trunk/Makefile.in
/trunk/PLATFORMS
/trunk/README
/trunk/README.DEVELOPER
/trunk/README.SSL
/trunk/alert.c
/trunk/alert.h
/trunk/autogen.sh
/trunk/bottom
/trunk/collector.c
/trunk/configure.ac
/trunk/control.c
/trunk/daemonize.c
/trunk/doxygen.cfg
/trunk/env.c
/trunk/event.c
/trunk/event.h
/trunk/exclude
/trunk/file.c
/trunk/file.h
/trunk/gc.c
/trunk/http.c
/trunk/install-sh
/trunk/l.l
/trunk/log.c
/trunk/make_dist
/trunk/md5.c
/trunk/md5.h
/trunk/monit.pod
/trunk/monit.txt
/trunk/monitor.c
/trunk/monitor.h
/trunk/monitrc
/trunk/net.c
/trunk/net.h
/trunk/p.y
/trunk/process.c
/trunk/process.h
/trunk/sendmail.c
/trunk/sha.c
/trunk/sha.h
/trunk/signal.c
/trunk/socket.c
/trunk/socket.h
/trunk/spawn.c
/trunk/ssl.c
/trunk/ssl.h
/trunk/state.c
/trunk/state.h
/trunk/status.c
/trunk/util.c
/trunk/util.h
/trunk/validate.c
/trunk/xmalloc.c
/trunk/xml.c
=======================================
--- /trunk/AUTHORS Sat Jul 24 04:27:48 2010
+++ /dev/null
@@ -1,40 +0,0 @@
-Authors:
-
-Jan-Henrik Haukeland <address@hidden>
-Martin Pala <address@hidden>
-Christian Hopp <address@hidden>
-Rory Toma <address@hidden>
-
-Contributors in alphabetical order:
-
-Michael Amster (mamster at webeasy com)
-Philipp Berndt (philipp bernd at gmx net)
-Olivier Beyssac (ob at r14 freenix org)
-Marco Bisioli (bisioli at adriacom it)
-Joe Bryant (JBryant at RiteAid com)
-Will Bryant (will bryant at ecosm com)
-Dave Cheney (dcheney at redbubble com)
-Sébastien Debrard (sebastien.debrard strange-garden com)
-Mark Ferlatte (ferlatte at cryptio net)
-David Fletcher (david at megapico co uk)
-Pierrick Grasland (pierrick grasland at nexcom fr)
-Klaus Heinz (k.heinz.apr.sieben at kh-22 de)
-Peter Holdaway (pholdaway at technocom-wireless com)
-Igor Homyakov (homyakov at altlinux ru)
-Mostafa Hosseini (mostafah at oeone com)
-Francois Isabelle (Francois Isabelle at ca kontron com)
-Oliver Jehle (oliver jehle at monex li)
-Kianusch Sayah Karadji (kianusch sayah karadji at sk-tech net)
-Artyom Khafizov (afk at inbox ru)
-Thomas Lohmueller (thomas at lohmueller ch)
-Bret "Trixter" McDanel (trixter at 0xdecafbad com)
-Arkadiusz Miskiewicz (arekm at pld-linux org)
-Tatsuya Nonogaki (nonotats at asahi email ne jp)
-Lior Okman (lior.okman at gmail.com)
-Thomas "Leppo" Oppel (oppel at kbis de)
-Rick Robino (rrobino at wavedivision com)
-Richard Schwaninger (risc at vmilch at)
-Margarida Sequeira (margarida at openbsd org)
-
-
-
=======================================
--- /trunk/CHANGES.txt Wed Jun 8 06:30:11 2011
+++ /dev/null
@@ -1,721 +0,0 @@
- CHANGES version 5.2.6
-
- This file summarizes changes made since 5.0
-
- Bug fixes may refer to an auto-generated id in our
- bug-tracking system, which can be found here
- https://savannah.nongnu.org/bugs/?group=monit
-
-
-Version 5.2.6
-
-* Fix MySQL protocol test: MySQL 5.5.12 returns new error code in
- the case of authentication failure.
-
-* Fix Debian bug #621047: monit fails to build after SSLv2 removal
-
-* Fix crash on Solaris which may occur if the system load is zero.
- Thanks to Paul Sun for report.
-
-* The stacktrace logging on error is disabled in -v (verbose) mode
- as it was too verbose for common service debugging tasks, it can
- be enabled using -vv option.
-
-* Improve how fast Monit check if a program was started or stopped.
- Thanks to Michael Renner for patch.
-
-
-
-Version 5.2.5
-
-* Fix process match check - when the monitored process failed and
- was restarted by Monit, Monit didn't recognized it is running
- after the restart and reported start failure (similar on stop).
- Thanks to Kenichi Futatsumori for report and helping to root
- cause the problem.
-
-* Fix Debian #617259: symbolic links in the filesystem check doesn't
- work. Thanks to Sergey B Kirpichev for report.
-
-* Fix Debian bug #614984: smtp protocol test issues both EHLO and
- HELO. Thanks to Sergey B Kirpichev for report.
-
-* Fix bug #32583: Multiple SIP OPTIONS messages use the same header
- data. Thanks to Hugh Waite for patch.
-
-* Try harder to get FQDN hostname for the host where monit is running.
- The hostname in the $HOST variable which is used in the mail sender
- may thus change. Thanks to Sergey B Kirpichev for patch.
-
-* AIX: Fix the time display which was off by GMT difference. Thanks
- to Helen Chen for report.
-
-* AIX: Fix the M/Monit heartbeat. Thanks to Helen Chen for report.
-
-* Support symbolic link to monit configuration file.
-
-* Fix crash when monit daemon start delay option was used and monit
- was signalized to stop before the start delay passed. Thanks to
- John Schult for report.
-
-
-
-Version 5.2.4
-
-NEW FEATURES AND FUNCTIONS:
-
-* Added the "procmatch" CLI command which allows for easy testing
- of pattern for process match check. The command takes regular
- expression as an argument and displays all running processes
- matching the pattern. Example usage:
- $ monit procmatch "iChatAgent"
-
-* Set the default log file mask to 0640 (originally it was 0664).
- Thanks to Sergey B Kirpichev.
-
-* Reduced monit memory footprint by ca. 10%.
-
-BUGFIXES:
-
-* FreeBSD, NetBSD, OpenBSD, MacOSX, Solaris filesystem check fix:
- If block/character device was used in the filesystem path instead
- of mountpoint, monit reported usage of wrong filesystem.
-
-* NetBSD filesystem check: Fix space usage report.
-
-* Fix memory usage monitoring in OpenVZ VPS 2.6.32 virtual hosts.
- Thanks to Kelly for report.
-
-* If the protocol test failed, show the request in the event. Thanks
- to Marco for report.
-
-* Randomize the mail message id to prevent duplicates in the case, that
- the same hostname is used on multiple hosts running monit and messages
- are generated in the same second in parallel. Thanks to Sergey B
- Kirpichev.
-
-* Spelling fixes. Thanks to Sergey B Kirpichev.
-
-
-
-Version 5.2.3
-
-BUGFIXES:
-
-* Mysql protocol test supports mysql 5.5.x and newer now.
-
-
-
-Version 5.2.2
-
-BUGFIXES:
-
-* Fix crash on MacOSX
-
-* ICMP echo test (ping):
- - bug #31128: do not log error if different response type is received
- - bug #31129: do not require root to use ping test. Privilege to
create
- raw socket is still required, but on some platforms such as Solaris
it
- can be granted to non-root users too. If the user has no permission
to
- perform ping, monit will skip the icmp test and log message (in
debug
- mode only).
-
-* rsync protocol test:
- - wait for full server response and verify exit was received
- - bug #31249: send full version to rsync server. Thanks to John Hall
- for report
-
-
-
-Version 5.2.1
-
-BUGFIXES:
-
-* HTTP and URL protocol tests: Fixed a problem where HTTP protocol
- tests using a specific request always failed. This bug may also
- affect URL tests. The problem was caused by faulty URL encoding. In
- the process of fixing this bug the new feature that allowed slash in
- service names has been reverted and instead will be added in a later
- release.
-
-
-
-Version 5.2
-
-NEW FEATURES AND FUNCTIONS:
-
-* Added support for monitoring processes without pidfile using pattern
- matching. You can use POSIX regular expressions or string matching
- process name with arguments as provided by the 'ps' utility. If the
- pattern matches multiple processes, the first match is used.
- Example:
- check process debian
- matching "/usr/lib/vmware/bin/vmware-vmx .*deb.vmx"
-
-* Added support for swap monitoring. Example:
- check system myserver
- if swap usage > 25% then alert
-
-* Allow to override the default action when service doesn't exist. The
- default action is restart, it can be customized with following
- statement:
- if [does] not exist [[<x> times within] <y> cycles] then <action1>
-
-* Monit automatically registers credentials with M/Monit now, so it's
- not necessary to set it manually in M/Monit anymore. To disable
- credentials registration:
- set mmonit https://monit:address@hidden:8443/collector
- and register without credentials
-
-* Added memcache protocol test. Thanks to Sébastien Debrard for the
- patch.
-
-* Added openssl FIPS to Monit httpd. Thanks to Lior Okman for the
- patch.
-
-* The 'check system' can now use start/stop program statements too.
-
-* Added the option to set the "Reply-To" mail header in mail-format.
-
-* Display backtrace on error if debug mode is enabled (requires
- backtrace support in libc)
-
-BUGFIXES:
-
-* Show real process uptime - formerly the presented uptime was based
- on create and modify timestamp of process' pidfile which provides
- invalid uptime if the pidfile is replaced and process keeps running
- with original PID. Thanks to Nima Chavooshi for report.
-
-* When user triggered action for some service (such as stop) and
- before that action completed user triggered another action for the
- same service (such as start), the second action has been ignored.
- Monit will not accept new action and return temporary error until
- the previous action completed.
-
-* If process resource usage gathering failed, retry next cycle as the
- error can be temporary.
-
-* Fixed sporadic failures when SSL was used.
-
-* ICMP echo test (ping):
- - fixed sporadic false positive/negative
- - removed limit of 20 pings per cycle
-
-* DNS test:
- - accept NS root request refusal as correct response because
- server reacts on request
- - accept authority answer as alternative to record. Thanks to
- Nick Osborn for patch
-
-* RADIUS test fix. Thanks to Alan DeKok for patch.
-
-* M/Monit heartbeat is fully independent of testing cycle now to
- prevent false positive when service test blocks.
-
-* Fixed SMTP STARTTLS protocol, required for servers that adhere
- strictly to RFC 3207 4.2. Thanks to Lorenzo A. Sedano Cadinanos for
- patch.
-
-* Service name:
- - allow the service name to start with "/"
- - fixed handling of the service names which contain "/" in the
- name in Monit web interface. Thanks to Artyom Khafizov for
- patch.
-
-* When 'check system' is not defined, monit adds it automatically
- using hostname for service name. If existing service was defined
- with the same service name (matching hostname), monit didn't added
- the entry and reported confusing error message pointing to the end
- of configuration file. Thanks to Thorsten Kampe for report and help.
-
-* Remove extra NL characters from message when resource succeeded
- event is sent. The extra NL character may break the mail headers.
- Thanks to Hanno Boeck for patch.
-
-* Fixed display of cpu user/system/wait usage which temporarily
- displayed -1.0% between two monitoring cycles while cpu monitoring
- was initializing. Thanks to Marcus Muelbuesch for report.
-
-* Fixed display of port response time as -1 if 'monit status' was
- called in the middle of service test.
-
-* Fixed display of service initializing state after monit start or
- reload.
-
-* Fixed MONIT_DESCRIPTION environment variable. Thanks to Marco
- Roeland for patch
-
-* AIX:
- - fixed compilation
- - fixed system load average monitoring
- - fixed ICMP echo test
-
-* Mac OS X:
- - allow monitoring of system-wide load average, cpu and memory
- usage even if
- Monit is running as non-root user
-
-* NetBSD:
- - fixed ICMP echo test
-
-
-
-Version 5.1.1
-
-BUGFIXES:
-
-* Fix FTP protocol test. Thanks to Axel Reinhold for report.
-
-* Fix the HTTP protocol test's hostheader option which was added in 5.1.
- Thanks to Naoya Nakazawa for report.
-
-* Removed warning about missing system service check. Missing system
service
- check is not error and it shouldn't be reported as such.
-
-* Fix manual page formating. Thanks to Stefan Alfredsson for report.
-
-
-
-Version 5.1
-
-NEW FEATURES AND FUNCTIONS:
-
-* It is now possible to define any action for the restart timeout rule.
- Multiple restart timeout rules can also be defined. Example:
- if 3 restarts within 5 cycles then exec "/foo/bar"
- if 8 restarts within 10 cycles then unmonitor
-
-* Service can be added to multiple groups. Thanks to Brad Gessler
- for suggestion. Syntax:
- check filesystem wwwdata with path /www
- group www
- group filesystem
-
-* Added GPS protocol test. Thanks to Sebastien Debrard for patch.
-
-* Added RADIUS protocol test. Thanks to Alan DeKok for patch. Example
syntax:
- check process radiusd with pidfile /var/run/radiusd.pid
- start program = "/etc/init.d/freeradius start"
- stop program = "/etc/init.d/freeradius stop"
- if failed
- host 127.0.0.1 port 2000 type udp protocol radius secret
testing1234
- then alert
- if 5 restarts within 5 cycles then timeout
-
-* The HTTP protocol test now supports a hostheader option which allows to
- override Host header in HTTP request. It can be used for example
- to test a farm of HTTP servers by IP addresses and to set specific
- Host header. Thanks to Brady Catherman for patch. Example:
- if failed host 192.168.1.100 protocol http hostheader "example.com"
then alert
-
-* If an error occur during Monit command-line execution, report the error
- and exit with 1, so it is possible to react if Monit is used from a
script.
- On success, 0 is returned as usual. Previously, Monit always exited with
- 0 even if an error occurred.
-
-* Do not require SSL version type when specifying SSL communication with
M/Monit
- (SSL version is set to auto).
-
-* If the Monit http interface failed to start, provide more details about
- the reason.
-
-BUGFIXES:
-
-* Support resource monitoring (cpu usage, etc.) when Monit is running
- inside virtual environment. Tested on:
- - FreeBSD jail
- - Solaris zone
- - Linux Vserver
-
-* Fix #26752: inside Solaris Zone, Monit failed to detect children
- and computed host memory wrong
-
-* On Solaris, FreeBSD, NetBSD and OpenBSD, Monit no longer needs to run as
root user
- in order to be able to watch process resource usage (cpu and memory).
-
-* Send heartbeat to M/Monit even if Monit is busy in a long testing cycle
to prevent
- false alerts about non-responsive Monit agent.
-
-* Fixed SMTP protocol test which may sometimes incorrectly
- report ESMTP protocol failure. Thanks to Axel Reinhold for
- report.
-
-* Fixed content match check which reported only first
- match during the same cycle. Thanks to Pavel Shevaev for
- report.
-
-* Allow for the use of complete SSL certificate chains.
- Thanks to Lawrence Tan for patch.
-
-* Added support for multiline greetings to FTP protocol test.
- Thanks to Giovanni D'Cristina for report.
-
-* Fix Debian Bug #541139: uses gethostbyname() and thus does
- not work with "options inet6" in /etc/resolv.conf. Thanks to
- Michael Stapelberg for patch.
-
-* If Monit configuration allowed http interface access for a read-only
- user and it was specified as the first allow entry, Monit command line
- commands failed because it used the read-only account so commands
- like start, stop, etc. were rejected. Monit will now use full access
- regardless of allow option order. Thanks to Thorsten Kampe for report.
-
-* Passive monitoring mode fixed. Thanks to Nelson Vale for report.
-
-* Fixed #27784: wait_start/wait_stop can advance too quickly.
- Thanks to Randy Puro for report.
-
-* Solaris resource usage fixed when Monit was compiled with optimizations
enabled.
-
-* Fixed #28369: escape XML properly
-
-* Check service name uniqueness when 'check system' is missing in monitrc
and virtual
- system service with name set to local hostname is added. Thanks to
Marcus Muelbuesch
- for report.
-
-* Fix crash when queued event delivery was retried for service which was
no longer
- configured in Monit.
-
-
-
-Version 5.0.3
-
-BUGFIXES:
-
-* Fixed #26664: crash on service timeout or unmonitor action
- (introduced in 5.0.2). Thanks to Bretislav Kubesa and
- Michael Shigorin for report.
-
-* Removed the configure --without-resource option. If the user
- who is running Monit doesn't have permissions to check the
- processes state, the related checks are disabled dynamically.
-
-
-
-Version 5.0.2
-
-BUGFIXES:
-
-* 35 improvements based on code scan with Klocwork
- (http://www.klocwork.com/) which we were evaluating.
- Huge thanks to Klocwork for their great product.
-
-* Fixed #26382: if start or stop script for some service didn't
- exist, monit logged error during configuration file parsing and
- refused to start. Monit now just logs warning and continues.
-
-
-
-Version 5.0.1
-
-BUGFIXES:
-
-* Fixed a bug where Monit did not stop logging succeeded events.
- This bug occurred if PID, PPID, timestamp or size change tests
- were used and failed and then succeeded again.
-
-
-
-Version 5.0
-
-NEW FEATURES AND FUNCTIONS:
-
-* M/Monit support added. If you run Monit on more than one
- server, you can use M/Monit to manage and control all your
- Monit enabled servers from one simple Web Interface. See
- http://mmonit.com/ for details.
-
-* Support use of symbolic links in filesystem check. Thanks to
- Aleksander Kamenik for suggestion. Example:
- check filesystem rootfs path
- /dev/disk/by-uuid/4ef973f7-67d1-4bb0-8223-cb1c692b72e4
- if space usage > 95% then alert
- if inode usage > 95% then alert
-
-* If no 'set mailserver' was defined in monitrc, Monit tried to
- fallback to localhost:25 SMTP server. This fallback was removed
- since it may be confusing. If you want to deliver mail alerts
- from Monit, the 'set mailserver' option is necessary. In case
- it is missing, Monit will log appropriate error and hint to add
- it.
-
-* The generic send/expect protocol test limited the expect input
- to 256 bytes. It's possible to set the input buffer for expect
- globally - for example: set expectbuffer 20 kb Thanks to Asil
- Carlin for suggestion.
-
-* The following event types were added CONTENT, FSFLAGS, PID and
- PPID and the following generic event types CHANGED and MATCH were
- removed and replaced by the above types and with the existing SIZE,
- CHECKSUM, TIMESTAMP events so the information is more specific
- The event types are internal to Monit and unless you have used
- either CHANGED or MATCH event in your alert filters, no change
- is necessary (alerts are delivered as usual, the tests just use
- different types internally).
-
-* Monit now generates a unique id on first start and store the id
- in a permanent file. This id is used in protocol communication
- between Monit and M/Monit to pair a Monit instance with it's
- host entry in M/Monit. By default the id file is placed in
- $HOME/.monit.id. The location can be changed by using the set
- idfile statement, for example:
- set idfile /var/monit.id
-
-* Monit now keep its service monitoring state even on Monit
- restart. Previously Monit dropped the state when it was stopped
- correctly. Services in manual monitoring mode will remember the
- monitoring state across Monit restarts. If Monit is used in a
- cluster, it is recommended to place the state file in a
- temporary filesystem incase the primary machine will crash and
- the the spare machine takeover, the state will be dropped on
- reboot for the crashed machine and the services in manual
- monitoring mode won't be started on reboot. For example the
- "set statefile /tmp/monit.state" can be used to place the state
- file in the /tmp/ filesystem.
-
-* Added a protocol test for testing the LMTP protocol. Thanks
- to Fco. Javier Felix for patch.
-
-* Added the start delay option for daemon statement which allows
- to pause Monit on its startup for a while. If monitored
- services are started by init scripts in parallel on system
- boot, Monit may be too fast and detect that the service is not
- running (yet) and restart the service. Note that it's still
- recommended Monit is setup to be responsible for service
- startup (that is, don't use init to start Monit controlled
- services, instead use Monit). This will ensure correct startup
- without need for a start delay since Monit will have full
- control of service startup. Many users start services from init
- on boot anyway, so in such cases this option will solve their
- problems. Default start delay is 0 which corresponds to the
- current behavior. Example syntax which will make Monit wait one
- minute before starting its first monitoring cycle:
- --8<--
- set daemon 5 with start delay 60
- --8<--
- Thanks to Fco. Javier Felix for patch.
-
-* Added PAM support for Monit http interface authentication. Note
- that PAM is not supported on all platforms - currently works on
- Linux, Mac OS X, FreeBSD, NetBSD. Monit uses the PAM service "monit".
- Here is a Monit PAM service example for Mac OS X which is able
- to authenticate system users for Monit access -
- /etc/pam.d/monit:
- --8<--
- # monit: auth account password session
- auth sufficient pam_securityserver.so
- auth sufficient pam_unix.so
- auth required pam_deny.so
- account required pam_permit.so
- --8<--
- And configuration for monitrc which allows only group admins
- to access the http interface:
- --8<--
- set httpd port 2812 allow @admin
- --8<--
- See the PAM manual page for details on how to configure the PAM
- service on your system and the available PAM plugins. Thanks to
- Wilhelm Meier for patch.
-
-* Added more detailed reports for Monit resource tests on service
- recovery. Thanks to Lars Kotthoff for patch.
-
-* Set locale to C.
-
-* Added a protocol test for testing the SIP protocol which is
- used by popular communication servers such as Asterisk and
- FreeSWITCH. We received two patches for this protocol and have
- taken code from both and merged them. Many thanks to Bret
- McDanel and to Pierrick Grasland for supplying the patches.
-
-* Added MONIT_DESCRIPTION to the list of environment variables
- available to programs started by monit. Thanks to Morten
- Bressendorff Schmidt for patch.
-
-* If a service group is specified for Monit CLI action,
- Monit no longer requires the "all" verb, so the following
- command is possible:
- monit -g web stop
- If group is not specified (i.e. the -g option is omitted), the
- service name or "all" is still required as a safeguard.
-
-* Added an option to the 'set mailserver' statement so it is
- possible to override the hostname used in SMTP EHLO/HELO and in
- the Message-ID header when sending mail. Monit defaults to use
- the localhost name. I.e. what you get when executing this
- command 'uname -n'. Overriding the host name can be useful if
- the host does not have a DNS entry and if the receiving
- mailserver uses DNS verification as spam protection. The new
- override option is:
- set mailserver foo.bar.baz using hostname "my.monit.host"
-
-* A new Event_Action type was added which reports actions
- performed on Monit's administrator request (either via web
- interface or CLI). If you don't want to received these events,
- you can set the mail-filter for "action" event type.
-
-* NOTA BENE: Monit start action is synchronous now. This improves
- the startup sequence for dependent services, since Monit will
- wait for parent service to start before trying to start the
- child.
-
-* It is now possible to define execution timeout for start and
- stop commands. That is, how long Monit will wait after
- executing a command before it assume execution failed. If the
- timeout option is omitted, Monit defaults to 30 seconds. You
- can override the timeout for example for services which are
- starting slower.
- Example syntax:
- start program = "/bin/foo start" with timeout 60 seconds
-
-* The event passed state is renamed to succeeded as this name
- more reflects the state of things.
-
-* The device service test is renamed to filesystem.
-
-BUGFIXES:
-
-* Some linux virtualization platforms report CPU count as 0.
- Monit then dynamically disabled CPU usage monitoring. In such
- case we now override the CPU count from 0 to 1 so resource
- usage monitoring can continue. Thanks to Jenny Hopkins for
- report.
-
-* Increased the server socket backlog queue which will make Monit
- able to handle more services. Thanks to Jochen Kramer.
-
-* Fixed #24866: Email messages such as: cpu wait usage check
- succeeded [current cpu wait usage=17.4%] were displayed as
- "...usage<SOMEGARBAGE>.4%". The problem was incorrect transfer
- encoding header in the email (the body itself was OK). Thanks
- to Dave Cheney for report.
-
-* When a Monit shutdown requested was issued while Monit were
- working and testing services, Monit did not shutdown until all
- work were done, i.e. until all services were tested. Monit will
- now shutdown faster - as soon as it finish testing the current
- service.
-
-* Monit blocked/unblocked SIGTERM, SIGINT SIGHUP and SIGUSR1
- signals during operation to protect certain code sections. When
- a signal was sent during such a time, for example to stop
- Monit, it was dropped and had to be retried in order to stop
- Monit. This limitation is now removed and signals will be
- processed at any time. Thanks to Nicola Tiling for report.
-
-* If the Monit httpd allow option did not include a
- user:password, Monit CLI logged the following error (even if
- the action was performed anyway):
- Cleartext credentials needed for basic authorization!
- This error was false - even access restriction based on
- host/net is sufficient - user and password is just one of
- possible options (not requirement). Thanks to Gilad Benjamini
- for report.
-
-* Allow localhost as a value for the host header in the http
- protocol test instead of setting an empty host header and let
- the http server decide
-
-* The 'if changed checksum ...' test can now be used even if a
- monitored file doesn't exist at Monit startup. Thanks to Joe
- Shang for report.
-
-* If both event handlers (M/Monit and mail alerts) temporarily
- failed at once and event queue was enabled, events will be
- stored in the queue and delivered in the next cycle. However, a
- bug caused delivery to be retried for every cycle for both
- handlers if just one of them was recovered. Monit could then
- deliver the same message multiple times until both handlers
- recovered. The problem is now fixed and only one copy of the
- event is sent even if only one handler did recover.
-
-* Make unit in size test optional and default to byte unless
- specified. So it is possible to write, if size > 1000 then ..
-
-* Fixed handling of invalid input files in event queue handler.
- Thanks to Fco.Javier Felix for patch.
-
-* Set the content type to text/html for Monit web interface POST
- responses. Thanks to Rich Drummond for patch.
-
-* Fixed #23530: configure script will return error if bison,
- byacc or yacc are not found at Monit compile time.
-
-* Fix CPU and memory monitoring on Solaris (it was disabled on
- Monit start)
-
-* AIX fixes and extensions, Monit should run on AIX without
- problems, including cpu, memory and filesystem monitoring
- (tested with AIX 5.3). Thanks to Brian Downey for support
- and help.
-
-* HP-UX fixes and extensions, Monit should run on HP-UX without
- problems, including cpu, memory and filesystem monitoring.
- Thanks to Brian Downey for support and help.
-
-* Fixed #23467: Don't exit, only issue a warning if the "include"
- statement did not find any files to include.
-
-* Fixed #23530: Event queue did not work with the default
- unlimited slots.
-
-* Fixed #23617: The process cpu usage is initializing in the
- first cycle so the value is set to 0% - if the 'cpu usage <
- xyz%' test was used to check that the process usage is higher
- then given level, it was always true. Monit now skips the
- process cpu usage check in the first cycle.
-
-* Make sure Monit alerts has a unique message id. Thanks to Steve
- Purcell for report
-
-* Fixed possible crash when Monit is watching VPS environment on
- Linux which reports number of CPUs as 0. Thanks to Marius
- Schmidt for report.
-
-* Cleanup event states during a service stop/unmonitor so old
- events are not sent when the service is started/monitored again.
-
-* Fixed #21989: Monit could start two instances of the process
- when service restart is performed and the process is starting
- slowly. Thanks to Nick Upson, Aaron Scamehorn and David Greaves
- for report.
-
-* Fixed #21550: Fix crash when Monit event queue contained an
- empty file. Thanks to Douglas J Hunley for report.
-
-* Fixed possible crash when the 'if changed checksum' test was
- used along with restart action. Thanks to Brian Candler for
- report.
-
-* Fixed #22075: Allow using a mail address as username when using
- SMTP authentication.
-
-* Fixed #22191 and #19823: If the file content test does not match
- anymore, reset the service error state. (Previous versions did
- not clear the error state and kept showing a match in the status
- listing and in the http interface).
-
-* The 'if changed size ...' test can now be used even if the
- monitored file does not exist on monit's start.
-
-* If a htpasswd file is used to control Monit http interface
- access and the hash type is set to MD5 but the file contains
- wrong format (non-MD5), report the error and keep running.
- Formerly Monit exited with an assert exception. Thanks to
- Adrian Bridgett for report.
-
-BACKWARD INCOMPATIBLE CHANGES:
-
-* The current CPU usage test which checked the cpu usage of the
- process itself plus the cpu usage of child processes was
- renamed to TOTALCPU (otherwise it works the same). The new CPU
- usage test checks the CPU usage of the process itself only.
- This change was introduced to align the syntax with MEMORY and
- TOTALMEMORY tests and to allow to test the CPU usage of
- processes which fork child processes but the user don't want to
- include children (such as Mythtv). Users who are using the CPU
- check for services like Apache webserver to watch total cpu
- utilization (including children) should rename the CPU
- statement in their configuration to TOTALCPU.
-
=======================================
--- /trunk/COPYING Thu Jun 4 12:28:53 2009
+++ /dev/null
@@ -1,691 +0,0 @@
- GNU GENERAL PUBLIC LICENSE
- Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
- The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works. By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users. We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors. You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
- To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights. Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received. You must make sure that they, too, receive
-or can get the source code. And you must show them these terms so they
-know their rights.
-
- Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
- For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software. For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
- Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so. This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software. The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable. Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products. If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
- Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary. To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- TERMS AND CONDITIONS
-
- 0. Definitions.
-
- "This License" refers to version 3 of the GNU General Public License.
-
- "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
- "The Program" refers to any copyrightable work licensed under this
-License. Each licensee is addressed as "you". "Licensees" and
-"recipients" may be individuals or organizations.
-
- To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy. The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
- A "covered work" means either the unmodified Program or a work based
-on the Program.
-
- To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy. Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
- To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies. Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
- An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License. If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
- 1. Source Code.
-
- The "source code" for a work means the preferred form of the work
-for making modifications to it. "Object code" means any non-source
-form of a work.
-
- A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
- The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form. A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
- The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities. However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work. For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
- The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
- The Corresponding Source for a work in source code form is that
-same work.
-
- 2. Basic Permissions.
-
- All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met. This License explicitly affirms your unlimited
-permission to run the unmodified Program. The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work. This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
- You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force. You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright. Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
- Conveying under any other circumstances is permitted solely under
-the conditions stated below. Sublicensing is not allowed; section 10
-makes it unnecessary.
-
- 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
- No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
- When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
- 4. Conveying Verbatim Copies.
-
- You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
- You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
- 5. Conveying Modified Source Versions.
-
- You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
- a) The work must carry prominent notices stating that you modified
- it, and giving a relevant date.
-
- b) The work must carry prominent notices stating that it is
- released under this License and any conditions added under section
- 7. This requirement modifies the requirement in section 4 to
- "keep intact all notices".
-
- c) You must license the entire work, as a whole, under this
- License to anyone who comes into possession of a copy. This
- License will therefore apply, along with any applicable section 7
- additional terms, to the whole of the work, and all its parts,
- regardless of how they are packaged. This License gives no
- permission to license the work in any other way, but it does not
- invalidate such permission if you have separately received it.
-
- d) If the work has interactive user interfaces, each must display
- Appropriate Legal Notices; however, if the Program has interactive
- interfaces that do not display Appropriate Legal Notices, your
- work need not make them do so.
-
- A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit. Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
- 6. Conveying Non-Source Forms.
-
- You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
- a) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by the
- Corresponding Source fixed on a durable physical medium
- customarily used for software interchange.
-
- b) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by a
- written offer, valid for at least three years and valid for as
- long as you offer spare parts or customer support for that product
- model, to give anyone who possesses the object code either (1) a
- copy of the Corresponding Source for all the software in the
- product that is covered by this License, on a durable physical
- medium customarily used for software interchange, for a price no
- more than your reasonable cost of physically performing this
- conveying of source, or (2) access to copy the
- Corresponding Source from a network server at no charge.
-
- c) Convey individual copies of the object code with a copy of the
- written offer to provide the Corresponding Source. This
- alternative is allowed only occasionally and noncommercially, and
- only if you received the object code with such an offer, in accord
- with subsection 6b.
-
- d) Convey the object code by offering access from a designated
- place (gratis or for a charge), and offer equivalent access to the
- Corresponding Source in the same way through the same place at no
- further charge. You need not require recipients to copy the
- Corresponding Source along with the object code. If the place to
- copy the object code is a network server, the Corresponding Source
- may be on a different server (operated by you or a third party)
- that supports equivalent copying facilities, provided you maintain
- clear directions next to the object code saying where to find the
- Corresponding Source. Regardless of what server hosts the
- Corresponding Source, you remain obligated to ensure that it is
- available for as long as needed to satisfy these requirements.
-
- e) Convey the object code using peer-to-peer transmission, provided
- you inform other peers where the object code and Corresponding
- Source of the work are being offered to the general public at no
- charge under subsection 6d.
-
- A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
- A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling. In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage. For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product. A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
- "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source. The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
- If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information. But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
- The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed. Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
- Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
- 7. Additional Terms.
-
- "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law. If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
- When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it. (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.) You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
- Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
- a) Disclaiming warranty or limiting liability differently from the
- terms of sections 15 and 16 of this License; or
-
- b) Requiring preservation of specified reasonable legal notices or
- author attributions in that material or in the Appropriate Legal
- Notices displayed by works containing it; or
-
- c) Prohibiting misrepresentation of the origin of that material, or
- requiring that modified versions of such material be marked in
- reasonable ways as different from the original version; or
-
- d) Limiting the use for publicity purposes of names of licensors or
- authors of the material; or
-
- e) Declining to grant rights under trademark law for use of some
- trade names, trademarks, or service marks; or
-
- f) Requiring indemnification of licensors and authors of that
- material by anyone who conveys the material (or modified versions of
- it) with contractual assumptions of liability to the recipient, for
- any liability that these contractual assumptions directly impose on
- those licensors and authors.
-
- All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10. If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term. If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
- If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
- Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
- 8. Termination.
-
- You may not propagate or modify a covered work except as expressly
-provided under this License. Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
- However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
- Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
- Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License. If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
- 9. Acceptance Not Required for Having Copies.
-
- You are not required to accept this License in order to receive or
-run a copy of the Program. Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance. However,
-nothing other than this License grants you permission to propagate or
-modify any covered work. These actions infringe copyright if you do
-not accept this License. Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
- 10. Automatic Licensing of Downstream Recipients.
-
- Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License. You are not responsible
-for enforcing compliance by third parties with this License.
-
- An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations. If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
- You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License. For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
- 11. Patents.
-
- A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based. The
-work thus licensed is called the contributor's "contributor version".
-
- A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version. For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
- Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
- In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement). To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
- If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients. "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
- If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
- A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License. You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
- Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
- 12. No Surrender of Others' Freedom.
-
- If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all. For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
- 13. Use with the GNU Affero General Public License.
-
- Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work. The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
- 14. Revised Versions of this License.
-
- The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
- Each version is given a distinguishing version number. If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation. If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
- If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
- Later license versions may give you additional or different
-permissions. However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
- 15. Disclaimer of Warranty.
-
- THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
- 16. Limitation of Liability.
-
- IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
- 17. Interpretation of Sections 15 and 16.
-
- If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
- <one line to give the program's name and a brief idea of what it does.>
- Copyright (C) <year> <name of author>
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
- If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
- <program> Copyright (C) <year> <name of author>
- This program comes with ABSOLUTELY NO WARRANTY; for details type `show
w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
- You should also get your employer (if you work as a programmer) or
school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
-
- The GNU General Public License does not permit incorporating your program
-into proprietary programs. If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library. If this is what you want to do, use the GNU Lesser General
-Public License instead of this License. But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
-
-
- License Exception
-
-In addition, as a special exception, the copyright holders give
-permission to link the code of portions of this program with the
-OpenSSL library under certain conditions as described in each
-individual source file, and distribute linked combinations
-including the two.
-
-You must obey the GNU General Public License in all respects
-for all of the code used other than OpenSSL. If you modify
-file(s) with this exception, you may extend this exception to your
-version of the file(s), but you are not obligated to do so. If you
-do not wish to do so, delete this exception statement from your
-version. If you delete this exception statement from all source
-files in the program, then also delete it here.
=======================================
--- /trunk/LICENSE Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
=======================================
--- /trunk/Makefile.in Tue Apr 5 09:57:58 2011
+++ /dev/null
@@ -1,179 +0,0 @@
-# Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 3.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-# ---------------------------------------------------------------------
-#
-# SYNOPSIS
-# make {all|install|clean|uninstall|distclean|devclean}
-#
-# AUTHOR:
-# Jan-Henrik Haukeland, <address@hidden>
-#
-# CVS INFO
-# $Id: Makefile.in,v 1.39 2009/05/09 10:18:31 martinp Exp $
-
-
-# Programs (with common options):
-SHELL = /bin/sh
-RM = /bin/rm -fr
-MV = /bin/mv -f
-ETAGS = etags
-
-# Install modes
-MODE_PROGS = 555
-MODE_FILES = 444
-MODE_CONF = 600
-MODE_DIRS = 755
-
-INSTALL = @INSTALL@
-INSTALL_PROG = $(INSTALL) -m $(MODE_PROGS)
-INSTALL_FILE = $(INSTALL) -m $(MODE_FILES)
-INSTALL_DIR = $(INSTALL) -m $(MODE_DIRS) -d
-
-DESTDIR =
-
-# ------------------------------------------------------------------- #
-
-prefix = @prefix@
-exec_prefix = @prefix@
-
-BINDIR = @bindir@
-MANDIR = @mandir@/man1
-
-# ------------------------------------------------------------------- #
-
-# Name of program to build
-PROG = monit
-
-INCDIR = -I. -I./device -I./http -I./process -I./protocols
-LIB = @LEXLIB@ @LIBS@
-DEFINES = address@hidden@ -DSYSCONFDIR="\"@address@hidden""
-
-# ------------------------------------------------------------------- #
-
-CC = @CC@
-LEX = @LEX@
-YACC = @YACC@
-
-LINKFLAGS = @LDFLAGS@
-CFLAGS = $(DEFINES) $(INCDIR) @CFLAGS@ @CPPFLAGS@
-LEXFLAGS = -i
-YACCFLAGS = -dvt -o y.tab.c
-
-# ------------------------------------------------------------------- #
-
-# Grammar files
-GRAMMAR := y.tab.c lex.yy.c
-
-# Filter out platform spesific files
-FILTER := $(wildcard device/sysdep_*.c process/sysdep_*.c)
-
-# Source files
-SOURCE := $(filter-out $(GRAMMAR) $(FILTER), \
- $(wildcard *.c) $(wildcard */*.c)) \
- device/address@hidden@.c\
- process/address@hidden@.c\
- $(GRAMMAR)
-
-# Object files
-OBJECTS := $(SOURCE:.c=.o)
-
-# Man files
-MAN_OBJS := $(wildcard *.1)
-
-# Header files
-HEADERS := $(wildcard *.h)\
- $(wildcard device/*.h)\
- $(wildcard http/*.h)\
- $(wildcard process/*.h)\
- $(wildcard protocols/*.h)
-
-# ------------------------------------------------------------------- #
-
-define check-exit
-|| exit 1
-
-endef
-
-# -----
-# Rules
-# -----
-%.o: %.c
- $(CC) -c $(CFLAGS) $< -o $@
-
-# -------
-# Targets
-# -------
-.PHONY: all clean install uninstall distclean devclean
-
-all : $(PROG)
-
-$(PROG) : $(GRAMMAR) $(OBJECTS)
- $(CC) $(LINKFLAGS) $(OBJECTS) $(LIB) -o $(PROG)
-
-clean::
- $(RM) *.orig *~ \#* $(PROG) core $(OBJECTS) $(GRAMMAR) tokens.h
-
-# remove configure files
-distclean:: clean
- $(RM) config.cache config.log config.status Makefile config.h \
- autom4te*
-
-devclean:: clean distclean
- $(RM) configure config.h.in aclocal.m4
-
-install:: $(PROG)
- $(INSTALL_DIR) $(DESTDIR)$(BINDIR) $(check-exit)
- $(INSTALL_DIR) $(DESTDIR)$(MANDIR) $(check-exit)
- $(INSTALL_PROG) $(PROG) $(DESTDIR)$(BINDIR) $(check-exit)
- $(foreach file, $(MAN_OBJS), \
- $(INSTALL_FILE) $(file) $(DESTDIR)$(MANDIR)/$(file) \
- $(check-exit))
-
-uninstall::
- $(RM) $(DESTDIR)$(BINDIR)/$(PROG) $(check-exit)
- $(foreach file, $(MAN_OBJS), \
- $(RM) $(DESTDIR)$(MANDIR)/$(file) \
- $(check-exit))
-
-doc::
- doxygen doxygen.cfg
-
-etag:
- $(ETAGS) $(filter-out $(GRAMMAR), $(FILTER) $(SOURCE)) p.y l.l
-
-
-# ---
-# Dep
-# ---
-$(OBJECTS): $(HEADERS)
-
-# -------------
-# Grammar rules
-# -------------
-
-# Byacc prepends banner where it includes the stdlib.h before the p.y
-# prologue section. When monit is compiled on linux as 32-bit application
-# with largefiles (LFS) support, the _FILE_OFFSET_BITS is not set
-# thus the off_t doesn't match and monit will crash. To workaround
-# this problem we need to include our config.h ahead of byacc banner.
-# Note that bison is not affected and doesn't require this workaround.
-y.tab.c tokens.h: p.y
- $(YACC) $(YACCFLAGS) $<
- echo "#include <config.h>" > .y.tab.c
- cat y.tab.c >> .y.tab.c
- $(MV) .y.tab.c y.tab.c
- $(MV) y.tab.h tokens.h
-lex.yy.c: l.l
- $(LEX) $(LEXFLAGS) $<
-
=======================================
--- /trunk/PLATFORMS Sat Mar 13 05:18:29 2010
+++ /dev/null
@@ -1,203 +0,0 @@
- Platform Notes
- --------------
-
-This file describes platform specific notes for Monit.
-
-Platforms overview in alphabetical order:
-
- o AIX
- o Darwin (Mac OS X)
- o FreeBSD
- o Linux
- o NetBSD
- o OpenBSD
- o Solaris
-
-Following platforms are not actively maintained because of lack of testing
-machine for these OS's. They may work - its support was added and confirmed
-in particular Monit releases by contributors. Possible status reports, bug
-reports, patch contributions or access to such platforms for development is
-welcomed :)
-
- o HPUX
-
-
-Platform specific notes:
-========================
-
-
-GNU/Linux
-=========
-
-Monit compiles out of the box on Linux. Some Linux Distributions
-might have Monit as a precompiled package (see PACKAGES).
-
-In order to be able to use resource support you have to have PROCFS
-support enabled in your kernel. In case your kernel has fortified
-your proc filesystem, e.g. using the openwall patchset, you might need
-to start Monit as the root user.
-
-In case a glibc replacement is used one of the following parts may
-apply.
-
-dietlibc
---------
-
-Since version 4.0 the use of dietlibc is supported by Monit. For SSL
-support you need to compile the ssl libraries with dietlibc; use the
-"--with-ssl-lib-dir=<path>" option to configure Monit.
-
-A configure for dietlibc might look like this:
-
- env CC="diet gcc" CFLAGS="-Os" \
- ./configure --with-ssl-lib-dir=/usr/lib/diet/lib-i386/
-
-
-uClibc
-------
-
-The support for uClibc has been integrated in version 4.0. Like
-dietlibc you need to compile openssl with uClibc for SSL support. You
-also need to have the openssl include files outside of your "standard"
-include files (e.g. use an "openssl" link in you <uClibc>/include
-tree). Otherwise your uClibc include files are mixed up with the
-glibc includes. Finally, specify your <uClibc>/ tree in your configure
-run with "--with-ssl-dir=<path>".
-
-A configure for uClibc might look like this:
-
- env CC="i386-uclibc-gcc" CFLAGS="-Os" \
- ./configure --with-ssl-dir=/usr/i386-linux-uclibc
-
-
-Solaris
-=======
-
-64-bit Monit is required for Solaris support.
-
-You can use either gcc or Sun Studio for compilation.
-
-Package prerequisites
-
-Solaris 10:
- SUNWbash
- SUNWgmake
- SUNWgcc
- SUNWopenssl-include
- SUNWopenssl-libraries
- SUNWbison
- SUNWflexlex
- SUNWflexruntime
- CSWautoconf (http://www.blastwave.org))
- CSWautomake (http://www.blastwave.org))
- CSWgm4 (http://www.blastwave.org))
-
-Solaris Nevada:
- SUNWaconf NOTE: only if compiling using cvs sources
- SUNWbash
- SUNWgmake
- SUNWgcc
- SUNWopenssl-include
- SUNWopenssl-libraries
- SUNWbison
- SUNWflexlex
- SUNWflexruntime NOTE: see bellow for Solaris Nevada x86 - AMD64
- CSWgm4 (http://www.blastwave.org))
-
-Set path to the SFW utilities and libraries, for example:
-
- PATH=$PATH:/usr/sfw/bin:/opt/csw/bin
- export PATH
-
- crle -l /lib:/usr/lib:/usr/sfw/lib # (32-bit)
- crle -64 -l /lib/64:/usr/lib/64:/usr/sfw/lib/64 # (64-bit)
-
-Configure Monit with 64-bit support (examples):
-
- gcc [sparc]:
- ./configure \
- --with-ssl-incl-dir=/usr/sfw/include \
- --with-ssl-lib-dir=/usr/sfw/lib/64 \
- CFLAGS='-m64 -mtune=v9' \
- LDFLAGS='-m64 -mtune=v9'
-
- gcc [amd64]:
- ./configure \
- --with-ssl-incl-dir=/usr/sfw/include \
- --with-ssl-lib-dir=/usr/sfw/lib/64 \
- CFLAGS='-m64 -mtune=opteron' \
- LDFLAGS='-m64 -mtune=opteron'
-
- Sun Studio 12 [sparc]:
- ./configure \
- --with-ssl-incl-dir=/usr/sfw/include \
- --with-ssl-lib-dir=/usr/sfw/lib/64 \
- CFLAGS='-xarch=v9' \
- LDFLAGS='-xarch=v9' \
- CC=/opt/SUNWspro/bin/cc
-
- Sun Studio 12 [amd64]:
- ./configure \
- --with-ssl-incl-dir=/usr/sfw/include \
- --with-ssl-lib-dir=/usr/sfw/lib/64 \
- CFLAGS='-m64' \
- LDFLAGS='-m64' \
- CC=/opt/SUNWspro/bin/cc
-
-Compile Monit with:
-
- gmake
-
-
-AIX
-===
-
-Configure Monit with SSL path (examples):
-
- ./configure \
- --with-ssl-incl-dir=/opt/freeware/include \
- --with-ssl-lib-dir=/opt/freeware/64/lib
-
-Use GNU make to compile ('gmake')
-
-
-FreeBSD + NetBSD + OpenBSD
-==========================
-
-Use GNU make to compile ('gmake')
-
-
-Darwin (Mac OS X)
-=================
-
-Monit compiles out of the box on Mac OS X.
-
-It seems that Apple is phasing out the kvm interface and that
-it is disabled by default on Intel based Mac OS X 10.4.8 and later.
-You can get following error in such case for Monit <= 4.9:
-
- --8<--
- kvm_open: : /dev/mem: No such file or directory
- system statistic error -- cannot initialize kvm interface
- system statistic error -- cannot initialize the process tree =>
- process resource monitoring disabled
- --8<--
-
-You can reenable the kvm interface by adding the kmem to the boot-args
-Open Firmware variable as root - for example:
-
- nvram boot-arg="kmem=1"
-
-and reboot the machine.
-
-Monit > 4.9 don't need this workaround.
-
-
-Any other not yet mentioned but posix compatible platform
-=========================================================
-
-Monit might be able to compile using the "UNKNOWN" architecure. In
-case a wrong platform is detected you can enforce this behavior by
-using the "--without-resource" flag in the configure run. Generally,
-it is advisable to stick to gcc for compiling.
-
=======================================
--- /trunk/README Sat Jul 24 04:27:48 2010
+++ /dev/null
@@ -1,57 +0,0 @@
- QUICK START
- -----------
-
- This readme serves as a quick start, please use `man monit' for
- documentation on the program.
-
-
- Installation:
- -------------
-
- - ./configure
- - make
- - make install
- - man monit
-
- This will install Monit and the man-file in /usr/local/bin and
- /usr/local/man/man1 respectively. If you want another location than
- /usr/local, run configure with the prefix options, like so:
- ./configure --prefix=<dir>
-
-
- Notes:
- ------
-
- - This directory contains an example Monit control file, called
- monitrc. Please read it and use it as a starting point when you
- write your own Monit control file.
-
- - Monit will probably work on most Unix systems. However, Monit is
- tested and known to compile and operate on: Darwin, Linux, FreeBSD,
- NetBSD, OpenBSD and Solaris.
-
-
- License Notes:
- --------------
-
- This program is free software: you can redistribute it and/or modify it
- under the terms of the GNU General Public License version 3.
-
- This program is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the file
- COPYING accompanying the Software for details.
-
- Questions and support:
- ----------------------
-
- If you have questions or comments about the software or documentation
- please subscribe to the Monit general mailing list and post your
- questions there.
-
- http://lists.nongnu.org/mailman/listinfo/monit-general
-
- You can also look in the mailing list archive for answers:
-
- http://lists.gnu.org/archive/html/monit-general/
-
=======================================
--- /trunk/README.DEVELOPER Mon Apr 19 07:55:33 2010
+++ /dev/null
@@ -1,135 +0,0 @@
-
-Project standards
------------------
-
- * Bug fixes and small code changes are updated in the CVS and the
- mailing list is notified later.
-
- * Adding new Features is the other way around. A proposal for a new
- Feature is first sent to the mailing list, discussed there (and
- possible voted on in case of major changes). If accepted, the CVS
- is updated with the new code.
-
- Adding new features also include updating the monit.pod file,
- the CHANGES.txt and other relevant documentation files, like
- ./monitrc for configuration syntax or semantic changes. It is
- important that the documentation is *always* aligned with the
- lates codebase.
-
- * Add yourself as an author to any files you have changed
- substantially. Substantially changes means adding a new method
- or adding more than a couple of new code lines in a file so the
- program behavior was changed. The reason is mainly that you get
- the credit for the work you have done and partly that others
- will know whom to blame.
-
-
-Decision Making
----------------
-
- * All Contributors are encouraged to participate in decisions, but
- the decision itself is made by those that have Committer status
- in the Project. In other words, the Project is a "Minimum
- Threshold Meritocracy".
-
- * Each vote can be made in one of three flavors:
-
- +1 "Yes," "Agree," or "the action should be performed." On some
- issues this is only binding if the voter has tested the
- action on their own system(s).
-
- 0 "Abstain," "no opinion". An abstention may have detrimental
- effects if too many people abstain.
-
- -1 "No." On issues where consensus is required, this vote counts
- as a veto. All vetos must contain an explanation of why the
- veto is appropriate. Vetos with no explanation are void. No
- veto can be overruled. If you disagree with the veto, you
- should lobby the person who cast the veto. Voters intending
- to veto an action item should make their opinions known to
- the group immediately so that the problem can be remedied as
- early as possible.
-
-
-Programs you will need to build a monit package
------------------------------------------------
-
- * GNU make
- * pod2html and pod2man
- * flex
- * yacc or bison (bison is recommended)
- * Perl
- * GNU tar and GNU gzip
- * autoconf (v. >= 2.53)
- * automake (v. >= 1.5)
- * doxygen (v. >= 1.2.15)
-
-
-
-Setting up the developing environment
--------------------------------------
-
- 1. Run autogen.sh to create and run configure, or alternatively do:
- autoheader
- autoconf
- ./configure
- Pass any configure arguments on the command line of autogen.sh if
- you are running autogen.sh.
-
- 2. You will now have a Makefile for building the program. The
- Makefile will handle any additional source files you add to the
- project and will link everything to monit.
-
- 3. The man file for the project is monit.pod and a monit.1 man
- file is created by using perl-pod and pod2man.
-
- 4. To build a new release run the make_dist script. This will
- create a monit-{release-number}.tar.gz file in the current
- directory.
-
-
-SVN standards
--------------
-
- * ONLY check in files that will compile without any warnings.
- (Change the CFLAGS macro in the Makefile to include -Wall;
- CFLAGS = -Wall .. to compile with all warnings turned on)
-
- * Regularly do a 'svn update' to keep your local copy in sync
- with the master repository.
-
- * To check out trunk (development):
-
- svn checkout http://monit.googlecode.com/svn/trunk/ monit
-
- * To check out the complete source code repository:
-
- svn checkout http://monit.googlecode.com/svn/ monit
-
- For Project Managers:
-
- * Every file in the project *must* be tagged with a release tag
- matching the version number in configure.ac before a new release
- is released. We use the following release tag standard:
-
- release-x-y-z e.g. release-5-0-3
-
- * The release numbers explained:
-
- x is for major feature releases
- y is for minor feature releases
- z is for bug fix releases
-
- * To tag a new release in svn:
-
- svn checkout http://monit.googlecode.com/svn/ svn
- cd svn
- svn copy trunk tags/release-x-y-z
- svn ci
-
- * Only the project manager should create and tag a new
- release
-
-
---
address@hidden
=======================================
--- /trunk/README.SSL Sun Dec 19 14:03:05 2010
+++ /dev/null
@@ -1,259 +0,0 @@
-How to use monit with ssl
-=========================
-
-File information:
-
- @author Christian Hopp, <address@hidden>
-
-Where to get openssl:
----------------------
-
-You can get the newest version of openssl at:
-
- http://www.openssl.org
-
-In many cases your operating system already has a binary version of
-openssl installed.
-
-
-How do I turn on ssl support in monit:
---------------------------------------
-
-To start monit's http server with ssl support, use the standard SET
-HTTPD statement and add the keywords SSL ENABLE and specify the
-location of the PEM encoded server certificate. This file should
-contain the server's private key and certificate (see also: Generation
-of a "pemfile").
-
- SET HTTPD PORT 2812
- SSL ENABLE
- PEMFILE /var/certs/monit.pem
- ADDRESS localhost
- ALLOW admin:bar
- ALLOW adminscomp.network.com
-
-Start monit and connect to the monit http server over SSL via this
-url: https://localhost:2812/
-
--
-
-You may also utilize ssl to allow monit to test a network connection
-to a ssl enabled server. To do so, simply replace the TCP token with
-the TCPSSL token. For instance, to check a web server running over ssl
-(https) you can use the following command:
-
-check process https with pidfile /var/run/httpds.pid
- if failed port 443 type tcpssl protocol http then alert
- alert address@hidden
-
-Port 443 is the standard HTTPS port.
-
--
-
-You can also setup monit to only allow clients with a certain
-certificate. In other words, if a browser wants to connect to monit,
-the browser will need to present a certificate known by monit. If it
-is not known, monit will not accept the connection. The certificate
-obtained from the client (browser) is checked against certificates in
-a database file. This database file can be specified via the
-CLIENTPEMFILE statement. It might look like this:
-
- SET HTTPD PORT 2812
- SSL ENABLE
- PEMFILE /var/certs/monit.pem
- CLIENTPEMFILE /var/certs/monit-client.pem
- ADDRESS localhost
- ALLOW admin:bar
- ALLOW adminscomp.network.com
-
-The database file contains client certificates which are allowed to
-access the monit httpd server.
-
--
-
-A certificate may also be self-signed. Normally a self-signed
-certificate is not allowed, but you may explicit allow it by using the
-ALLOWSELFCERTIFICATION statement.
-
--
-
-If you want to switch off SSL support for a while you may replace the
-ENABLE keyword with DISABLE (without having to remove any other SSL
-statements in the monit control file). Like so:
-
- SET HTTPD PORT 2812
- SSL DISABLE
- PEMFILE /var/certs/monit.pem
- CLIENTPEMFILE /var/certs/monit-client.pem
- ALLOWSELFCERTIFICATION
- ADDRESS localhost
- ALLOW admin:bar
- ALLOW adminscomp.network.com
-
--
-
-Finally, an overview of the http with ssl statement in monit:
-
- SET HTTPD [PORT portnumber]
- [SSL [ENABLE|DISABLE]
- PEMFILE filename
- [CLIENTPEMFILE filename]]
- ALLOWSELFCERTIFICATION
- ADDRESS hostname
- ALLOW [user:passwd|host]
- [ALLOW ...]
-
-
-
-How do I get my client certificate into a browser:
---------------------------------------------------
-
-Here, the tricky part starts because we are dealing with a program
-other than monit. (-:
-
-First, it is not just the certificate, you also have to provide the
-private key of the certificate. This key SHOULD be different from the
-key used by the monit's http server.
-
-You will need a key with a "client" purpose (in openssl it is
-"nsCertType=client") or a key with no explicit purpose. Otherwise your
-browser will not send the certificate.
-
-Netscape and its relatives (like Galeon or Mozilla) likes certificates
-encoded in the PKCS12 format. If you have your client certificate file
-PEM encoded you will need to convert it to PKCS12.
-
-So how do you convert a PEM encoded certificate to the PKCS12 format
-and import it into your browser? Simply use the openssl tool to
-convert it:
-
-openssl pkcs12 -export -in monit_client.pem
- -out monit_client.p12 \
- -name "Monit"
-
-Finally you must import the certificate into your browser. In mozilla
-you should use: Edit->Preferences->Privacy&Security, click on the
-Manage Certificate button and in the window that pops up, click on the
-Import button, then import the monit_client.p12 file.
-
-
-
-I have turned off client certification but monit still complains:
------------------------------------------------------------------
-
-If you turn of client certification in monit and a client is sending a
-certificate then the monit server may complain with an error like
-this:
-
-[MET Nov 4 14:41:10] SSL VERIFY ERROR: depth=0, error=[20]
- 'unable to get local issuer certificate': foo Subject
-[MET Nov 4 14:41:10] HTTPD connection denied!
-[MET Nov 4 14:41:10] Accept with SSL service has failed!
-[MET Nov 4 14:41:10] http server: Cannot establish SSL connection --
Error 0
-
-This simply means that the client provided a cert but monit wasn't
-able to verify it. You can solve this by:
-
-1.) Configure your client not to send this certificate (e.g. delete it
- from the Netscape's "Your Certificates".
-
-2.) Turn on client certification and provide the certificate plus all
- necessary CA certificates to monit in X.509 format (as pemfile).
-
-
-
-But... but... openssl had so many problems lately:
---------------------------------------------------
-
-First of all, you can of course disable all ssl support in monit and
-run monit without ssl if you are in doubt. If you want to build monit
-without any SSL support, just run configure with
-
- ./configure --without-ssl
-
-If monit was already compiled with ssl support you don't need to use
-it if you don't want to. Simply use
-
- SET HTTPD PORT <port#>
-
-instead of
-
- SET HTTPD PORT <port#>
- SSL [ENABLE]
- PEMFILE <FILE>
-
-And remember, for security related software it is always wise to keep
-it up to date. You should also keep an eye on advisories from cert
-(CA) and other sources.
-
-
-
-Generation of a "pemfile":
---------------------------
-
-First generate an openssl configuration (or if you have one use
-it). It might look like this... IT IS JUST AN EXAMPLE!!!!! (-:
-
------ BEGIN:monit.cnf -----
-# create RSA certs - Server
-
-RANDFILE = ./openssl.rnd
-
-[ req ]
-default_bits = 1024
-encrypt_key = yes
-distinguished_name = req_dn
-x509_extensions = cert_type
-
-[ req_dn ]
-countryName = Country Name (2 letter code)
-countryName_default = MO
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = Monitoria
-
-localityName = Locality Name (eg, city)
-localityName_default = Monittown
-
-organizationName = Organization Name (eg, company)
-organizationName_default = Monit Inc.
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-organizationalUnitName_default = Dept. of Monitoring Technologies
-
-commonName = Common Name (FQDN of your server)
-commonName_default = server.monit.mo
-
-emailAddress = Email Address
-emailAddress_default = address@hidden
-
-[ cert_type ]
-nsCertType = server
------ END:monit.cnf -----
-
-In order to generate the actual pemfile just run these commands:
-
-# Generates the private key and the certificate
-openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out
/var/certs/monit.pem -keyout /var/certs/monit.pem
-
-# Generates the Diffie-Hellman Parameters
-openssl gendh 512 >> /var/certs/monit.pem
-
-# Prints out the certificate information
-openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
-
-
-
-How do I learn more about openssl:
-----------------------------------
-
-First have a look at the original documentation at openssl.org:
-
- http://www.openssl.org/docs/
-
-I particularly like this documentation when it comes to certs:
-
- http://tirian.magd.ox.ac.uk/~nick/openssl-certs/
-
-
-Have fun...! (-:
=======================================
--- /trunk/alert.c Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_STDARG_H
-#include <stdarg.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#include "monitor.h"
-#include "event.h"
-#include "net.h"
-#include "alert.h"
-
-
-/**
- * Implementation of the alert module
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala <address@hidden>
- * @author Christian Hopp <address@hidden>
- *
- * @file
- */
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static void copy_mail(Mail_T, Mail_T);
-static void replace_bare_linefeed(Mail_T *);
-static void substitute(Mail_T *, Event_T);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Notify registred users about the event
- * @param E An Event object
- * @return If failed, return HANDLER_ALERT flag or HANDLER_SUCCEEDED if
succeeded
- */
-int handle_alert(Event_T E) {
- Service_T s;
- int rv = HANDLER_SUCCEEDED;
-
- ASSERT(E);
-
- s= Event_get_source(E);
- if(!s) {
- LogError("Aborting alert\n");
- return rv;
- }
-
- if(s->maillist || Run.maillist) {
- Mail_T m;
- Mail_T n;
- Mail_T list= NULL;
- /*
- * Build a mail-list with local recipients that has registered interest
- * for this event.
- */
- for(m= s->maillist; m; m= m->next) {
-
- if(
- /* particular event notification type is allowed for given
recipient */
- IS_EVENT_SET(m->events, Event_get_id(E)) &&
- (
- /* state change notification is sent always */
- E->state_changed ||
- /* in the case that the state is failed for more cycles we check
- * whether we should send the reminder */
- (E->state && m->reminder && E->count % m->reminder == 0)
- )
- )
- {
- Mail_T tmp= NULL;
-
- NEW(tmp);
- copy_mail(tmp, m);
- substitute(&tmp, E);
- replace_bare_linefeed(&tmp);
- tmp->next= list;
- list= tmp;
-
- DEBUG("%s notification is sent to %s\n", Event_get_description(E),
m->to);
-
- }
-
- }
-
- /*
- * Build a mail-list with global recipients that has registered
interest
- * for this event. Recipients which are defined in the service localy
- * overrides the same recipient events which are registered globaly.
- */
- for(m= Run.maillist; m; m= m->next) {
- int skip= FALSE;
-
- for(n= s->maillist; n; n= n->next) {
- if(IS(m->to, n->to)) {
- skip= TRUE;
- break;
- }
- }
-
- if(
- /* the local service alert definition has not overrided the global
one */
- !skip &&
- /* particular event notification type is allowed for given
recipient */
- IS_EVENT_SET(m->events, Event_get_id(E)) &&
- (
- /* state change notification is sent always */
- E->state_changed ||
- /* in the case that the state is failed for more cycles we check
- * whether we should send the reminder */
- (E->state && m->reminder && E->count % m->reminder == 0)
- )
- )
- {
-
- Mail_T tmp= NULL;
-
- NEW(tmp);
- copy_mail(tmp, m);
- substitute(&tmp, E);
- replace_bare_linefeed(&tmp);
- tmp->next= list;
- list= tmp;
-
- DEBUG("%s notification is sent to %s\n", Event_get_description(E),
m->to);
-
- }
-
- }
-
- if(list) {
-
- if(!sendmail(list))
- rv = HANDLER_ALERT;
- gc_mail_list(&list);
-
- }
-
- }
-
- return rv;
-
-}
-
-
-static void substitute(Mail_T *m, Event_T e) {
- char timestamp[STRLEN];
-
- ASSERT(m && e);
-
- Util_replaceString(&(*m)->from, "$HOST", Run.localhostname);
- Util_replaceString(&(*m)->subject, "$HOST", Run.localhostname);
- Util_replaceString(&(*m)->message, "$HOST", Run.localhostname);
-
- Util_getRFC822Date((time_t *)&e->collected.tv_sec, timestamp, STRLEN);
- Util_replaceString(&(*m)->subject, "$DATE", timestamp);
- Util_replaceString(&(*m)->message, "$DATE", timestamp);
-
- Util_replaceString(&(*m)->subject, "$SERVICE", Event_get_source_name(e));
- Util_replaceString(&(*m)->message, "$SERVICE", Event_get_source_name(e));
-
- Util_replaceString(&(*m)->subject, "$EVENT", Event_get_description(e));
- Util_replaceString(&(*m)->message, "$EVENT", Event_get_description(e));
-
- Util_replaceString(&(*m)->subject, "$DESCRIPTION",
NVLSTR(Event_get_message(e)));
- Util_replaceString(&(*m)->message, "$DESCRIPTION",
NVLSTR(Event_get_message(e)));
-
- Util_replaceString(&(*m)->subject, "$ACTION",
Event_get_action_description(e));
- Util_replaceString(&(*m)->message, "$ACTION",
Event_get_action_description(e));
-}
-
-
-static void copy_mail(Mail_T n, Mail_T o) {
- ASSERT(n && o);
-
- n->to= xstrdup(o->to);
- n->from=
- o->from?
- xstrdup(o->from):
- Run.MailFormat.from?
- xstrdup(Run.MailFormat.from):
- xstrdup(ALERT_FROM);
- n->replyto =
- o->replyto?
- xstrdup(o->replyto):
- Run.MailFormat.replyto?
- xstrdup(Run.MailFormat.replyto):
- NULL;
- n->subject=
- o->subject?
- xstrdup(o->subject):
- Run.MailFormat.subject?
- xstrdup(Run.MailFormat.subject):
- xstrdup(ALERT_SUBJECT);
- n->message=
- o->message?
- xstrdup(o->message):
- Run.MailFormat.message?
- xstrdup(Run.MailFormat.message):
- xstrdup(ALERT_MESSAGE);
-}
-
-
-static void replace_bare_linefeed(Mail_T *m) {
- Util_replaceString(&(*m)->message, "\r\n", "\n");
- Util_replaceString(&(*m)->message, "\n", "\r\n");
-}
=======================================
--- /trunk/alert.h Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#ifndef MONIT_ALERT_H
-#define MONIT_ALERT_H
-
-#include "event.h"
-
-
-/** Default mail from string */
-#define ALERT_FROM "address@hidden"
-
-/** Default mail subject */
-#define ALERT_SUBJECT "monit alert -- $EVENT $SERVICE"
-
-/** Default mail message */
-#define ALERT_MESSAGE "$EVENT Service $SERVICE \r\n"\
- "\r\n"\
- "\tDate: $DATE\r\n"\
- "\tAction: $ACTION\r\n"\
- "\tHost: $HOST\r\n"\
- "\tDescription: $DESCRIPTION\r\n"\
- "\r\n"\
- "Your faithful employee,\r\n"\
- "Monit\r\n"
-
-
-/**
- * This module is used for event notifications. Users may register
- * interest for certain events in the monit control file. When an
- * event occurs this module is called from the event processing
- * machinery to notify users who have asked to be alerted for
- * particular events.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala <address@hidden>
- * @author Christian Hopp <address@hidden>
- *
- * @file
- */
-
-
-/**
- * Notify registred users about the event
- * @param E An Event object
- * @return If failed, return HANDLER_ALERT flag or HANDLER_SUCCEEDED flag
if succeeded
- */
-int handle_alert(Event_T E);
-
-
-#endif
=======================================
--- /trunk/autogen.sh Tue Apr 5 03:04:16 2011
+++ /dev/null
@@ -1,61 +0,0 @@
-#! /usr/bin/env bash
-# autogen.sh (borrowed from Gnet autogen.sh)
-#
-# This script is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-
-srcdir=$(dirname $0)
-test -z "$srcdir" && srcdir=.
-
-(test -f $srcdir/configure.ac) ||
-{
- echo -n "Error: directory '$srcdir' does not look like the"
- echo " top level directory"
- echo
- exit 1
-}
-
-DIE=0
-
-(autoconf --version) < /dev/null > /dev/null 2>&1 ||
-{
- echo "Error: 'autoconf' must be installed"
- echo
- DIE=1
-}
-
-if test "$DIE" -eq 1; then
- exit 1
-fi
-
-if test -z "$*"; then
- echo "Warning: I am going to run \`configure' with no arguments."
- echo "If you wish to pass any to it, please specify them on the"
- echo \`$0\'" command line."
- echo
-fi
-
-echo "Running aclocal"
-aclocal
-echo "Running autoheader"
-autoheader
-echo "Running autoconf"
-autoconf
-
-conf_flags="--enable-compile-warnings"
-if test x$NOCONFIGURE = x; then
- echo Running $srcdir/configure $conf_flags "$@" ...
- [ ! -x $srcdir/configure ] && chmod 755 $srcdir/configure
- $srcdir/configure $conf_flags "$@" || exit 1
- echo -n "Now type '"
- if ! ( uname -s | grep -i bsd >/dev/null 2>&1 ); then
- echo -n "make"
- else
- echo -n "gmake"
- fi
- echo "' to compile"
-else
- echo Skipping configure process
-fi
=======================================
--- /trunk/bottom Thu Jun 4 12:28:53 2009
+++ /dev/null
@@ -1,1 +0,0 @@
-</body></html>
=======================================
--- /trunk/collector.c Thu Mar 24 01:16:05 2011
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#include "monitor.h"
-#include "socket.h"
-#include "event.h"
-
-
-/**
- * Connect to a data collector servlet and send event or status message.
- *
- * @author Martin Pala, <address@hidden>
- *
- *
- * @file
- */
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static int data_send(Socket_T, Mmonit_T, char *);
-static int data_check(Socket_T, Mmonit_T);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Post event or status data message to mmonit
- * @param E An event object or NULL for status data
- * @return If failed, return HANDLER_MMONIT flag or HANDLER_SUCCEEDED flag
if succeeded
- */
-int handle_mmonit(Event_T E) {
- char *D = NULL;
- Mmonit_T C = Run.mmonits;
- int rv = HANDLER_SUCCEEDED;
- Socket_T socket;
-
- /* The event is sent to mmonit just once - only in the case that the
state changed */
- if(!C || (E && !E->state_changed))
- return rv;
-
- while(!(socket = socket_create_t(C->url->hostname, C->url->port,
SOCKET_TCP, C->ssl, C->timeout))) {
- LogError("M/Monit: cannot open a connection to %s -- %s\n",
C->url->url, STRERROR);
-
- if((C = C->next)) {
- LogInfo("M/Monit: trying next server %s\n", C->url->url);
- continue;
- } else {
- LogError("M/Monit: no server available\n");
- rv = HANDLER_MMONIT;
- goto exit2;
- }
- }
-
- D = status_xml(E, E ? LEVEL_SUMMARY : LEVEL_FULL, 2,
socket_get_local_host(socket));
-
- if(!data_send(socket, C, D)) {
- LogError("M/Monit: communication failed\n");
- rv = HANDLER_MMONIT;
- goto exit1;
- }
-
- /* Close write part of socket to indicate to M/Monit that message was
sent
- and stop M/Monit XML parser from waiting for more data */
- socket_shutdown_write(socket);
-
- if(!data_check(socket, C)) {
- LogError("M/Monit: communication failed (%s message)\n",
E ? "event" : "status");
- rv = HANDLER_MMONIT;
- goto exit1;
- }
- DEBUG("M/Monit: %s message sent to %s\n", E ? "event" : "status",
C->url->url);
-
-exit1:
- FREE(D);
- if(socket)
- socket_free(&socket);
-exit2:
- return rv;
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/**
- * Send message to the server
- * @param C An mmonit object
- * @param D Data to send
- * @return TRUE if the message sending succeeded otherwise FALSE
- */
-static int data_send(Socket_T socket, Mmonit_T C, char *D) {
- int rv;
- char *auth;
-
- auth = Util_getBasicAuthHeader(C->url->user, C->url->password);
- rv = socket_print(socket,
- "POST %s HTTP/1.1\r\n"
- "Host: %s:%d\r\n"
- "Content-Type: text/xml\r\n"
- "Content-Length: %d\r\n"
- "Pragma: no-cache\r\n"
- "Accept: */*\r\n"
- "User-Agent: %s/%s\r\n"
- "Connection: close\r\n"
- "%s"
- "\r\n"
- "%s",
- C->url->path,
- C->url->hostname, C->url->port,
- strlen(D),
- prog, VERSION,
- auth?auth:"",
- D);
- FREE(auth);
- if(rv <0) {
- LogError("M/Monit: error sending data to %s -- %s\n", C->url->url,
STRERROR);
- return FALSE;
- }
- return TRUE;
-}
-
-
-/**
- * Check that the server returns a valid HTTP response
- * @param C An mmonit object
- * @return TRUE if the response is valid otherwise FALSE
- */
-static int data_check(Socket_T socket, Mmonit_T C) {
- int n;
- int status;
- char buf[STRLEN];
-
- if(!socket_readln(socket, buf, sizeof(buf))) {
- LogError("M/Monit: error receiving data from %s -- %s\n", C->url->url,
STRERROR);
- return FALSE;
- }
- Util_chomp(buf);
- n = sscanf(buf, "%*s %d", &status);
- if(n != 1 || (status >= 400)) {
- LogError("M/Monit: message sending failed to %s -- %s\n", C->url->url,
buf);
- return FALSE;
- }
- return TRUE;
-}
-
=======================================
--- /trunk/configure.ac Tue Apr 5 03:20:57 2011
+++ /dev/null
@@ -1,777 +0,0 @@
-# Process this file with autoconf to produce a configure script.
-# Mark Ferlatte, <address@hidden>
-#
-
-# autoconf requirement
-AC_PREREQ([2.53])
-
-# Init autoconf and automake
-
-# Note: in case of beta subversion, use underscore "_" rather then
dash "-"
-# since RPM doesn't allow dash in Version
-# Example: 5.0_beta2
-AC_INIT([monit], [5.2.6], address@hidden)
-
-# Package info
-AC_REVISION([$Revision: 1.194 $])
-AC_CONFIG_SRCDIR([monitor.c])
-
-# ------------------------------------------------------------------------
-# Programs
-# ------------------------------------------------------------------------
-
-AC_PROG_CC
-AC_PROG_GCC_TRADITIONAL
-AC_PROG_INSTALL
-AC_PROG_MAKE_SET
-AC_PROG_LEX
- if test "$LEX" != flex; then
- AC_MSG_ERROR([monit requires flex, not lex])
- fi
-AC_CHECK_PROGS(YACC, 'bison -y' byacc yacc)
-if test "x$YACC" = "x"; then
- AC_MSG_ERROR([monit requires bison, byacc or yacc])
-fi
-
-# ------------------------------------------------------------------------
-# Libraries
-# ------------------------------------------------------------------------
-
-# Check for libraries
-AC_CHECK_LIB([socket], [socket])
-AC_CHECK_LIB([inet], [socket])
-AC_CHECK_LIB([nsl], [inet_addr])
-AC_CHECK_LIB([resolv], [inet_aton])
-AC_CHECK_LIB([crypt], [crypt])
-
-# Wacky pthread madness
-pthread_libs=""
-AC_CHECK_LIB([pthread],
- [pthread_create],
- [pthread_libs="-lpthread"])
-AC_CHECK_LIB([c_r],
- [pthread_create],
- [pthread_libs="-pthread"])
-if test `uname` = "FreeBSD" -a `uname -r | cut -c1` = "6"
-then
- pthread_libs="-lthr"
-fi
-if test "$pthread_libs"
-then
- LIBS="$pthread_libs $LIBS"
-fi
-
-# ------------------------------------------------------------------------
-# Header files
-# ------------------------------------------------------------------------
-
-# Checks for header files.
-AC_HEADER_STDC
-AC_HEADER_SYS_WAIT
-AC_HEADER_STAT
-AC_HEADER_TIME
-
-AC_CHECK_HEADERS([ \
- alloca.h \
- arpa/inet.h \
- asm/page.h \
- asm/param.h \
- cf.h \
- crt_externs.h \
- ctype.h \
- crypt.h \
- dirent.h \
- errno.h \
- execinfo.h \
- fcntl.h \
- getopt.h \
- glob.h \
- grp.h \
- kvm.h \
- paths.h \
- kstat.h \
- libperfstat.h \
- limits.h \
- loadavg.h \
- locale.h \
- mach/host_info.h \
- mach/mach.h \
- mach/mach_host.h \
- memory.h \
- mntent.h \
- netdb.h \
- sys/socket.h \
- netinet/in.h \
- netinet/in_systm.h \
- pam/pam_appl.h \
- poll.h \
- procfs.h \
- sys/procfs.h \
- procinfo.h \
- pthread.h \
- pwd.h \
- regex.h \
- security/pam_appl.h \
- setjmp.h \
- signal.h \
- stdarg.h \
- stddef.h \
- stdio.h \
- string.h \
- strings.h \
- stropts.h \
- sys/cfgodm.h \
- sys/cfgdb.h \
- sys/dk.h \
- sys/dkstat.h \
- sys/filio.h \
- sys/ioctl.h \
- sys/loadavg.h \
- sys/lock.h \
- sys/mnttab.h \
- sys/mutex.h \
- sys/nlist.h \
- sys/param.h \
- sys/pstat.h \
- sys/queue.h \
- sys/resource.h \
- sys/statfs.h \
- sys/statvfs.h \
- sys/systemcfg.h \
- sys/time.h \
- sys/tree.h \
- sys/types.h \
- sys/un.h \
- sys/utsname.h \
- sys/vmmeter.h \
- sys/vfs.h \
- syslog.h \
- unistd.h \
- uvm/uvm.h \
- uvm/uvm_extern.h \
- vm/vm.h \
- ])
-
-AC_CHECK_HEADERS([ \
- netinet/ip.h \
- ],
- [],
- [],
- [
- #ifdef HAVE_SYS_TYPES_H
- #include <sys/types.h>
- #endif
- #if HAVE_NETINET_IN_SYSTM_H
- #include <netinet/in_systm.h>
- #endif
- #if HAVE_NETINET_IN_SYSTM_H
- #include <netinet/in.h>
- #endif
- ])
-
-AC_CHECK_HEADERS([ \
- net/if.h \
- netinet/ip_icmp.h \
- ],
- [],
- [],
- [
- #ifdef HAVE_SYS_TYPES_H
- #include <sys/types.h>
- #endif
- #if HAVE_SYS_SOCKET_H
- #include <sys/socket.h>
- #endif
- #if HAVE_NETINET_IN_SYSTM_H
- #include <netinet/in.h>
- #endif
- #if HAVE_NETINET_IN_SYSTM_H
- #include <netinet/in_systm.h>
- #endif
- #if HAVE_NETINET_IP_H
- #include <netinet/ip.h>
- #endif
- ])
-
-AC_CHECK_HEADERS([ \
- sys/sysctl.h \
- sys/mount.h \
- sys/proc.h \
- sys/swap.h \
- sys/ucred.h \
- sys/user.h \
- ],
- [],
- [],
- [
- #ifdef HAVE_SYS_PARAM_H
- #include <sys/param.h>
- #endif
- ])
-
-AC_CHECK_HEADERS([ \
- machine/vmparam.h \
- vm/pmap.h \
- machine/pmap.h \
- vm/vm_map.h \
- vm/vm_object.h \
- ],
- [],
- [],
- [
- #ifdef HAVE_SYS_PARAM_H
- #include <sys/param.h>
- #endif
- #ifdef HAVE_SYS_QUEUE_H
- #include <sys/queue.h>
- #endif
- #ifdef HAVE_SYS_LOCK_H
- #include <sys/lock.h>
- #endif
- #ifdef HAVE_SYS_MUTEX_H
- #include <sys/mutex.h>
- #endif
- #ifdef HAVE_VM_VM_H
- #include <vm/vm.h>
- #endif
- #ifdef HAVE_VM_PMAP_H
- #include <vm/pmap.h>
- #endif
- ])
-
-AC_CHECK_HEADERS([ \
- sys/resourcevar.h \
- ],
- [],
- [],
- [
- #ifdef HAVE_SYS_TIME_H
- #include <sys/time.h>
- #endif
- #ifdef HAVE_SYS_RESOURCE_H
- #include <sys/resource.h>
- #endif
- ])
-
-AC_CHECK_HEADERS([ \
- uvm/uvm_map.h \
- uvm/uvm_pmap.h \
- uvm/uvm_object.h \
- ],
- [],
- [],
- [
- #ifdef HAVE_SYS_TIME_H
- #include <sys/time.h>
- #endif
- #ifdef HAVE_SYS_LOCK_H
- #include <sys/lock.h>
- #endif
- #ifdef HAVE_SYS_TREE_H
- #include <sys/tree.h>
- #endif
- #ifdef HAVE_UVM_UVM_EXTERN_H
- #include <uvm/uvm_extern.h>
- #endif
- ])
-
-# Check for types.
-AC_TYPE_MODE_T
-AC_TYPE_PID_T
-AC_TYPE_SIZE_T
-AC_TYPE_PID_T
-AC_TYPE_SIGNAL
-
-# Check for structures.
-AC_STRUCT_TM
-AC_CHECK_MEMBERS([struct tm.tm_gmtoff])
-
-# ------------------------------------------------------------------------
-# Compiler
-# ------------------------------------------------------------------------
-
-# Compiler characteristics
-AC_C_CONST
-AC_C_BIGENDIAN
-
-# If the compiler is gcc, turn on warnings
-if test "x$GCC" = "xyes"; then
- case " $CFLAGS " in
- *[\ \ ]-Wall[\ \ ]*)
- ;;
- *)
- CFLAGS="$CFLAGS -Wall"
- ;;
- esac
-fi
-
-# Checks for library functions.
-AC_FUNC_ERROR_AT_LINE
-AC_FUNC_FORK
-AC_FUNC_MALLOC
-AC_FUNC_STAT
-AC_FUNC_STRFTIME
-AC_CHECK_FUNCS(statfs)
-AC_CHECK_FUNCS(statvfs)
-AC_CHECK_FUNCS(setlocale)
-AC_CHECK_FUNCS(getaddrinfo)
-AC_CHECK_FUNCS(syslog)
-AC_CHECK_FUNCS(vsyslog)
-AC_CHECK_FUNCS(backtrace)
-
-# Check for SOL_IP
-AC_MSG_CHECKING(for SOL_IP)
-AC_TRY_COMPILE([
- #include <netdb.h>
- #include <sys/socket.h>
-], [
- int level = SOL_IP;
-], [
- AC_MSG_RESULT(yes)
- AC_DEFINE([HAVE_SOL_IP], [1], [Define to 1 if SOL_IP is defined.])
-], [
- AC_MSG_RESULT(no)
-])
-
-AC_MSG_CHECKING(for va_copy)
-AC_TRY_LINK([
- #include <stdarg.h>
-], [
- va_list ap;
- va_list ap_copy;
- va_copy(ap, ap_copy);
-], [
- AC_MSG_RESULT(yes)
- AC_DEFINE([HAVE_VA_COPY], [1], [Define to 1 if VA_COPY is defined.])
-], [
- AC_MSG_RESULT(no)
-])
-
-# ------------------------------------------------------------------------
-# Paths
-# ------------------------------------------------------------------------
-
-# Find the right directory to put the root-mode PID file in
-AC_MSG_CHECKING([pid file location])
-if test -d "/var/run"
-then
- piddir="/var/run"
-elif test -d "/etc"
-then
- piddir="/etc"
-fi
-
-AC_DEFINE_UNQUOTED([PIDDIR], "$piddir",
- [Define to the pid storage directory.])
-AC_MSG_RESULT([$piddir])
-
-# Test mounted filesystem description file
-if test -f "/etc/mtab"
-then
- AC_DEFINE([HAVE_MTAB], 1, [Define to 1 if you have /etc/mtab])
-elif test -f "/etc/mnttab"; then
- AC_DEFINE([HAVE_MNTTAB], 1, [Define to 1 if you have /etc/mnttab])
-fi
-
-# ------------------------------------------------------------------------
-# Architecture/OS detection
-# ------------------------------------------------------------------------
-
-# Backward compatibility until we get ride of arch settings
-if test `uname` = "SunOS"
-then
- ARCH="SOLARIS"
- CFLAGS="$CFLAGS -D _REENTRANT -D_POSIX_PTHREAD_SEMANTICS"
- test_kstat="true"
- AC_DEFINE([HAVE_CPU_WAIT], [1], [Define to 1 if CPU wait information is
available.])
-elif test `uname` = "Linux"
-then
- ARCH="LINUX"
- CFLAGS="$CFLAGS -D _REENTRANT"
- LDFLAGS="$LDFLAGS -rdynamic"
- if test `uname -r | awk -F '.' '{print$1$2}'` -ge "26"
- then
- AC_DEFINE([HAVE_CPU_WAIT], [1], [Define to 1 if CPU wait information
is available.])
- fi
-elif test `uname` = "HP-UX"
-then
- ARCH="HPUX"
- CFLAGS="$CFLAGS -D _REENTRANT"
- AC_DEFINE([HAVE_CPU_WAIT], [1], [Define to 1 if CPU wait information is
available.])
-elif test `uname` = "OpenBSD"
-then
- ARCH="OPENBSD"
- CFLAGS="$CFLAGS -D _REENTRANT"
- test_kvm="true"
-elif test `uname` = "FreeBSD"
-then
- ARCH="FREEBSD"
- CFLAGS="$CFLAGS -D _REENTRANT"
- test_kvm="true"
-elif test `uname` = "NetBSD"
-then
- ARCH="NETBSD"
- CFLAGS="$CFLAGS -D _REENTRANT"
- test_kvm="true"
-elif test `uname` = "Darwin"
-then
- ARCH="DARWIN"
- CFLAGS="$CFLAGS -DREENTRANT -no-cpp-precomp -DNEED_SOCKLEN_T_DEFINED"
- test_kvm="true"
- LIBS="$LIBS -framework System -multiply_defined suppress"
-elif test `uname` = "AIX"
-then
- ARCH="AIX"
- CFLAGS="$CFLAGS -D_THREAD_SAFE -D_REENTRANT"
- LIBS="$LIBS -lodm"
- # AIX v. 5.2
- LIBS="$LIBS -lcfg"
- # AIX v. 5.3
- LIBS="$LIBS -lperfstat"
- AC_DEFINE([HAVE_CPU_WAIT], [1], [Define to 1 if CPU wait information is
available.])
-else
- AC_MSG_WARN([Architecture not supported: `uname`.])
- CFLAGS="$CFLAGS -D _REENTRANT"
- ARCH="UNKNOWN"
-fi
-AC_SUBST(ARCH)
-
-# ------------------------------------------------------------------------
-# Resource code
-# ------------------------------------------------------------------------
-
-# Test for kvm libs
-kvm_libs=""
-if test "$test_kvm"; then
- AC_CHECK_LIB([kvm],
- [kvm_open],
- [kvm_libs="-lkvm"])
- if test "$kvm_libs"
- then
- LIBS="$LIBS $kvm_libs"
- fi
-fi
-kstat_libs=""
-if test "$test_kstat"; then
- AC_CHECK_LIB([kstat],
- [kstat_open],
- [kstat_libs="-lkstat"])
- if test "$kstat_libs"
- then
- LIBS="$LIBS $kstat_libs"
- fi
-fi
-
-
-# ------------------------------------------------------------------------
-# Large files code
-# ------------------------------------------------------------------------
-
-# Check if we want to have large files support
-AC_MSG_CHECKING([for large files support])
-AC_ARG_WITH(largefiles,
- [ --without-largefiles disable large files support (default:
enabled)],
- [
- dnl Check the withvalue
- if test "x$withval" = "xno" ; then
- use_largefiles=0
- AC_MSG_RESULT([disabled])
- fi
- if test "x$withval" = "xyes" ; then
- use_largefiles=1
- AC_MSG_RESULT([enabled])
- fi
- ],
- [
- if test `uname` = "AIX"
- then
- use_largefiles=0
- AC_MSG_RESULT([disabled])
- else
- use_largefiles=1
- AC_MSG_RESULT([enabled])
- fi
- ]
-)
-
-# Settings for largefiles support
-if test "$use_largefiles" = 1; then
- if test "$ARCH" = "SOLARIS"; then
- if ! ( echo $CFLAGS | egrep '(64|v9)' >/dev/null 2>&1); then
-
echo "###############################################################################"
- echo "### Solaris requires 64-bit support for large files
and resource monitoring ###"
- echo "###
enabled. ###"
-
echo "###
###"
- echo "### Compile monit with 64-bit support (see PLATFORMS
file for details) ###"
-
echo "###############################################################################"
- AC_MSG_ERROR([Solaris requires 64-bit support for large files and
resource monitoring enabled])
- fi
- fi
- AC_SYS_LARGEFILE
-fi
-
-
-# ------------------------------------------------------------------------
-# PAM Code
-# ------------------------------------------------------------------------
-
-AC_MSG_CHECKING([for PAM support])
-AC_ARG_WITH(pam,
- [ --without-pam disable the use of pam (default: enabled)],
- [
- dnl Check the withvalue
- if test "x$withval" = "xno" ; then
- use_pam=0
- AC_MSG_RESULT([disabled])
- fi
- if test "x$withval" = "xyes" ; then
- use_pam=1
- AC_MSG_RESULT([enabled])
- fi
- ],
- [
- use_pam=1
- AC_MSG_RESULT([enabled])
- ]
-)
-
-if test "$use_pam" = "1"; then
- AC_CHECK_LIB([pam], [pam_start])
-fi
-
-
-# ------------------------------------------------------------------------
-# SSL Code
-# ------------------------------------------------------------------------
-
-# Check for ssl includes (taken from the stunnel project)
-checksslincldir() { :
- if test -f "$1/openssl/ssl.h"; then
- sslincldir="$1"
- return 0
- fi
- return 1
-}
-
-# Check for ssl libraries
-checkssllibdirdynamic() { :
- if test "(" -f "$1/libcrypto.so" -o -f "$1/libcrypto.dylib" ")" -a \
- "(" -f "$1/libssl.so" -o -f "$1/libssl.dylib" ")" ; then
- ssllibdir="$1"
- return 0
- fi
- return 1
-}
-
-checkssllibdirstatic() { :
- if test "(" -f "$1/libcrypto.a" ")" -a \
- "(" -f "$1/libssl.a" ")" ; then
- ssllibdir="$1"
- return 0
- fi
- return 1
-}
-
-# Check if we want to have SSL
-
-AC_MSG_CHECKING([for static SSL support])
-
-AC_ARG_WITH(ssl-static,
- [ --with-ssl-static=DIR location of SSL installation],
- [
- dnl Check the specified location only
- for dir in "$withval" "$withval/include"; do
- checksslincldir "$dir"
- done
- for dir in "$withval" "$withval/lib"; do
- checkssllibdirstatic "$dir" && break 2
- done
- use_sslstatic=1
- LDFLAGS="`echo $LDFLAGS | sed -e 's/-rdynamic/-ldl/g'`"
- AC_MSG_RESULT([enabled])
- AC_DEFINE([HAVE_OPENSSL], 1, [Define to 1 if you have openssl.])
- AC_SUBST(sslincldir)
- AC_SUBST(ssllibdir)
- CFLAGS="$CFLAGS -I$sslincldir"
- LIBS="$LIBS $ssllibdir/libssl.a $ssllibdir/libcrypto.a"
- ],
- [
- use_sslstatic=0
- AC_MSG_RESULT([disabled])
- ]
-)
-
-if test "$use_sslstatic" = "0"
-then
- AC_MSG_CHECKING([for SSL support])
-
- AC_ARG_WITH(ssl,
- [ --without-ssl disable the use of ssl (default:
enabled)],
- [
- dnl Check the withvalue
- if test "x$withval" = "xno" ; then
- use_ssl=0
- AC_MSG_RESULT([disabled])
- fi
- if test "x$withval" = "xyes" ; then
- use_ssl=1
- AC_MSG_RESULT([enabled])
- fi
- ],
- [
- use_ssl=1
- AC_MSG_RESULT([enabled])
- ]
- )
-
-
- # Check for SSL directory (taken from the stunnel project)
- if test "$use_ssl" = "1"; then
-
- AC_ARG_WITH(ssl-dir,
- [ --with-ssl-dir=DIR location of SSL installation],
- [
- dnl Check the specified location only
- for dir in "$withval" "$withval/include"; do
- checksslincldir "$dir"
- done
- for dir in "$withval" "$withval/lib"; do
- checkssllibdirdynamic "$dir" && break 2
- done
- ]
- )
-
- AC_MSG_CHECKING([for SSL include directory])
- AC_ARG_WITH(ssl-incl-dir,
- [ --with-ssl-incl-dir=DIR location of installed SSL include
files],
- [
- dnl Check the specified location only
- checksslincldir "$withval"
- ],
- [
- if test -z "$sslincldir"; then
- dnl Search default locations of SSL includes
- for maindir in /usr /usr/local /usr/lib /usr/pkg /var
/opt /usr/sfw; do
- for dir in "$maindir/include"\
- "$maindir/include/openssl"\
- "$maindir/include/ssl"\
- "$maindir/ssl/include"; do
- checksslincldir $dir && break 2
- done
- done
- fi
- ]
- )
- if test -z "$sslincldir"; then
- AC_MSG_RESULT([Not found])
- echo
- echo "Couldn't find your SSL header files."
- echo "Use --with-ssl-incl-dir option to fix this problem or
disable"
- echo "the SSL support with --without-ssl"
- echo
- exit 1
- fi
- AC_MSG_RESULT([$sslincldir])
-
- AC_MSG_CHECKING([for SSL library directory])
- AC_ARG_WITH(ssl-lib-dir,
- [ --with-ssl-lib-dir=DIR location of installed SSL library
files],
- [
- dnl Check the specified location only
- checkssllibdirdynamic "$withval"
- ],
- [
- if test -z "$ssllibdir"; then
- dnl Search default locations of SSL libraries
- for maindir in /usr \
- /usr/local \
- /usr/pkg \
- /var /opt \
- /usr/sfw; do
- for dir in $maindir \
- $maindir/openssl \
- $maindir/ssl \
- $maindir/lib \
- $maindir/lib/openssl \
- $maindir/lib/ssl \
- $maindir/ssl/lib \
- $maindir/lib/64 \
- $maindir/lib/64/openssl \
- $maindir/lib/64/ssl \
- $maindir/ssl/lib/64 \
- $maindir/lib64 \
- $maindir/lib64/openssl \
- $maindir/lib64/ssl \
- $maindir/ssl/lib64; do
- checkssllibdirdynamic $dir && break 2
- done
- done
- fi
- ]
- )
- if test -z "$ssllibdir"; then
- AC_MSG_RESULT([Not found])
- echo
- echo "Couldn't find your SSL library files."
- echo "Use --with-ssl-lib-dir option to fix this problem or
disable the"
- echo "SSL support with --without-ssl"
- echo
- exit 1
- fi
- AC_MSG_RESULT([$ssllibdir])
-
- AC_DEFINE([HAVE_OPENSSL], 1, [Define to 1 if you have openssl.])
- AC_SUBST(sslincldir)
- AC_SUBST(ssllibdir)
- fi
-
- # Add SSL includes and libraries
- if test "$sslincldir" -a "$ssllibdir"
- then
- if test "x$ARCH" = "xDARWIN"; then
- # Darwin already knows about ssldirs
- LIBS="$LIBS -lssl -lcrypto"
- elif test -f "/usr/kerberos/include/krb5.h"; then
- # Redhat 9 compilation fix:
- CFLAGS="$CFLAGS -I$sslincldir -I/usr/kerberos/include"
- LIBS="$LIBS -L$ssllibdir -lssl -lcrypto"
- else
- CFLAGS="$CFLAGS -I$sslincldir"
- LIBS="$LIBS -L$ssllibdir -lssl -lcrypto"
- fi
- fi
-fi
-
-# ------------------------------------------------------------------------
-# Outputs
-# ------------------------------------------------------------------------
-
-AC_CONFIG_HEADER([config.h])
-AC_CONFIG_FILES([Makefile])
-AC_OUTPUT
-
-echo ""
-echo "monit has been configured with the following options:"
-
-echo " Architecture: ${ARCH}"
-if test "$use_pam" = "1"; then
- echo " PAM support: enabled"
-else
- echo " PAM support: disabled"
-fi
-if test "$use_sslstatic" = "1" -o "$use_ssl" = "1"; then
- echo " SSL support: enabled"
- echo " SSL include directory: ${sslincldir}"
- echo " SSL library directory: ${ssllibdir}"
-else
- echo " SSL support: disabled"
-fi
-if test "$use_largefiles" = "1"; then
- echo " large files support: enabled"
-else
- echo " large files support: disabled"
-fi
-echo " Compiler flags: ${CFLAGS}"
-echo " Linker flags: ${LIBS}"
-echo " pid file location: ${piddir}"
-echo
=======================================
--- /trunk/control.c Wed Jun 8 06:21:51 2011
+++ /dev/null
@@ -1,510 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "monitor.h"
-#include "net.h"
-#include "socket.h"
-#include "event.h"
-
-
-/**
- * Methods for controlling services managed by monit.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Rory Toma, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static void do_start(Service_T);
-static int do_stop(Service_T);
-static void do_monitor(Service_T);
-static void do_unmonitor(Service_T);
-static void wait_start(Service_T);
-static int wait_stop(Service_T);
-static void do_depend(Service_T, int);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Pass on to methods in http/cervlet.c to start/stop services
- * @param S A service name as stated in the config file
- * @param action A string describing the action to execute
- * @return FALSE for error, otherwise TRUE
- */
-int control_service_daemon(const char *S, const char *action) {
- int rv = FALSE;
- int status, content_length = 0;
- Socket_T s;
- char *auth;
- char buf[STRLEN];
-
- ASSERT(S);
- ASSERT(action);
-
- if (Util_getAction(action) == ACTION_IGNORE) {
- LogError("%s: Cannot %s service '%s' -- invalid action %s\n", prog,
action, S, action);
- return FALSE;
- }
-
- s = socket_new(Run.bind_addr ? Run.bind_addr : "localhost",
Run.httpdport, SOCKET_TCP, Run.httpdssl, NET_TIMEOUT);
- if (!s) {
- LogError("%s: Cannot connect to the monit daemon. Did you start it
with http support?\n", prog);
- return FALSE;
- }
-
- /* Send request */
- auth = Util_getBasicAuthHeaderMonit();
- if (socket_print(s,
- "POST /%s HTTP/1.0\r\n"
- "Content-Type: application/x-www-form-urlencoded\r\n"
- "Content-Length: %d\r\n"
- "%s"
- "\r\n"
- "action=%s",
- S,
- strlen("action=") + strlen(action),
- auth ? auth : "",
- action) < 0) {
- LogError("%s: Cannot send the command '%s' to the monit daemon -- %s",
prog, action ? action : "null", STRERROR);
- goto err1;
- }
-
- /* Process response */
- if (! socket_readln(s, buf, STRLEN)) {
- LogError("%s: error receiving data -- %s\n", prog, STRERROR);
- goto err1;
- }
- Util_chomp(buf);
- if (! sscanf(buf, "%*s %d", &status)) {
- LogError("%s: cannot parse status in response: %s\n", prog, buf);
- goto err1;
- }
- if (status >= 300) {
- char *message = NULL;
-
- /* Skip headers */
- while (socket_readln(s, buf, STRLEN)) {
- if (! strncmp(buf, "\r\n", sizeof(buf)))
- break;
- if(Util_startsWith(buf, "Content-Length") && ! sscanf(buf, "%*s%*[:
]%d", &content_length))
- goto err1;
- }
- if (content_length > 0 && content_length < 1024 && socket_readln(s,
buf, STRLEN)) {
- char token[] = "</h2>";
- char *p = strstr(buf, token);
-
- if (strlen(p) <= strlen(token))
- goto err2;
- p += strlen(token);
- message = xcalloc(sizeof(unsigned char), content_length + 1);
- snprintf(message, content_length + 1, "%s", p);
- p = strstr(message, "<p>");
- if (p)
- *p = 0;
- }
-err2:
- LogError("%s: action failed -- %s\n", prog, message ?
message : "unable to parse response");
- FREE(message);
- } else
- rv = TRUE;
-err1:
- FREE(auth);
- socket_free(&s);
-
- return rv;
-}
-
-
-/**
- * Check to see if we should try to start/stop service
- * @param S A service name as stated in the config file
- * @param A A string describing the action to execute
- * @return FALSE for error, otherwise TRUE
- */
-int control_service_string(const char *S, const char *A) {
- int a;
-
- ASSERT(S);
- ASSERT(A);
-
- if ((a = Util_getAction(A)) == ACTION_IGNORE) {
- LogError("%s: service '%s' -- invalid action %s\n", prog, S, A);
- return FALSE;
- }
- return control_service(S, a);
-}
-
-
-/**
- * Check to see if we should try to start/stop service
- * @param S A service name as stated in the config file
- * @param A An action id describing the action to execute
- * @return FALSE for error, otherwise TRUE
- */
-int control_service(const char *S, int A) {
- Service_T s = NULL;
-
- ASSERT(S);
-
- if (! (s = Util_getService(S))) {
- LogError("%s: service '%s' -- doesn't exist\n", prog, S);
- return FALSE;
- }
-
- switch(A) {
-
- case ACTION_START:
- if (s->type == TYPE_PROCESS) {
- if (Util_isProcessRunning(s, FALSE)) {
- DEBUG("%s: Process already running -- process %s\n", prog, S);
- Util_monitorSet(s);
- return TRUE;
- }
- if (!s->start) {
- LogError("%s: Start method not defined -- process %s\n", prog,
S);
- Util_monitorSet(s);
- return FALSE;
- }
- }
- do_depend(s, ACTION_STOP);
- do_start(s);
- do_depend(s, ACTION_START);
- break;
-
- case ACTION_STOP:
- if (s->type == TYPE_PROCESS && !s->stop) {
- LogError("%s: Stop method not defined -- process %s\n", prog, S);
- Util_monitorUnset(s);
- return FALSE;
- }
- /* soft unmonitor and stop: */
- do_depend(s, ACTION_STOP);
- do_stop(s);
- /* hard unmonitor - will reset all counters and flags: */
- do_depend(s, ACTION_UNMONITOR);
- do_unmonitor(s);
- break;
-
- case ACTION_RESTART:
- if (s->type == TYPE_PROCESS && (!s->start || !s->stop)) {
- LogError("%s: Start or stop method not defined -- process %s\n",
prog, S);
- Util_monitorSet(s);
- return FALSE;
- }
- LogInfo("'%s' trying to restart\n", s->name);
- do_depend(s, ACTION_STOP);
- if (do_stop(s)) {
- /* Only start if stop succeeded */
- do_start(s);
- do_depend(s, ACTION_START);
- } else {
- /* enable monitoring of this service again to allow the restart
retry
- * in the next cycle up to timeout limit */
- Util_monitorSet(s);
- }
- break;
-
- case ACTION_MONITOR:
- /* We only enable monitoring of this service and all prerequisite
- * services. Chain of services which depends on this service keep
- * its state */
- do_monitor(s);
- break;
-
- case ACTION_UNMONITOR:
- /* We disable monitoring of this service and all services which
- * depends on it */
- do_depend(s, ACTION_UNMONITOR);
- do_unmonitor(s);
- break;
-
- default:
- LogError("%s: service '%s' -- invalid action %s\n", prog, S, A);
- return FALSE;
- }
- return TRUE;
-}
-
-
-/*
- * Reset the visited flags used when handling dependencies
- */
-void reset_depend() {
- Service_T s;
-
- for (s = servicelist; s; s = s->next) {
- s->visited = FALSE;
- s->depend_visited = FALSE;
- }
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/*
- * This is a post- fix recursive function for starting every service
- * that s depends on before starting s.
- * @param s A Service_T object
- */
-static void do_start(Service_T s) {
- ASSERT(s);
-
- if (s->visited)
- return;
-
- s->visited = TRUE;
-
- if (s->dependantlist) {
- Dependant_T d;
-
- for (d = s->dependantlist; d; d = d->next ) {
- Service_T parent = Util_getService(d->dependant);
- ASSERT(parent);
- do_start(parent);
- }
- }
-
- if (s->start && (s->type!=TYPE_PROCESS || !Util_isProcessRunning(s,
FALSE))) {
- LogInfo("'%s' start: %s\n", s->name, s->start->arg[0]);
- spawn(s, s->start, NULL);
- /* We only wait for a process type, other service types does not have
a pid file to watch */
- if (s->type == TYPE_PROCESS)
- wait_start(s);
- }
- Util_monitorSet(s);
-}
-
-
-/*
- * This function simply stops the service p.
- * @param s A Service_T object
- * @return TRUE if the service was stopped otherwise FALSE
- */
-static int do_stop(Service_T s) {
- ASSERT(s);
-
- if (s->depend_visited)
- return TRUE;
-
- s->depend_visited = TRUE;
-
- /* do soft unmonitor - start counter and error state is kept */
- if (s->monitor != MONITOR_NOT) {
- s->monitor = MONITOR_NOT;
- DEBUG("Monitoring disabled -- service %s\n", s->name);
- }
-
- if (s->stop && (s->type!=TYPE_PROCESS || Util_isProcessRunning(s,
FALSE))) {
- LogInfo("'%s' stop: %s\n", s->name, s->stop->arg[0]);
- spawn(s, s->stop, NULL);
- if (s->type == TYPE_PROCESS) {
- /* Only wait for process service types */
- if (!wait_stop(s))
- return FALSE;
- }
- }
- Util_resetInfo(s);
-
- return TRUE;
-}
-
-
-/*
- * This is a post- fix recursive function for enabling monitoring every
service
- * that s depends on before monitor s.
- * @param s A Service_T object
- */
-static void do_monitor(Service_T s) {
- ASSERT(s);
-
- if (s->visited)
- return;
-
- s->visited = TRUE;
-
- if (s->dependantlist) {
- Dependant_T d;
-
- for (d = s->dependantlist; d; d = d->next ) {
- Service_T parent = Util_getService(d->dependant);
- ASSERT(parent);
- do_monitor(parent);
- }
- }
- Util_monitorSet(s);
-}
-
-
-/*
- * This is a function for disabling monitoring
- * @param s A Service_T object
- */
-static void do_unmonitor(Service_T s) {
- ASSERT(s);
-
- if (s->depend_visited)
- return;
-
- s->depend_visited = TRUE;
- Util_monitorUnset(s);
-}
-
-
-/*
- * This is an in-fix recursive function called before s is started to
- * stop every service that depends on s, in reverse order *or* after s
- * was started to start again every service that depends on s. The
- * action parametere controls if this function should start or stop
- * the procceses that depends on s.
- * @param s A Service_T object
- * @param action An action to do on the dependant services
- */
-static void do_depend(Service_T s, int action) {
- Service_T child;
-
- ASSERT(s);
-
- for (child = servicelist; child; child = child->next) {
- if (child->dependantlist) {
- Dependant_T d;
-
- for (d = child->dependantlist; d; d = d->next) {
- if (IS(d->dependant, s->name)) {
- if (action == ACTION_START)
- do_start(child);
- else if (action == ACTION_MONITOR)
- do_monitor(child);
- do_depend(child, action);
- if (action == ACTION_STOP)
- do_stop(child);
- else if (action == ACTION_UNMONITOR)
- do_unmonitor(child);
- break;
- }
- }
- }
- }
-}
-
-
-/*
- * This function runs in its own thread and waits for the service to
- * start running. If the service did not start a failed event is
- * posted to notify the user.
- * @param service A Service to wait for
- */
-static void wait_start(Service_T s) {
- int isrunning = FALSE;
- time_t timeout = time(NULL) + s->start->timeout;
-
- ASSERT(s);
-
- while ((time(NULL) < timeout) && !Run.stopped) {
- if ((isrunning = Util_isProcessRunning(s, TRUE)))
- break;
- Util_usleep(5000);
- }
-
- if (! isrunning)
- Event_post(s, Event_Exec, STATE_FAILED, s->action_EXEC, "failed to
start");
- else
- Event_post(s, Event_Exec, STATE_SUCCEEDED, s->action_EXEC, "started");
-}
-
-
-/*
- * This function waits for the service to stop running. If the service
- * did not stop a failed event is posted to notify the user. This
- * function does purposefully not run in its own thread because, if we
- * did a restart we need to know if we successfully managed to stop
- * the service first before we can do a start.
- * @param service A Service to wait for
- * @return TRUE if the service was stopped otherwise FALSE
- */
-static int wait_stop(Service_T s) {
- int isrunning = TRUE;
- time_t timeout = time(NULL) + s->stop->timeout;
-
- ASSERT(s);
-
- while ((time(NULL) < timeout) && !Run.stopped) {
- if (! (isrunning = Util_isProcessRunning(s, TRUE)))
- break;
- Util_usleep(5000);
- }
-
- if (isrunning) {
- Event_post(s, Event_Exec, STATE_FAILED, s->action_EXEC, "failed to
stop");
- return FALSE;
- } else {
- Event_post(s, Event_Exec, STATE_SUCCEEDED, s->action_EXEC, "stopped");
- }
-
- return TRUE;
-}
-
=======================================
--- /trunk/daemonize.c Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,203 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#include "monitor.h"
-
-
-/**
- * Transform this program into a daemon and provide methods for
- * managing the daemon.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Transform a program into a daemon. Inspired by code from Stephen
- * A. Rago's book, Unix System V Network Programming.
- */
-void daemonize() {
-
- pid_t pid;
-
- /*
- * Clear file creation mask
- */
- umask(0);
-
- /*
- * Become a session leader to lose our controlling terminal
- */
- if((pid= fork ()) < 0) {
-
- LogError("Cannot fork of a new process\n");
- exit (1);
-
- }
- else if(pid != 0) {
-
- _exit(0);
-
- }
-
- setsid();
-
- if((pid= fork ()) < 0) {
-
- LogError("Cannot fork of a new process\n");
- exit (1);
-
- }
- else if(pid != 0) {
-
- _exit(0);
-
- }
-
-
- /*
- * Change current directory to the root so that other file systems
- * can be unmounted while we're running
- */
- if(chdir("/") < 0) {
-
- LogError("Cannot chdir to / -- %s\n", STRERROR);
- exit(1);
-
- }
-
- /*
- * Attach standard descriptors to /dev/null. Other descriptors
- * should be closed in env.c
- */
- Util_redirectStdFds();
-
-}
-
-
-/**
- * Send signal to a daemon process
- * @param sig Signal to send daemon to
- * @return TRUE if signal was send, otherwise FALSE
- */
-int kill_daemon(int sig) {
-
- pid_t pid;
-
- if ( (pid= exist_daemon()) > 0 ) {
-
- if ( kill(pid, sig) < 0 ) {
-
- LogError("%s: Cannot send signal to daemon process -- %s\n",
- prog, STRERROR);
- return FALSE;
-
- }
-
- } else {
-
- LogInfo("%s: No daemon process found\n", prog);
- return TRUE;
-
- }
-
- if(sig == SIGTERM) {
-
- fprintf(stdout, "%s daemon with pid [%d] killed\n", prog, (int)pid);
- fflush(stdout);
-
- }
-
- return TRUE;
-
-}
-
-
-/**
- * @return TRUE (i.e. the daemons pid) if a daemon process is running,
- * otherwise FALSE
- */
-int exist_daemon() {
-
- pid_t pid;
-
- errno= 0;
-
- if( (pid= Util_getPid(Run.pidfile)) )
- if( (getpgid(pid)) > -1 || (errno == EPERM) )
- return( (int)pid );
-
- return(FALSE);
-
-}
-
=======================================
--- /trunk/doxygen.cfg Thu Jun 4 12:28:53 2009
+++ /dev/null
@@ -1,163 +0,0 @@
-# Doxyfile 0.1
-
-#---------------------------------------------------------------------------
-# General configuration options
-#---------------------------------------------------------------------------
-PROJECT_NAME = "monit source"
-PROJECT_NUMBER = "release @VERSION@"
-OUTPUT_DIRECTORY = doc/api-docs
-OUTPUT_LANGUAGE = English
-EXTRACT_ALL = YES
-EXTRACT_PRIVATE = NO
-EXTRACT_STATIC = NO
-HIDE_UNDOC_MEMBERS = NO
-HIDE_UNDOC_CLASSES = NO
-BRIEF_MEMBER_DESC = YES
-REPEAT_BRIEF = YES
-ALWAYS_DETAILED_SEC = YES
-FULL_PATH_NAMES = NO
-STRIP_FROM_PATH =
-INTERNAL_DOCS = NO
-CLASS_DIAGRAMS = NO
-SOURCE_BROWSER = YES
-INLINE_SOURCES = NO
-STRIP_CODE_COMMENTS = YES
-CASE_SENSE_NAMES = YES
-SHORT_NAMES = NO
-HIDE_SCOPE_NAMES = NO
-VERBATIM_HEADERS = YES
-SHOW_INCLUDE_FILES = NO
-JAVADOC_AUTOBRIEF = YES
-INHERIT_DOCS = NO
-INLINE_INFO = YES
-SORT_MEMBER_DOCS = YES
-DISTRIBUTE_GROUP_DOC = YES
-TAB_SIZE = 4
-ENABLED_SECTIONS = YES
-GENERATE_TODOLIST = NO
-GENERATE_TESTLIST = NO
-GENERATE_BUGLIST = NO
-ALIASES =
-MAX_INITIALIZER_LINES = 30
-OPTIMIZE_OUTPUT_FOR_C = YES
-SHOW_USED_FILES = YES
-#---------------------------------------------------------------------------
-# configuration options related to warning and progress messages
-#---------------------------------------------------------------------------
-QUIET = NO
-WARNINGS = YES
-WARN_IF_UNDOCUMENTED = YES
-WARN_FORMAT = "$file:$line: $text"
-WARN_LOGFILE =
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-INPUT = .
-
-FILE_PATTERNS = *.c \
- *.h
-RECURSIVE = YES
-EXCLUDE =
-EXCLUDE_PATTERNS =
-EXAMPLE_PATH =
-EXAMPLE_PATTERNS =
-IMAGE_PATH =
-INPUT_FILTER =
-FILTER_SOURCE_FILES = NO
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-ALPHABETICAL_INDEX = YES
-COLS_IN_ALPHA_INDEX = 5
-IGNORE_PREFIX =
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-GENERATE_HTML = YES
-HTML_OUTPUT = .
-HTML_HEADER =
-HTML_FOOTER = bottom
-HTML_STYLESHEET =
-HTML_ALIGN_MEMBERS = YES
-GENERATE_HTMLHELP = NO
-GENERATE_CHI = NO
-BINARY_TOC = NO
-TOC_EXPAND = NO
-DISABLE_INDEX = YES
-ENUM_VALUES_PER_LINE = 4
-GENERATE_TREEVIEW = YES
-TREEVIEW_WIDTH = 200
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-GENERATE_LATEX = NO
-LATEX_OUTPUT = latex
-COMPACT_LATEX = NO
-PAPER_TYPE = a4wide
-EXTRA_PACKAGES =
-LATEX_HEADER =
-PDF_HYPERLINKS = NO
-USE_PDFLATEX = NO
-LATEX_BATCHMODE = NO
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-GENERATE_RTF = NO
-RTF_OUTPUT = rtf
-COMPACT_RTF = NO
-RTF_HYPERLINKS = NO
-RTF_STYLESHEET_FILE =
-RTF_EXTENSIONS_FILE =
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-GENERATE_MAN = NO
-MAN_OUTPUT = man
-MAN_EXTENSION = .3
-MAN_LINKS = NO
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-GENERATE_XML = NO
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-ENABLE_PREPROCESSING = YES
-MACRO_EXPANSION = NO
-EXPAND_ONLY_PREDEF = NO
-SEARCH_INCLUDES = YES
-INCLUDE_PATH =
-INCLUDE_FILE_PATTERNS =
-PREDEFINED =
-EXPAND_AS_DEFINED =
-#---------------------------------------------------------------------------
-# Configuration::addtions related to external references
-#---------------------------------------------------------------------------
-TAGFILES =
-GENERATE_TAGFILE =
-ALLEXTERNALS = NO
-PERL_PATH = /usr/bin/perl
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-HAVE_DOT = NO
-CLASS_GRAPH = YES
-COLLABORATION_GRAPH = YES
-INCLUDE_GRAPH = YES
-INCLUDED_BY_GRAPH = YES
-GRAPHICAL_HIERARCHY = YES
-DOT_PATH =
-MAX_DOT_GRAPH_WIDTH = 1024
-MAX_DOT_GRAPH_HEIGHT = 1024
-GENERATE_LEGEND = YES
-DOT_CLEANUP = YES
-#---------------------------------------------------------------------------
-# Configuration::addtions related to the search engine
-#---------------------------------------------------------------------------
-SEARCHENGINE = NO
-CGI_NAME = search.cgi
-CGI_URL =
-DOC_URL =
-DOC_ABSPATH =
-BIN_ABSPATH = /usr/local/bin/
-EXT_DOC_PATHS =
=======================================
--- /trunk/env.c Tue Mar 8 01:32:09 2011
+++ /dev/null
@@ -1,225 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_CRT_EXTERNS_H
-#include <crt_externs.h>
-#endif
-
-#include "monitor.h"
-
-#ifndef MAXPATHLEN
-#define MAXPATHLEN STRLEN
-#endif
-
-#ifdef DARWIN
-#define environ (*_NSGetEnviron())
-#endif
-
-/* Private prototypes */
-static void set_sandbox(void);
-static void set_environment(void);
-
-/**
- * Setup this program for safer exec, and set required runtime
- * "environment" variables.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Initialize the program environment
- */
-void init_env() {
-
- /* Setup for safe(r) exec */
- set_sandbox();
-
- /* Setup program environment */
- set_environment();
-
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/**
- * DESCRIPTION
- * This code was originally posted by Wietse Venema, years ago, in
- * a discussion on news on how to create safe suid wrappers. For
- * those interested in NNTP archeology, here's the post:
- *
- * Article 5648 of comp.security.unix:
- * From: address@hidden (Wietse Venema)
- * Newsgroups: comp.security.unix
- * Subject: Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994
- * Date: 18 May 1994 07:52:05 +0200
- * Organization: Eindhoven University of Technology, The Netherlands
- * Lines: 68
- *
- * address@hidden (H. Milton Johnson) writes:
- * >OK, I admit it, I'm a totally incompetent sysadmin because I am not
- * >sure I could write a bullet-proof setuid wrapper. However, if one of
- * >the competent sysadmins subscribing to this group could post or point
- * >the way to an example of a bullet- proof setuid wrapper, I'm sure that
- * >I could use it as a template to address this/future/other problems.
- *
- * Ok, here is a first stab. Perhaps we can make this into a combined
- * effort and get rid of the problem once and for all.
- *
- * Wietse
- *
- * [code - see the function below, only marginally changed to suit monit]
- *
- * @author Wietse Venema <address@hidden>
- *
- */
-static void set_sandbox(void) {
-
- int i = 0;
- struct stat st;
- extern char **environ;
- char *path = "PATH=/bin:/usr/bin:/sbin:/usr/sbin";
- char *tz;
-
- /*
- * Purge the environment, but keep the TZ variable as the time.h family
depends on it at least on AIX
- */
- for (tz = environ[0]; tz; tz = environ[++i]) {
- if (! strncasecmp(tz, "TZ=", 3)) {
- environ[0] = tz;
- environ[1] = 0;
- break;
- }
- }
- if (! tz)
- environ[0] = 0;
-
- if (putenv(path)) {
- LogError("%s: cannot set the PATH variable -- %s\n", prog, STRERROR);
- exit(1);
- }
-
- /*
- * Require that file descriptors 0,1,2 are open. Mysterious things
- * can happen if that is not the case.
- */
- for(i= 0; i < 3; i++) {
-
- if(fstat(i, &st) == -1 && open("/dev/null", O_RDWR) != i) {
-
- LogError("Cannot open /dev/null -- %s\n", STRERROR);
- exit(1);
-
- }
-
- }
-
- Util_closeFds();
-
-}
-
-
-/**
- * Get and set required runtime "environment" variables.
- */
-static void set_environment(void) {
-
- struct passwd *pw;
-
- /* Get password struct */
- if ( ! (pw= getpwuid(geteuid())) ) {
- LogError("%s: You don't exist. Go away.\n", prog);
- exit(1);
- }
- Run.Env.home= xstrdup(pw->pw_dir);
- Run.Env.user= xstrdup(pw->pw_name);
-
- /* Get CWD */
- Run.Env.cwd= xcalloc(sizeof(char), MAXPATHLEN+1);
- if ( ! (getcwd(Run.Env.cwd, MAXPATHLEN)) ) {
- LogError("%s: Cannot read current directory -- %s\n", prog, STRERROR);
- exit(1);
- }
-
- /*
- * Save and clear the file creation mask
- */
- Run.umask= umask(0);
-
-}
-
=======================================
--- /trunk/event.c Wed Mar 23 14:34:11 2011
+++ /dev/null
@@ -1,861 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include "config.h"
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-
-#include "monitor.h"
-#include "alert.h"
-#include "event.h"
-#include "process.h"
-
-
-/**
- * Implementation of the event interface.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala <address@hidden>
- * @file
- */
-
-
-/* -------------------------------------------------------------
Definitions */
-
-EventTable_T Event_Table[]= {
- {Event_Action, "Action done", "Action
done", "Action done", "Action done"},
- {Event_Checksum, "Checksum failed", "Checksum
succeeded", "Checksum changed", "Checksum not changed"},
- {Event_Connection, "Connection failed", "Connection
succeeded", "Connection changed", "Connection not changed"},
- {Event_Content, "Content failed", "Content
succeeded", "Content match", "Content doesn't match"},
- {Event_Data, "Data access error", "Data access
succeeded", "Data access changed", "Data access not changed"},
- {Event_Exec, "Execution failed", "Execution
succeeded", "Execution changed", "Execution not changed"},
- {Event_Fsflag, "Filesystem flags failed", "Filesystem flags
succeeded", "Filesystem flags changed", "Filesystem flags not changed"},
- {Event_Gid, "GID failed", "GID
succeeded", "GID changed", "GID not changed"},
- {Event_Heartbeat, "Heartbeat failed", "Heartbeat
succeeded", "Heartbeat changed", "Heartbeat not changed"},
- {Event_Icmp, "ICMP failed", "ICMP
succeeded", "ICMP changed", "ICMP not changed"},
- {Event_Instance, "Monit instance failed", "Monit instance
succeeded", "Monit instance changed", "Monit instance not changed"},
- {Event_Invalid, "Invalid type", "Type
succeeded", "Type changed", "Type not changed"},
- {Event_Nonexist, "Does not
exist", "Exists", "Existence
changed", "Existence not changed"},
- {Event_Permission, "Permission failed", "Permission
succeeded", "Permission changed", "Permission not changed"},
- {Event_Pid, "PID failed", "PID
succeeded", "PID changed", "PID not changed"},
- {Event_PPid, "PPID failed", "PPID
succeeded", "PPID changed", "PPID not changed"},
- {Event_Resource, "Resource limit matched", "Resource limit
succeeded", "Resource limit changed", "Resource limit not changed"},
- {Event_Size, "Size failed", "Size
succeeded", "Size changed", "Size not changed"},
- {Event_Timeout, "Timeout", "Timeout
recovery", "Timeout changed", "Timeout not changed"},
- {Event_Timestamp, "Timestamp failed", "Timestamp
succeeded", "Timestamp changed", "Timestamp not changed"},
- {Event_Uid, "UID failed", "UID
succeeded", "UID changed", "UID not changed"},
- /* Virtual events */
- {Event_Null, "No Event", "No
Event", "No Event", "No Event"}
-};
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static void handle_event(Event_T);
-static void handle_action(Event_T, Action_T);
-static void Event_queue_add(Event_T);
-static void Event_queue_update(Event_T, const char *);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Post a new Event
- * @param service The Service the event belongs to
- * @param id The event identification
- * @param state The event state
- * @param action Description of the event action
- * @param s Optional message describing the event
- */
-void Event_post(Service_T service, long id, short state, EventAction_T
action, char *s, ...) {
- Event_T e;
-
- ASSERT(service);
- ASSERT(action);
- ASSERT(state == STATE_FAILED || state == STATE_SUCCEEDED || state ==
STATE_CHANGED || state == STATE_CHANGEDNOT);
-
- if ((e = service->eventlist) == NULL) {
- /* Only first failed/changed event can initialize the queue for given
event type,
- * thus succeeded events are ignored until first error. */
- if (state == STATE_SUCCEEDED || state == STATE_CHANGEDNOT)
- return;
-
- /* Initialize event list and add first event. The manadatory
informations
- * are cloned so the event is as standalone as possible and may be
saved
- * to the queue without the dependency on the original service, thus
- * persistent and managable across monit restarts */
- NEW(e);
- e->id = id;
- gettimeofday(&e->collected, NULL);
- e->source = xstrdup(service->name);
- e->mode = service->mode;
- e->type = service->type;
- e->state = STATE_INIT;
- e->state_map = 1;
- e->action = action;
- if (s) {
- long l;
- va_list ap;
-
- va_start(ap, s);
- e->message = Util_formatString(s, ap, &l);
- va_end(ap);
- }
- service->eventlist = e;
- } else {
- /* Try to find the event with the same origin and type identification.
- * Each service and each test have its own custom actions object, so
- * we share actions object address to identify event source. */
- do {
- if (e->action == action && e->id == id) {
- gettimeofday(&e->collected, NULL);
-
- /* Shift the existing event flags to the left
- * and set the first bit based on actual state */
- e->state_map <<= 1;
- e->state_map |= ((state == STATE_SUCCEEDED || state ==
STATE_CHANGEDNOT) ? 0 : 1);
-
- /* Update the message */
- if (s) {
- long l;
- va_list ap;
-
- FREE(e->message);
- va_start(ap, s);
- e->message = Util_formatString(s, ap, &l);
- va_end(ap);
- }
- break;
- }
- e = e->next;
- } while (e);
-
- if (!e) {
- /* Only first failed/changed event can initialize the queue for
given event type,
- * thus succeeded events are ignored until first error. */
- if (state == STATE_SUCCEEDED || state == STATE_CHANGEDNOT)
- return;
-
- /* Event was not found in the pending events list, we will add it.
- * The manadatory informations are cloned so the event is as
standalone
- * as possible and may be saved to the queue without the dependency
on
- * the original service, thus persistent and managable across monit
- * restarts */
- NEW(e);
- e->id = id;
- gettimeofday(&e->collected, NULL);
- e->source = xstrdup(service->name);
- e->mode = service->mode;
- e->type = service->type;
- e->state = STATE_INIT;
- e->state_map = 1;
- e->action = action;
- if (s) {
- long l;
- va_list ap;
-
- va_start(ap, s);
- e->message = Util_formatString(s, ap, &l);
- va_end(ap);
- }
- e->next = service->eventlist;
- service->eventlist = e;
- }
- }
-
- e->state_changed = Event_check_state(e, state);
-
- /* In the case that the state changed, update it and reset the counter */
- if (e->state_changed) {
- e->state = state;
- e->count = 1;
- } else
- e->count++;
-
- handle_event(e);
-}
-
-
-/* --------------------------------------------------------------
Properties */
-
-
-/**
- * Get the Service where the event orginated
- * @param E An event object
- * @return The Service where the event orginated
- */
-Service_T Event_get_source(Event_T E) {
- Service_T s = NULL;
-
- ASSERT(E);
-
- if (!(s = Util_getService(E->source)))
- LogError("Service %s not found in monit configuration\n", E->source);
-
- return s;
-}
-
-
-/**
- * Get the Service name where the event orginated
- * @param E An event object
- * @return The Service name where the event orginated
- */
-char *Event_get_source_name(Event_T E) {
- ASSERT(E);
- return (E->source);
-}
-
-
-/**
- * Get the service type of the service where the event orginated
- * @param E An event object
- * @return The service type of the service where the event orginated
- */
-int Event_get_source_type(Event_T E) {
- ASSERT(E);
- return (E->type);
-}
-
-
-/**
- * Get the Event timestamp
- * @param E An event object
- * @return The Event timestamp
- */
-struct timeval *Event_get_collected(Event_T E) {
- ASSERT(E);
- return &E->collected;
-}
-
-
-/**
- * Get the Event raw state
- * @param E An event object
- * @return The Event raw state
- */
-short Event_get_state(Event_T E) {
- ASSERT(E);
- return E->state;
-}
-
-
-/**
- * Return the actual event state based on event state bitmap
- * and event ratio needed to trigger the state change
- * @param E An event object
- * @param S Actual posted state
- * @return The Event raw state
- */
-short Event_check_state(Event_T E, short S) {
- int i;
- int count = 0;
- short state = (S == STATE_SUCCEEDED || S == STATE_CHANGEDNOT) ? 0 :
1; /* translate to 0/1 class */
- Action_T action;
- Service_T service;
- long long flag;
-
- ASSERT(E);
-
- if (!(service = Event_get_source(E)))
- return TRUE;
-
- /* Only true failed/changed state condition can change the initial state
*/
- if (!state && E->state == STATE_INIT && !(service->error & E->id))
- return FALSE;
-
- action = !state ? E->action->succeeded : E->action->failed;
-
- /* Compare as many bits as cycles able to trigger the action */
- for (i = 0; i < action->cycles; i++) {
- /* Check the state of the particular cycle given by the bit position */
- flag = (E->state_map >> i) & 0x1;
-
- /* Count occurences of the posted state */
- if (flag == state)
- count++;
- }
-
- /* the internal instance and action events are handled as changed any
time since we need to deliver alert whenever it occurs */
- if (E->id == Event_Instance || E->id == Event_Action || (count >=
action->count && (S != E->state || S == STATE_CHANGED)))
- return TRUE;
-
- return FALSE;
-}
-
-
-/**
- * Get the Event type
- * @param E An event object
- * @return The Event type
- */
-int Event_get_id(Event_T E) {
- ASSERT(E);
- return E->id;
-}
-
-
-/**
- * Get the optionally Event message describing why the event was
- * fired.
- * @param E An event object
- * @return The Event message. May be NULL
- */
-const char *Event_get_message(Event_T E) {
- ASSERT(E);
- return E->message;
-}
-
-
-/**
- * Get a textual description of actual event type.
- * @param E An event object
- * @return A string describing the event type in clear text. If the
- * event type is not found NULL is returned.
- */
-const char *Event_get_description(Event_T E) {
- EventTable_T *et= Event_Table;
-
- ASSERT(E);
-
- while ((*et).id) {
- if (E->id == (*et).id) {
- switch (E->state) {
- case STATE_SUCCEEDED:
- return (*et).description_succeeded;
- case STATE_FAILED:
- return (*et).description_failed;
- case STATE_INIT:
- return (*et).description_failed;
- case STATE_CHANGED:
- return (*et).description_changed;
- case STATE_CHANGEDNOT:
- return (*et).description_changednot;
- default:
- break;
- }
- }
- et++;
- }
-
- return NULL;
-}
-
-
-/**
- * Get an event action id.
- * @param E An event object
- * @return An action id
- */
-short Event_get_action(Event_T E) {
- Action_T A = NULL;
-
- ASSERT(E);
-
- switch (E->state) {
- case STATE_SUCCEEDED:
- case STATE_CHANGEDNOT:
- A = E->action->succeeded;
- break;
- case STATE_FAILED:
- case STATE_CHANGED:
- case STATE_INIT:
- A = E->action->failed;
- break;
- default:
- break;
- }
-
- if (! A)
- return ACTION_IGNORE;
-
- /* In the case of passive mode we replace the description of start, stop
- * or restart action for alert action, because these actions are passive
in
- * this mode */
- return (E->mode == MODE_PASSIVE && ((A->id == ACTION_START) || (A->id ==
ACTION_STOP) || (A->id == ACTION_RESTART))) ? ACTION_ALERT : A->id;
-}
-
-
-/**
- * Get a textual description of actual event action. For instance if the
- * event type is possitive Event_Nonexist, the textual description of
- * failed state related action is "restart". Likewise if the event type is
- * negative Event_Checksumthe textual description of recovery related
action
- * is "alert" and so on.
- * @param E An event object
- * @return A string describing the event type in clear text. If the
- * event type is not found NULL is returned.
- */
-const char *Event_get_action_description(Event_T E) {
- ASSERT(E);
- return actionnames[Event_get_action(E)];
-}
-
-
-/**
- * Reprocess the partially handled event queue
- */
-void Event_queue_process() {
- DIR *dir = NULL;
- FILE *file = NULL;
- struct dirent *de = NULL;
- EventAction_T ea = NULL;
- Action_T a = NULL;
-
- /* return in the case that the eventqueue is not enabled or empty */
- if (! Run.eventlist_dir || (! Run.handler_init && !
Run.handler_queue[HANDLER_ALERT] && ! Run.handler_queue[HANDLER_MMONIT]))
- return;
-
- if (! (dir = opendir(Run.eventlist_dir)) ) {
- if (errno != ENOENT)
- LogError("%s: cannot open the directory %s -- %s\n", prog,
Run.eventlist_dir, STRERROR);
- return;
- }
-
- if ((de = readdir(dir)))
- DEBUG("Processing postponed events queue\n");
-
- NEW(ea);
- NEW(a);
-
- while (de) {
- int size;
- int handlers_passed = 0;
- int *version = NULL;
- short *action = NULL;
- Event_T e = NULL;
- struct stat st;
- char file_name[STRLEN];
-
- /* In the case that all handlers failed, skip the further processing in
- * this cycle. Alert handler is currently defined anytime (either
- * explicitly or localhost by default) */
- if ( (Run.mmonits && FLAG(Run.handler_flag, HANDLER_MMONIT) &&
FLAG(Run.handler_flag, HANDLER_ALERT)) || FLAG(Run.handler_flag,
HANDLER_ALERT))
- break;
-
- snprintf(file_name, STRLEN, "%s/%s", Run.eventlist_dir, de->d_name);
-
- if (!stat(file_name, &st) && S_ISREG(st.st_mode)) {
- DEBUG("%s: processing queued event %s\n", prog, file_name);
-
- if (! (file = fopen(file_name, "r")) ) {
- LogError("%s: queued event processing failed - cannot open the
file %s -- %s\n", prog, file_name, STRERROR);
- goto error1;
- }
-
- /* read event structure version */
- if (!(version = File_readQueue(file, &size))) {
- LogError("skipping queued event %s - unknown data format\n",
file_name);
- goto error2;
- }
- if (size != sizeof(int)) {
- LogError("Aborting queued event %s - invalid size %d\n",
file_name, size);
- goto error3;
- }
- if (*version != EVENT_VERSION) {
- LogError("Aborting queued event %s - incompatible data format
version %d\n", file_name, *version);
- goto error3;
- }
-
- /* read event structure */
- if (!(e = File_readQueue(file, &size)))
- goto error3;
- if (size != sizeof(*e))
- goto error4;
-
- /* read source */
- if (!(e->source = File_readQueue(file, &size)))
- goto error4;
-
- /* read message */
- if (!(e->message = File_readQueue(file, &size)))
- goto error5;
-
- /* read event action */
- if (!(action = File_readQueue(file, &size)))
- goto error6;
- if (size != sizeof(short))
- goto error7;
- a->id = *action;
- if (e->state == STATE_FAILED)
- ea->failed = a;
- else
- ea->succeeded = a;
- e->action = ea;
-
- /* Retry all remaining handlers */
-
- /* alert */
- if (e->flag & HANDLER_ALERT) {
- if (Run.handler_init)
- Run.handler_queue[HANDLER_ALERT]++;
- if ((Run.handler_flag & HANDLER_ALERT) != HANDLER_ALERT) {
- if ( handle_alert(e) != HANDLER_ALERT ) {
- e->flag &= ~HANDLER_ALERT;
- Run.handler_queue[HANDLER_ALERT]--;
- handlers_passed++;
- } else {
- LogError("Alert handler failed, retry scheduled for next
cycle\n");
- Run.handler_flag |= HANDLER_ALERT;
- }
- }
- }
-
- /* mmonit */
- if (e->flag & HANDLER_MMONIT) {
- if (Run.handler_init)
- Run.handler_queue[HANDLER_MMONIT]++;
- if ((Run.handler_flag & HANDLER_MMONIT) != HANDLER_MMONIT) {
- if ( handle_mmonit(e) != HANDLER_MMONIT ) {
- e->flag &= ~HANDLER_MMONIT;
- Run.handler_queue[HANDLER_MMONIT]--;
- handlers_passed++;
- } else {
- LogError("M/Monit handler failed, retry scheduled for next
cycle\n");
- Run.handler_flag |= HANDLER_MMONIT;
- }
- }
- }
-
- /* If no error persists, remove it from the queue */
- if (e->flag == HANDLER_SUCCEEDED) {
- DEBUG("Removing queued event %s\n", file_name);
- if (unlink(file_name) < 0)
- LogError("Failed to remove queued event file '%s' -- %s\n",
file_name, STRERROR);
- } else if (handlers_passed > 0) {
- DEBUG("Updating queued event %s (some handlers passed)\n",
file_name);
- Event_queue_update(e, file_name);
- }
-
-error7:
- FREE(action);
-error6:
- FREE(e->message);
-error5:
- FREE(e->source);
-error4:
- FREE(e);
-error3:
- FREE(version);
-error2:
- fclose(file);
- }
-error1:
- de = readdir(dir);
- }
- Run.handler_init = FALSE;
- closedir(dir);
- FREE(a);
- FREE(ea);
- return;
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/*
- * Handle the event
- * @param E An event
- */
-static void handle_event(Event_T E) {
- Service_T S;
-
- ASSERT(E);
- ASSERT(E->action);
- ASSERT(E->action->failed);
- ASSERT(E->action->succeeded);
-
- /* We will handle only first succeeded event, recurrent succeeded events
- * or insufficient succeeded events during failed service state are
- * ignored. Failed events are handled each time. */
- if (!E->state_changed && (E->state == STATE_SUCCEEDED || E->state ==
STATE_CHANGEDNOT || ((E->state_map & 0x1) ^ 0x1)))
- return;
-
- S = Event_get_source(E);
- if (!S) {
- LogError("Event handling aborted\n");
- return;
- }
-
- if (E->message) {
- /* In the case that the service state is initializing yet and error
- * occured, log it and exit. Succeeded events in init state are not
- * logged. Instance and action events are logged always with priority
- * info. */
- if (E->state != STATE_INIT || E->state_map & 0x1) {
- if (E->state == STATE_SUCCEEDED || E->state == STATE_CHANGEDNOT ||
E->id == Event_Instance || E->id == Event_Action)
- LogInfo("'%s' %s\n", S->name, E->message);
- else
- LogError("'%s' %s\n", S->name, E->message);
- }
- if (E->state == STATE_INIT)
- return;
- }
-
- if (E->state == STATE_FAILED || E->state == STATE_CHANGED) {
- if (E->id != Event_Instance && E->id != Event_Action) { // We are not
interested in setting error flag for instance and action events
- S->error |= E->id;
- /* The error hint provides second dimension for error bitmap and
differentiates between failed/changed event states (failed=0, chaged=1) */
- if (E->state == STATE_CHANGED)
- S->error_hint |= E->id;
- else
- S->error_hint &= ~E->id;
- }
- handle_action(E, E->action->failed);
- } else {
- S->error &= ~E->id;
- handle_action(E, E->action->succeeded);
- }
-
- /* Possible event state change was handled so we will reset the flag. */
- E->state_changed = FALSE;
-}
-
-
-static void handle_action(Event_T E, Action_T A) {
- Service_T s;
-
- ASSERT(E);
- ASSERT(A);
-
- E->flag = HANDLER_SUCCEEDED;
-
- if (A->id == ACTION_IGNORE)
- return;
-
- /* Alert and mmonit event notification are common actions */
- E->flag |= handle_mmonit(E);
- E->flag |= handle_alert(E);
-
- /* In the case that some subhandler failed, enqueue the event for
- * partial reprocessing */
- if (E->flag != HANDLER_SUCCEEDED) {
- if (Run.eventlist_dir)
- Event_queue_add(E);
- else
- LogError("Aborting event\n");
- }
-
- if (!(s = Event_get_source(E))) {
- LogError("Event action handling aborted\n");
- return;
- }
-
- /* Action event is handled already. For Instance events
- * we don't want actions like stop to be executed
- * to prevent the disabling of system service monitoring */
- if (A->id == ACTION_ALERT || E->id == Event_Instance) {
- return;
- } else if (A->id == ACTION_EXEC) {
- LogInfo("'%s' exec: %s\n", s->name, A->exec->arg[0]);
- spawn(s, A->exec, E);
- return;
- } else {
- if (s->actionratelist && (A->id == ACTION_START || A->id ==
ACTION_RESTART))
- s->nstart++;
-
- if (s->mode == MODE_PASSIVE && (A->id == ACTION_START || A->id ==
ACTION_STOP || A->id == ACTION_RESTART))
- return;
-
- control_service(s->name, A->id);
- }
-}
-
-
-/**
- * Add the partialy handled event to the global queue
- * @param E An event object
- */
-static void Event_queue_add(Event_T E) {
- FILE *file = NULL;
- char file_name[STRLEN];
- int version = EVENT_VERSION;
- short action = Event_get_action(E);
- int rv = FALSE;
- mode_t mask;
-
- ASSERT(E);
- ASSERT(E->flag != HANDLER_SUCCEEDED);
-
- if (!File_checkQueueDirectory(Run.eventlist_dir, 0700)) {
- LogError("%s: Aborting event - cannot access the directory %s\n",
prog, Run.eventlist_dir);
- return;
- }
-
- if (!File_checkQueueLimit(Run.eventlist_dir, Run.eventlist_slots)) {
- LogError("%s: Aborting event - queue over quota\n", prog);
- return;
- }
-
- /* compose the file name of actual timestamp and service name */
- snprintf(file_name, STRLEN, "%s/%ld_%lx", Run.eventlist_dir, (long
int)time(NULL), (long unsigned)E->source);
-
- DEBUG("%s: Adding event to the queue file %s for later delivery\n",
prog, file_name);
-
- mask = umask(QUEUEMASK);
- file = fopen(file_name, "w");
- umask(mask);
- if (! file) {
- LogError("%s: Aborting event - cannot open the event file %s -- %s\n",
prog, file_name, STRERROR);
- return;
- }
-
- /* write event structure version */
- if (!(rv = File_writeQueue(file, &version, sizeof(int))))
- goto error;
-
- /* write event structure */
- if (!(rv = File_writeQueue(file, E, sizeof(*E))))
- goto error;
-
- /* write source */
- if (!(rv = File_writeQueue(file, E->source, E->source ?
strlen(E->source)+1 : 0)))
- goto error;
-
- /* write message */
- if (!(rv = File_writeQueue(file, E->message, E->message ?
strlen(E->message)+1 : 0)))
- goto error;
-
- /* write event action */
- if (!(rv = File_writeQueue(file, &action, sizeof(short))))
- goto error;
-
- error:
- fclose(file);
- if (!rv) {
- LogError("%s: Aborting event - unable to save event information
to %s\n", prog, file_name);
- if (unlink(file_name) < 0)
- LogError("Failed to remove event file '%s' -- %s\n", file_name,
STRERROR);
- } else {
- if (!Run.handler_init && E->flag & HANDLER_ALERT)
- Run.handler_queue[HANDLER_ALERT]++;
- if (!Run.handler_init && E->flag & HANDLER_MMONIT)
- Run.handler_queue[HANDLER_MMONIT]++;
- }
-
- return;
-}
-
-
-/**
- * Update the partialy handled event in the global queue
- * @param E An event object
- * @param file_name File name
- */
-static void Event_queue_update(Event_T E, const char *file_name) {
- FILE *file = NULL;
- int version = EVENT_VERSION;
- short action = Event_get_action(E);
- int rv = FALSE;
- mode_t mask;
-
- ASSERT(E);
- ASSERT(E->flag != HANDLER_SUCCEEDED);
-
- if (!File_checkQueueDirectory(Run.eventlist_dir, 0700)) {
- LogError("%s: Aborting event - cannot access the directory %s\n",
prog, Run.eventlist_dir);
- return;
- }
-
- DEBUG("%s: Updating event in the queue file %s for later delivery\n",
prog, file_name);
-
- mask = umask(QUEUEMASK);
- file = fopen(file_name, "w");
- umask(mask);
- if (! file)
- {
- LogError("%s: Aborting event - cannot open the event file %s -- %s\n",
prog, file_name, STRERROR);
- return;
- }
-
- /* write event structure version */
- if (!(rv = File_writeQueue(file, &version, sizeof(int))))
- goto error;
-
- /* write event structure */
- if (!(rv = File_writeQueue(file, E, sizeof(*E))))
- goto error;
-
- /* write source */
- if (!(rv = File_writeQueue(file, E->source, E->source ?
strlen(E->source)+1 : 0)))
- goto error;
-
- /* write message */
- if (!(rv = File_writeQueue(file, E->message, E->message ?
strlen(E->message)+1 : 0)))
- goto error;
-
- /* write event action */
- if (!(rv = File_writeQueue(file, &action, sizeof(short))))
- goto error;
-
- error:
- fclose(file);
- if (!rv) {
- LogError("%s: Aborting event - unable to update event information
to %s\n", prog, file_name);
- if (unlink(file_name) < 0)
- LogError("Failed to remove event file '%s' -- %s\n", file_name,
STRERROR);
- }
-
- return;
-}
-
=======================================
--- /trunk/event.h Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,208 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#ifndef MONIT_EVENT_H
-#define MONIT_EVENT_H
-
-#include "monitor.h"
-
-
-typedef enum {
- Event_Null = 0x0,
- Event_Checksum = 0x1,
- Event_Resource = 0x2,
- Event_Timeout = 0x4,
- Event_Timestamp = 0x8,
- Event_Size = 0x10,
- Event_Connection = 0x20,
- Event_Permission = 0x40,
- Event_Uid = 0x80,
- Event_Gid = 0x100,
- Event_Nonexist = 0x200,
- Event_Invalid = 0x400,
- Event_Data = 0x800,
- Event_Exec = 0x1000,
- Event_Fsflag = 0x2000,
- Event_Icmp = 0x4000,
- Event_Content = 0x8000,
- Event_Instance = 0x10000,
- Event_Action = 0x20000,
- Event_Pid = 0x40000,
- Event_PPid = 0x80000,
- Event_Heartbeat = 0x100000,
- Event_All = 0xFFFFFFFF
-} Event_Type;
-
-
-#define IS_EVENT_SET(value, mask) ((value & mask) != 0)
-
-typedef struct myeventtable {
- int id;
- char *description_failed;
- char *description_succeeded;
- char *description_changed;
- char *description_changednot;
-} EventTable_T;
-
-extern EventTable_T Event_Table[];
-
-
-/**
- * This class implements the <b>event</b> processing machinery used by
- * monit. In monit an event is an object containing a Service_T
- * reference indicating the object where the event orginated, an id
- * specifying the event type, a value representing up or down state
- * and an optional message describing why the event was fired.
- *
- * Clients may use the function Event_post() to post events to the
- * event handler for processing.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala, <address@hidden>
- * @file
- */
-
-/**
- * Post a new Event
- * @param service The Service the event belongs to
- * @param id The event identification
- * @param state The event state
- * @param action Description of the event action
- * @param s Optional message describing the event
- */
-void Event_post(Service_T service, long id, short state, EventAction_T
action, char *s, ...);
-
-
-/**
- * Get the Service where the event orginated
- * @param E An event object
- * @return The Service where the event orginated
- */
-Service_T Event_get_source(Event_T E);
-
-
-/**
- * Get the Service name where the event orginated
- * @param E An event object
- * @return The Service name where the event orginated
- */
-char *Event_get_source_name(Event_T E);
-
-
-/**
- * Get the service type of the service where the event orginated
- * @param E An event object
- * @return The service type of the service where the event orginated
- */
-int Event_get_source_type(Event_T E);
-
-
-/**
- * Get the Event timestamp
- * @param E An event object
- * @return The Event timestamp
- */
-struct timeval *Event_get_collected(Event_T E);
-
-
-/**
- * Get the Event raw state
- * @param E An event object
- * @return The Event raw state
- */
-short Event_get_state(Event_T E);
-
-
-/**
- * Return the actual event state based on event state bitmap
- * and event ratio needed to trigger the state change
- * @param E An event object
- * @param S Actual posted state
- * @return The Event raw state
- */
-short Event_check_state(Event_T E, short S);
-
-
-/**
- * Get the Event type
- * @param E An event object
- * @return The Event type
- */
-int Event_get_id(Event_T E);
-
-
-/**
- * Get the optionally Event message describing why the event was
- * fired.
- * @param E An event object
- * @return The Event message. May be NULL
- */
-const char *Event_get_message(Event_T E);
-
-
-/**
- * Get a textual description of actual event type. For instance if the
- * event type is possitive Event_Timestamp, the textual description is
- * "Timestamp error". Likewise if the event type is negative Event_Checksum
- * the textual description is "Checksum recovery" and so on.
- * @param E An event object
- * @return A string describing the event type in clear text. If the
- * event type is not found NULL is returned.
- */
-const char *Event_get_description(Event_T E);
-
-
-/**
- * Get an event action id.
- * @param E An event object
- * @return An action id
- */
-short Event_get_action(Event_T E);
-
-
-/**
- * Get a textual description of actual event action. For instance if the
- * event type is possitive Event_Nonexist, the textual description of
- * failed state related action is "restart". Likewise if the event type is
- * negative Event_Checksum the textual description of recovery related
action
- * is "alert" and so on.
- * @param E An event object
- * @return A string describing the event type in clear text. If the
- * event type is not found NULL is returned.
- */
-const char *Event_get_action_description(Event_T E);
-
-
-/**
- * Reprocess the partialy handled event queue
- */
-void Event_queue_process();
-
-
-#endif
=======================================
--- /trunk/exclude Tue Apr 5 09:49:28 2011
+++ /dev/null
@@ -1,26 +0,0 @@
-CVS
-.DS_Store
-monit.xcode
-build
-.svn
-valgrind*
-make_dist
-exclude
-man
-*.pod
-web
-man1
-rpm
-Makefile
-test
-bottom
-doxygen.cfg
-TAGS
-autogen.sh
-autom4te*
-packages
-presentation.sxi
-doc
-contrib
-*.md5
-*.sha256
=======================================
--- /trunk/file.c Tue Mar 22 14:55:02 2011
+++ /dev/null
@@ -1,513 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-
-#include "monitor.h"
-
-/**
- * Utilities for managing files used by monit.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Christian Hopp, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Initialize the programs file variables
- */
-void File_init() {
-
- char pidfile[STRLEN];
- char buf[STRLEN];
-
- /* Check if the pidfile was already set during configfile parsing */
- if(Run.pidfile == NULL) {
- /* Set the location of this programs pidfile */
- if(! getuid()) {
- snprintf(pidfile, STRLEN, "%s/%s", MYPIDDIR, MYPIDFILE);
- } else {
- snprintf(pidfile, STRLEN, "%s/.%s", Run.Env.home, MYPIDFILE);
- }
- Run.pidfile= xstrdup(pidfile);
- }
-
- /* Set the location of monit's id file */
- if(Run.idfile == NULL) {
- snprintf(buf, STRLEN, "%s/.%s", Run.Env.home, MYIDFILE);
- Run.idfile= xstrdup(buf);
- }
- Util_monitId(Run.idfile);
-
- /* Set the location of monit's state file */
- if(Run.statefile == NULL) {
- snprintf(buf, STRLEN, "%s/.%s", Run.Env.home, MYSTATEFILE);
- Run.statefile= xstrdup(buf);
- }
-
-}
-
-
-/**
- * Finalize and remove temporary files and make sure Monit id file exist
- */
-void File_finalize() {
- unlink(Run.pidfile);
- // Make sure that Monit id file exist
- if (! File_exist(Run.idfile)) {
- FILE *f = fopen(Run.idfile,"w");
- if (! f) {
- LogError("%s: Error opening Monit id file '%s' for writing -- %s\n",
prog, Run.idfile, STRERROR);
- } else {
- fprintf(f, "%s\n", Run.id);
- fclose(f);
- }
- }
-}
-
-
-/**
- * Get a object's last modified timestamp.
- * @param object A object to stat
- * @param type Requested object's type
- * @return Max of either st_mtime or st_ctime or
- * FALSE if not found or different type of object
- */
-time_t File_getTimestamp(char *object, mode_t type) {
-
- struct stat buf;
-
- ASSERT(object);
-
- if(! stat(object, &buf)) {
- if(((type == S_IFREG) && S_ISREG(buf.st_mode)) ||
- ((type == S_IFDIR) && S_ISDIR(buf.st_mode)) ||
- ((type == (S_IFREG|S_IFDIR)) && (S_ISREG(buf.st_mode) ||
- S_ISDIR(buf.st_mode)))
- ) {
- return MAX(buf.st_mtime, buf.st_ctime);
- } else {
- LogError("%s: Invalid object type - %s\n", prog, object);
- }
- }
-
- return FALSE;
-
-}
-
-
-/**
- * Search the system for the monit control file. Try first ~/.monitrc,
- * if that fails try /etc/monitrc, then SYSCONFDIR/monitrc (default:
- * /usr/local/etc/monitrc) and finally ./monitrc.
- * Exit the application if the control file was not found.
- * @return The location of monits control file (monitrc)
- */
-char *File_findControlFile() {
-
- char *rcfile= xcalloc(sizeof(char), STRLEN + 1);
-
- snprintf(rcfile, STRLEN, "%s/.%s", Run.Env.home, MONITRC);
- if(File_exist(rcfile)) {
- return (rcfile);
- }
- memset(rcfile, 0, STRLEN);
- snprintf(rcfile, STRLEN, "/etc/%s", MONITRC);
- if(File_exist(rcfile)) {
- return (rcfile);
- }
- memset(rcfile, 0, STRLEN);
- snprintf(rcfile, STRLEN, "%s/%s", SYSCONFDIR, MONITRC);
- if(File_exist(rcfile)) {
- return (rcfile);
- }
- memset(rcfile, 0, STRLEN);
- snprintf(rcfile, STRLEN, "/usr/local/etc/%s", MONITRC);
- if(File_exist(rcfile)) {
- return (rcfile);
- }
- if(File_exist(MONITRC)) {
- memset(rcfile, 0, STRLEN);
- snprintf(rcfile, STRLEN, "%s/%s", Run.Env.cwd, MONITRC);
- return (rcfile);
- }
- LogError("%s: Cannot find the control file at "
- "~/.%s, /etc/%s, %s/%s, /usr/local/etc/%s or at ./%s \n",
- prog, MONITRC, MONITRC, SYSCONFDIR, MONITRC, MONITRC, MONITRC);
- exit(1);
-
-}
-
-
-/**
- * Create a program's pidfile - Such a file is created when in daemon
- * mode. The file is created with mask = MYPIDMASK (usually 644).
- * @param pidfile The name of the pidfile to create
- * @return TRUE if the file was created, otherwise FALSE.
- */
-int File_createPidFile(char *pidfile) {
-
- FILE *F= NULL;
-
- ASSERT(pidfile);
-
- umask(MYPIDMASK);
- unlink(pidfile);
- if ((F= fopen(pidfile,"w")) == (FILE *)NULL) {
- LogError("%s: Error opening pidfile '%s' for writing -- %s\n", prog,
pidfile, STRERROR);
- return(FALSE);
- }
- fprintf(F, "%d\n", (int)getpid());
- fclose(F);
-
- return TRUE;
-
-}
-
-
-/**
- * Check if the file is a regular file
- * @param file A path to the file to check
- * @return TRUE if file exist and is a regular file, otherwise FALSE
- */
-int File_isFile(char *file) {
-
- struct stat buf;
-
- ASSERT(file);
-
- return (stat(file, &buf) == 0 && S_ISREG(buf.st_mode));
-
-}
-
-
-/**
- * Check if this is a directory.
- * @param dir An absolute directory path
- * @return TRUE if dir exist and is a regular directory, otherwise
- * FALSE
- */
-int File_isDirectory(char *dir) {
-
- struct stat buf;
-
- ASSERT(dir);
-
- return (stat(dir, &buf) == 0 && S_ISDIR(buf.st_mode));
-
-}
-
-
-/**
- * Check if this is a fifo
- * @param fifo A path to the fifo to check
- * @return TRUE if fifo exist, otherwise FALSE
- */
-int File_isFifo(char *fifo) {
-
- struct stat buf;
-
- ASSERT(fifo);
-
- return (stat(fifo, &buf) == 0 && S_ISFIFO(buf.st_mode));
-
-}
-
-
-/**
- * Check if the file exist on the system
- * @file A path to the file to check
- * @return TRUE if file exist otherwise FALSE
- */
-int File_exist(char *file) {
-
- struct stat buf;
-
- ASSERT(file);
-
- return (stat(file, &buf) == 0);
-
-}
-
-
-/**
- * Security check for files. The files must have the same uid as the
- * REAL uid of this process, it must have permissions no greater than
- * "maxpermission".
- * @param filename The filename of the checked file
- * @param description The description of the checked file
- * @param permmask The permission mask for the file
- * @return TRUE if the test succeeded otherwise FALSE
- */
-int File_checkStat(char *filename, char *description, int permmask) {
- struct stat buf;
- errno= 0;
-
- ASSERT(filename);
- ASSERT(description);
-
- if(stat(filename, &buf) < 0) {
- LogError("%s: Cannot stat the %s '%s' -- %s\n", prog, description,
filename, STRERROR);
- return FALSE;
- }
- if(!S_ISREG(buf.st_mode)) {
- LogError("%s: The %s '%s' is not a regular file.\n", prog,
description, filename);
- return FALSE;
- }
- if(buf.st_uid != geteuid()) {
- LogError("%s: The %s '%s' must be owned by you.\n", prog, description,
filename);
- return FALSE;
- }
- if((buf.st_mode & 0777 ) & ~permmask) {
- /*
- Explanation:
-
- buf.st_mode & 0777 -> We just want to check the
- permissions not the file type...
- we did it already!
- () & ~permmask -> We check if there are any other
- permissions set than in permmask
- */
- LogError("%s: The %s '%s' must have permissions no more "
- "than -%c%c%c%c%c%c%c%c%c (0%o); "
- "right now permissions are -%c%c%c%c%c%c%c%c%c (0%o).\n",
- prog, description, filename,
- permmask&S_IRUSR?'r':'-',
- permmask&S_IWUSR?'w':'-',
- permmask&S_IXUSR?'x':'-',
- permmask&S_IRGRP?'r':'-',
- permmask&S_IWGRP?'w':'-',
- permmask&S_IXGRP?'x':'-',
- permmask&S_IROTH?'r':'-',
- permmask&S_IWOTH?'w':'-',
- permmask&S_IXOTH?'x':'-',
- permmask&0777,
- buf.st_mode&S_IRUSR?'r':'-',
- buf.st_mode&S_IWUSR?'w':'-',
- buf.st_mode&S_IXUSR?'x':'-',
- buf.st_mode&S_IRGRP?'r':'-',
- buf.st_mode&S_IWGRP?'w':'-',
- buf.st_mode&S_IXGRP?'x':'-',
- buf.st_mode&S_IROTH?'r':'-',
- buf.st_mode&S_IWOTH?'w':'-',
- buf.st_mode&S_IXOTH?'x':'-',
- buf.st_mode& 0777);
- return FALSE;
- }
-
- return TRUE;
-
-}
-
-
-/**
- * Check whether the specified directory exist or create it using
- * specified mode.
- * @param path The fully qualified path to the directory
- * @param mode The permission for the directory
- * @return TRUE if the succeeded otherwise FALSE
- */
-int File_checkQueueDirectory(char *path, mode_t mode) {
- struct stat st;
-
- if(stat(path, &st)) {
- if(errno == ENOENT) {
- int rv;
- mode_t mask = umask(QUEUEMASK);
- rv = mkdir(path, mode);
- umask(mask);
- if(rv) {
- LogError("%s: cannot create the event queue directory %s -- %s\n",
- prog, path, STRERROR);
- return FALSE;
- }
- } else {
- LogError("%s: cannot read the event queue directory %s -- %s\n",
- prog, path, STRERROR);
- return FALSE;
- }
- } else if(! S_ISDIR(st.st_mode)) {
- LogError("%s: event queue: the %s is not the directory\n", prog, path);
- return FALSE;
- }
- return TRUE;
-}
-
-
-/**
- * Check the queue size limit.
- * @param path The fully qualified path to the directory
- * @param limit The queue limit
- * @return TRUE if the succeeded otherwise FALSE
- */
-int File_checkQueueLimit(char *path, int limit) {
- int used = 0;
- DIR *dir = NULL;
- struct dirent *de = NULL;
-
- if(limit < 0)
- return TRUE;
-
- if(! (dir = opendir(path)) ) {
- LogError("%s: cannot open the event queue directory %s -- %s\n", prog,
path, STRERROR);
- return FALSE;
- }
- while( (de = readdir(dir)) ) {
- struct stat st;
-
- if(!stat(de->d_name, &st) && S_ISREG(st.st_mode) && ++used > limit) {
- LogError("%s: event queue full\n", prog);
- closedir(dir);
- return FALSE;
- }
- }
- closedir(dir);
- return TRUE;
-}
-
-
-/**
- * Write data to the queue file
- * @param file Filedescriptor to write to
- * @param data Data to be written
- * @param size Size of the data to be written
- * @return TRUE if the succeeded otherwise FALSE
- */
-int File_writeQueue(FILE *file, void *data, int size) {
- int rv;
-
- ASSERT(file);
-
- /* write size */
- if((rv = fwrite(&size, 1, sizeof(int), file)) != sizeof(int)) {
- if (feof(file) || ferror(file))
- LogError("%s: queued event file: unable to write event size
-- %s\n", prog, feof(file) ? "end of file" : "stream error");
- else
- LogError("%s: queued event file: unable to write event size -- read
returned %d bytes\n", prog, rv);
- return FALSE;
- }
-
- /* write data if any */
- if(size > 0) {
- if((rv = fwrite(data, 1, size, file)) != size) {
- if (feof(file) || ferror(file))
- LogError("%s: queued event file: unable to write event size
-- %s\n", prog, feof(file) ? "end of file" : "stream error");
- else
- LogError("%s: queued event file: unable to write event size --
read returned %d bytes\n", prog, rv);
- return FALSE;
- }
- }
-
- return TRUE;
-}
-
-
-/**
- * Read the data from the queue file's actual position
- * @param file Filedescriptor to read from
- * @param size Size of the data read
- * @return The data read if any or NULL. The size parameter is set
- * appropriately.
- */
-void *File_readQueue(FILE *file, int *size) {
- int rv;
- void *data = NULL;
-
- ASSERT(file);
-
- /* read size */
- if((rv = fread(size, 1, sizeof(int), file)) != sizeof(int)) {
- if (feof(file) || ferror(file))
- LogError("%s: queued event file: unable to read event size -- %s\n",
prog, feof(file) ? "end of file" : "stream error");
- else
- LogError("%s: queued event file: unable to read event size -- read
returned %d bytes\n", prog, rv);
- return NULL;
- }
-
- /* read data if any (allow 1MB at maximum to prevent enormous memory
allocation) */
- if(*size > 0 && *size < 1048576) {
- data = xcalloc(1, *size);
- if((rv = fread(data, 1, *size, file)) != *size) {
- FREE(data);
- if (feof(file) || ferror(file))
- LogError("%s: queued event file: unable to read event data
-- %s\n", prog, feof(file) ? "end of file" : "stream error");
- else
- LogError("%s: queued event file: unable to read event data -- read
returned %d bytes\n", prog, rv);
- return NULL;
- }
- }
- return data;
-}
-
=======================================
--- /trunk/file.h Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#ifndef MONIT_FILE_H
-#define MONIT_FILE_H
-
-
-/**
- * Utilities used for managing files used by monit.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Christian Hopp, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/**
- * Initialize the programs file variables
- */
-void File_init();
-
-
-/**
- * Finalize and remove temporary files
- */
-void File_finalize();
-
-
-/**
- * Get a object's last modified timestamp.
- * @param object A object to stat
- * @param type Requested object's type
- * @return Max of either st_mtime or st_ctime or
- * FALSE if not found or different type of object
- */
-time_t File_getTimestamp(char *object, mode_t type);
-
-
-/**
- * Search the system for the monit control file. Try first ~/.monitrc,
- * if that fails try /etc/monitrc, then /usr/local/etc/monitrc and
- * finally ./monitrc. Exit the application if the control file was
- * not found.
- * @return The location of monits control file (monitrc)
- */
-char *File_findControlFile();
-
-
-/**
- * Create a program's pidfile - Such a file is created when in daemon
- * mode. The file is created with mask = MYPIDMASK (usually 644).
- * @param pidfile The name of the pidfile to create
- * @return TRUE if the file was created, otherwise FALSE.
- */
-int File_createPidFile(char *pidfile);
-
-
-/**
- * Check if the file is a regular file
- * @param file A path to the file to check
- * @return TRUE if file exist and is a regular file, otherwise FALSE
- */
-int File_isFile(char *file);
-
-
-/**
- * Check if this is a directory.
- * @param dir An absolute directory path
- * @return TRUE if dir exist and is a regular directory, otherwise
- * FALSE
- */
-int File_isDirectory(char *dir);
-
-
-/**
- * Check if this is a fifo
- * @param fifo A path to the fifo to check
- * @return TRUE if fifo exist, otherwise FALSE
- */
-int File_isFifo(char *fifo);
-
-
-/**
- * Check if the file exist on the system
- * @file A path to the file to check
- * @return TRUE if file exist otherwise FALSE
- */
-int File_exist(char *file);
-
-
-/**
- * Security check for files. The files must have the same uid as the
- * REAL uid of this process, it must have permissions no greater than
- * "maxpermission" and it must not be a symbolic link. We check these
- * conditions here.
- * @param filename The filename of the checked file
- * @param description The description of the checked file
- * @param permmask The permission mask for the file
- * @return TRUE if the test succeeded otherwise FALSE
- */
-int File_checkStat(char *filename, char *description, int permmask);
-
-
-/**
- * Check whether the specified directory exist or create it using
- * specified mode.
- * @param path The fully qualified path to the directory
- * @param mode The permission for the directory
- * @return TRUE if the succeeded otherwise FALSE
- */
-int File_checkQueueDirectory(char *path, mode_t mode);
-
-
-/**
- * Check the queue size limit.
- * @param path The fully qualified path to the directory
- * @param mode The queue limit
- * @return TRUE if the succeeded otherwise FALSE
- */
-int File_checkQueueLimit(char *path, int limit);
-
-
-/**
- * Write data to the queue file
- * @param file Filedescriptor to write to
- * @param data Data to be written
- * @param size Size of the data to be written
- * @return TRUE if the succeeded otherwise FALSE
- */
-int File_writeQueue(FILE *file, void *data, int size);
-
-
-/**
- * Read the data from the queue file's actual position
- * @param file Filedescriptor to read from
- * @param size Size of the data read
- * @return The data read if any or NULL. The size parameter is set
- * appropriately.
- */
-void *File_readQueue(FILE *file, int *size);
-
-
-#endif
=======================================
--- /trunk/gc.c Mon Mar 21 08:32:15 2011
+++ /dev/null
@@ -1,637 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#include "monitor.h"
-#include "protocol.h"
-#include "process.h"
-#include "ssl.h"
-#include "engine.h"
-
-
-/* Private prototypes */
-static void _gc_service_list(Service_T *);
-static void _gc_service(Service_T *);
-static void _gc_servicegroup(ServiceGroup_T *);
-static void _gc_servicegroup_member(ServiceGroupMember_T *);
-static void _gc_mail_server(MailServer_T *);
-static void _gcppl(Port_T *);
-static void _gcfilesystem(Filesystem_T *);
-static void _gcicmp(Icmp_T *);
-static void _gcpql(Resource_T *);
-static void _gcptl(Timestamp_T *);
-static void _gcparl(ActionRate_T *);
-static void _gc_action(Action_T *);
-static void _gc_eventaction(EventAction_T *);
-static void _gc_inf(Info_T *);
-static void _gcpdl(Dependant_T *);
-static void _gcso(Size_T *);
-static void _gcmatch(Match_T *);
-static void _gcchecksum(Checksum_T *);
-static void _gcperm(Perm_T *);
-static void _gcuid(Uid_T *);
-static void _gcgid(Gid_T *);
-static void _gcgrc(Generic_T *);
-static void _gcath(Auth_T *);
-static void _gc_mmonit(Mmonit_T *);
-static void _gc_url(URL_T *);
-static void _gc_request(Request_T *);
-
-
-/**
- * Release allocated memory.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-void gc() {
-
- destroy_hosts_allow();
-
- gc_protocols();
-
- if(Run.doprocess) {
- delprocesstree(&oldptree, &oldptreesize);
- delprocesstree(&ptree, &ptreesize);
- }
-
- if(servicelist)
- _gc_service_list(&servicelist);
-
- if(servicegrouplist)
- _gc_servicegroup(&servicegrouplist);
-
- if(Run.credentials)
- _gcath(&Run.credentials);
-
- if(Run.maillist)
- gc_mail_list(&Run.maillist);
-
- if(Run.mailservers)
- _gc_mail_server(&Run.mailservers);
-
- if(Run.mmonits)
- _gc_mmonit(&Run.mmonits);
-
- if(Run.eventlist)
- gc_event(&Run.eventlist);
-
- FREE(Run.eventlist_dir);
- FREE(Run.mygroup);
- FREE(Run.localhostname);
- FREE(Run.httpsslpem);
- FREE(Run.httpsslclientpem);
- FREE(Run.bind_addr);
- FREE(Run.MailFormat.from);
- FREE(Run.MailFormat.subject);
- FREE(Run.MailFormat.message);
- FREE(Run.mail_hostname);
-
-}
-
-
-void gc_mail_list(Mail_T *m) {
-
- ASSERT(m);
-
- if((*m)->next)
- gc_mail_list(&(*m)->next);
-
- FREE((*m)->to);
- FREE((*m)->from);
- FREE((*m)->replyto);
- FREE((*m)->subject);
- FREE((*m)->message);
- FREE(*m);
-
-}
-
-
-void gccmd(Command_T *c) {
-
- int i;
-
- ASSERT(c&&*c);
-
- for(i= 0; (*c)->arg[i]; i++)
- FREE((*c)->arg[i]);
- FREE(*c);
-
-}
-
-
-void gc_event(Event_T *e) {
-
- ASSERT(e&&*e);
-
- if((*e)->next)
- gc_event(&(*e)->next);
-
- (*e)->action= NULL;
- FREE((*e)->source);
- FREE((*e)->message);
- FREE(*e);
-
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-static void _gc_service_list(Service_T *s) {
-
- ASSERT(s&&*s);
-
- if((*s)->next)
- _gc_service_list(&(*s)->next);
-
- _gc_service(&(*s));
-
-}
-
-
-static void _gc_service(Service_T *s) {
-
- ASSERT(s&&*s);
-
- if((*s)->portlist)
- _gcppl(&(*s)->portlist);
-
- if((*s)->filesystemlist)
- _gcfilesystem(&(*s)->filesystemlist);
-
- if((*s)->icmplist)
- _gcicmp(&(*s)->icmplist);
-
- if((*s)->maillist)
- gc_mail_list(&(*s)->maillist);
-
- if((*s)->resourcelist)
- _gcpql(&(*s)->resourcelist);
-
- if((*s)->inf)
- _gc_inf(&(*s)->inf);
-
- if((*s)->timestamplist)
- _gcptl(&(*s)->timestamplist);
-
- if((*s)->actionratelist)
- _gcparl(&(*s)->actionratelist);
-
- if((*s)->sizelist)
- _gcso(&(*s)->sizelist);
-
- if((*s)->matchlist)
- _gcmatch(&(*s)->matchlist);
-
- if((*s)->checksum)
- _gcchecksum(&(*s)->checksum);
-
- if((*s)->perm)
- _gcperm(&(*s)->perm);
-
- if((*s)->uid)
- _gcuid(&(*s)->uid);
-
- if((*s)->gid)
- _gcgid(&(*s)->gid);
-
- if((*s)->dependantlist)
- _gcpdl(&(*s)->dependantlist);
-
- if((*s)->start)
- gccmd(&(*s)->start);
-
- if((*s)->stop)
- gccmd(&(*s)->stop);
-
- if((*s)->action_DATA)
- _gc_eventaction(&(*s)->action_DATA);
-
- if((*s)->action_EXEC)
- _gc_eventaction(&(*s)->action_EXEC);
-
- if((*s)->action_INVALID)
- _gc_eventaction(&(*s)->action_INVALID);
-
- if((*s)->action_NONEXIST)
- _gc_eventaction(&(*s)->action_NONEXIST);
-
- if((*s)->action_PID)
- _gc_eventaction(&(*s)->action_PID);
-
- if((*s)->action_PPID)
- _gc_eventaction(&(*s)->action_PPID);
-
- if((*s)->action_FSFLAG)
- _gc_eventaction(&(*s)->action_FSFLAG);
-
- if((*s)->action_MONIT_START)
- _gc_eventaction(&(*s)->action_MONIT_START);
-
- if((*s)->action_MONIT_STOP)
- _gc_eventaction(&(*s)->action_MONIT_STOP);
-
- if((*s)->action_MONIT_RELOAD)
- _gc_eventaction(&(*s)->action_MONIT_RELOAD);
-
- if((*s)->action_ACTION)
- _gc_eventaction(&(*s)->action_ACTION);
-
- if((*s)->eventlist)
- gc_event(&(*s)->eventlist);
-
- FREE((*s)->name);
- FREE((*s)->path);
-
- (*s)->next= NULL;
-
- FREE(*s);
-
-}
-
-
-static void _gc_servicegroup(ServiceGroup_T *sg) {
- ASSERT(sg && *sg);
-
- if((*sg)->next)
- _gc_servicegroup(&(*sg)->next);
-
- if((*sg)->members)
- _gc_servicegroup_member(&(*sg)->members);
- FREE((*sg)->name);
- FREE(*sg);
-}
-
-
-static void _gc_servicegroup_member(ServiceGroupMember_T *m) {
- ASSERT(m && *m);
-
- if((*m)->next)
- _gc_servicegroup_member(&(*m)->next);
-
- FREE((*m)->name);
- FREE(*m);
-}
-
-
-static void _gc_request(Request_T *r) {
-
- ASSERT(r);
-
- if((*r)->url)
- _gc_url(&(*r)->url);
-#ifdef HAVE_REGEX_H
- if ((*r)->regex)
- regfree((*r)->regex);
-#endif
- FREE((*r)->regex);
- FREE(*r);
-
-}
-
-
-static void _gc_url(URL_T *url) {
-
- ASSERT(url);
-
- FREE((*url)->url);
- FREE((*url)->protocol);
- FREE((*url)->user);
- FREE((*url)->password);
- FREE((*url)->hostname);
- FREE((*url)->path);
- FREE((*url)->query);
- FREE(*url);
-
-}
-
-
-static void _gc_mail_server(MailServer_T *s) {
-
- if (! s || ! *s)
- return;
-
- if ((*s)->next)
- _gc_mail_server(&(*s)->next);
-
- FREE((*s)->host);
- FREE((*s)->username);
- FREE((*s)->password);
- FREE((*s)->ssl.certmd5);
- FREE(*s);
-
-}
-
-
-static void _gc_action(Action_T *a) {
-
- ASSERT(a&&*a);
-
- if((*a)->exec)
- gccmd(&(*a)->exec);
- FREE(*a);
-
-}
-
-
-static void _gc_eventaction(EventAction_T *e) {
-
- ASSERT(e&&*e);
-
- _gc_action(&(*e)->failed);
- _gc_action(&(*e)->succeeded);
- FREE(*e);
-
-}
-
-
-static void _gcppl(Port_T *p) {
-
- ASSERT(p&&*p);
-
- if((*p)->next)
- _gcppl(&(*p)->next);
-
- if((*p)->action)
- _gc_eventaction(&(*p)->action);
- if((*p)->generic)
- _gcgrc(&(*p)->generic);
- if((*p)->url_request)
- _gc_request(&(*p)->url_request);
-
- FREE((*p)->request);
- FREE((*p)->hostname);
- FREE((*p)->pathname);
- FREE((*p)->SSL.certmd5);
- FREE((*p)->request_checksum);
- FREE((*p)->request_hostheader);
- FREE(*p);
-}
-
-
-static void _gcfilesystem(Filesystem_T *d) {
-
- ASSERT(d&&*d);
-
- if((*d)->next)
- _gcfilesystem(&(*d)->next);
-
- if((*d)->action)
- _gc_eventaction(&(*d)->action);
-
- FREE(*d);
-
-}
-
-
-static void _gcicmp(Icmp_T *i) {
-
- ASSERT(i&&*i);
-
- if((*i)->next)
- _gcicmp(&(*i)->next);
-
- if((*i)->action)
- _gc_eventaction(&(*i)->action);
-
- FREE(*i);
-
-}
-
-
-static void _gcpql(Resource_T *q) {
-
- ASSERT(q);
-
- if((*q)->next)
- _gcpql(&(*q)->next);
-
- if((*q)->action)
- _gc_eventaction(&(*q)->action);
-
- FREE(*q);
-
-}
-
-
-static void _gc_inf(Info_T *i) {
- ASSERT(i);
- FREE(*i);
-}
-
-
-static void _gcptl(Timestamp_T *p) {
- ASSERT(p);
-
- if((*p)->next)
- _gcptl(&(*p)->next);
-
- if((*p)->action)
- _gc_eventaction(&(*p)->action);
-
- FREE(*p);
-}
-
-
-static void _gcparl(ActionRate_T *ar) {
- ASSERT(ar);
-
- if((*ar)->next)
- _gcparl(&(*ar)->next);
-
- if((*ar)->action)
- _gc_eventaction(&(*ar)->action);
-
- FREE(*ar);
-}
-
-
-static void _gcso(Size_T *s) {
-
- ASSERT(s);
-
- if((*s)->next)
- _gcso(&(*s)->next);
-
- if((*s)->action)
- _gc_eventaction(&(*s)->action);
-
- FREE(*s);
-
-}
-
-static void _gcmatch(Match_T *s) {
-
- ASSERT(s);
-
- if((*s)->next)
- _gcmatch(&(*s)->next);
-
- if((*s)->action)
- _gc_eventaction(&(*s)->action);
-
- FREE((*s)->match_path);
- FREE((*s)->match_string);
-
-#ifdef HAVE_REGEX_H
- if((*s)->regex_comp) {
- regfree((*s)->regex_comp);
- FREE((*s)->regex_comp);
- }
-#endif
-
- FREE(*s);
-
-}
-
-
-static void _gcchecksum(Checksum_T *s) {
- ASSERT(s);
-
- if ((*s)->action)
- _gc_eventaction(&(*s)->action);
-
- FREE(*s);
-}
-
-
-static void _gcperm(Perm_T *s) {
-
- ASSERT(s);
-
- if((*s)->action)
- _gc_eventaction(&(*s)->action);
-
- FREE(*s);
-
-}
-
-
-static void _gcuid(Uid_T *s) {
-
- ASSERT(s);
-
- if((*s)->action)
- _gc_eventaction(&(*s)->action);
-
- FREE(*s);
-
-}
-
-
-static void _gcgid(Gid_T *s) {
-
- ASSERT(s);
-
- if((*s)->action)
- _gc_eventaction(&(*s)->action);
-
- FREE(*s);
-
-}
-
-
-static void _gcpdl(Dependant_T *d) {
-
- ASSERT(d);
-
- if((*d)->next)
- _gcpdl(&(*d)->next);
-
- FREE((*d)->dependant);
- FREE(*d);
-
-}
-
-
-static void _gcgrc(Generic_T *g) {
-
- ASSERT(g);
-
- if((*g)->next)
- _gcgrc(&(*g)->next);
-
- FREE((*g)->send);
-#ifdef HAVE_REGEX_H
- if ((*g)->expect!=NULL)
- regfree((*g)->expect);
-#endif
- FREE((*g)->expect);
- FREE(*g);
-
-}
-
-
-static void _gcath(Auth_T *c) {
-
- ASSERT(c);
-
- if((*c)->next)
- _gcath(&(*c)->next);
-
- FREE((*c)->uname);
- FREE((*c)->passwd);
- FREE((*c)->groupname);
- FREE(*c);
-
-}
-
-
-static void _gc_mmonit(Mmonit_T *recv) {
-
- ASSERT(recv);
-
- if((*recv)->next)
- _gc_mmonit(&(*recv)->next);
-
- _gc_url(&(*recv)->url);
-
- FREE((*recv)->ssl.certmd5);
- FREE(*recv);
-
-}
-
-
=======================================
--- /trunk/http.c Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,179 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-
-#include "monitor.h"
-#include "net.h"
-#include "engine.h"
-
-/* Private prototypes */
-static void *thread_wrapper(void *arg);
-
-/* The HTTP Thread */
-static pthread_t thread;
-
-static volatile int running = FALSE;
-
-
-/**
- * Facade functions for the cervlet sub-system. Start/Stop the monit
- * http server and check if monit http can start.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * @return TRUE if the monit http can start and is specified in the
- * controlfile to start, otherwise return FALSE. Print an error
- * message if monit httpd _should_ start but can't.
- */
-int can_http() {
-
- if(Run.dohttpd && Run.isdaemon) {
-
- if(! has_hosts_allow() && ! Run.credentials) {
-
- LogError("%s: monit httpd not started since no connect allowed\n",
- prog);
-
- return FALSE;
-
- }
-
- return TRUE;
-
- }
-
- return FALSE;
-
-}
-
-
-/**
- * Start and stop the monit http server
- * @param action START_HTTP or STOP_HTTP
- */
-void monit_http(int action) {
-
- int status;
-
- switch(action) {
-
- case STOP_HTTP:
- if(!running) break;
- LogInfo("Shutting down %s HTTP server\n", prog);
- stop_httpd();
- if( (status= pthread_join(thread, NULL)) != 0) {
- LogError("%s: Failed to stop the http server. Thread error -- %s.\n",
- prog, strerror(status));
- } else {
- LogInfo("%s HTTP server stopped\n", prog);
- running = FALSE;
- }
- break;
-
- case START_HTTP:
- LogInfo("Starting %s HTTP server at [%s:%d]\n",
- prog, Run.bind_addr?Run.bind_addr:"*", Run.httpdport);
- if( (status= pthread_create(&thread, NULL, thread_wrapper, NULL)) !=
0) {
- LogError("%s: Failed to create the http server. Thread error
-- %s.\n",
- prog, strerror(status));
- } else {
- LogInfo("%s HTTP server started\n", prog);
- running = TRUE;
- }
- break;
-
- default:
- LogError("%s: Unknown http server action\n", prog);
- break;
-
- }
-
- return;
-
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-static void *thread_wrapper(void *arg) {
-
- sigset_t ns;
-
- /* Block collective signals in the http thread. The http server is
- * taken down gracefully by signaling the main monit thread */
- set_signal_block(&ns, NULL);
- start_httpd(Run.httpdport, 1024, Run.bind_addr);
-
- return NULL;
-
-}
-
-
=======================================
--- /trunk/install-sh Thu Sep 16 04:09:20 2010
+++ /dev/null
@@ -1,252 +0,0 @@
-#! /bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
-#
-# Copyright 1991 by the Massachusetts Institute of Technology
-#
-# Permission to use, copy, modify, distribute, and sell this software and
its
-# documentation for any purpose is hereby granted without fee, provided
that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission. M.I.T. makes no representations about the
-# suitability of this software for any purpose. It is provided "as is"
-# without express or implied warranty.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch. It can only install one file at a time, a restriction
-# shared with many OS's install programs.
-
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env.
vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
- case $1 in
- -c) instcmd="$cpprog"
- shift
- continue;;
-
- -d) dir_arg=true
- shift
- continue;;
-
- -m) chmodcmd="$chmodprog $2"
- shift
- shift
- continue;;
-
- -o) chowncmd="$chownprog $2"
- shift
- shift
- continue;;
-
- -g) chgrpcmd="$chgrpprog $2"
- shift
- shift
- continue;;
-
- -s) stripcmd="$stripprog"
- shift
- continue;;
-
- -t=*) transformarg=`echo $1 | sed 's/-t=//'`
- shift
- continue;;
-
- -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
- shift
- continue;;
-
- *) if [ x"$src" = x ]
- then
- src=$1
- else
- # this colon is to work around a 386BSD /bin/sh bug
- :
- dst=$1
- fi
- shift
- continue;;
- esac
-done
-
-if [ x"$src" = x ]
-then
- echo "install: no input file specified"
- exit 1
-else
- true
-fi
-
-if [ x"$dir_arg" != x ]; then
- dst=$src
- src=""
-
- if [ -d $dst ]; then
- instcmd=:
- else
- instcmd=mkdir
- fi
-else
-
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad
-# if $src (and thus $dsttmp) contains '*'.
-
- if [ -f $src -o -d $src ]
- then
- true
- else
- echo "install: $src does not exist"
- exit 1
- fi
-
- if [ x"$dst" = x ]
- then
- echo "install: no destination specified"
- exit 1
- else
- true
- fi
-
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
- if [ -d $dst ]
- then
- dst="$dst"/`basename $src`
- else
- true
- fi
-fi
-
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
-
-# Make sure that the destination directory exists.
-# this part is taken from Noah Friedman's mkinstalldirs script
-
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='
-'
-IFS="${IFS-${defaultIFS}}"
-
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@address@hidden' -e 'address@hidden@/@'`
-IFS="${oIFS}"
-
-pathcomp=''
-
-while [ $# -ne 0 ] ; do
- pathcomp="${pathcomp}${1}"
- shift
-
- if [ ! -d "${pathcomp}" ] ;
- then
- $mkdirprog "${pathcomp}"
- else
- true
- fi
-
- pathcomp="${pathcomp}/"
-done
-fi
-
-if [ x"$dir_arg" != x ]
-then
- $doit $instcmd $dst &&
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
- # don't strip - the file size will rise only only slightly,
whereas getting symbols is very valueable for debug
- #if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
-else
-
-# If we're going to rename the final executable, determine the name now.
-
- if [ x"$transformarg" = x ]
- then
- dstfile=`basename $dst`
- else
- dstfile=`basename $dst $transformbasename |
- sed $transformarg`$transformbasename
- fi
-
-# don't allow the sed command to completely eliminate the filename
-
- if [ x"$dstfile" = x ]
- then
- dstfile=`basename $dst`
- else
- true
- fi
-
-# Make a temp file name in the proper directory.
-
- dsttmp=$dstdir/#inst.$$#
-
-# Move or copy the file name to the temp name
-
- $doit $instcmd $src $dsttmp &&
-
- trap "rm -f ${dsttmp}" 0 &&
-
-# and set any options; do chmod last to preserve setuid bits
-
-# If any of these fail, we abort the whole thing. If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
- # don't strip - the file size will rise only only slightly,
whereas getting symbols is very valueable for debug
- #if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
-
-# Now rename the file to the real destination.
-
- $doit $rmcmd -f $dstdir/$dstfile &&
- $doit $mvcmd $dsttmp $dstdir/$dstfile
-
-fi &&
-
-
-exit 0
=======================================
--- /trunk/l.l Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,831 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-%option noyywrap
-
-
-%{
-
-/*
- * DESCRIPTION
- * Lexical grammar for tokenizing the control file.
- *
- * AUTHOR
- * Jan-Henrik Haukeland, <address@hidden>
- * Olivier Beyssac, <address@hidden>
- * Christian Hopp, <address@hidden>
- * Martin Pala, <address@hidden>
- *
- */
-
-#include <config.h>
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_GLOB_H
-#include <glob.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#include "monitor.h"
-#include "tokens.h"
-
-#define MAX_STACK_DEPTH 128
-
- int buffer_stack_ptr=0;
-
- struct buffer_stack_s {
- int lineno;
- char *currentfile;
- YY_BUFFER_STATE buffer;
- } buffer_stack[MAX_STACK_DEPTH];
-
-
- int lineno= 1;
- int arglineno= 1;
- char *currentfile=NULL;
- char *argcurrentfile=NULL;
- char *argyytext=NULL;
-
-
- /* Prototypes */
- extern void yyerror(const char*,...);
- extern void yywarning(const char *,...);
- static void steplinenobycr(char *);
- static void save_arg(void);
- static void include_file(char *);
- static char *handle_quoted_string(char *);
- static void push_buffer_state(YY_BUFFER_STATE, char*);
- static int pop_buffer_state(void);
- static URL_T create_URL(char *proto);
-
-%}
-
-ws [ \r\t]+
-wws [ \r\t;,()]+
-number [0-9]+
-real [0-9]+([.][0-9]+)?
-str [^\000-\041@:{}"';(),%]+
-hostname {str}(\.{str})*
-greater ("greater"|"gt"|">")
-less ("less"|"lt"|"<")
-equal ("equal"|"eq"|"=="|"=")
-notequal ("notequal"|"ne"|"!=")
-loadavg1 load(avg)[ ]*(\([ ]*1[ ]*(m|min)?[ ]*\))?
-loadavg5 load(avg)[ ]*\([ ]*5[ ]*(m|min)?[ ]*\)
-loadavg15 load(avg)[ ]*\([ ]*15[ ]*(m|min)?[ ]*\)
-cpuuser cpu[ ]*(usage)*[ ]*\([ ]*(us|usr|user)?[ ]*\)
-cpusyst cpu[ ]*(usage)*[ ]*\([ ]*(sy|sys|system)?[ ]*\)
-cpuwait cpu[ ]*(usage)*[ ]*\([ ]*(wa|wait)?[ ]*\)
-startarg start{ws}?(program)?{ws}?([=]{ws})?["]
-stoparg stop{ws}?(program)?{ws}?([=]{ws})?["]
-execarg exec(ute)?{ws}?["]
-percent ("percent"|"%")
-byte ("byte"|"b")
-kilobyte ("kilobyte"|"kb")
-megabyte ("megabyte"|"mb")
-gigabyte ("gigabyte"|"gb")
-
-%x ARGUMENT_COND DEPEND_COND SERVICE_COND URL_COND STRING_COND INCLUDE
-
-%%
-
-{wws} { /* Wide white space */ }
-(#.*)?\\?\n { lineno++; }
-
-is {/* EMPTY */}
-as {/* EMPTY */}
-are {/* EMPTY */}
-for {/* EMPTY */}
-on(ly)? {/* EMPTY */}
-with(in|out)? {/* EMPTY */}
-program(s)? {/* EMPTY */}
-and {/* EMPTY */}
-has {/* EMPTY */}
-using {/* EMPTY */}
-use {/* EMPTY */}
-the {/* EMPTY */}
-sum {/* EMPTY */}
-than {/* EMPTY */}
-usage {/* EMPTY */}
-was {/* EMPTY */}
-times {/* EMPTY */}
-but {/* EMPTY */}
-of {/* EMPTY */}
-does {/* EMPTY */}
-
-{startarg} { BEGIN(ARGUMENT_COND); return START; }
-{stoparg} { BEGIN(ARGUMENT_COND); return STOP; }
-{execarg} { BEGIN(ARGUMENT_COND); return EXEC; }
-
-if { return IF; }
-or { return OR; }
-then { return THEN; }
-failed { return FAILED; }
-ssl { return HTTPDSSL; }
-enable { return ENABLE; }
-disable { return DISABLE; }
-set { return SET; }
-daemon { return DAEMON; }
-delay { return DELAY; }
-logfile { return LOGFILE; }
-syslog { return SYSLOG; }
-facility { return FACILITY; }
-httpd { return HTTPD; }
-address { return ADDRESS; }
-clientpemfile { return CLIENTPEMFILE; }
-allowselfcertification { return ALLOWSELFCERTIFICATION; }
-certmd5 { return CERTMD5; }
-pemfile { return PEMFILE; }
-init { return INIT; }
-allow { return ALLOW; }
-read[-]?only { return READONLY; }
-pidfile { return PIDFILE; }
-idfile { return IDFILE; }
-statefile { return STATEFILE; }
-path { return PATHTOK; }
-start { return START; }
-stop { return STOP; }
-port(number)? { return PORT; }
-unix(socket)? { return UNIXSOCKET; }
-type { return TYPE; }
-proto(col)? { return PROTOCOL; }
-tcp { return TCP; }
-tcpssl { return TCPSSL; }
-udp { return UDP; }
-alert { return ALERT; }
-noalert { return NOALERT; }
-mail-format { return MAILFORMAT; }
-resource { return RESOURCE; }
-restart(s)? { return RESTART; }
-cycle(s)? { return CYCLE;}
-timeout { return TIMEOUT; }
-checksum { return CHECKSUM; }
-mailserver { return MAILSERVER; }
-every { return EVERY; }
-host { return HOST; }
-hostheader { return HOSTHEADER; }
-system { return SYSTEM; }
-default { return DEFAULT; }
-http { return HTTP; }
-apache-status { return APACHESTATUS; }
-ftp { return FTP; }
-smtp { return SMTP; }
-postfix-policy { return POSTFIXPOLICY; }
-pop { return POP; }
-imap { return IMAP; }
-clamav { return CLAMAV; }
-dns { return DNS; }
-mysql { return MYSQL; }
-nntp { return NNTP; }
-ntp3 { return NTP3; }
-ssh { return SSH; }
-dwp { return DWP; }
-ldap2 { return LDAP2; }
-ldap3 { return LDAP3; }
-rdate { return RDATE; }
-lmtp { return LMTP; }
-rsync { return RSYNC; }
-tns { return TNS; }
-pgsql { return PGSQL; }
-sip { return SIP; }
-gps { return GPS; }
-radius { return RADIUS; }
-memcache { return MEMCACHE; }
-target { return TARGET; }
-maxforward { return MAXFORWARD; }
-mode { return MODE; }
-active { return ACTIVE; }
-passive { return PASSIVE; }
-manual { return MANUAL; }
-uid { return UID; }
-gid { return GID; }
-request { return REQUEST; }
-secret { return SECRET; }
-loglimit { return LOGLIMIT; }
-closelimit { return CLOSELIMIT; }
-dnslimit { return DNSLIMIT; }
-keepalivelimit { return KEEPALIVELIMIT; }
-replylimit { return REPLYLIMIT; }
-requestlimit { return REQUESTLIMIT; }
-startlimit { return STARTLIMIT; }
-waitlimit { return WAITLIMIT; }
-gracefullimit { return GRACEFULLIMIT; }
-cleanuplimit { return CLEANUPLIMIT; }
-mem(ory)? { return MEMORY; }
-swap { return SWAP; }
-totalmem(ory)? { return TOTALMEMORY; }
-cpu { return CPU; }
-totalcpu { return TOTALCPU; }
-child(ren) { return CHILDREN; }
-timestamp { return TIMESTAMP; }
-changed { return CHANGED; }
-second(s)? { return SECOND; }
-minute(s)? { return MINUTE; }
-hour(s)? { return HOUR; }
-day(s)? { return DAY; }
-sslv2 { return SSLV2; }
-sslv3 { return SSLV3; }
-tlsv1 { return TLSV1; }
-sslauto { return SSLAUTO; }
-inode(s)? { return INODE; }
-space { return SPACE; }
-perm(ission)? { return PERMISSION; }
-exec(ute)? { return EXEC; }
-size { return SIZE; }
-basedir { return BASEDIR; }
-slot(s)? { return SLOT; }
-eventqueue { return EVENTQUEUE; }
-match(ing)? { return MATCH; }
-not { return NOT; }
-ignore { return IGNORE; }
-connection { return CONNECTION; }
-unmonitor { return UNMONITOR; }
-action { return ACTION; }
-icmp { return ICMP; }
-echo { return ICMPECHO; }
-send { return SEND; }
-expect { return EXPECT; }
-expectbuffer { return EXPECTBUFFER; }
-cleartext { return CLEARTEXT; }
-md5 { return MD5HASH; }
-sha1 { return SHA1HASH; }
-crypt { return CRYPT; }
-signature { return SIGNATURE; }
-nonexist { return NONEXIST; }
-exist { return EXIST; }
-invalid { return INVALID; }
-data { return DATA; }
-recovered { return RECOVERED; }
-passed { return PASSED; }
-succeeded { return SUCCEEDED; }
-else { return ELSE; }
-mmonit { return MMONIT; }
-url { return URL; }
-content { return CONTENT; }
-pid { return PID; }
-ppid { return PPID; }
-count { return COUNT; }
-reminder { return REMINDER; }
-instance { return INSTANCE; }
-hostname { return HOSTNAME; }
-username { return USERNAME; }
-password { return PASSWORD; }
-credentials { return CREDENTIALS; }
-register { return REGISTER; }
-fsflag(s)? { return FSFLAG; }
-fips { return FIPS; }
-{byte} { return BYTE; }
-{kilobyte} { return KILOBYTE; }
-{megabyte} { return MEGABYTE; }
-{gigabyte} { return GIGABYTE; }
-{loadavg1} { return LOADAVG1; }
-{loadavg5} { return LOADAVG5; }
-{loadavg15} { return LOADAVG15; }
-{cpuuser} { return CPUUSER; }
-{cpusyst} { return CPUSYSTEM; }
-{cpuwait} { return CPUWAIT; }
-{greater} { return GREATER; }
-{less} { return LESS; }
-{equal} { return EQUAL; }
-{notequal} { return NOTEQUAL; }
-
-include { BEGIN(INCLUDE); }
-
-
-depend(s)?[ \t]+(on[ \t]*)? {
- BEGIN(DEPEND_COND);
- return DEPENDS;
- }
-
-check[ \t]+(process[ \t])? {
- BEGIN(SERVICE_COND);
- return CHECKPROC;
- }
-
-check[ \t]+device { /* Filesystem alias for backward compatibility */
- BEGIN(SERVICE_COND);
- return CHECKFILESYS;
- }
-
-check[ \t]+filesystem {
- BEGIN(SERVICE_COND);
- return CHECKFILESYS;
- }
-
-check[ \t]+file {
- BEGIN(SERVICE_COND);
- return CHECKFILE;
- }
-
-check[ \t]+directory {
- BEGIN(SERVICE_COND);
- return CHECKDIR;
- }
-
-check[ \t]+host {
- BEGIN(SERVICE_COND);
- return CHECKHOST;
- }
-
-check[ \t]+system {
- BEGIN(SERVICE_COND);
- return CHECKSYSTEM;
- }
-
-check[ \t]+fifo {
- BEGIN(SERVICE_COND);
- return CHECKFIFO;
- }
-
-check[ \t]+status {
- BEGIN(SERVICE_COND);
- return CHECKSTATUS;
- }
-
-group[ \t]+ {
- BEGIN(STRING_COND);
- return GROUP;
- }
-
-[a-zA-Z0-9]+"://" {
- yylval.url=
- create_URL(xstrndup(yytext, strlen(yytext)-3));
- BEGIN(URL_COND);
- }
-
-{number} {
- yylval.number= atoi(yytext);
- save_arg(); return NUMBER;
- }
-
-{real} {
- yylval.real= atof(yytext);
- save_arg(); return REAL;
- }
-
-{percent} {
- return PERCENT;
- }
-
-[a-zA-Z0-9]{str} {
- yylval.string= xstrdup(yytext);
- save_arg(); return STRING;
- }
-
-\"[/][^\"\n]*\" {
- yylval.string= handle_quoted_string(yytext);
- save_arg(); return PATH;
- }
-
-\'[/][^\'\n]*\' {
- yylval.string= handle_quoted_string(yytext);
- save_arg(); return PATH;
- }
-
-\"[^\"]*\" {
- steplinenobycr(yytext);
- yylval.string= handle_quoted_string(yytext);
- save_arg(); return STRING;
- }
-
-\'[^\']*\' {
- steplinenobycr(yytext);
- yylval.string= handle_quoted_string(yytext);
- save_arg(); return STRING;
- }
-
address@hidden {
- yylval.string= xstrdup(yytext);
- save_arg(); return MAILADDR;
- }
-
-[/]{str} {
- yylval.string= xstrdup(yytext);
- save_arg(); return PATH;
- }
-
-"/" {
- yylval.string= xstrdup(yytext);
- save_arg(); return PATH;
- }
-
-"from:"[ address@hidden {
- char *p= yytext+strlen("from:");
- yylval.string = Util_trim(xstrdup(p));
- save_arg(); return MAILFROM;
- }
-
-"reply-to:"[ address@hidden {
- char *p= yytext+strlen("reply-to:");
- yylval.string = Util_trim(xstrdup(p));
- save_arg(); return MAILREPLYTO;
- }
-
-"subject:"[^}\n]* {
- char *p= yytext+strlen("subject:");
- yylval.string = Util_trim(xstrdup(p));
- save_arg(); return MAILSUBJECT;
- }
-
-"message:"[^}]* {
- char *p= yytext+strlen("message:");
- steplinenobycr(yytext);
- yylval.string = Util_trim(xstrdup(p));
- save_arg(); return MAILBODY;
- }
-
-{hostname} {
- yylval.string = xstrdup(yytext);
- save_arg(); return STRING;
- }
-
-[\"\'] {
- yyerror("unbalanced quotes");
- }
-
-<SERVICE_COND>{
-
- {ws} ;
-
- [\n] {
- lineno++;
- }
-
- {str} {
- yylval.string= xstrdup(yytext);
- BEGIN(INITIAL);
- save_arg(); return SERVICENAME;
- }
-
- \"{str}\" {
- yylval.string= handle_quoted_string(yytext);
- BEGIN(INITIAL);
- save_arg(); return SERVICENAME;
- }
-
- \'{str}\' {
- yylval.string= handle_quoted_string(yytext);
- BEGIN(INITIAL);
- save_arg(); return SERVICENAME;
- }
-
- [\"\'] {
- yyerror("unbalanced quotes");
- }
-
-}
-
-<DEPEND_COND>{
-
- {wws} ;
-
- {wws}?[\n]{wws}? {
- lineno++;
- }
-
- {str} {
- yylval.string= xstrdup(yytext);
- save_arg(); return SERVICENAME;
- }
-
- [ \r\n\t]+[^,] {
- steplinenobycr(yytext);
- unput(yytext[strlen(yytext)-1]);
- BEGIN(INITIAL);
- }
-
-}
-
-<ARGUMENT_COND>{
-
- {ws} ;
-
- [\n] {
- lineno++;
- }
-
- \" {
- BEGIN(INITIAL);
- }
-
- \'[^\']*\' {
- steplinenobycr(yytext);
- yylval.string= handle_quoted_string(yytext);
- save_arg(); return STRING;
- }
-
- \' {
- yyerror("unbalanced quotes");
- }
-
- [^ \t\n\"]+ {
- yylval.string= xstrdup(yytext);
- save_arg(); return STRING;
- }
-
-}
-
-<URL_COND>{
-
- {ws}|[\n] {
- BEGIN(INITIAL);
- if(!yylval.url->hostname)
- yyerror("missing hostname in URL");
- if(!yylval.url->path)
- yylval.url->path= xstrdup("/");
- yylval.url->url= Util_getString("%s://%s:%d%s%s%s",
- yylval.url->protocol,
- /* possible credentials are hidden */
- yylval.url->hostname,
- yylval.url->port,
- yylval.url->path,
- yylval.url->query?"?":"",
- yylval.url->query?yylval.url->query:"");
- save_arg(); return URLOBJECT;
- }
-
- [^:@ ]+/[:][^@: address@hidden {
- yylval.url->user= xstrdup(yytext);
- }
-
- [:][^@ address@hidden {
- yytext++;
- yylval.url->password= xstrndup(yytext, strlen(yytext)-1);
- }
-
- [^/?:#\r\n ]+ {
- yylval.url->hostname= xstrdup(yytext);
- }
-
- [:]{number} {
- yylval.url->port= atoi(++yytext);
- }
-
- [/][^?#\r\n ]* {
- yylval.url->path= Util_urlEncode(yytext);
- }
-
- [?][^#\r\n ]* {
- yylval.url->query= Util_urlEncode(++yytext);
- }
-
- [#][^\r\n ]* {
- /* EMPTY - reference is ignored */
- }
-
-}
-
-<STRING_COND>{
-
- {str} {
- yylval.string= xstrdup(yytext);
- BEGIN(INITIAL);
- save_arg(); return STRINGNAME;
- }
-
- \"{str}\" {
- yylval.string= handle_quoted_string(yytext);
- BEGIN(INITIAL);
- save_arg(); return STRINGNAME;
- }
-
- \'{str}\' {
- yylval.string= handle_quoted_string(yytext);
- BEGIN(INITIAL);
- save_arg(); return STRINGNAME;
- }
-
- [\"\'] {
- yyerror("unbalanced quotes");
- }
-
-}
-
-<INITIAL,ARGUMENT_COND,SERVICE_COND,DEPEND_COND,URL_COND,STRING_COND>. {
- return yytext[0];
- }
-
-
-<INCLUDE>[ \t]* /* eat the whitespace */
-
-<INCLUDE>\"[^\"\r\n]+\" { /* got the include file name with double quotes
*/
- char *temp=xstrdup(yytext);
- Util_trimQuotes(temp);
- include_file(temp);
- FREE(temp);
- BEGIN(INITIAL);
- }
-
-<INCLUDE>\'[^\'\r\n]+\' { /* got the include file name with single quotes*/
- char *temp=xstrdup(yytext);
- Util_trimQuotes(temp);
- include_file(temp);
- FREE(temp);
- BEGIN(INITIAL);
- }
-
-<INCLUDE>[^ \t\r\n]+ { /* got the include file name without quotes*/
- char *temp=xstrdup(yytext);
- include_file(temp);
- FREE(temp);
- BEGIN(INITIAL);
- }
-
-
-<<EOF>> {
-
- if ( !pop_buffer_state() )
- {
- yyterminate();
- } else {
- BEGIN(INITIAL);
- }
- }
-
-%%
-
-/*
- * Do lineno++ for every occurrence of '\n' in a string. This is
- * necessary whenever a yytext has an unknown number of CRs.
- */
-
-static void steplinenobycr(char *string) {
-
- char *pos= string;
-
- while(*pos)
- if('\n'==*pos++) {
- lineno++;
- }
-
-}
-
-
-static char *handle_quoted_string(char *string) {
-
- char *buf= xstrdup(string);
-
- Util_trimQuotes(buf);
- Util_handleEscapes(buf);
-
- return buf;
-
-}
-
-
-static void include_file(char *pattern) {
-
- glob_t globbuf;
- int i;
-
- if ( glob(pattern, GLOB_MARK, NULL, &globbuf) != 0 ) {
-
- yywarning("include files not found");
-
- return;
-
- }
-
- for (i = 0; i < globbuf.gl_pathc; i++) {
-
- FILE *yyin;
- int filename_length = strlen(globbuf.gl_pathv[i]);
-
- /* check whenever we have caught a directory
- * or file backup copy */
-
- if ((filename_length == 0) ||
- (globbuf.gl_pathv[i][filename_length-1] == '~' ) ||
- (globbuf.gl_pathv[i][filename_length-1] == '/' )) {
-
- continue;
-
- }
-
- yyin = fopen( globbuf.gl_pathv[i], "r" );
-
- if ( ! yyin ) {
-
- yyerror( "failed to include file" );
-
- } else {
-
- push_buffer_state(yy_create_buffer( yyin, YY_BUF_SIZE ),
globbuf.gl_pathv[i]);
-
- }
-
- }
-
- globfree(&globbuf);
-}
-
-
-static void push_buffer_state(YY_BUFFER_STATE buffer, char *filename) {
-
- if ( buffer_stack_ptr >= MAX_STACK_DEPTH )
- {
-
- yyerror("include files are nested too deeply" );
- exit( 1 );
-
- }
-
- buffer_stack[buffer_stack_ptr].lineno = lineno;
- buffer_stack[buffer_stack_ptr].currentfile = currentfile;
- buffer_stack[buffer_stack_ptr].buffer = YY_CURRENT_BUFFER;
-
- buffer_stack_ptr++;
-
- lineno = 1;
- currentfile = xstrdup(filename);
-
- yy_switch_to_buffer(buffer);
-
- BEGIN(INITIAL);
-
-}
-
-
-static int pop_buffer_state(void) {
-
- if ( --buffer_stack_ptr < 0 ) {
-
- return 0;
-
- } else {
-
- fclose(yyin);
- lineno=buffer_stack[buffer_stack_ptr].lineno;
-
- FREE(currentfile);
- currentfile=buffer_stack[buffer_stack_ptr].currentfile;
-
- yy_delete_buffer( YY_CURRENT_BUFFER );
- yy_switch_to_buffer( buffer_stack[buffer_stack_ptr].buffer );
-
- }
-
- return 1;
-
-}
-
-
-static void save_arg(void) {
-
- arglineno=lineno;
- argcurrentfile=currentfile;
- FREE(argyytext);
- argyytext=xstrdup(yytext);
-
-}
-
-
-static URL_T create_URL(char *proto) {
- URL_T url;
- ASSERT(proto);
- NEW(url);
- url->protocol= proto;
- if(IS(url->protocol, "https")) {
- url->port= 443;
- if(!have_ssl())
- yyerror("HTTPS protocol not supported -- SSL support disabled" );
- } else if(IS(url->protocol, "http")) {
- url->port= 80;
- } else {
- yyerror("URL protocol not supported -- ");
- }
- return url;
-}
=======================================
--- /trunk/log.c Thu Jun 9 05:56:06 2011
+++ /dev/null
@@ -1,461 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_STDARG_H
-#include <stdarg.h>
-#endif
-
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_EXECINFO_H
-#include <execinfo.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#include "monitor.h"
-
-
-/**
- * Implementation of a logger that appends log messages to a file
- * with a preceding timestamp. Methods support both syslog or own
- * logfile.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/* -------------------------------------------------------------
Definitions */
-
-
-static FILE *LOG= NULL;
-static pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER;
-
-
-static struct mylogpriority {
- int priority;
- char *description;
-} logPriority[]= {
- {LOG_EMERG, "emergency"},
- {LOG_ALERT, "alert"},
- {LOG_CRIT, "critical"},
- {LOG_ERR, "error"},
- {LOG_WARNING, "warning"},
- {LOG_NOTICE, "notice"},
- {LOG_INFO, "info"},
- {LOG_DEBUG, "debug"},
- {-1, NULL}
-};
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static int open_log();
-static char *timefmt(char *t, int size);
-static const char *logPriorityDescription(int p);
-static void log_log(int priority, const char *s, va_list ap);
-static void log_backtrace();
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Initialize the log system and 'log' function
- * @return TRUE if the log system was successfully initialized
- */
-int log_init() {
-
- if (!Run.dolog) {
- return TRUE;
- }
-
- if (!open_log()) {
- return FALSE;
- }
-
- /* Register log_close to be
- called at program termination */
- atexit(log_close);
-
- return TRUE;
-
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogEmergency(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_EMERG, s, ap);
- va_end(ap);
- log_backtrace();
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogAlert(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_ALERT, s, ap);
- va_end(ap);
- log_backtrace();
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogCritical(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_CRIT, s, ap);
- va_end(ap);
- log_backtrace();
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogError(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_ERR, s, ap);
- va_end(ap);
- log_backtrace();
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void vLogError(const char *s, va_list ap) {
- va_list ap_copy;
- ASSERT(s);
- va_copy(ap_copy, ap);
- log_log(LOG_ERR, s, ap);
- va_end(ap_copy);
- log_backtrace();
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogWarning(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_WARNING, s, ap);
- va_end(ap);
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogNotice(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_NOTICE, s, ap);
- va_end(ap);
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogInfo(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_INFO, s, ap);
- va_end(ap);
-}
-
-
-/**
- * Logging interface with priority support
- * @param s A formated (printf-style) string to log
- */
-void LogDebug(const char *s, ...) {
- va_list ap;
-
- ASSERT(s);
-
- va_start(ap, s);
- log_log(LOG_DEBUG, s, ap);
- va_end(ap);
-}
-
-
-/**
- * Close the log file or syslog
- */
-void log_close() {
-
- if (Run.use_syslog) {
- closelog();
- }
-
- if (LOG && (0 != fclose(LOG))) {
- LogError("%s: Error closing the log file -- %s\n", prog, STRERROR);
- }
-
- LOG= NULL;
-
-}
-
-
-#ifndef HAVE_VSYSLOG
-#ifdef HAVE_SYSLOG
-void vsyslog (int facility_priority, const char *format, va_list arglist) {
- char msg[STRLEN+1];
-
- vsnprintf(msg, STRLEN, format, arglist);
- syslog(facility_priority, "%s", msg);
-}
-#endif /* HAVE_SYSLOG */
-#endif /* HAVE_VSYSLOG */
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/**
- * Open a log file or syslog
- */
-static int open_log() {
-
- if (Run.use_syslog) {
- openlog(prog, LOG_PID, Run.facility);
- } else {
- umask(LOGMASK);
- if ((LOG= fopen(Run.logfile,"a+")) == (FILE *)NULL) {
- LogError("%s: Error opening the log file '%s' for writing -- %s\n",
prog, Run.logfile, STRERROR);
- return(FALSE);
- }
- /* Set logger in unbuffered mode */
- setvbuf(LOG, NULL, _IONBF, 0);
- }
-
- return TRUE;
-
-}
-
-
-/**
- * Returns the current time as a formated string, see the TIMEFORMAT
- * macro in monitor.h
- */
-static char *timefmt(char *t, int size) {
- time_t now;
- struct tm tm;
-
- time(&now);
- localtime_r(&now, &tm);
- if ( !strftime(t, size, TIMEFORMAT, &tm))
- *t = 0;
- return t;
-}
-
-
-/**
- * Get a textual description of the actual log priority.
- * @param p The log priority
- * @return A string describing the log priority in clear text. If the
- * priority is not found NULL is returned.
- */
-static const char *logPriorityDescription(int p) {
-
- struct mylogpriority *lp= logPriority;
-
- while ((*lp).description)
- {
- if (p == (*lp).priority)
- {
- return (*lp).description;
- }
- lp++;
- }
-
- return "unknown";
-
-}
-
-
-/**
- * Log a message to monits logfile or syslog.
- * @param priority A message priority
- * @param s A formated (printf-style) string to log
- */
-static void log_log(int priority, const char *s, va_list ap) {
-
-#ifdef HAVE_VA_COPY
- va_list ap_copy;
-#endif
-
- ASSERT(s);
-
- LOCK(log_mutex)
-
-#ifdef HAVE_VA_COPY
- va_copy(ap_copy, ap);
- vfprintf(stderr, s, ap_copy);
- va_end(ap_copy);
-#else
- vfprintf(stderr, s, ap);
-#endif
- fflush(stderr);
-
- if (Run.dolog) {
- if (Run.use_syslog) {
-#ifdef HAVE_VA_COPY
- va_copy(ap_copy, ap);
- vsyslog(priority, s, ap_copy);
- va_end(ap_copy);
-#else
- vsyslog(priority, s, ap);
-#endif
- } else if (LOG) {
- char datetime[STRLEN];
- fprintf(LOG, "[%s] %-8s : ", timefmt(datetime, STRLEN),
logPriorityDescription(priority));
-#ifdef HAVE_VA_COPY
- va_copy(ap_copy, ap);
- vfprintf(LOG, s, ap_copy);
- va_end(ap_copy);
-#else
- vfprintf(LOG, s, ap);
-#endif
-
- }
- }
- END_LOCK;
-}
-
-
-static void log_backtrace() {
-#ifdef HAVE_BACKTRACE
- int i, frames;
- void *callstack[128];
- char **strs;
-
- if (Run.debug >= 2) {
- frames = backtrace(callstack, 128);
- strs = backtrace_symbols(callstack, frames);
-
LogDebug("-------------------------------------------------------------------------------\n");
- for (i = 0; i < frames; ++i)
- LogDebug(" %s\n", strs[i]);
-
LogDebug("-------------------------------------------------------------------------------\n");
- FREE(strs);
- }
-#endif
-}
-
=======================================
--- /trunk/make_dist Tue Apr 5 10:09:19 2011
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/bin/sh
-#
-# Build the monit.tar.gz package
-#
-: ${MAKE:=make}
-
-clean_up()
-{
- rm -f $CONFIGURE_OBJS
- rm -f $MAN_OBJS
- rm -f pod2*
- rm -fr ./autom4te*
- rm -f log
- rm -f aclocal.m4
- rm -f monit.spec
- rm -f valgrind*
- rm -f y.output
- find ./ -name ".#*" -exec rm -f {} \;
- find ./ -name "*orig" -exec rm -f {} \;
-}
-
-# Get version from the configure.ac file
-VERSION=`perl
-ne 'if(/AC_INIT.*\[(\w)([\.\w]+)(\-\w+)?\]/){print"$1$2$3\n";}'
configure.ac`
-# Get current dir. must be named monit
-WORKDIR=`basename $PWD`
-# The relase string
-RELEASE="${WORKDIR}-${VERSION}"
-# The tar.gz file name
-TARGET=$RELEASE.tar.gz
-
-# Objects created by configure
-CONFIGURE_OBJS="Makefile config.cache config.log config.h config.h.in \
- confdefs.h config.status configure"
-
-# Man-file objects
-MAN_OBJS="*.1"
-
-# Create the Makefile
-./autogen.sh
-
-# Cleanup before build
-rm -f *.tar.gz
-${MAKE} devclean
-clean_up
-
-# --------------------
-# Create documentation
-# --------------------
-#rm -f doc/api-docs/*
-#perl -pi.bak -e 's/address@hidden@/'$VERSION'/' doxygen.cfg
-#${MAKE} doc
-#mv doxygen.cfg.bak doxygen.cfg
-echo "Generating documentation"
-d=`date '+%B %d. %Y'`
-pod2man --center "User Commands" --release "${d}" --date="www.mmonit.com"
--lax monit.pod > monit.1
-rm -f pod2*
-
-# Copy the specfile to allow direct rpmbuild -ta
-cp contrib/packages/redhat/monit.spec ./
-perl -pi -e 's/^Version: .*/Version: '$VERSION'/' monit.spec
-
-# -----------------------------
-# Set standard file permissions
-# -----------------------------
-chmod 600 monitrc
-chmod 755 install-sh
-
-# -------------
-# Build package
-# -------------
-./autogen.sh # configure, config.h.in
-${MAKE} distclean # Keep only the relevant files
-
-# Build the dist file using current version in filename
-cd ..
-mv $WORKDIR $RELEASE # Rename the monit dir to include the version number
-tar zcvfX ${TARGET} $RELEASE/exclude $RELEASE # Create the tar file
-mv $RELEASE $WORKDIR # Rename the work dir. back to monit
-mv $TARGET $WORKDIR # Move the tar.gz package into work dir.
-cd $WORKDIR
-
-openssl dgst -md5 $TARGET > $TARGET.md5
-openssl dgst -sha256 $TARGET > $TARGET.sha256
-
-# cleanup
-clean_up
-
-if test "`uname`" != "Linux"
-then
-
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
- echo "please verify the manual page with 'man --warnings monit.1 >
/dev/null'"
- echo "if warnings will be showed, please generate the manual page
on linux "
-
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-fi
-
=======================================
--- /trunk/md5.c Thu Jul 29 04:35:44 2010
+++ /dev/null
@@ -1,635 +0,0 @@
-/* md5.c - Functions to compute MD5 message digest of files or memory
blocks
- according to the definition of MD5 in RFC 1321 from April 1992.
- Copyright (C) 1995, 1996 Free Software Foundation, Inc.
- NOTE: The canonical source of this file is maintained with the GNU C
- Library. Bugs can be reported to address@hidden
-
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; either version 2, or (at your option) any
- later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
-
-/* Written by Ulrich Drepper <address@hidden>, 1995. */
-
-#include <config.h>
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-#ifdef HAVE_ALLOCA_H
-#include <alloca.h>
-#endif
-
-#include "md5.h"
-#include "monitor.h"
-
-
-#ifdef WORDS_BIGENDIAN
-# define SWAP(n) \
- (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >>
24))
-#else
-# define SWAP(n) (n)
-#endif
-
-/* This array contains the bytes used to pad the buffer to the next
- 64-byte boundary. (RFC 1321, 3.1: Step 1) */
-static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
-
-
-/* Initialize structure containing state of computation.
- (RFC 1321, 3.3: Step 3) */
-void
-md5_init_ctx (ctx)
- struct md5_ctx *ctx;
-{
- ctx->A = 0x67452301;
- ctx->B = 0xefcdab89;
- ctx->C = 0x98badcfe;
- ctx->D = 0x10325476;
-
- ctx->total[0] = ctx->total[1] = 0;
- ctx->buflen = 0;
-}
-
-/* Put result from CTX in first 16 bytes following RESBUF. The result
- must be in little endian byte order.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-void *
-md5_read_ctx (ctx, resbuf)
- const struct md5_ctx *ctx;
- void *resbuf;
-{
- ((md5_uint32 *) resbuf)[0] = SWAP (ctx->A);
- ((md5_uint32 *) resbuf)[1] = SWAP (ctx->B);
- ((md5_uint32 *) resbuf)[2] = SWAP (ctx->C);
- ((md5_uint32 *) resbuf)[3] = SWAP (ctx->D);
-
- return resbuf;
-}
-
-/* Process the remaining bytes in the internal buffer and the usual
- prolog according to the standard and write the result to RESBUF.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-void *
-md5_finish_ctx (ctx, resbuf)
- struct md5_ctx *ctx;
- void *resbuf;
-{
- /* Take yet unprocessed bytes into account. */
- md5_uint32 bytes = ctx->buflen;
- size_t pad;
-
- /* Now count remaining bytes. */
- ctx->total[0] += bytes;
- if (ctx->total[0] < bytes)
- ++ctx->total[1];
-
- pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
- memcpy (&ctx->buffer[bytes], fillbuf, pad);
-
- /* Put the 64-bit file length in *bits* at the end of the buffer. */
- *(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3);
- *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] <<
3) |
- (ctx->total[0] >> 29));
-
- /* Process last bytes. */
- md5_process_block (ctx->buffer, bytes + pad + 8, ctx);
-
- return md5_read_ctx (ctx, resbuf);
-}
-
-/* Compute MD5 message digest for bytes read from STREAM. The
- resulting message digest number will be written into the 16 bytes
- beginning at RESBLOCK. */
-int
-md5_stream (stream, resblock)
- FILE *stream;
- void *resblock;
-{
- /* Important: BLOCKSIZE must be a multiple of 64. */
-#define BLOCKSIZE 4096
- struct md5_ctx ctx;
- char buffer[BLOCKSIZE + 72];
- size_t sum;
-
- /* Initialize the computation context. */
- md5_init_ctx (&ctx);
-
- /* Iterate over full file contents. */
- while (1)
- {
- /* We read the file in blocks of BLOCKSIZE bytes. One call of the
- computation function processes the whole buffer so that with the
- next round of the loop another block can be read. */
- size_t n;
- sum = 0;
-
- /* Read block. Take care for partial reads. */
- do
- {
- n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
-
- sum += n;
- }
- while (sum < BLOCKSIZE && n != 0);
- if (n == 0) {
- int error = ferror(stream);
- if (error) {
- LogError("md5_stream: stream error -- sum=%d, error=0x%x\n",
sum, error);
- return error;
- } else
- break; /* If end of file is reached, end the loop. */
- }
-
- /* Process buffer with BLOCKSIZE bytes. Note that BLOCKSIZE % 64 == 0
- */
- md5_process_block (buffer, BLOCKSIZE, &ctx);
- }
-
- /* Add the last bytes if necessary. */
- if (sum > 0)
- md5_process_bytes (buffer, sum, &ctx);
-
- /* Construct result in desired memory. */
- md5_finish_ctx (&ctx, resblock);
- return 0;
-}
-
-/* Compute MD5 message digest for LEN bytes beginning at BUFFER. The
- result is always in little endian byte order, so that a byte-wise
- output yields to the wanted ASCII representation of the message
- digest. */
-void *
-md5_buffer (buffer, len, resblock)
- const char *buffer;
- size_t len;
- void *resblock;
-{
- struct md5_ctx ctx;
-
- /* Initialize the computation context. */
- md5_init_ctx (&ctx);
-
- /* Process whole buffer but last len % 64 bytes. */
- md5_process_bytes (buffer, len, &ctx);
-
- /* Put result in desired memory area. */
- return md5_finish_ctx (&ctx, resblock);
-}
-
-
-void
-md5_process_bytes (buffer, len, ctx)
- const void *buffer;
- size_t len;
- struct md5_ctx *ctx;
-{
- /* When we already have some bits in our internal buffer concatenate
- both inputs first. */
- if (ctx->buflen != 0)
- {
- size_t left_over = ctx->buflen;
- size_t add = 128 - left_over > len ? len : 128 - left_over;
-
- memcpy (&ctx->buffer[left_over], buffer, add);
- ctx->buflen += add;
-
- if (left_over + add > 64)
- {
- md5_process_block (ctx->buffer, (left_over + add) & ~63, ctx);
- /* The regions in the following copy operation cannot overlap. */
- memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
- (left_over + add) & 63);
- ctx->buflen = (left_over + add) & 63;
- }
-
- buffer = (const char *) buffer + add;
- len -= add;
- }
-
- /* Process available complete blocks. */
- if (len > 64)
- {
- md5_process_block (buffer, len & ~63, ctx);
- buffer = (const char *) buffer + (len & ~63);
- len &= 63;
- }
-
- /* Move remaining bytes in internal buffer. */
- if (len > 0)
- {
- memcpy (ctx->buffer, buffer, len);
- ctx->buflen = len;
- }
-}
-
-
-/* These are the four functions used in the four steps of the MD5 algorithm
- and defined in the RFC 1321. The first function is a little bit
optimized
- (as found in Colin Plumbs public domain implementation). */
-/* #define FF(b, c, d) ((b & c) | (~b & d)) */
-#define FF(b, c, d) (d ^ (b & (c ^ d)))
-#define FG(b, c, d) FF (d, b, c)
-#define FH(b, c, d) (b ^ c ^ d)
-#define FI(b, c, d) (c ^ (b | ~d))
-
-/* Process LEN bytes of BUFFER, accumulating context into CTX.
- It is assumed that LEN % 64 == 0. */
-
-void
-md5_process_block (buffer, len, ctx)
- const void *buffer;
- size_t len;
- struct md5_ctx *ctx;
-{
- md5_uint32 correct_words[16];
- const md5_uint32 *words = buffer;
- size_t nwords = len / sizeof (md5_uint32);
- const md5_uint32 *endp = words + nwords;
- md5_uint32 A = ctx->A;
- md5_uint32 B = ctx->B;
- md5_uint32 C = ctx->C;
- md5_uint32 D = ctx->D;
-
- /* First increment the byte count. RFC 1321 specifies the possible
- length of the file up to 2^64 bits. Here we only compute the
- number of bytes. Do a double word increment. */
- ctx->total[0] += len;
- if (ctx->total[0] < len)
- ++ctx->total[1];
-
- /* Process all bytes in the buffer with 64 bytes in each round of
- the loop. */
- while (words < endp)
- {
- md5_uint32 *cwp = correct_words;
- md5_uint32 A_save = A;
- md5_uint32 B_save = B;
- md5_uint32 C_save = C;
- md5_uint32 D_save = D;
-
- /* First round: using the given function, the context and a constant
- the next context is computed. Because the algorithms processing
- unit is a 32-bit word and it is determined to work on words in
- little endian byte order we perhaps have to change the byte order
- before the computation. To reduce the work for the next steps
- we store the swapped words in the array CORRECT_WORDS. */
-
-#define OP(a, b, c, d, s, T) \
- do \
- { \
- a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \
- ++words; \
- CYCLIC (a, s); \
- a += b; \
- } \
- while (0)
-
- /* It is unfortunate that C does not provide an operator for
- cyclic rotation. Hope the C compiler is smart enough. */
-#define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
-
- /* Before we start, one word to the strange constants.
- They are defined in RFC 1321 as
-
- T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
- */
-
- /* Round 1. */
- OP (A, B, C, D, 7, 0xd76aa478);
- OP (D, A, B, C, 12, 0xe8c7b756);
- OP (C, D, A, B, 17, 0x242070db);
- OP (B, C, D, A, 22, 0xc1bdceee);
- OP (A, B, C, D, 7, 0xf57c0faf);
- OP (D, A, B, C, 12, 0x4787c62a);
- OP (C, D, A, B, 17, 0xa8304613);
- OP (B, C, D, A, 22, 0xfd469501);
- OP (A, B, C, D, 7, 0x698098d8);
- OP (D, A, B, C, 12, 0x8b44f7af);
- OP (C, D, A, B, 17, 0xffff5bb1);
- OP (B, C, D, A, 22, 0x895cd7be);
- OP (A, B, C, D, 7, 0x6b901122);
- OP (D, A, B, C, 12, 0xfd987193);
- OP (C, D, A, B, 17, 0xa679438e);
- OP (B, C, D, A, 22, 0x49b40821);
-
- /* For the second to fourth round we have the possibly swapped words
- in CORRECT_WORDS. Redefine the macro to take an additional first
- argument specifying the function to use. */
-#undef OP
-#define OP(f, a, b, c, d, k, s, T) \
- do \
- { \
- a += f (b, c, d) + correct_words[k] + T; \
- CYCLIC (a, s); \
- a += b; \
- } \
- while (0)
-
- /* Round 2. */
- OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
- OP (FG, D, A, B, C, 6, 9, 0xc040b340);
- OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
- OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
- OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
- OP (FG, D, A, B, C, 10, 9, 0x02441453);
- OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
- OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
- OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
- OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
- OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
- OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
- OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
- OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
- OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
- OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
-
- /* Round 3. */
- OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
- OP (FH, D, A, B, C, 8, 11, 0x8771f681);
- OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
- OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
- OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
- OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
- OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
- OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
- OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
- OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
- OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
- OP (FH, B, C, D, A, 6, 23, 0x04881d05);
- OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
- OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
- OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
- OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
-
- /* Round 4. */
- OP (FI, A, B, C, D, 0, 6, 0xf4292244);
- OP (FI, D, A, B, C, 7, 10, 0x432aff97);
- OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
- OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
- OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
- OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
- OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
- OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
- OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
- OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
- OP (FI, C, D, A, B, 6, 15, 0xa3014314);
- OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
- OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
- OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
- OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
- OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
-
- /* Add the starting values of the context. */
- A += A_save;
- B += B_save;
- C += C_save;
- D += D_save;
- }
-
- /* Put checksum in context given as argument. */
- ctx->A = A;
- ctx->B = B;
- ctx->C = C;
- ctx->D = D;
-}
-
-
-
-/* This md5crypt implementation is taken from glibc-2.3.2. It
- accepts additionally a variable md5_salt_prefixes.*/
-
-static const char b64t[64] =
-"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-char *
-md5_crypt (key, md5_salt_prefix, salt, buffer, buflen)
- const char *key;
- const char *md5_salt_prefix;
- const char *salt;
- char *buffer;
- int buflen;
-{
-#ifdef __SUNPRO_C
- /* Suns Forte Developer C Compiler does not support __aligned__ etc. */
- unsigned char alt_result[16];
-#else
- unsigned char alt_result[16]
- __attribute__ ((__aligned__ (__alignof__ (md5_uint32))));
-#endif
-
- struct md5_ctx ctx;
- struct md5_ctx alt_ctx;
- size_t salt_len;
- size_t key_len;
- size_t cnt;
- char *cp;
- char *copied_key = NULL;
- char *copied_salt = NULL;
-
- /* Find beginning of salt string. The prefix should normally always
- be present. Just in case it is not. */
- if (strncmp (md5_salt_prefix, salt, strlen (md5_salt_prefix)) == 0)
- /* Skip salt prefix. */
- salt += strlen(md5_salt_prefix);
-
- salt_len = MIN (strcspn (salt, "$"), 8);
- key_len = strlen (key);
-
-#ifndef __SUNPRO_C
- /* Suns Forte Developer C Compiler doesn`t support this below,
- so lets hope 32 bit integers are well aligned.
- */
-
- if ((key - (char *) 0) % __alignof__ (md5_uint32) != 0)
- {
- char *tmp = (char *) alloca (key_len + __alignof__ (md5_uint32));
- key = copied_key =
- memcpy (tmp + __alignof__ (md5_uint32)
- - (tmp - (char *) 0) % __alignof__ (md5_uint32),
- key, key_len);
- ASSERT ((key - (char *) 0) % __alignof__ (md5_uint32) == 0);
- }
-
- if ((salt - (char *) 0) % __alignof__ (md5_uint32) != 0)
- {
- char *tmp = (char *) alloca (salt_len + __alignof__ (md5_uint32));
- salt = copied_salt =
- memcpy (tmp + __alignof__ (md5_uint32)
- - (tmp - (char *) 0) % __alignof__ (md5_uint32),
- salt, salt_len);
- ASSERT ((salt - (char *) 0) % __alignof__ (md5_uint32) == 0);
- }
-#endif
-
- /* Prepare for the real work. */
- md5_init_ctx (&ctx);
-
- /* Add the key string. */
- md5_process_bytes (key, key_len, &ctx);
-
- /* Because the SALT argument need not always have the salt prefix we
- add it separately. */
- md5_process_bytes (md5_salt_prefix, strlen (md5_salt_prefix), &ctx);
-
- /* The last part is the salt string. This must be at most 8
- characters and it ends at the first `$' character (for
- compatibility which existing solutions). */
- md5_process_bytes (salt, salt_len, &ctx);
-
-
- /* Compute alternate MD5 sum with input KEY, SALT, and KEY. The
- final result will be added to the first context. */
- md5_init_ctx (&alt_ctx);
-
- /* Add key. */
- md5_process_bytes (key, key_len, &alt_ctx);
-
- /* Add salt. */
- md5_process_bytes (salt, salt_len, &alt_ctx);
-
- /* Add key again. */
- md5_process_bytes (key, key_len, &alt_ctx);
-
- /* Now get result of this (16 bytes) and add it to the other
- context. */
- md5_finish_ctx (&alt_ctx, alt_result);
-
- /* Add for any character in the key one byte of the alternate sum. */
- for (cnt = key_len; cnt > 16; cnt -= 16)
- md5_process_bytes (alt_result, 16, &ctx);
- md5_process_bytes (alt_result, cnt, &ctx);
-
- /* For the following code we need a NUL byte. */
- *alt_result = '\0';
-
- /* The original implementation now does something weird: for every 1
- bit in the key the first 0 is added to the buffer, for every 0
- bit the first character of the key. This does not seem to be
- what was intended but we have to follow this to be compatible. */
- for (cnt = key_len; cnt > 0; cnt >>= 1)
- md5_process_bytes ((cnt & 1) != 0 ? (const char *) alt_result : key, 1,
- &ctx);
-
- /* Create intermediate result. */
- md5_finish_ctx (&ctx, alt_result);
-
- /* Now comes another weirdness. In fear of password crackers here
- comes a quite long loop which just processes the output of the
- previous round again. We cannot ignore this here. */
- for (cnt = 0; cnt < 1000; ++cnt)
- {
- /* New context. */
- md5_init_ctx (&ctx);
-
- /* Add key or last result. */
- if ((cnt & 1) != 0)
- md5_process_bytes (key, key_len, &ctx);
- else
- md5_process_bytes (alt_result, 16, &ctx);
-
- /* Add salt for numbers not divisible by 3. */
- if (cnt % 3 != 0)
- md5_process_bytes (salt, salt_len, &ctx);
-
- /* Add key for numbers not divisible by 7. */
- if (cnt % 7 != 0)
- md5_process_bytes (key, key_len, &ctx);
-
- /* Add key or last result. */
- if ((cnt & 1) != 0)
- md5_process_bytes (alt_result, 16, &ctx);
- else
- md5_process_bytes (key, key_len, &ctx);
-
- /* Create intermediate result. */
- md5_finish_ctx (&ctx, alt_result);
- }
-
- /* Now we can construct the result string. It consists of three
- parts. */
- cp = strncpy (buffer, md5_salt_prefix, MAX (0, buflen));
- buflen -= strlen (md5_salt_prefix);
- cp = strchr (cp, '\0');
-
- cp = strncpy (cp, salt, MIN ((size_t) MAX (0, buflen), salt_len));
- buflen -= MIN ((size_t) MAX (0, buflen), salt_len);
- cp = strchr (cp, '\0');
-
- if (buflen > 0)
- {
- *cp++ = '$';
- --buflen;
- }
-
-#define b64_from_24bit(B2, B1, B0, N) \
- do { \
- unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0);
\
- int n = (N); \
- while (n-- > 0 && buflen > 0)
\
- {
\
- *cp++ = b64t[w & 0x3f];
\
- --buflen; \
- w >>= 6; \
- }
\
- } while (0)
-
-
- b64_from_24bit (alt_result[0], alt_result[6], alt_result[12], 4);
- b64_from_24bit (alt_result[1], alt_result[7], alt_result[13], 4);
- b64_from_24bit (alt_result[2], alt_result[8], alt_result[14], 4);
- b64_from_24bit (alt_result[3], alt_result[9], alt_result[15], 4);
- b64_from_24bit (alt_result[4], alt_result[10], alt_result[5], 4);
- b64_from_24bit (0, 0, alt_result[11], 2);
- if (buflen <= 0)
- {
- buffer = NULL;
- }
- else
- *cp = '\0'; /* Terminate the string. */
-
- /* Clear the buffer for the intermediate result so that people
- attaching to processes or reading core dumps cannot get any
- information. We do it in this way to clear correct_words[]
- inside the MD5 implementation as well. */
- md5_init_ctx (&ctx);
- md5_finish_ctx (&ctx, alt_result);
- memset (&ctx, '\0', sizeof (ctx));
- memset (&alt_ctx, '\0', sizeof (alt_ctx));
- if (copied_key != NULL)
- memset (copied_key, '\0', key_len);
- if (copied_salt != NULL)
- memset (copied_salt, '\0', salt_len);
-
- return buffer;
-}
=======================================
--- /trunk/md5.h Thu Jun 4 12:28:53 2009
+++ /dev/null
@@ -1,154 +0,0 @@
-/* md5.h - Declaration of functions and data types used for MD5 sum
- computing library functions.
- Copyright (C) 1995, 1996 Free Software Foundation, Inc.
- NOTE: The canonical source of this file is maintained with the GNU C
- Library. Bugs can be reported to address@hidden
-
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; either version 2, or (at your option) any
- later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
-
-#ifndef _MD5_H
-#define _MD5_H 1
-
-#include <config.h>
-
-#include <stdio.h>
-
-#if defined HAVE_LIMITS_H || _LIBC
-#include <limits.h>
-#endif
-
-/* The following contortions are an attempt to use the C preprocessor
- to determine an unsigned integral type that is 32 bits wide. An
- alternative approach is to use autoconf's AC_CHECK_SIZEOF macro, but
- doing that would require that the configure script compile and *run*
- the resulting executable. Locally running cross-compiled executables
- is usually not possible. */
-
-#ifdef _LIBC
-# include <sys/types.h>
-typedef u_int32_t md5_uint32;
-typedef uintptr_t md5_uintptr;
-#else
-# if defined __STDC__ && __STDC__
-# define UINT_MAX_32_BITS 4294967295U
-# else
-# define UINT_MAX_32_BITS 0xFFFFFFFF
-# endif
-
-/* If UINT_MAX isn't defined, assume it's a 32-bit type.
- This should be valid for all systems GNU cares about because
- that doesn't include 16-bit systems, and only modern systems
- (that certainly have <limits.h>) have 64+-bit integral types. */
-
-# ifndef UINT_MAX
-# define UINT_MAX UINT_MAX_32_BITS
-# endif
-
-# if UINT_MAX == UINT_MAX_32_BITS
- typedef unsigned int md5_uint32;
-# else
-# if USHRT_MAX == UINT_MAX_32_BITS
- typedef unsigned short md5_uint32;
-# else
-# if ULONG_MAX == UINT_MAX_32_BITS
- typedef unsigned long md5_uint32;
-# else
- /* The following line is intended to evoke an error.
- Using #error is not portable enough. */
- "Cannot determine unsigned 32-bit data type."
-# endif
-# endif
-# endif
-/* We have to make a guess about the integer type equivalent in size
- to pointers which should always be correct. */
-typedef unsigned long int md5_uintptr;
-#endif
-
-#undef __P
-#if defined (__STDC__) && __STDC__
-#define __P(x) x
-#else
-#define __P(x) ()
-#endif
-
-/* Structure to save state of computation between the single steps. */
-struct md5_ctx
-{
- md5_uint32 A;
- md5_uint32 B;
- md5_uint32 C;
- md5_uint32 D;
-
- md5_uint32 total[2];
- md5_uint32 buflen;
- char buffer[128];
-};
-
-/*
- * The following three functions are build up the low level used in
- * the functions `md5_stream' and `md5_buffer'.
- */
-
-/* Initialize structure containing state of computation.
- (RFC 1321, 3.3: Step 3) */
-extern void md5_init_ctx __P ((struct md5_ctx *ctx));
-
-/* Starting with the result of former calls of this function (or the
- initialization function update the context for the next LEN bytes
- starting at BUFFER.
- It is necessary that LEN is a multiple of 64!!! */
-extern void md5_process_block __P ((const void *buffer, size_t len,
- struct md5_ctx *ctx));
-
-/* Starting with the result of former calls of this function (or the
- initialization function update the context for the next LEN bytes
- starting at BUFFER.
- It is NOT required that LEN is a multiple of 64. */
-extern void md5_process_bytes __P ((const void *buffer, size_t len,
- struct md5_ctx *ctx));
-
-/* Process the remaining bytes in the buffer and put result from CTX
- in first 16 bytes following RESBUF. The result is always in little
- endian byte order, so that a byte-wise output yields to the wanted
- ASCII representation of the message digest.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-extern void *md5_finish_ctx __P ((struct md5_ctx *ctx, void *resbuf));
-
-
-/* Put result from CTX in first 16 bytes following RESBUF. The result is
- always in little endian byte order, so that a byte-wise output yields
- to the wanted ASCII representation of the message digest.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-extern void *md5_read_ctx __P ((const struct md5_ctx *ctx, void *resbuf));
-
-
-/* Compute MD5 message digest for bytes read from STREAM. The
- resulting message digest number will be written into the 16 bytes
- beginning at RESBLOCK. */
-extern int md5_stream __P ((FILE *stream, void *resblock));
-
-/* Compute MD5 message digest for LEN bytes beginning at BUFFER. The
- result is always in little endian byte order, so that a byte-wise
- output yields to the wanted ASCII representation of the message
- digest. */
-extern void *md5_buffer __P ((const char *buffer, size_t len, void
*resblock));
-
-extern char *md5_crypt __P ((const char *key, const char *md5_salt_prefix,
- const char *salt, char *buffer, int buflen));
-#endif
=======================================
--- /trunk/monit.pod Mon May 30 06:02:52 2011
+++ /dev/null
@@ -1,3871 +0,0 @@
-#
-# The right margin in this file is 65 characters.
-# In Emacs use -- set-variable: fill-column = 65
-#
-
-=head1 NAME
-
-Monit - utility for monitoring services on a Unix system
-
-
-=head1 SYNOPSIS
-
-B<monit> [options] {arguments}
-
-
-=head1 DESCRIPTION
-
-B<monit> is a utility for managing and monitoring processes,
-files, directories and filesystems on a Unix system. Monit
-conducts automatic maintenance and repair and can execute
-meaningful causal actions in error situations. E.g. Monit can
-start a process if it does not run, restart a process if it does
-not respond and stop a process if it uses too much resources. You
-may use Monit to monitor files, directories and filesystems for
-changes, such as timestamps changes, checksum changes or size
-changes.
-
-Monit is controlled via an easy to configure control file based
-on a free-format, token-oriented syntax. Monit logs to syslog or
-to its own log file and notifies you about error conditions via
-customizable alert messages. Monit can perform various TCP/IP
-network checks, protocol checks and can utilize SSL for such
-checks. Monit provides a http(s) interface and you may use a
-browser to access the Monit program.
-
-
-=head1 GENERAL OPERATION
-
-The behavior of Monit is controlled by command-line options
-I<and> a run control file, F<~/.monitrc>, the syntax of which we
-describe in a later section. Command-line options override
-F<.monitrc> declarations.
-
-The following options are recognized by monit. However, it is
-recommended that you set options (when applicable) directly in
-the I<.monitrc> control file.
-
-=head2 General Options and Arguments
-
-B<-c> I<file>
- Use this control file
-
-B<-d> I<n>
- Run as a daemon once per I<n> seconds
-
-B<-g>
- Set group name for start, stop, restart, monitor and
- unmonitor.
-
-B<-l> I<logfile>
- Print log information to this file
-
-B<-p> I<pidfile>
- Use this lock file in daemon mode
-
-B<-s> I<statefile>
- Write state information to this file
-
-B<-I>
- Do not run in background (needed for run from init)
-
-B<-t>
- Run syntax check for the control file
-
-B<-v>
- Verbose mode, work noisy (diagnostic output)
-
-B<-vv>
- Very verbose mode, same as -v plus log stacktrace on error
-
-B<-H> I<[filename]>
- Print MD5 and SHA1 hashes of the file or of stdin if the
- filename is omitted; Monit will exit afterwards
-
-B<-V>
- Print version number and patch level
-
-B<-h>
- Print a help text
-
-
-In addition to the options above, Monit can be started with one
-of the following action arguments; Monit will then execute the
-action and exit without transforming itself to a daemon.
-
-
-B<start all>
- Start all services listed in the control file and
- enable monitoring for them. If the group option is
- set, only start and enable monitoring of services in
- the named group (no "all" verb is required in this
- case).
-
-B<start name>
- Start the named service and enable monitoring for
- it. The name is a service entry name from the
- monitrc file.
-
-B<stop all>
- Stop all services listed in the control file and
- disable their monitoring. If the group option is
- set, only stop and disable monitoring of the services
- in the named group (no "all" verb is required in this
- case).
-
-B<stop name>
- Stop the named service and disable its monitoring.
- The name is a service entry name from the monitrc
- file.
-
-B<restart all>
- Stop and start I<all> services. If the group option
- is set, only restart the services in the named group
- (no "all" verb is required in this case).
-
-B<restart name>
- Restart the named service. The name is a service entry
- name from the monitrc file.
-
-B<monitor all>
- Enable monitoring of all services listed in the
- control file. If the group option is set, only start
- monitoring of services in the named group (no "all"
- verb is required in this case).
-
-B<monitor name>
- Enable monitoring of the named service. The name is
- a service entry name from the monitrc file. Monit will
- also enable monitoring of all services this service
- depends on.
-
-B<unmonitor all>
- Disable monitoring of all services listed in the
- control file. If the group option is set, only disable
- monitoring of services in the named group (no "all"
- verb is required in this case).
-
-B<unmonitor name>
- Disable monitoring of the named service. The name is
- a service entry name from the monitrc file. Monit
- will also disable monitoring of all services that
- depends on this service.
-
-B<status>
- Print full status information for each service.
-
-B<summary>
- Print short status information for each service.
-
-B<reload>
- Reinitialize a running Monit daemon, the daemon will
- reread its configuration, close and reopen log files.
-
-B<quit>
- Kill a Monit daemon process
-
-B<validate>
- Check all services listed in the control file. This
- action is also the default behavior when Monit runs
- in daemon mode.
-
-B<procmatch regex>
- Allows for easy testing of pattern for process match
- check. The command takes regular expression as an
- argument and displays all running processes matching
- the pattern.
-
-
-=head1 WHAT TO MONITOR
-
-You may use Monit to monitor daemon processes or similar programs
-running on localhost. Monit is particular useful for monitoring
-daemon processes, such as those started at system boot time from
-/etc/init.d/. For instance sendmail, sshd, apache and mysql. In
-difference to many monitoring systems, Monit can act if an error
-situation should occur, e.g.; if sendmail is not running, monit
-can start sendmail or if apache is using too much resources (e.g.
-if a DoS attack is in progress) Monit can stop or restart apache
-and send you an alert message. Monit can also monitor process
-characteristics, such as; if a process has become a zombie and
-how much memory or cpu cycles a process is using.
-
-You may also use Monit to monitor files, directories and
-filesystems on localhost. Monit can monitor these items for
-changes, such as timestamps changes, checksum changes or size
-changes. This is also useful for security reasons - you can
-monitor the md5 checksum of files that should not change.
-
-You may even use Monit to monitor remote hosts. First and
-foremost Monit is a utility for monitoring and mending services
-on localhost, but if a service depends on a remote service, e.g.
-a database server or an application server, it might by useful to
-be able to test a remote host as well.
-
-You may monitor the general system-wide resources such as cpu
-usage, memory and load average.
-
-
-=head1 HOW TO MONITOR
-
-Monit is configured and controlled via a control file called
-B<monitrc>. The default location for this file is ~/.monitrc. If
-this file does not exist, Monit will try /etc/monitrc, then
-S<@sysconfdir@>/monitrc and finally ./monitrc.
-
-A Monit control file consists of a series of service entries and
-global option statements in a free-format, token-oriented syntax.
-Comments begin with a # and extend through the end of the line.
-There are three kinds of tokens in the control file: grammar
-keywords, numbers and strings.
-
-On a semantic level, the control file consists of three types of
-statements:
-
-=over 4
-
-=item 1. Global set-statements
-
-A global set-statement starts with the keyword I<set> and the
-item to configure.
-
-=item 2. Global include-statement
-
-The include statement consists of the keyword I<include> and
-a glob string.
-
-=item 3. One or more service entry statements.
-
-A service entry starts with the keyword I<check> followed by the
-service type.
-
-=back
-
-A Monit control file example:
-
- #
- # Monit control file
- #
-
- set daemon 120 # Poll at 2-minute intervals
- set logfile syslog facility log_daemon
- set alert address@hidden
- set httpd port 2812 and use address localhost
- allow localhost # Allow localhost to connect
- allow admin:Monit # Allow Basic Auth
-
- check system myhost.mydomain.tld
- if loadavg (1min) > 4 then alert
- if loadavg (5min) > 2 then alert
- if memory usage > 75% then alert
- if swap usage > 25% then alert
- if cpu usage (user) > 70% then alert
- if cpu usage (system) > 30% then alert
- if cpu usage (wait) > 20% then alert
-
- check process apache
- with pidfile "/usr/local/apache/logs/httpd.pid"
- start program = "/etc/init.d/httpd start" with timeout 60 seconds
- stop program = "/etc/init.d/httpd stop"
- if 2 restarts within 3 cycles then timeout
- if totalmem > 100 Mb then alert
- if children > 255 for 5 cycles then stop
- if cpu usage > 95% for 3 cycles then restart
- if failed port 80 protocol http then restart
- group server
- depends on httpd.conf, httpd.bin
-
- check file httpd.conf
- with path /usr/local/apache/conf/httpd.conf
- # Reload apache if the httpd.conf file was changed
- if changed checksum
- then exec "/usr/local/apache/bin/apachectl graceful"
-
- check file httpd.bin
- with path /usr/local/apache/bin/httpd
- # Run /watch/dog in the case that the binary was changed
- if failed checksum then exec "/watch/dog"
-
- include /etc/monit/mysql.monitrc
- include /etc/monit/mail/*.monitrc
-
-The above example illustrates a service entry for monitoring the
-apache web server process as well as related files. The meaning
-of the various statements will be explained in the following
-sections.
-
-
-=head1 LOGGING
-
-Monit will log status and error messages to a log file. Use the
-I<set logfile> statement in the monitrc control file. To setup
-Monit to log to its own logfile, use e.g. I<set logfile
-/var/log/monit.log>. If B<syslog> is given as a value for the
-I<-l> command-line switch (or the keyword I<set logfile syslog>
-is found in the control file) Monit will use the B<syslog> system
-daemon to log messages with a priority assigned to each message
-based on the context. To turn off logging, simply do not set the
-logfile in the control file (and of course, do not use the -l
-switch)
-
-
-=head1 DAEMON MODE
-
-The I<-d interval> command-line switch runs Monit in daemon
-mode. You must specify a numeric argument which is a polling
-interval in seconds.
-
-In daemon mode, Monit detaches from the console, puts itself in
-the background and runs continuously, monitoring each specified
-service and then goes to sleep for the given poll interval.
-
-Simply invoking
-
- Monit -d 300
-
-will poll all services described in your F<~/.monitrc> file every
-5 minutes.
-
-It is strongly recommended to set the poll interval in your
-~/.monitrc file instead, by using I<set daemon B<n>>, where B<n>
-is an integer number of seconds. If you do this, Monit will
-always start in daemon mode (as long as no action arguments are
-given). Example (check every 5 minutes):
-
- set daemon 300
-
-If you need Monit to wait some time at startup before it start
-checking services you can use the delay statement. Example (check
-every 5 minutes, wait 1 minute on start before first monitoring
-cycle):
-
- set daemon 300 with start delay 60
-
-Monit makes a per-instance lock-file in daemon mode. If you need
-more Monit instances, you will need more configuration files,
-each pointing to its own lock-file.
-
-Calling I<monit> with a Monit daemon running in the background
-sends a wake-up signal to the daemon, forcing it to check
-services immediately.
-
-The I<quit> argument will kill a running daemon process instead
-of waking it up.
-
-
-=head1 INIT SUPPORT
-
-Monit can run and be controlled from I<init>. If Monit should
-crash, I<init> will re-spawn a new Monit process. Using init to
-start Monit is probably the best way to run Monit if you want to
-be certain that you always have a running Monit daemon on your
-system. (It's obvious, but never the less worth to stress; Make
-sure that the control file does not have any syntax errors before
-you start Monit from init. Also, make sure that if you run monit
-from init, that you do not start Monit from a startup scripts as
-well).
-
-To setup Monit to run from init, you can either use the 'set
-init' statement in monit's control file or use the -I option from
-the command line and here is what you must add to /etc/inittab:
-
- # Run Monit in standard run-levels
- mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc
-
-After you have modified init's configuration file, you can run
-the following command to re-examine /etc/inittab and start monit:
-
- telinit q
-
-For systems without telinit:
-
- kill -1 1
-
-If Monit is used to monitor services that are also started at
-boot time (e.g. services started via SYSV init rc scripts or via
-inittab) then, in some cases, a race condition could occur. That
-is; if a service is slow to start, Monit can assume that the
-service is not running and possibly try to start it and raise an
-alert, while, in fact the service is already about to start or
-already in its startup sequence. Please see the FAQ for solutions
-to this problem.
-
-=head1 INCLUDE FILES
-
-The Monit control file, I<monitrc>, can include additional
-configuration files. This feature helps one to maintain a certain
-structure or to place repeating settings into one file. Include
-statements can be placed at virtually any spot. The syntax is the
-following:
-
- INCLUDE globstring
-
-The globstring is any kind of string as defined in glob(7).
-Thus, you can refer to a single file or you can load several
-files at once. In case you want to use whitespace in your string
-the globstring need to be embedded into quotes (') or double
-quotes ("). For example,
-
- INCLUDE "/etc/monit/Monit configuration files/printer.*.monitrc"
-
-loads any file matching the single globstring. If the globstring
-matches a directory instead of a file, it is silently ignored.
-
-I<INCLUDE> statements in included files are parsed as in the main
-control file.
-
-If the globstring matches several results, the files are included
-in a non sorted manner. If you need to rely on a certain order,
-you might need to use single I<include> statements.
-
-=head1 GROUP SUPPORT
-
-Service entries in the control file, I<monitrc>, can be grouped
-together by the I<group> statement. The syntax is simply (keyword
-in capital):
-
- GROUP groupname
-
-With this statement it is possible to group similar service
-entries together and manage them as a whole. Monit provides
-functions to start, stop, restart, monitor and unmonitor a
-group of services, like so:
-
-To start a group of services from the console:
-
- Monit -g <groupname> start
-
-To stop a group of services:
-
- Monit -g <groupname> stop
-
-To restart a group of services:
-
- Monit -g <groupname> restart
-
-Note:
-the I<status> and I<summary> commands don't support the -g
-option and will print the state of all services.
-
-Service can be added to multiple groups by adding group statement
-multiple times:
-
- group www
- group filesystem
-
-
-=head1 MONITORING MODE
-
-Monit supports three monitoring modes per service: I<active>,
-I<passive> and I<manual>. See also the example section below for
-usage of the mode statement.
-
-In I<active> mode, Monit will monitor a service and in case of
-problems Monit will act and raise alerts, start, stop or restart
-the service. Active mode is the default mode.
-
-In I<passive> mode, Monit will passively monitor a service and
-specifically B<not> try to fix a problem, but it will still raise
-alerts in case of a problem.
-
-For use in clustered environments there is also a I<manual>
-mode. In this mode, Monit will enter I<active> mode B<only> if a
-service was brought under monit's control, for example by
-executing the following command in the console:
-
- Monit start sybase
- (Monit will call sybase's start method and enable monitoring)
-
-If a service was not started by Monit or was stopped or disabled
-for example by:
-
- Monit stop sybase
- (Monit will call sybase's stop method and disable monitoring)
-
-Monit will then not monitor the service. This allows for having
-services configured in monitrc and start it with Monit only if it
-should run. This feature can be used to build a simple failsafe
-cluster.
-
-A service's monitoring state is persistent across Monit restart.
-This means that you probably would like to make certain that
-services in manual mode are stopped or in unmonitored mode at
-server shutdown. Do for instance the following in a server
-shutdown script:
-
- Monit stop sybase
-
-or
-
- Monit unmonitor sybase
-
-If you use Monit in a HA-cluster you should place the state file
-in a temporary filesystem so if the machine should crash and the
-stand-by machine take over services, any manual monitoring mode
-services that were started on the crashed machine won't be
-started on reboot. Use for example:
-
- set statefile /tmp/monit.state
-
-
-
-=head1 ALERT MESSAGES
-
-Monit will raise an email alert in the following situations:
-
- o A service timed out
- o A service does not exist
- o A service related data access problem
- o A service related program execution problem
- o A service is of invalid object type
- o A icmp problem
- o A port connection problem
- o A resource statement match
- o A file checksum problem
- o A file size problem
- o A file/directory timestamp problem
- o A file/directory/filesystem permission problem
- o A file/directory/filesystem uid problem
- o A file/directory/filesystem gid problem
- o An action is done per administrator's request
-
-Monit will send an alert each time a monitored object changed.
-This involves:
-
- o Monit started, stopped or reloaded
- o A file checksum changed
- o A file size changed
- o A file content match
- o A file/directory timestamp changed
- o A filesystem mount flags changed
- o A process PID changed
- o A process PPID changed
-
-You use the alert statement to notify Monit that you want alert
-messages sent to an email address. If you do not specify an alert
-statement, Monit will not send alert messages.
-
-There are two forms of alert statement:
-
- o Global - common for all services
- o Local - per service
-
-In both cases you can use more than one alert statement. In other
-words, you can send many different emails to many different
-addresses.
-
-Recipients in the global and in the local lists are alerted when
-a service failed, recovered or changed. If the same email address
-is in the global and in the local list, Monit will only send one
-alert. Local (per service) defined alert email addresses override
-global addresses in case of a conflict. Finally, you may choose
-to only use a global alert list (recommended), a local per
-service list or both.
-
-It is also possible to disable the global alerts locally for
-particular service(s) and recipients.
-
-=head2 Setting a global alert statement
-
-If a change occurred on a monitored services, Monit will send an
-alert to all recipients in the global list who has registered
-interest for the event type. Here is the syntax for the global
-alert statement:
-
-=over 4
-
-=item SET ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT
- {mail-format}] [REMINDER number]
-
-=back
-
-Simply using the following in the global section of monitrc:
-
- set alert address@hidden
-
-will send a default email to the address address@hidden whenever an
-event occurred on any service. Such an event may be that a
-service timed out, a service doesn't exist and so on. If you want
-to send alert messages to more email addresses, add a I<set alert
-'email'> statement for each address.
-
-For explanations of the I<events, MAIL-FORMAT and REMINDER>
-keywords above, please see below.
-
-You can also use the NOT option ahead of the events list which
-will reverse the meaning of the list. That is, only send alerts
-for events I<not> in the list. This can save you some
-configuration bytes if you are interested in most events except a
-few.
-
-
-=head2 Setting a local alert statement
-
-Each service can also have its own recipient list.
-
-=over 4
-
-=item ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT
- {mail-format}] [REMINDER number]
-
-=back
-
-or
-
-=over 4
-
-=item NOALERT mail-address
-
-=back
-
-If you only want an alert message sent for certain events and for
-certain service(s), for example only for timeout events or only
-if a service died, then postfix the alert-statement with a filter
-block:
-
- check process myproc with pidfile /var/run/my.pid
- alert address@hidden only on { timeout, nonexist }
- ...
-
-(I<only> and I<on> are noise keywords, ignored by Monit. As a
-side note; Noise keywords are used in the control file grammar to
-make an entry resemble English and thus make it easier to read
-(or, so goes the philosophy). The full set of available noise
-keywords are listed below in the Control File section).
-
-You can also setup to send alerts for all events except some by
-putting the word I<not> ahead of the list. For example, if you
-want to receive alerts for all events except Monit instance
-events, you can write (note that the noise words 'but' and 'on'
-are optional):
-
- check system myserver
- alert address@hidden but not on { instance }
- ...
-
-instead of:
-
- alert address@hidden on { action
- checksum
- content
- data
- exec
- gid
- icmp
- invalid
- fsflags
- nonexist
- permission
- pid
- ppid
- size
- timeout
- timestamp }
-
-This will send alerts for all events to address@hidden, except Monit
-instance events. An instance event BTW, is an event fired
-whenever the Monit program start or stop.
-
-Event filtering can be used to send an email to different email
-addresses depending on the events that occurred. For instance:
-
- alert address@hidden { nonexist, timeout, resource, icmp, connection }
- alert address@hidden on { checksum, permission, uid, gid }
- alert address@hidden
-
-This will send an alert message to address@hidden whenever a nonexist,
-timeout, resource or connection problem occurs and a message to
address@hidden if a checksum, permission, uid or gid problem
-occurs. And finally, a message to address@hidden whenever any error
-event occurs.
-
-Here is the list of events you can use in a mail-filter: I<uid,
-gid, size, nonexist, data, icmp, instance, invalid, exec,
-content, timeout, resource, checksum, fsflags, timestamp,
-connection, permission, pid, ppid, action>
-
-You can also disable the alerts localy using the NOALERT
-statement. This is useful if you have lots of services monitored
-and are using the global alert statement, but don't want to
-receive alerts for some minor subset of services:
-
- noalert address@hidden
-
-For example, if you stick the noalert statement in a 'check
-system' entry, you won't receive system related alerts (such as
-Monit instance started/stopped/reloaded alert, system overloaded
-alert, etc.) but will receive alerts for all other monitored
-services.
-
-The following example will alert address@hidden on all events on all
-services by default, except the service mybar which will send an
-alert only on timeout. The trick is based on the fact that local
-definition of the same recipient overrides the global setting
-(including registered events and mail format):
-
- set alert address@hidden
-
- check process myfoo with pidfile /var/run/myfoo.pid
- ...
- check process mybar with pidfile /var/run/mybar.pid
- alert address@hidden only on { timeout }
-
-=head2 Alert message layout
-
-Monit provides a default mail message layout that is short and to
-the point. Here's an example of a standard alert mail sent by
-monit:
-
- From: address@hidden
- Subject: Monit alert -- Does not exist apache
- To: address@hidden
- Date: Thu, 04 Sep 2003 02:33:03 +0200
-
- Does not exist Service apache
-
- Date: Thu, 04 Sep 2003 02:33:03 +0200
- Action: restart
- Host: www.tildeslash.com
-
- Your faithful employee,
- monit
-
-
-If you want to, you can change the format of this message with
-the optional I<mail-format> statement. The syntax for this
-statement is as follows:
-
- mail-format {
- from: address@hidden
- reply-to: address@hidden
- subject: $SERVICE $EVENT at $DATE
- message: Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION.
- Yours sincerely,
- monit
- }
-
-Where the keyword I<from:> is the email address Monit should
-pretend it is sending from. It does not have to be a real mail
-address, but it must be a proper formated mail address, on the
-form: address@hidden The I<reply-to:> keyword can be used to set
-the reply-to mail header. The keyword I<subject:> is for the
-email subject line. The subject must be on only I<one> line. The
-I<message:> keyword denotes the mail body. If used, this keyword
-should always be the last in a mail-format statement. The mail
-body can be as long as you want, but must B<not> contain the '}'
-character.
-
-All of these format keywords are optional, but if used, you must
-provide at least one. Thus if you only want to change the from
-address Monit is using you can do:
-
- set alert address@hidden with mail-format { from: address@hidden }
-
-From the previous example you will notice that some special $XXX
-variables were used. If used, they will be substituted and
-expanded into the text with these values:
-
-=over 4
-
-=item * I<$EVENT>
-
- A string describing the event that occurred. The values are
- fixed and are:
-
- Event: | Failure state: | Success state:
- -------------------------------------------------------------------
- ACTION | "Action done" | "Action done"
- CHECKSUM | "Checksum failed" | "Checksum succeeded"
- CONNECTION| "Connection failed" | "Connection succeeded"
- CONTENT | "Content failed", | "Content succeeded"
- DATA | "Data access error" | "Data access succeeded"
- EXEC | "Execution failed" | "Execution succeeded"
- FSFLAG | "Filesystem flags failed"| "Filesystem flags succeeded"
- GID | "GID failed" | "GID succeeded"
- ICMP | "ICMP failed" | "ICMP succeeded"
- INSTANCE | "Monit instance changed" | "Monit instance changed not"
- INVALID | "Invalid type" | "Type succeeded"
- NONEXIST | "Does not exist" | "Exists"
- PERMISSION| "Permission failed" | "Permission succeeded"
- PID | "PID failed" | "PID succeeded"
- PPID | "PPID failed" | "PPID succeeded"
- RESOURCE | "Resource limit matched" | "Resource limit succeeded"
- SIZE | "Size failed" | "Size succeeded"
- TIMEOUT | "Timeout" | "Timeout recovery"
- TIMESTAMP | "Timestamp failed" | "Timestamp succeeded"
- UID | "UID failed" | "UID succeeded"
-
-=item * I<$SERVICE>
-
- The service entry name in monitrc
-
-=item * I<$DATE>
-
- The current time and date (RFC 822 date style).
-
-=item * I<$HOST>
-
- The name of the host Monit is running on
-
-=item * I<$ACTION>
-
- The name of the action which was done. Action names are fixed
- and are:
-
- Action: | Name:
- --------------------
- ALERT | "alert"
- EXEC | "exec"
- RESTART | "restart"
- START | "start"
- STOP | "stop"
- UNMONITOR| "unmonitor"
-
-=item * I<$DESCRIPTION>
-
- The description of the error condition
-
-=back
-
-
-=head2 Setting a global mail format
-
-It is possible to set a standard mail format with the following
-global set-statement (keywords are in capital):
-
-=over 4
-
-=item SET MAIL-FORMAT {mail-format}
-
-=back
-
-Format set with this statement will apply to every alert
-statement that does I<not> have its own specified mail-format.
-This statement is most useful for setting a default from address
-for messages sent by monit, like so:
-
- set mail-format { from: address@hidden }
-
-
-=head2 Setting an error reminder
-
-Monit by default sends just one error notification if a service
-failed and another when it recovered. If you want to be notified
-more then once if a service remains in a failed state, you can
-use the reminder option to the alert statement (keywords are in
-capital):
-
-=over 4
-
-=item ALERT ... [WITH] REMINDER [ON] number [CYCLES]
-
-=back
-
-For example if you want to be notified each tenth cycle if a
-service remains in a failed state, you can use:
-
- alert address@hidden with reminder on 10 cycles
-
-Likewise if you want to be notified on each failed cycle, you can
-use:
-
- alert address@hidden with reminder on 1 cycle
-
-
-=head2 Setting a mail server for alert messages
-
-The mail server Monit should use to send alert messages is
-defined with a global set statement (keywords are in capital and
-optional statements in [brackets]):
-
- SET MAILSERVER {hostname|ip-address [PORT port]
- [USERNAME username] [PASSWORD password]
- [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum]}+
- [with TIMEOUT X SECONDS]
- [using HOSTNAME hostname]
-
-The port statement allows one to use SMTP servers other then those
-listening on port 25. If omitted, port 25 is used unless ssl or
-tls is used, in which case port 465 is used by default.
-
-Monit support plain smtp authentication - you can set a username
-and a password using the USERNAME and PASSWORD options.
-
-To use secure communication, use the SSLV2, SSLV3 or TLSV1
-options, you can also specify the server certificate checksum
-using CERTMD5 option.
-
-As you can see, it is possible to set several SMTP servers. If
-Monit cannot connect to the first server in the list it will try
-the second server and so on. Monit has a default 5 seconds
-connection timeout and if the SMTP server is slow, Monit could
-timeout when connecting or reading from the server. If this is
-the case, you can use the optional timeout statement to explicit
-set the timeout to a higher value if needed. Here is an example
-for setting several mail servers:
-
- set mailserver mail.tildeslash.com, mail.foo.bar port 10025
- username "Rabbi" password "Loewe" using tlsv1, localhost
- with timeout 15 seconds
-
-Here Monit will first try to connect to the server
-"mail.tildeslash.com", if this server is down Monit will try
-"mail.foo.bar" on port 10025 using the given credentials via tls
-and finally "localhost". We also set an explicit connect and read
-timeout; If Monit cannot connect to the first SMTP server in the
-list within 15 seconds it will try the next server and so on. The
-I<set mailserver ..> statement is optional and if not defined
-Monit will not send email alerts. Not setting a mail server is
-recommended only if alert notification is delegated to M/Monit.
-
-Monit, by default, use the local host name in SMTP HELO/EHLO and
-in the Message-ID header. Some mail servers check this
-information against DNS for spam protection and can reject the
-email if the DNS and the hostname used in the transaction does
-not match. If this is the case, you can override the default
-local host name by using the HOSTNAME option:
-
- set mailserver mail.tildeslash.com using hostname
- "myhost.example.org"
-
-
-=head2 Event queue
-
-If the MTA (mail server) for sending alerts is not available,
-Monit I<can> queue events on the local file-system until the MTA
-recover. Monit will then post queued events in order with their
-original timestamp so the events are not lost. This feature is
-most useful if Monit is used together with M/Monit and when event
-history is important.
-
-The event queue is persistent across monit restarts and provided
-that the back-end filesystem is persistent too, across system
-restart as well.
-
-By default, the queue is disabled and if the alert handler fails,
-Monit will simply drop the alert message. To enable the event
-queue, add the following statement to the Monit control file:
-
- SET EVENTQUEUE BASEDIR <path> [SLOTS <number>]
-
-The <path> is the path to the directory where events will be
-stored. Optionally if you want to limit the queue size, use the
-slots option to only store up to I<number> event messages. If the
-slots option is not used, Monit will store as many events as the
-backend filesystem allows.
-
-Example:
-
- set eventqueue
- basedir /var/monit
- slots 5000
-
-Events are stored in a binary format, with one file per event.
-The file size is ca. 130 bytes or a bit more (depending on the
-message length). The file name is composed of the unix timestamp,
-underscore and the service name, for example:
-
- /var/monit/1131269471_apache
-
-If you are running more then one Monit instance on the same
-machine, you B<must> use separated event queue directories to
-avoid sending wrong alerts to the wrong addresses.
-
-If you want to purge the queue by hand, that is, remove queued
-event-files, Monit should be stopped before the removal.
-
-
-=head1 SERVICE TIMEOUT
-
-B<monit> provides a service timeout mechanism for situations
-where a service simply refuses to start or respond over a longer
-period.
-
-The timeout mechanism is based on number if service restarts and
-number of poll-cycles. For example, if a service had I<x>
-restarts within I<y> poll-cycles (where I<x> <= I<y>) then Monit
-will perform an action (for example unmonitor the service). If a
-timeout occurs Monit will send an alert message if you have
-register interest for this event.
-
-The syntax for the timeout statement is as follows (keywords are
-in capital):
-
-=over 4
-
-=item IF <number> RESTART <number> CYCLE(S) THEN <action>
-
-=back
***The diff for this file has been truncated for email.***
=======================================
--- /trunk/monitor.c Mon May 30 06:02:52 2011
+++ /dev/null
@@ -1,790 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#include <config.h>
-#include <locale.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-
-#include "monitor.h"
-#include "net.h"
-#include "ssl.h"
-#include "process.h"
-#include "md5.h"
-#include "sha.h"
-#include "state.h"
-#include "event.h"
-
-
-/**
- * DESCRIPTION
- * monit - system for monitoring services on a Unix system
- *
- * SYNOPSIS
- * monit [options] {arguments}
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala <address@hidden>
- * @author Christian Hopp, <address@hidden>
- *
- * @file
- */
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static void do_init(); /* Initialize this
application */
-static void do_reinit(); /* Re-initialize the runtime
application */
-static void do_action(char **); /* Dispatch to the submitted
action */
-static void do_exit(); /* Finalize
monit */
-static void do_default(); /* Do default
action */
-static void handle_options(int, char **); /* Handle program
options */
-static void help(); /* Print program help message to
stdout */
-static void version(); /* Print version
information */
-static void *heartbeat(void *args); /* M/Monit heartbeat
thread */
-static RETSIGTYPE do_reload(int); /* Signalhandler for a daemon
reload */
-static RETSIGTYPE do_destroy(int); /* Signalhandler for monit
finalization */
-static RETSIGTYPE do_wakeup(int); /* Signalhandler for a daemon wakeup
call */
-
-
-/* ------------------------------------------------------------------
Global */
-
-
-char *prog; /**< The Name of this
Program */
-struct myrun Run; /**< Struct holding runtime
constants */
-Service_T servicelist; /**< The service list (created in
p.y) */
-Service_T servicelist_conf; /**< The service list in conf file (c. in
p.y) */
-ServiceGroup_T servicegrouplist;/**< The service group list (created in
p.y) */
-SystemInfo_T systeminfo; /**< System
infomation */
-
-pthread_t heartbeatThread; /**< M/Monit heartbeat
thread */
-pthread_cond_t heartbeatCond; /**< Hearbeat wakeup
condition */
-pthread_mutex_t heartbeatMutex; /**< Hearbeat
mutex */
-static volatile int heartbeatRunning = FALSE; /**< Heartbeat thread
flag */
-
-int ptreesize = 0;
-int oldptreesize = 0;
-ProcessTree_T *ptree = NULL;
-ProcessTree_T *oldptree = NULL;
-
-char actionnames[][STRLEN] =
{"ignore", "alert", "restart", "stop", "exec", "unmonitor", "start", "monitor", ""};
-char modenames[][STRLEN] = {"active", "passive", "manual"};
-char checksumnames[][STRLEN] = {"UNKNOWN", "MD5", "SHA1"};
-char operatornames[][STRLEN] = {"greater than", "less than", "equal
to", "not equal to"};
-char operatorshortnames[][3] = {">", "<", "=", "!="};
-char monitornames[][STRLEN] = {"not
monitored", "monitored", "initializing"};
-char statusnames[][STRLEN] =
{"accessible", "accessible", "accessible", "running", "online with all
services", "running", "accessible"};
-char servicetypes[][STRLEN] =
{"Filesystem", "Directory", "File", "Process", "Remote
Host", "System", "Fifo"};
-char pathnames[][STRLEN] = {"Path", "Path", "Path", "Pid
file", "Path", "", "Path"};
-char icmpnames[19][STRLEN] = {"Echo Reply", "", "", "Destination
Unreachable", "Source Quench", "Redirect", "", "", "Echo
Request", "", "", "Time Exceeded", "Parameter Problem", "Timestamp
Request", "Timestamp Reply", "Information Request", "Information
Reply", "Address Mask Request", "Address Mask Reply"};
-char sslnames[][STRLEN] = {"auto", "v2", "v3", "tls"};
-
-
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * The Prime mover
- */
-int main(int argc, char **argv) {
- setlocale(LC_ALL, "C");
- prog = Util_basename(argv[0]);
- init_env();
- handle_options(argc, argv);
-
- do_init();
- do_action(argv);
- do_exit();
-
- return 0;
-}
-
-
-/**
- * Wakeup a sleeping monit daemon.
- * Returns TRUE on success otherwise FALSE
- */
-int do_wakeupcall() {
- pid_t pid;
-
- if ((pid = exist_daemon()) > 0) {
- kill(pid, SIGUSR1);
- LogInfo("%s daemon at %d awakened\n", prog, pid);
-
- return TRUE;
- }
-
- return FALSE;
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/**
- * Initialize this application - Register signal handlers,
- * Parse the control file and initialize the program's
- * datastructures and the log system.
- */
-static void do_init() {
-
- int status;
-
- /*
- * Register interest for the SIGTERM signal,
- * in case we run in daemon mode this signal
- * will terminate a running daemon.
- */
- signal(SIGTERM, do_destroy);
-
- /*
- * Register interest for the SIGUSER1 signal,
- * in case we run in daemon mode this signal
- * will wakeup a sleeping daemon.
- */
- signal(SIGUSR1, do_wakeup);
-
- /*
- * Register interest for the SIGINT signal,
- * in case we run as a server but not as a daemon
- * we need to catch this signal if the user pressed
- * CTRL^C in the terminal
- */
- signal(SIGINT, do_destroy);
-
- /*
- * Register interest for the SIGHUP signal,
- * in case we run in daemon mode this signal
- * will reload the configuration.
- */
- signal(SIGHUP, do_reload);
-
- /*
- * Register no interest for the SIGPIPE signal,
- */
- signal(SIGPIPE, SIG_IGN);
-
- /*
- * Initialize the random number generator
- */
- srandom(time(NULL) + getpid());
-
- /*
- * Initialize the Runtime mutex. This mutex
- * is used to synchronize handling of global
- * service data
- */
- status = pthread_mutex_init(&Run.mutex, NULL);
- if (status != 0) {
- LogError("%s: Cannot initialize mutex -- %s\n", prog,
strerror(status));
- exit(1);
- }
-
- /*
- * Initialize heartbeat mutex and condition
- */
- status = pthread_mutex_init(&heartbeatMutex, NULL);
- if (status != 0) {
- LogError("%s: Cannot initialize heartbeat mutex -- %s\n", prog,
strerror(status));
- exit(1);
- }
- status = pthread_cond_init(&heartbeatCond, NULL);
- if (status != 0) {
- LogError("%s: Cannot initialize heartbeat condition -- %s\n", prog,
strerror(status));
- exit(1);
- }
-
- /*
- * Get the position of the control file
- */
- if (! Run.controlfile)
- Run.controlfile = File_findControlFile();
-
- /*
- * Initialize the process information gathering interface
- */
- Run.doprocess = init_process_info();
-
- /*
- * Start the Parser and create the service list. This will also set
- * any Runtime constants defined in the controlfile.
- */
- if (! parse(Run.controlfile))
- exit(1);
-
- /*
- * Stop and report success if we are just validating the Control
- * file syntax. The previous parse statement exits the program with
- * an error message if a syntax error is present in the control
- * file.
- */
- if (Run.testing) {
- LogInfo("Control file syntax OK\n");
- exit(0);
- }
-
- /*
- * Initialize the log system
- */
- if (! log_init())
- exit(1);
-
- /*
- * Did we find any service ?
- */
- if (! servicelist) {
- LogError("%s: No services has been specified\n", prog);
- exit(0);
- }
-
- /*
- * Initialize Runtime file variables
- */
- File_init();
-
- /*
- * Should we print debug information ?
- */
- if (Run.debug) {
- Util_printRunList();
- Util_printServiceList();
- }
-}
-
-
-/**
- * Re-Initialize the application - called if a
- * monit daemon receives the SIGHUP signal.
- */
-static void do_reinit() {
- int status;
-
- LogInfo("Awakened by the SIGHUP signal\n");
- LogInfo("Reinitializing %s - Control file '%s'\n", prog,
Run.controlfile);
-
- if(Run.mmonits && heartbeatRunning) {
- if ((status = pthread_cond_signal(&heartbeatCond)) != 0)
- LogError("%s: Failed to signal the heartbeat thread -- %s\n", prog,
strerror(status));
- if ((status = pthread_join(heartbeatThread, NULL)) != 0)
- LogError("%s: Failed to stop the heartbeat thread -- %s\n", prog,
strerror(status));
- heartbeatRunning = FALSE;
- }
-
- Run.doreload = FALSE;
-
- /* Stop http interface */
- if (Run.dohttpd)
- monit_http(STOP_HTTP);
-
- /* Save the current state (no changes are possible now
- since the http thread is stopped) */
- State_save();
-
- /* Run the garbage collector */
- gc();
-
- if (! parse(Run.controlfile)) {
- LogError("%s daemon died\n", prog);
- exit(1);
- }
-
- /* Close the current log */
- log_close();
-
- /* Reinstall the log system */
- if (! log_init())
- exit(1);
-
- /* Did we find any services ? */
- if (! servicelist) {
- LogError("%s: No services has been specified\n", prog);
- exit(0);
- }
-
- /* Reinitialize Runtime file variables */
- File_init();
-
- if (! File_createPidFile(Run.pidfile)) {
- LogError("%s daemon died\n", prog);
- exit(1);
- }
-
- /* Update service data from the state repository */
- State_update();
-
- /* Start http interface */
- if (can_http())
- monit_http(START_HTTP);
-
- /* send the monit startup notification */
- Event_post(Run.system, Event_Instance, STATE_CHANGED,
Run.system->action_MONIT_RELOAD, "Monit reloaded");
-
- if(Run.mmonits && ((status = pthread_create(&heartbeatThread, NULL,
heartbeat, NULL)) != 0))
- LogError("%s: Failed to create the heartbeat thread -- %s\n", prog,
strerror(status));
- else
- heartbeatRunning = TRUE;
-}
-
-
-/**
- * Dispatch to the submitted action - actions are program arguments
- */
-static void do_action(char **args) {
- char *action = args[optind];
- char *service = args[++optind];
-
- Run.once = TRUE;
-
- if (! action) {
- do_default();
- } else if (IS(action, "start") ||
- IS(action, "stop") ||
- IS(action, "monitor") ||
- IS(action, "unmonitor") ||
- IS(action, "restart")) {
- if (Run.mygroup || service) {
- int errors = 0;
- int (*_control_service)(const char *, const char *) =
exist_daemon() ? control_service_daemon : control_service_string;
-
- if (Run.mygroup) {
- ServiceGroup_T sg = NULL;
-
- for (sg = servicegrouplist; sg; sg = sg->next) {
- if (! strcasecmp(Run.mygroup, sg->name)) {
- ServiceGroupMember_T sgm = NULL;
-
- for (sgm = sg->members; sgm; sgm = sgm->next)
- if (! _control_service(sgm->name, action))
- errors++;
-
- break;
- }
- }
- } else if (IS(service, "all")) {
- Service_T s = NULL;
-
- for (s = servicelist; s; s = s->next) {
- if (s->visited)
- continue;
- if (! _control_service(s->name, action))
- errors++;
- }
- } else {
- errors = _control_service(service, action) ? 0 : 1;
- }
- if (errors)
- exit(1);
- } else {
- LogError("%s: please specify the configured service name or 'all'
after %s\n", prog, action);
- exit(1);
- }
- } else if (IS(action, "reload")) {
- LogInfo("Reinitializing monit daemon\n", prog);
- kill_daemon(SIGHUP);
- } else if (IS(action, "status")) {
- status(LEVEL_NAME_FULL);
- } else if (IS(action, "summary")) {
- status(LEVEL_NAME_SUMMARY);
- } else if (IS(action, "procmatch")) {
- if (! service) {
- printf("Invalid syntax - usage: procmatch \"<pattern>\"\n");
- exit(1);
- }
- process_testmatch(service);
- } else if (IS(action, "quit")) {
- kill_daemon(SIGTERM);
- } else if (IS(action, "validate")) {
- if (! validate())
- exit(1);
- } else {
- LogError("%s: invalid argument -- %s (-h will show valid
arguments)\n", prog, action);
- exit(1);
- }
-}
-
-
-/**
- * Finalize monit
- */
-static void do_exit() {
- int status;
- sigset_t ns;
-
- set_signal_block(&ns, NULL);
- Run.stopped = TRUE;
- if (Run.isdaemon && !Run.once) {
- if (can_http())
- monit_http(STOP_HTTP);
-
- if(Run.mmonits && heartbeatRunning) {
- if ((status = pthread_cond_signal(&heartbeatCond)) != 0)
- LogError("%s: Failed to signal the heartbeat thread -- %s\n",
prog, strerror(status));
- if ((status = pthread_join(heartbeatThread, NULL)) != 0)
- LogError("%s: Failed to stop the heartbeat thread -- %s\n", prog,
strerror(status));
- heartbeatRunning = FALSE;
- }
-
- LogInfo("%s daemon with pid [%d] killed\n", prog, (int)getpid());
-
- /* send the monit stop notification */
- Event_post(Run.system, Event_Instance, STATE_CHANGED,
Run.system->action_MONIT_STOP, "Monit stopped");
- }
- gc();
- exit(0);
-}
-
-
-/**
- * Default action - become a daemon if defined in the Run object and
- * run validate() between sleeps. If not, just run validate() once.
- * Also, if specified, start the monit http server if in deamon mode.
- */
-static void do_default() {
- int status;
-
- if (Run.isdaemon) {
- if (do_wakeupcall())
- exit(0);
-
- Run.once = FALSE;
- if (can_http())
- LogInfo("Starting %s daemon with http interface at [%s:%d]\n", prog,
Run.bind_addr?Run.bind_addr:"*", Run.httpdport);
- else
- LogInfo("Starting %s daemon\n", prog);
-
- if (Run.startdelay)
- LogInfo("Monit start delay set -- pause for %ds\n",
Run.startdelay);
-
- if (Run.init != TRUE)
- daemonize();
- else if (! Run.debug)
- Util_redirectStdFds();
-
- if (! File_createPidFile(Run.pidfile)) {
- LogError("%s daemon died\n", prog);
- exit(1);
- }
-
- if (State_shouldUpdate())
- State_update();
-
- atexit(File_finalize);
-
- if (Run.startdelay) {
- time_t now = time(NULL);
- time_t delay = now + Run.startdelay;
-
- /* sleep can be interrupted by signal => make sure we paused long
enough */
- while (now < delay) {
- sleep(delay - now);
- if (Run.stopped)
- do_exit();
- now = time(NULL);
- }
- }
-
- if (can_http())
- monit_http(START_HTTP);
-
- /* send the monit startup notification */
- Event_post(Run.system, Event_Instance, STATE_CHANGED,
Run.system->action_MONIT_START, "Monit started");
-
- if(Run.mmonits && ((status = pthread_create(&heartbeatThread, NULL,
heartbeat, NULL)) != 0))
- LogError("%s: Failed to create the heartbeat thread -- %s\n", prog,
strerror(status));
- else
- heartbeatRunning = TRUE;
-
- while (TRUE) {
- validate();
- State_save();
-
- /* In the case that there is no pending action then sleep */
- if (!Run.doaction)
- sleep(Run.polltime);
-
- if (Run.dowakeup) {
- Run.dowakeup = FALSE;
- LogInfo("Awakened by User defined signal 1\n");
- }
-
- if (Run.stopped)
- do_exit();
- else if (Run.doreload)
- do_reinit();
- }
- } else {
- validate();
- }
-}
-
-
-/**
- * Handle program options - Options set from the commandline
- * takes precedence over those found in the control file
- */
-static void handle_options(int argc, char **argv) {
- int opt;
- opterr = 0;
- Run.mygroup = NULL;
-
- while ((opt = getopt(argc,argv,"c:d:g:l:p:s:iItvVhH")) != -1) {
-
- switch(opt) {
-
- case 'c':
- Run.controlfile = xstrdup(optarg);
- break;
-
- case 'd':
- Run.isdaemon = TRUE;
- sscanf(optarg, "%d", &Run.polltime);
- if (Run.polltime<1) {
- LogError("%s: option -%c requires a natural number\n", prog, opt);
- exit(1);
- }
- break;
-
- case 'g':
- Run.mygroup = xstrdup(optarg);
- break;
-
- case 'l':
- Run.logfile = xstrdup(optarg);
- if (IS(Run.logfile, "syslog"))
- Run.use_syslog = TRUE;
- Run.dolog = TRUE;
- break;
-
- case 'p':
- Run.pidfile = xstrdup(optarg);
- break;
-
- case 's':
- Run.statefile = xstrdup(optarg);
- break;
-
- case 'I':
- Run.init = TRUE;
- break;
-
- case 't':
- Run.testing = TRUE;
- break;
-
- case 'v':
- Run.debug++;
- break;
-
- case 'H':
- if (argc > optind)
- Util_printHash(argv[optind]);
- else
- Util_printHash(NULL);
-
- exit(0);
- break;
-
- case 'V':
- version();
- exit(0);
- break;
-
- case 'h':
- help();
- exit(0);
- break;
-
- case '?':
- switch(optopt) {
-
- case 'c':
- case 'd':
- case 'g':
- case 'l':
- case 'p':
- case 's':
- LogError("%s: option -- %c requires an argument\n", prog, optopt);
- break;
- default:
- LogError("%s: invalid option -- %c (-h will show valid options)\n",
prog, optopt);
-
- }
-
- exit(1);
-
- }
-
- }
-
-}
-
-
-/**
- * Print the program's help message
- */
-static void help() {
- printf("Usage: %s [options] {arguments}\n", prog);
- printf("Options are as follows:\n");
- printf(" -c file Use this control file\n");
- printf(" -d n Run as a daemon once per n seconds\n");
- printf(" -g name Set group name for start, stop, restart, monitor
and unmonitor\n");
- printf(" -l logfile Print log information to this file\n");
- printf(" -p pidfile Use this lock file in daemon mode\n");
- printf(" -s statefile Set the file monit should write state information
to\n");
- printf(" -I Do not run in background (needed for run from
init)\n");
- printf(" -t Run syntax check for the control file\n");
- printf(" -v Verbose mode, work noisy (diagnostic output)\n");
- printf(" -vv Very verbose mode, same as -v plus log stacktrace
on error\n");
- printf(" -H [filename] Print SHA1 and MD5 hashes of the file or of stdin
if the\n");
- printf(" filename is omited; monit will exit
afterwards\n");
- printf(" -V Print version number and patchlevel\n");
- printf(" -h Print this text\n");
- printf("Optional action arguments for non-daemon mode are as
follows:\n");
- printf(" start all - Start all services\n");
- printf(" start name - Only start the named service\n");
- printf(" stop all - Stop all services\n");
- printf(" stop name - Only stop the named service\n");
- printf(" restart all - Stop and start all services\n");
- printf(" restart name - Only restart the named service\n");
- printf(" monitor all - Enable monitoring of all services\n");
- printf(" monitor name - Only enable monitoring of the named
service\n");
- printf(" unmonitor all - Disable monitoring of all services\n");
- printf(" unmonitor name - Only disable monitoring of the named
service\n");
- printf(" reload - Reinitialize monit\n");
- printf(" status - Print full status information for each
service\n");
- printf(" summary - Print short status information for each
service\n");
- printf(" quit - Kill monit daemon process\n");
- printf(" validate - Check all services and start if not
running\n");
- printf(" procmatch <pattern> - Test process matching pattern\n");
- printf("\n");
- printf("(Action arguments operate on services defined in the control
file)\n");
-}
-
-/**
- * Print version information
- */
-static void version() {
- printf("This is Monit version " VERSION "\n");
- printf("Copyright (C) 2000-2011 Tildeslash Ltd.");
- printf(" All Rights Reserved.\n");
-}
-
-
-/**
- * M/Monit heartbeat thread
- */
-static void *heartbeat(void *args) {
- sigset_t ns;
- struct timespec wait;
-
- set_signal_block(&ns, NULL);
- LogInfo("M/Monit heartbeat started\n");
- LOCK(heartbeatMutex)
- {
- while (! Run.stopped && ! Run.doreload) {
- if (handle_mmonit(NULL) == HANDLER_SUCCEEDED)
- wait.tv_sec = time(NULL) + Run.polltime;
- else
- wait.tv_sec = time(NULL) + 1;
- wait.tv_nsec = 0;
- pthread_cond_timedwait(&heartbeatCond, &heartbeatMutex, &wait);
- }
- }
- END_LOCK;
- LogInfo("M/Monit heartbeat stopped\n");
- return NULL;
-}
-
-
-/**
- * Signalhandler for a daemon reload call
- */
-static RETSIGTYPE do_reload(int sig) {
- Run.doreload = TRUE;
-}
-
-
-/**
- * Signalhandler for monit finalization
- */
-static RETSIGTYPE do_destroy(int sig) {
- Run.stopped = TRUE;
-}
-
-
-/**
- * Signalhandler for a daemon wakeup call
- */
-static RETSIGTYPE do_wakeup(int sig) {
- Run.dowakeup = TRUE;
-}
-
=======================================
--- /trunk/monitor.h Thu Jun 9 05:56:06 2011
+++ /dev/null
@@ -1,982 +0,0 @@
-/*
- * Copyright (C) 2000-2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#ifndef MONITOR_H
-#define MONITOR_H
-
-#include <config.h>
-#include <assert.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#ifdef HAVE_PTHREAD_H
-#include <pthread.h>
-#endif
-
-#ifdef HAVE_STDARG_H
-#include <stdarg.h>
-#endif
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_REGEX_H
-#include <regex.h>
-#endif
-
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
-#ifdef HAVE_SYS_UTSNAME_H
-#include <sys/utsname.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#include "ssl.h"
-#include "socket.h"
-
-
-#define VERSION PACKAGE_VERSION
-#define MONITRC "monitrc"
-#define TIMEFORMAT "%Z %b %e %T"
-#define STRERROR strerror(errno)
-#define STRLEN 256
-#ifndef USEC_PER_SEC
-#define USEC_PER_SEC 1000000L
-#endif
-#define USEC_PER_MSEC 1000L
-
-#define ARGMAX 64
-#define HTTP_CONTENT_MAX (1024*1000)
-/* Set event queue directory mode: "drwx------" */
-#define QUEUEMASK 0077
-/* Set file mode: "drw-------" */
-#define PRIVATEMASK 0177
-/* Set log file mode: "-rw-r-----" */
-#define LOGMASK 0137
-/* Set pid file mode: "-rw-r--r--" */
-#define MYPIDMASK 0122
-#define MYPIDDIR PIDDIR
-#define MYPIDFILE "monit.pid"
-#define MYSTATEFILE "monit.state"
-#define MYIDFILE "monit.id"
-#define MYEVENTLISTBASE "/var/monit"
-
-#define LOCALHOST "localhost"
-
-#define PORT_SMTP 25
-#define PORT_SMTPS 465
-#define PORT_HTTP 80
-#define PORT_HTTPS 443
-
-#define SSL_TIMEOUT 15
-
-#define START_DELAY 0
-#define EXEC_TIMEOUT 30
-
-#define START_HTTP 1
-#define STOP_HTTP 2
-
-#define TRUE 1
-#define FALSE 0
-
-#define MONITOR_NOT 0
-#define MONITOR_YES 1
-#define MONITOR_INIT 2
-
-#define STATE_SUCCEEDED 0
-#define STATE_FAILED 1
-#define STATE_CHANGED 2
-#define STATE_CHANGEDNOT 3
-#define STATE_INIT 4
-
-#define MODE_ACTIVE 0
-#define MODE_PASSIVE 1
-#define MODE_MANUAL 2
-
-#define OPERATOR_GREATER 0
-#define OPERATOR_LESS 1
-#define OPERATOR_EQUAL 2
-#define OPERATOR_NOTEQUAL 3
-
-#define TIME_SECOND 1
-#define TIME_MINUTE 60
-#define TIME_HOUR 3600
-#define TIME_DAY 86400
-
-#define ACTION_IGNORE 0
-#define ACTION_ALERT 1
-#define ACTION_RESTART 2
-#define ACTION_STOP 3
-#define ACTION_EXEC 4
-#define ACTION_UNMONITOR 5
-#define ACTION_START 6
-#define ACTION_MONITOR 7
-
-#define TYPE_FILESYSTEM 0
-#define TYPE_DIRECTORY 1
-#define TYPE_FILE 2
-#define TYPE_PROCESS 3
-#define TYPE_HOST 4
-#define TYPE_SYSTEM 5
-#define TYPE_FIFO 6
-#define TYPE_STATUS 7
-
-#define RESOURCE_ID_CPU_PERCENT 1
-#define RESOURCE_ID_MEM_PERCENT 2
-#define RESOURCE_ID_MEM_KBYTE 3
-#define RESOURCE_ID_LOAD1 4
-#define RESOURCE_ID_LOAD5 5
-#define RESOURCE_ID_LOAD15 6
-#define RESOURCE_ID_CHILDREN 7
-#define RESOURCE_ID_TOTAL_MEM_KBYTE 8
-#define RESOURCE_ID_TOTAL_MEM_PERCENT 9
-#define RESOURCE_ID_INODE 10
-#define RESOURCE_ID_SPACE 11
-#define RESOURCE_ID_CPUUSER 12
-#define RESOURCE_ID_CPUSYSTEM 13
-#define RESOURCE_ID_CPUWAIT 14
-#define RESOURCE_ID_TOTAL_CPU_PERCENT 15
-#define RESOURCE_ID_SWAP_PERCENT 16
-#define RESOURCE_ID_SWAP_KBYTE 17
-
-#define DIGEST_CLEARTEXT 1
-#define DIGEST_CRYPT 2
-#define DIGEST_MD5 3
-#define DIGEST_PAM 4
-
-#define UNIT_BYTE 1
-#define UNIT_KILOBYTE 1024
-#define UNIT_MEGABYTE 1048580
-#define UNIT_GIGABYTE 1073740000
-
-#define HASH_UNKNOWN 0
-#define HASH_MD5 1
-#define HASH_SHA1 2
-#define DEFAULT_HASH HASH_MD5
-/* Length of the longest message digest in bytes */
-#define MD_SIZE 65
-
-#define PROTOCOL_NULL 0
-#define PROTOCOL_HTTP 1
-#define PROTOCOL_HTTPS 2
-
-#define LEVEL_FULL 0
-#define LEVEL_SUMMARY 1
-
-#define LEVEL_NAME_FULL "full"
-#define LEVEL_NAME_SUMMARY "summary"
-
-#define HANDLER_SUCCEEDED 0x0
-#define HANDLER_ALERT 0x1
-#define HANDLER_MMONIT 0x2
-#define HANDLER_MAX HANDLER_MMONIT
-
-#define ICMP_ATTEMPT_COUNT 3
-
-
-/** ------------------------------------------------- Special purpose
macros */
-
-
-/* Replace the standard signal function with a more reliable using
- * sigaction. Taken from Stevens APUE book. */
-typedef void Sigfunc(int);
-Sigfunc *signal(int signo, Sigfunc * func);
-#if defined(SIG_IGN) && !defined(SIG_ERR)
-#define SIG_ERR ((Sigfunc *)-1)
-#endif
-
-
-/** ------------------------------------------------- General purpose
macros */
-
-
-#undef MAX
-#define MAX(x,y) ((x) > (y) ? (x) : (y))
-#undef MIN
-#define MIN(x,y) ((x) < (y) ? (x) : (y))
-#define IS(a,b) ((a&&b)?!strcasecmp(a, b):0)
-#define DEBUG if(Run.debug) LogDebug
-#define FLAG(x, y) (x & y) == y
-#define NVLSTR(x) (x?x:"")
-
-
-/** ------------------------------------------------- Synchronization
macros */
-
-
-#define LOCK(mutex) do { pthread_mutex_t *_yymutex = &(mutex); \
- assert(pthread_mutex_lock(_yymutex)==0);
-#define END_LOCK assert(pthread_mutex_unlock(_yymutex)==0); } while (0)
-
-
-/** ---------------------------------- Object Constructor/"Destructor"
macro */
-
-
-#define NEW(p) ((p)= xcalloc(1, (long)sizeof *(p)))
-#define FREE(p) ((void)(free(p), (p)= 0))
-
-
-/** ------------------------------------------ Simple Assert Exception
macro */
-
-
-#define ASSERT(e) do { if(!(e)) { LogCritical("AssertException: " #e \
- " at %s:%d\naborting..\n", __FILE__, __LINE__); abort(); } }
while(0)
-
-
-/* --------------------------------------------------------- Data
structures */
-
-
-/** Message Digest type with size for the longest digest we will compute */
-typedef char MD_T[MD_SIZE];
-
-
-/** Defines an string buffer object */
-typedef struct mybuffer {
- char *buf; /**< String
buffer */
- size_t bufsize; /**< String buffer
size */
- size_t bufused; /**< String buffer
usage */
-} Buffer_T;
-
-
-/**
- * Defines a Command with ARGMAX optional arguments. The arguments
- * array must be NULL terminated and the first entry is the program
- * itself. In addition, a user and group may be set for the Command
- * which means that the Command should run as a certain user and with
- * certain group.
- */
-typedef struct mycommand {
- char *arg[ARGMAX]; /**< Program with
arguments */
- int length; /**< The length of the arguments
array */
- int has_uid; /**< TRUE if a new uid is defined for this
Command */
- uid_t uid; /**< The user id to switch to when running this
Command */
- int has_gid; /**< TRUE if a new gid is defined for this
Command */
- gid_t gid; /**< The group id to switch to when running this
Command */
- unsigned timeout; /**< Max seconds which we wait for method to
execute */
-} *Command_T;
-
-
-/** Defines an event action object */
-typedef struct myaction {
- int id; /**< Action to be
done */
- Command_T exec; /**< Optional command to be
executed */
- unsigned count; /**< Event count needed to trigger the
action */
- unsigned cycles; /**< Cycles during which count limit can be
reached */
-} *Action_T;
-
-
-/** Defines event's up and down actions */
-typedef struct myeventaction {
- Action_T failed; /**< Action in the case of failure
down */
- Action_T succeeded; /**< Action in the case of
failure up */
-} *EventAction_T;
-
-
-/** Defines an url object */
-typedef struct myurl {
- char *url; /**< Full
URL */
- char *protocol; /**< URL protocol
type */
- char *user; /**< URL user
part */
- char *password; /**< URL password
part */
- char *hostname; /**< URL hostname
part */
- int port; /**< URL port
part */
- char *path; /**< URL path
part */
- char *query; /**< URL query
part */
-} *URL_T;
-
-
-/** Defines a HTTP client request object */
-typedef struct myrequest {
- URL_T url; /**< URL
request */
- int operator; /**< Response content comparison
operator */
-#ifdef HAVE_REGEX_H
- regex_t *regex; /* regex used to test the response
body */
-#else
- char *regex; /* string to search for in the response
body */
-#endif
-} *Request_T;
-
-
-/** Defines an event notification and status receiver object */
-typedef struct mymmonit {
- URL_T url; /**< URL
definition */
- Ssl_T ssl; /**< SSL
definition */
- int timeout; /**< The timeout to wait for connection or
i/o */
-
- /** For internal use */
- struct mymmonit *next; /**< next receiver in
chain */
-} *Mmonit_T;
-
-
-/** Defines a mailinglist object */
-typedef struct mymail {
- char *to; /**< Mail address for alert
notification */
- char *from; /**< The mail from
address */
- char *replyto; /**< Optional reply-to
address */
- char *subject; /**< The mail
subject */
- char *message; /**< The mail
message */
- unsigned int events; /*< Events for which this mail object should be
sent */
- unsigned int reminder; /*< Send error reminder each Xth
cycle */
-
- /** For internal use */
- struct mymail *next; /**< next recipient in
chain */
-} *Mail_T;
-
-
-/** Defines a mail server address */
-typedef struct mymailserver {
- char *host; /**< Server host address, may be a IP or a hostname
string */
- int port; /**< Server
port */
- char *username; /** < Username for
SMTP_AUTH */
- char *password; /** < Password for
SMTP_AUTH */
- Ssl_T ssl; /**< SSL
definition */
-
- /** For internal use */
- struct mymailserver *next; /**< Next server to try on connect
error */
-} *MailServer_T;
-
-
-typedef struct myauthentication {
- char *uname; /**< User allowed to connect to monit
httpd */
- char *passwd; /**< The users password
data */
- char *groupname; /**< PAM group
name */
- int digesttype; /**< How did we store the
password */
- int is_readonly; /**< TRUE if this is a read-only authenticated
user*/
- struct myauthentication *next; /**< Next credential or NULL if
last */
-} *Auth_T;
-
-
-/** Defines process tree - data storage backend*/
-typedef struct myprocesstree {
- int pid;
- int ppid;
- int status_flag;
- time_t starttime;
- char *cmdline;
-
- int visited;
- int children_num;
- int children_sum;
- int cpu_percent;
- int cpu_percent_sum;
- unsigned long mem_kbyte;
- unsigned long mem_kbyte_sum;
-
- /** For internal use */
- double time; /**< 1/10
seconds */
- double time_prev; /**< 1/10
seconds */
- long cputime; /**< 1/10
seconds */
- long cputime_prev; /**< 1/10
seconds */
-
- int parent;
- int *children;
-} ProcessTree_T;
-
-
-/** Defines data for systemwide statistic */
-typedef struct mysysteminfo {
- struct timeval collected; /**< When were data
collected */
- int cpus; /**< Number of
CPUs */
- double loadavg[3]; /**< Load average
triple */
- unsigned long mem_kbyte_max; /**< Maximal system real
memory */
- unsigned long swap_kbyte_max; /**< Swap
size */
- unsigned long total_mem_kbyte; /**< Total real memory in use in the
system */
- unsigned long total_swap_kbyte; /**< Total swap in use in the
system */
- int total_mem_percent; /**< Total real memory in use in the
system */
- int total_swap_percent; /**< Total swap in use in the
system */
- int total_cpu_user_percent; /**< Total CPU in use in user space
(pct.)*/
- int total_cpu_syst_percent; /**< Total CPU in use in kernel space
(pct.)*/
- int total_cpu_wait_percent; /**< Total CPU in use in waiting
(pct.)*/
- struct utsname uname; /**< Platform information provided by
uname() */
-} SystemInfo_T;
-
-
-/** Defines a protocol object with protocol functions */
-typedef struct myprotocol {
- const char *name; /**< Protocol
name */
- int(*check)(Socket_T); /**< Protocol verification
function */
-} *Protocol_T;
-
-
-/** Defines a send/expect object used for generic protocol tests */
-typedef struct mygenericproto {
- char *send; /* string to send, or NULL if
expect */
-#ifdef HAVE_REGEX_H
- regex_t *expect; /* regex code to expect, or NULL if
send */
-#else
- char *expect; /* string to expect, or NULL if
send */
-#endif
- /** For internal use */
- struct mygenericproto *next;
-} *Generic_T;
-
-/** Defines a port object */
-typedef struct myport {
- volatile int socket; /**< Socket used for
connection */
- int type; /**< Socket type used for connection
(UDP/TCP) */
- int family; /**< Socket family used for connection
(INET/UNIX) */
- char *hostname; /**< Hostname to
check */
- int port; /**<
Portnumber */
- char *request; /**< Specific protocol
request */
- char *request_checksum; /**< The optional checksum for a req.
document */
- char *request_hostheader; /**< The optional Host: header to
use */
- int request_hashtype; /**< The optional type of hash for a req.
document */
- char *pathname; /**< Pathname, in case of an UNIX
socket */
- int maxforward; /**< Optional max forward for protocol
checking */
- Generic_T generic; /**< Generic test
handle */
- int timeout; /**< The timeout in seconds to wait for connect or read
i/o */
- int is_available; /**< TRUE if the server/port is
available */
- double response; /**< Socket connection response
time */
- EventAction_T action; /**< Description of the action upon event
occurence */
- /** Apache-status specific parameters */
- struct apache_status {
- int loglimit; /**< Max percentatge of logging
processes */
- int loglimitOP; /**< loglimit
operator */
- int closelimit; /**< Max percentatge of closinging
processes */
- int closelimitOP; /**< closelimit
operator */
- int dnslimit; /**< Max percentatge of processes doing DNS
lookup */
- int dnslimitOP; /**< dnslimit
operator */
- int keepalivelimit; /**< Max percentatge of keepalive
processes */
- int keepalivelimitOP; /**< keepalivelimit
operator */
- int replylimit; /**< Max percentatge of replying
processes */
- int replylimitOP; /**< replylimit
operator */
- int requestlimit; /**< Max percentatge of processes reading
requests */
- int requestlimitOP; /**< requestlimit
operator */
- int startlimit; /**< Max percentatge of processes starting
up */
- int startlimitOP; /**< startlimit
operator */
- int waitlimit; /**< Min percentatge of processes waiting for
connection */
- int waitlimitOP; /**< waitlimit
operator */
- int gracefullimit;/**< Max percentatge of processes gracefully
finishing */
- int gracefullimitOP; /**< gracefullimit
operator */
- int cleanuplimit; /**< Max percentatge of processes in idle
cleanup */
- int cleanuplimitOP; /**< cleanuplimit
operator */
- } ApacheStatus;
-
- Ssl_T SSL; /**< SSL
definition */
- Protocol_T protocol; /**< Protocol object for testing a port's
service */
- Request_T url_request; /**< Optional url client request
object */
-
- /** For internal use */
- struct myport *next; /**< next port in
chain */
-} *Port_T;
-
-
-/** Defines a ICMP object */
-typedef struct myicmp {
- int type; /**< ICMP type
used */
- int count; /**< ICMP echo requests
count */
- int timeout; /**< The timeout in seconds to wait for
response */
- int is_available; /**< TRUE if the server is
available */
- double response; /**< ICMP ECHO response
time */
- EventAction_T action; /**< Description of the action upon event
occurence */
-
- /** For internal use */
- struct myicmp *next; /**< next icmp in
chain */
-} *Icmp_T;
-
-
-typedef struct myservicegroupmember {
- char *name; /**< name of
service */
-
- /** For internal use */
- struct myservicegroupmember *next; /**< next service in
chain */
-} *ServiceGroupMember_T;
-
-
-typedef struct myservicegroup {
- char *name; /**< name of service
group */
- struct myservicegroupmember *members; /**< Service group
members */
-
- /** For internal use */
- struct myservicegroup *next; /**< next service group in
chain */
-} *ServiceGroup_T;
-
-
-typedef struct mydependant {
- char *dependant; /**< name of dependant
service */
-
- /** For internal use */
- struct mydependant *next; /**< next dependant service in
chain */
-} *Dependant_T;
-
-
-/** Defines resource data */
-typedef struct myresource {
- int resource_id; /**< Which value is
checked */
- long limit; /**< Limit of the
resource */
- int operator; /**< Comparison
operator */
- EventAction_T action; /**< Description of the action upon event
occurence */
-
- /** For internal use */
- struct myresource *next; /**< next resource in
chain */
-} *Resource_T;
-
-
-/** Defines timestamp object */
-typedef struct mytimestamp {
- int operator; /**< Comparison
operator */
- int time; /**< Timestamp
watermark */
- int test_changes; /**< TRUE if we only should test for
changes */
- time_t timestamp; /**< The original last modified timestamp for this
object*/
- EventAction_T action; /**< Description of the action upon event
occurence */
-
- /** For internal use */
- struct mytimestamp *next; /**< next timestamp in
chain */
-} *Timestamp_T;
-
-
-/** Defines action rate object */
-typedef struct myactionrate {
- int count; /**< Action
counter */
- int cycle; /**< Cycle
counter */
- EventAction_T action; /**< Description of the action upon matching
rate */
-
- /** For internal use */
- struct myactionrate *next; /**< next actionrate in
chain */
-} *ActionRate_T;
-
-
-/** Defines size object */
-typedef struct mysize {
- int operator; /**< Comparison
operator */
- unsigned long long size; /**< Size
watermark */
- int test_changes; /**< TRUE if we only should test for
changes */
- int test_changes_ok; /**< TRUE if size was initialized for changes
test */
- EventAction_T action; /**< Description of the action upon event
occurence */
-
- /** For internal use */
- struct mysize *next; /**< next timestamp in
chain */
-} *Size_T;
-
-
-/** Defines checksum object */
-typedef struct mychecksum {
- MD_T hash; /**< A checksum hash computed for the
path */
- int type; /**< The type of hash (e.g. md5 or
sha1) */
- int length; /**< Length of the
hash */
- int test_changes; /**< TRUE if we only should test for
changes */
- int test_changes_ok; /**< TRUE if cksum was initialized for changes
test */
- EventAction_T action; /**< Description of the action upon event
occurence */
-} *Checksum_T;
-
-
-/** Defines permission object */
-typedef struct myperm {
- int perm; /**< Access
permission */
- EventAction_T action; /**< Description of the action upon event
occurence */
-} *Perm_T;
-
-/** Defines match object */
-typedef struct mymatch {
- int ignore; /**< Ignore
match */
- int not; /**< Invert
match */
- char *match_string; /**< Match
string */
- char *match_path; /**< File with matching
rules */
-#ifdef HAVE_REGEX_H
- regex_t *regex_comp; /**< Match
compile */
-#endif
- EventAction_T action; /**< Description of the action upon event
occurence */
-
- /** For internal use */
- struct mymatch *next; /**< next match in
chain */
-} *Match_T;
-
-
-/** Defines uid object */
-typedef struct myuid {
- uid_t uid; /**< Owner's
uid */
- EventAction_T action; /**< Description of the action upon event
occurence */
-} *Uid_T;
-
-
-/** Defines gid object */
-typedef struct mygid {
- gid_t gid; /**< Owner's
gid */
- EventAction_T action; /**< Description of the action upon event
occurence */
-} *Gid_T;
-
-
-/** Defines filesystem configuration */
-typedef struct myfilesystem {
- int resource; /**< Whether to check inode or
space */
- int operator; /**< Comparison
operator */
- long limit_absolute; /**< Watermark -
blocks */
- int limit_percent; /**< Watermark -
percent */
- EventAction_T action; /**< Description of the action upon event
occurence */
-
- /** For internal use */
- struct myfilesystem *next; /**< next filesystem in
chain */
-} *Filesystem_T;
-
-
-/** Defines service data */
-typedef struct myinfo {
- /* Shared */
- mode_t st_mode; /**<
Permission */
- uid_t st_uid; /**< Owner's
uid */
- gid_t st_gid; /**< Owner's
gid */
- time_t timestamp; /**<
Timestamp */
-
- union {
- struct {
- long f_bsize; /**< Transfer block
size */
- long f_blocks; /**< Total data blocks in
filesystem */
- long f_blocksfree; /**< Free blocks available to
non-superuser */
- long f_blocksfreetotal; /**< Free blocks in
filesystem */
- long f_files; /**< Total file nodes in
filesystem */
- long f_filesfree; /**< Free file nodes in
filesystem */
- char *mntpath; /**< Filesystem file, directory or
mountpoint */
- int inode_percent; /**< Used inode percentage *
10 */
- long inode_total; /**< Used inode total
objects */
- int space_percent; /**< Used space percentage *
10 */
- long space_total; /**< Used space total
blocks */
- int _flags; /**< Filesystem flags from last
cycle */
- int flags; /**< Filesystem flags from actual
cycle */
- } filesystem;
-
- struct {
- off_t st_size; /**<
Size */
- off_t readpos; /**< Position for regex
matching */
- ino_t st_ino; /**<
Inode */
- ino_t st_ino_prev; /**< Previous inode for regex
matching */
- MD_T cs_sum; /**<
Checksum */
- } file;
-
- struct {
- int _pid; /**< Process PID from last
cycle */
- int _ppid; /**< Process parent PID from last
cycle */
- int pid; /**< Process PID from actual
cycle */
- int ppid; /**< Process parent PID from actual
cycle */
- int status_flag;
- int children;
- long mem_kbyte;
- long total_mem_kbyte;
- int mem_percent; /**< percentage *
10 */
- int total_mem_percent; /**< percentage *
10 */
- int cpu_percent; /**< percentage *
10 */
- int total_cpu_percent; /**< percentage *
10 */
- time_t uptime; /**< Process
uptime */
- } process;
- } priv;
-} *Info_T;
-
-
-/** Defines service data */
-typedef struct myservice {
-
- /** Common parameters */
- char *name; /**< Service descriptive
name */
- int (*check)(struct myservice *); /**< Service verification
function */
- int type; /**< Monitored service
type */
- int monitor; /**< Monitor state
flag */
- int mode; /**< Monitoring mode for the
service */
- int ncycle; /**< The number of the current
cycle */
- int nstart; /**< The number of current starts with this
service */
- int every; /**< Check this program at given
cycles */
- int nevery; /**< Counter for every. When nevery == every,
check */
- int def_every; /**< TRUE if every is defined for the
service */
- int visited; /**< Service visited flag, set if dependencies are
used */
- int depend_visited;/**< Depend visited flag, set if dependencies are
used */
- Command_T start; /**< The start command for the
service */
- Command_T stop; /**< The stop command for the
service */
-
- Dependant_T dependantlist; /**< Dependant service
list */
- Mail_T maillist; /**< Alert notification
mailinglist */
-
- /** Test rules and event handlers */
- ActionRate_T actionratelist; /**< ActionRate check
list */
- Checksum_T checksum; /**< Checksum
check */
- Filesystem_T filesystemlist; /**< Filesystem check
list */
- Gid_T gid; /**< Gid
check */
- Icmp_T icmplist; /**< ICMP check
list */
- Perm_T perm; /**< Permission
check */
- Port_T portlist; /**< Portnumbers to check, either local or at a
host */
- Resource_T resourcelist; /**< Resouce check
list */
- Size_T sizelist; /**< Size check
list */
- Match_T matchlist; /**< Content Match
list */
- Timestamp_T timestamplist; /**< Timestamp check
list */
- Uid_T uid; /**< Uid
check */
-
- EventAction_T action_PID; /**< Action upon pid
change */
- EventAction_T action_PPID; /**< Action upon ppid
change */
- EventAction_T action_FSFLAG; /**< Action upon filesystem flags
change */
-
- /** General event handlers */
- EventAction_T action_DATA; /**< Description of the action upon
event */
- EventAction_T action_EXEC; /**< Description of the action upon
event */
- EventAction_T action_INVALID; /**< Description of the action upon
event */
- EventAction_T action_NONEXIST; /**< Description of the action upon
event */
-
- /** Internal monit events */
- EventAction_T action_MONIT_START; /**< Monit instance start
action */
- EventAction_T action_MONIT_STOP; /**< Monit instance stop
action */
- EventAction_T action_MONIT_RELOAD; /**< Monit instance reload
action */
- EventAction_T action_ACTION; /**< Action requested by CLI or
GUI */
-
- /** Runtime parameters */
- int error; /**< Error flags
bitmap */
- int error_hint; /**< Failed/Changed hint for error
bitmap */
- Info_T inf; /**< Service check
result */
- struct timeval collected; /**< When were data
collected */
- int doaction; /**< Action scheduled by http
thread */
- char *token; /**< Action
token */
-
- /** Events */
- struct myevent {
- #define EVENT_VERSION 3 /**< The event structure
version */
- int id; /**< The event
identification */
- struct timeval collected; /**< When the event
occured */
- char *source; /**< Event source service
name */
- int mode; /**< Monitoring mode for the
service */
- int type; /**< Monitored service
type */
- short state; /**< TRUE if failed, FALSE if
succeeded */
- short state_changed; /**< TRUE if state
changed */
- long long state_map; /**< Event bitmap for last
cycles */
- unsigned int count; /**< The event
rate */
- unsigned int flag; /**< The handlers state
flag */
- char *message; /**< Optional message describing the
event */
- EventAction_T action; /**< Description of the event
action */
- /** For internal use */
- struct myevent *next; /**< next event in
chain */
- struct myevent *previous; /**< previous event in
chain */
- } *eventlist; /**< Pending events
list */
-
- /** Context specific parameters */
- char *path; /**< Path to the filesys, file, directory or process pid
file */
-
- /** For internal use */
- pthread_mutex_t mutex; /**< Mutex used for action
synchronization */
- struct myservice *next; /**< next service in
chain */
- struct myservice *next_conf; /**< next service according to conf
file */
- struct myservice *next_depend; /**< next depend service in
chain */
-} *Service_T;
-
-
-typedef struct myevent *Event_T;
-
-
-/** Defines data for application runtime */
-struct myrun {
- volatile int stopped;/**< TRUE if monit was stopped. Flag used by
threads */
- char *controlfile; /**< The file to read configuration
from */
- char *logfile; /**< The file to write logdata
into */
- char *localhostname; /**< The host name for
localhost */
- char *pidfile; /**< This programs
pidfile */
- char *idfile; /**< The file with unique monit
id */
- char id[STRLEN]; /**< Unique monit
id */
- char *statefile; /**< The file with the saved runtime
state */
- char *mygroup; /**< Group Name of the
Service */
- int debug; /**< Write debug information - TRUE or
FALSE */
- int use_syslog; /**< If TRUE write log to
syslog */
- int dolog; /**< TRUE if program should log actions, otherwise
FALSE */
- int isdaemon; /**< TRUE if program should run as a
daemon */
- int polltime; /**< In deamon mode, the sleeptime (sec) between
run */
- int startdelay; /**< the sleeptime (sec) after
startup */
- int dohttpd; /**< TRUE if monit HTTP server should
run */
- int httpdssl; /**< TRUE if monit HTTP server uses
ssl */
- char *httpsslpem; /**< PEM file for the HTTPS
server */
- int clientssl; /**< TRUE if monit HTTP server uses ssl with client
auth */
- char *httpsslclientpem; /**< PEM file/dir to check against at
connect */
- int allowselfcert; /**< TRUE if self certified client certs are
allowed */
- int httpdsig; /**< TRUE if monit HTTP server presents version
signature */
- int httpdport; /**< The monit http server's
portnumber */
- int once; /**< TRUE - run only
once */
- int init; /**< TRUE - don't background to run from
init */
- int facility; /** The facility to use when running
openlog() */
- int doprocess; /**< TRUE if process status engine is
used */
- char *bind_addr; /**< The address monit http will bind
to */
- volatile int doreload; /**< TRUE if a monit daemon should
reinitialize */
- volatile int dowakeup; /**< TRUE if a monit daemon was wake up by
signal */
- int doaction; /**< TRUE if some service(s) has action
pending */
- mode_t umask; /**< The initial umask monit was started
with */
- int testing; /**< Running in configuration testing mode - TRUE or
FALSE */
- time_t incarnation; /**< Unique ID for running monit
instance */
- int handler_init; /**< The handlers queue
initialization */
- int handler_flag; /**< The handlers state
flag */
- int handler_queue[HANDLER_MAX+1]; /**< The handlers queue
counter */
- Service_T system; /**< The general system
service */
- char *eventlist_dir; /**< The event queue base
directory */
- int eventlist_slots; /**< The event queue size - number of
slots */
- int expectbuffer; /**< Generic protocol expect buffer - STRLEN by
default */
-
- /** An object holding program relevant "environment" data, see;
env.c */
- struct myenvironment {
- char *user; /**< The the effective user running this
program */
- char *home; /**< Users home
directory */
- char *cwd; /**< Current working
directory */
- } Env;
-
- char *mail_hostname; /**< Used in HELO/EHLO/MessageID when sending
mail */
- int mailserver_timeout; /**< Connect and read timeout for a SMTP
server */
- Mail_T maillist; /**< Global alert notification
mailinglist */
- MailServer_T mailservers; /**< List of MTAs used for alert
notification */
- Mmonit_T mmonits; /**< Event notification and status receivers
list */
- Auth_T credentials; /** A list holding Basic Authentication
information */
- int dommonitcredentials; /**< TRUE if M/Monit should receive
credentials */
- Auth_T mmonitcredentials; /**< Pointer to selected credentials or
NULL */
- Event_T eventlist; /** A list holding partialy handled
events */
- /** User selected standard mail
format */
- struct myformat {
- char *from; /**< The standard mail from
address */
- char *replyto; /**< Optional reply-to
header */
- char *subject; /**< The standard mail
subject */
- char *message; /**< The standard mail
message */
- } MailFormat;
-
- pthread_mutex_t mutex; /**< Mutex used for service data
synchronization */
-#ifdef OPENSSL_FIPS
- int fipsEnabled; /** TRUE if monit should use FIPS-140
mode */
-#endif
-};
-
-
-/* -------------------------------------------------------- Global
variables */
-
-extern char *prog;
-extern struct myrun Run;
-extern Service_T servicelist;
-extern Service_T servicelist_conf;
-extern ServiceGroup_T servicegrouplist;
-extern SystemInfo_T systeminfo;
-extern ProcessTree_T *ptree;
-extern int ptreesize;
-extern ProcessTree_T *oldptree;
-extern int oldptreesize;
-
-extern char actionnames[][STRLEN];
-extern char modenames[][STRLEN];
-extern char checksumnames[][STRLEN];
-extern char operatornames[][STRLEN];
-extern char operatorshortnames[][3];
-extern char monitornames[][STRLEN];
-extern char statusnames[][STRLEN];
-extern char servicetypes[][STRLEN];
-extern char pathnames[][STRLEN];
-extern char icmpnames[19][STRLEN];
-extern char sslnames[][STRLEN];
-
-/* ------------------------------------------------------- Public
prototypes */
-
-#include "util.h"
-#include "file.h"
-
-/* FIXME: move remaining prototypes into seperate header-files */
-
-int parse(char *);
-int control_service(const char *, int);
-int control_service_string(const char *, const char *);
-int control_service_daemon(const char *, const char *);
-void setup_dependants();
-void reset_depend();
-void spawn(Service_T, Command_T, Event_T);
-int status(char *);
-int log_init();
-void LogEmergency(const char *, ...);
-void LogAlert(const char *, ...);
-void LogCritical(const char *, ...);
-void LogError(const char *, ...);
-void vLogError(const char *s, va_list ap);
-void LogWarning(const char *, ...);
-void LogNotice(const char *, ...);
-void LogInfo(const char *, ...);
-void LogDebug(const char *, ...);
-void log_close();
-#ifndef HAVE_VSYSLOG
-#ifdef HAVE_SYSLOG
-void vsyslog (int, const char *, va_list);
-#endif /* HAVE_SYSLOG */
-#endif /* HAVE_VSYSLOG */
-int validate();
-void daemonize();
-void gc();
-void gc_mail_list(Mail_T *);
-void gccmd(Command_T *);
-void gc_event(Event_T *e);
-int kill_daemon(int);
-int exist_daemon();
-int sendmail(Mail_T);
-int sock_msg(int, char *, ...);
-void init_env();
-void *xmalloc (int);
-void *xcalloc(long, long);
-char *xstrdup(const char *);
-char *xstrndup(const char *, long);
-void *xresize(void *, long);
-void monit_http(int);
-int can_http();
-char *format(const char *, va_list, long *);
-void redirect_stdfd();
-void fd_close();
-pid_t getpgid(pid_t);
-#if ! HAVE_MALLOC
-void *rpl_malloc (size_t __size);
-#endif
-void unset_signal_block(sigset_t *);
-void set_signal_block(sigset_t *, sigset_t *);
-int check_process(Service_T);
-int check_filesystem(Service_T);
-int check_file(Service_T);
-int check_directory(Service_T);
-int check_remote_host(Service_T);
-int check_system(Service_T);
-int check_fifo(Service_T);
-int check_status(Service_T);
-int check_URL(Service_T s);
-int sha_md5_stream (FILE *, void *, void *);
-void reset_procinfo(Service_T);
-int check_service_status(Service_T);
-void printhash(char *);
-char *status_xml(Event_T, short, int, const char *);
-int handle_mmonit(Event_T);
-int do_wakeupcall();
-
-#endif
=======================================
--- /trunk/monitrc Mon Jun 6 06:32:18 2011
+++ /dev/null
@@ -1,249 +0,0 @@
-###############################################################################
-## Monit control file
-###############################################################################
-##
-## Comments begin with a '#' and extend through the end of the line.
Keywords
-## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting
with '/'.
-##
-## Below you will find examples of some frequently used statements. For
-## information about the control file and a complete list of statements and
-## options, please have a look in the Monit manual.
-##
-##
-###############################################################################
-## Global section
-###############################################################################
-##
-## Start Monit in the background (run as a daemon):
-#
-# set daemon 120 # check services at 2-minute intervals
-# with start delay 240 # optional: delay the first check by 4-minutes
(by
-# # default Monit check immediately after Monit
start)
-#
-#
-## Set syslog logging with the 'daemon' facility. If the FACILITY option is
-## omitted, Monit will use 'user' facility by default. If you want to log
to
-## a standalone log file instead, specify the full path to the log file
-#
-# set logfile syslog facility log_daemon
-#
-#
-### Set the location of the Monit id file which stores the unique id for
the
-### Monit instance. The id is generated and stored on first Monit start. By
-### default the file is placed in $HOME/.monit.id.
-#
-# set idfile /var/.monit.id
-#
-### Set the location of the Monit state file which saves monitoring states
-### on each cycle. By default the file is placed in $HOME/.monit.state. If
-### the state file is stored on a persistent filesystem, Monit will recover
-### the monitoring state across reboots. If it is on temporary filesystem,
the
-### state will be lost on reboot which may be convenient in some
situations.
-#
-# set statefile /var/.monit.state
-#
-## Set the list of mail servers for alert delivery. Multiple servers may be
-## specified using a comma separator. If the first mail server fails, Monit
-# will use the second mail server in the list and so on. By default Monit
uses
-# port 25 - it is possible to override this with the PORT option.
-#
-# set mailserver mail.bar.baz, # primary mailserver
-# backup.bar.baz port 10025, # backup mailserver on port
10025
-# localhost # fallback relay
-#
-#
-## By default Monit will drop alert events if no mail servers are
available.
-## If you want to keep the alerts for later delivery retry, you can use the
-## EVENTQUEUE statement. The base directory where undelivered alerts will
be
-## stored is specified by the BASEDIR option. You can limit the maximal
queue
-## size using the SLOTS option (if omitted, the queue is limited by space
-## available in the back end filesystem).
-#
-# set eventqueue
-# basedir /var/monit # set the base directory where events will be
stored
-# slots 100 # optionally limit the queue size
-#
-#
-## Send status and events to M/Monit (for more informations about M/Monit
-## see http://mmonit.com/). By default Monit registers credentials with
-## M/Monit so M/Monit can smoothly communicate back to Monit and you don't
-## have to register Monit credentials manually in M/Monit. It is possible
to
-## disable credential registration using the commented out option below.
-## Though, if safety is a concern we recommend instead using https when
-## communicating with M/Monit and send credentials encrypted.
-#
-# set mmonit http://monit:address@hidden:8080/collector
-# # and register without credentials # Don't register credentials
-#
-#
-#
-## Monit by default uses the following alert mail format:
-##
-## --8<--
-## From: address@hidden # sender
-## Subject: monit alert -- $EVENT $SERVICE # subject
-##
-## $EVENT Service $SERVICE #
-## #
-## Date: $DATE #
-## Action: $ACTION #
-## Host: $HOST # body
-## Description: $DESCRIPTION #
-## #
-## Your faithful employee, #
-## Monit #
-## --8<--
-##
-## You can override this message format or parts of it, such as subject
-## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc.
-## are expanded at runtime. For example, to override the sender, use:
-#
-# set mail-format { from: address@hidden }
-#
-#
-## You can set alert recipients whom will receive alerts if/when a
-## service defined in this file has errors. Alerts may be restricted on
-## events by using a filter as in the second example below.
-#
-# set alert address@hidden # receive all alerts
-# set alert address@hidden only on { timeout } # receive just service-
-# # timeout alert
-#
-#
-## Monit has an embedded web server which can be used to view status of
-## services monitored and manage services from a web interface. See the
-## Monit Wiki if you want to enable SSL for the web server.
-#
-# set httpd port 2812 and
-# use address localhost # only accept connection from localhost
-# allow localhost # allow localhost to connect to the server and
-# allow admin:monit # require user 'admin' with password 'monit'
-# allow @monit # allow users of group 'monit' to connect (rw)
-# allow @users readonly # allow users of group 'users' to connect
readonly
-#
-#
-###############################################################################
-## Services
-###############################################################################
-##
-## Check general system resources such as load average, cpu and memory
-## usage. Each test specifies a resource, conditions and the action to be
-## performed should a test fail.
-#
-# check system myhost.mydomain.tld
-# if loadavg (1min) > 4 then alert
-# if loadavg (5min) > 2 then alert
-# if memory usage > 75% then alert
-# if swap usage > 25% then alert
-# if cpu usage (user) > 70% then alert
-# if cpu usage (system) > 30% then alert
-# if cpu usage (wait) > 20% then alert
-#
-#
-## Check if a file exists, checksum, permissions, uid and gid. In addition
-## to alert recipients in the global section, customized alert can be sent
to
-## additional recipients by specifying a local alert handler. The service
may
-## be grouped using the GROUP option. More than one group can be specified
by
-## repeating the 'group name' statement.
-#
-# check file apache_bin with path /usr/local/apache/bin/httpd
-# if failed checksum and
-# expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor
-# if failed permission 755 then unmonitor
-# if failed uid root then unmonitor
-# if failed gid root then unmonitor
-# alert address@hidden on {
-# checksum, permission, uid, gid, unmonitor
-# } with the mail-format { subject: Alarm! }
-# group server
-#
-#
-## Check that a process is running, in this case Apache, and that it
respond
-## to HTTP and HTTPS requests. Check its resource usage such as cpu and
memory,
-## and number of children. If the process is not running, Monit will
restart
-## it by default. In case the service is restarted very often and the
-## problem remains, it is possible to disable monitoring using the TIMEOUT
-## statement. This service depends on another service (apache_bin) which
-## is defined above.
-#
-# check process apache with pidfile /usr/local/apache/logs/httpd.pid
-# start program = "/etc/init.d/httpd start" with timeout 60 seconds
-# stop program = "/etc/init.d/httpd stop"
-# if cpu > 60% for 2 cycles then alert
-# if cpu > 80% for 5 cycles then restart
-# if totalmem > 200.0 MB for 5 cycles then restart
-# if children > 250 then restart
-# if loadavg(5min) greater than 10 for 8 cycles then stop
-# if failed host www.tildeslash.com port 80 protocol http
-# and request "/somefile.html"
-# then restart
-# if failed port 443 type tcpssl protocol http
-# with timeout 15 seconds
-# then restart
-# if 3 restarts within 5 cycles then timeout
-# depends on apache_bin
-# group server
-#
-#
-## Check filesystem permissions, uid, gid, space and inode usage. Other
services,
-## such as databases, may depend on this resource and an automatically
graceful
-## stop may be cascaded to them before the filesystem will become full and
data
-## lost.
-#
-# check filesystem datafs with path /dev/sdb1
-# start program = "/bin/mount /data"
-# stop program = "/bin/umount /data"
-# if failed permission 660 then unmonitor
-# if failed uid root then unmonitor
-# if failed gid disk then unmonitor
-# if space usage > 80% for 5 times within 15 cycles then alert
-# if space usage > 99% then stop
-# if inode usage > 30000 then alert
-# if inode usage > 99% then stop
-# group server
-#
-#
-## Check a file's timestamp. In this example, we test if a file is older
-## than 15 minutes and assume something is wrong if its not updated. Also,
-## if the file size exceed a given limit, execute a script
-#
-# check file database with path /data/mydatabase.db
-# if failed permission 700 then alert
-# if failed uid data then alert
-# if failed gid data then alert
-# if timestamp > 15 minutes then alert
-# if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba
-#
-#
-## Check directory permission, uid and gid. An event is triggered if the
-## directory does not belong to the user with uid 0 and gid 0. In
addition,
-## the permissions have to match the octal description of 755 (see
chmod(1)).
-#
-# check directory bin with path /bin
-# if failed permission 755 then unmonitor
-# if failed uid 0 then unmonitor
-# if failed gid 0 then unmonitor
-#
-#
-## Check a remote host availability by issuing a ping test and check the
-## content of a response from a web server. Up to three pings are sent and
-## connection to a port and an application level network check is
performed.
-#
-# check host myserver with address 192.168.1.1
-# if failed icmp type echo count 3 with timeout 3 seconds then alert
-# if failed port 3306 protocol mysql with timeout 15 seconds then alert
-# if failed url http://user:address@hidden:8080/?querystring
-# and content == 'action="j_security_check"'
-# then alert
-#
-#
-###############################################################################
-## Includes
-###############################################################################
-##
-## It is possible to include additional configuration parts from other
files or
-## directories.
-#
-# include /etc/monit.d/*
-#
-#
=======================================
--- /trunk/net.c Thu Jun 9 07:20:31 2011
+++ /dev/null
@@ -1,859 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_POLL_H
-#include <poll.h>
-#endif
-
-#ifdef HAVE_STDARG_H
-#include <stdarg.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef NEED_SOCKLEN_T_DEFINED
-#define _BSD_SOCKLEN_T_
-#endif
-
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_SYS_UN_H
-#include <sys/un.h>
-#endif
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
-#ifdef HAVE_SYS_FILIO_H
-#include <sys/filio.h>
-#endif
-
-#ifdef HAVE_SYS_IOCTL_H
-#include <sys/ioctl.h>
-#endif
-
-#ifdef HAVE_SYS_FILIO_H
-#include <sys/filio.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_ICMP_H
-#include <netinet/ip_icmp.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_STDDEF_H
-#include <stddef.h>
-#else
-#define offsetof(st, m) ((size_t) ( (char *)&((st *)(0))->m - (char *)0 ))
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifndef __dietlibc__
-#ifdef HAVE_STROPTS_H
-#include <stropts.h>
-#endif
-#endif
-
-#include "monitor.h"
-#include "net.h"
-#include "ssl.h"
-
-/**
- * General purpose Network and Socket methods.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Christian Hopp, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/* -------------------------------------------------------------
Definitions */
-
-
-#define DATALEN 64
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static int do_connect(int, const struct sockaddr *, socklen_t, int);
-static unsigned short checksum_ip(unsigned char *, int);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Check if the hostname resolves
- * @param hostname The host to check
- * @return TRUE if hostname resolves, otherwise FALSE
- */
-int check_host(const char *hostname) {
-
- struct addrinfo hints;
- struct addrinfo *res;
-
- ASSERT(hostname);
-
- memset(&hints, 0, sizeof(struct addrinfo));
- hints.ai_family = PF_INET; /* we support just IPv4 currently */
-
- if(getaddrinfo(hostname, NULL, &hints, &res) != 0)
- return FALSE;
-
- freeaddrinfo(res);
-
- return TRUE;
-
-}
-
-
-/**
- * Verify that the socket is ready for i|o
- * @param socket A socket
- * @return TRUE if the socket is ready, otherwise FALSE.
- */
-int check_socket(int socket) {
-
- return (can_read(socket, 0) || can_write(socket, 0));
-
-}
-
-
-/**
- * Verify that the udp server is up. The given socket must be a
- * connected udp socket if we should be able to test the udp server.
- * The test is conducted by sending a datagram to the server and
- * check for a returned ICMP error when reading from the socket.
- * @param socket A socket
- * @return TRUE if the socket is ready, otherwise FALSE.
- */
-int check_udp_socket(int socket) {
-
- char buf[STRLEN]= {0};
-
- /* We have to send something and if the UDP server is down/unreachable
- * the remote host should send an ICMP error. We then need to call read
- * to get the ICMP error as a ECONNREFUSED errno. This test is
asynchronous
- * so we must wait, but we do not want to block to long either and it is
- * probably better to report a server falsely up than to block to long.
- */
- sock_write(socket, buf, 1, 0);
- if(sock_read(socket, buf, STRLEN, 2) < 0) {
- switch(errno) {
- case ECONNREFUSED: return FALSE;
- default: break;
- }
- }
-
- return TRUE;
-
-}
-
-
-/**
- * Create a non-blocking socket against hostname:port with the given
- * type. The type should be either SOCK_STREAM or SOCK_DGRAM.
- * @param hostname The host to open a socket at
- * @param port The port number to connect to
- * @param type Socket type to use (SOCK_STREAM|SOCK_DGRAM)
- * @param timeout If not connected within timeout seconds abort and return
-1
- * @return The socket or -1 if an error occured.
- */
-int create_socket(const char *hostname, int port, int type, int timeout) {
-
- int s;
- struct sockaddr_in sin;
- struct sockaddr_in *sa;
- struct addrinfo hints;
- struct addrinfo *result;
-
- ASSERT(hostname);
-
- memset(&hints, 0, sizeof(struct addrinfo));
- hints.ai_family = AF_INET;
- if(getaddrinfo(hostname, NULL, &hints, &result) != 0) {
- return -1;
- }
-
- if((s= socket(AF_INET, type, 0)) < 0) {
- freeaddrinfo(result);
- return -1;
- }
-
- sa = (struct sockaddr_in *)result->ai_addr;
- memcpy(&sin, sa, result->ai_addrlen);
- sin.sin_family= AF_INET;
- sin.sin_port= htons(port);
- freeaddrinfo(result);
-
- if(! set_noblock(s)) {
- goto error;
- }
-
- if(fcntl(s, F_SETFD, FD_CLOEXEC) == -1)
- goto error;
-
- if(do_connect(s, (struct sockaddr *)&sin, sizeof(sin), timeout) < 0) {
- goto error;
- }
-
- return s;
-
- error:
- close_socket(s);
- return -1;
-
-}
-
-
-/**
- * Open a socket using the given Port_T structure. The protocol,
- * destination and type are selected appropriately.
- * @param p connection description
- * @return The socket or -1 if an error occured.
- */
-int create_generic_socket(Port_T p) {
-
- int socket_fd= -1;
-
- ASSERT(p);
-
- switch(p->family) {
- case AF_UNIX:
- socket_fd= create_unix_socket(p->pathname, p->timeout);
- break;
- case AF_INET:
- socket_fd= create_socket(p->hostname, p->port, p->type, p->timeout);
- break;
- default:
- socket_fd= -1;
- }
-
- return socket_fd;
-
-}
-
-
-/**
- * Create a non-blocking UNIX socket.
- * @param pathname The pathname to use for the unix socket
- * @param timeout If not connected within timeout seconds abort and return
-1
- * @return The socket or -1 if an error occured.
- */
-int create_unix_socket(const char *pathname, int timeout) {
-
- int s;
- struct sockaddr_un unixsocket;
-
- ASSERT(pathname);
-
- if((s= socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
- LogError("%s: Cannot create socket -- %s\n", prog, STRERROR);
- return -1;
- }
-
- unixsocket.sun_family= AF_UNIX;
- snprintf(unixsocket.sun_path, sizeof(unixsocket.sun_path), "%s",
pathname);
-
- if(! set_noblock(s)) {
- goto error;
- }
-
- if(do_connect(s, (struct sockaddr *)&unixsocket, sizeof(unixsocket),
timeout) < 0) {
- goto error;
- }
-
- return s;
-
- error:
- close_socket(s);
- return -1;
-
-}
-
-
-/**
- * Create a non-blocking server socket and bind it to the specified local
- * port number, with the specified backlog. Set a socket option to
- * make the port reusable again. If a bind address is given the socket
- * will only accept connect requests to this addresses. If the bind
- * address is NULL it will accept connections on any/all local
- * addresses
- * @param port The localhost port number to open
- * @param backlog The maximum queue length for incomming connections
- * @param bindAddr the local address the server will bind to
- * @return The socket ready for accept, or -1 if an error occured.
- */
-int create_server_socket(int port, int backlog, const char *bindAddr) {
- int s;
- int status;
- int flag = 1;
- struct sockaddr_in myaddr;
-
- if((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
- LogError("%s: Cannot create socket -- %s\n", prog, STRERROR);
- return -1;
- }
-
- memset(&myaddr, 0, sizeof(struct sockaddr_in));
-
- if(bindAddr) {
- struct sockaddr_in *sa;
- struct addrinfo hints;
- struct addrinfo *result;
-
- memset(&hints, 0, sizeof(struct addrinfo));
- hints.ai_family = AF_INET;
- if((status = getaddrinfo(bindAddr, NULL, &hints, &result)) != 0) {
- LogError("%s: Cannot translate '%s' to IP address -- %s\n", prog,
bindAddr, gai_strerror(status));
- goto error;
- }
- sa = (struct sockaddr_in *)result->ai_addr;
- memcpy(&myaddr, sa, result->ai_addrlen);
- freeaddrinfo(result);
- } else {
- myaddr.sin_addr.s_addr= htonl(INADDR_ANY);
- }
- myaddr.sin_family= AF_INET;
- myaddr.sin_port= htons(port);
-
- if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&flag, sizeof(flag))
< 0) {
- LogError("%s: Cannot set reuseaddr option -- %s\n", prog, STRERROR);
- goto error;
- }
-
- if(! set_noblock(s))
- goto error;
-
- if(fcntl(s, F_SETFD, FD_CLOEXEC) == -1) {
- LogError("%s: Cannot set close on exec option -- %s\n", prog,
STRERROR);
- goto error;
- }
-
- if(bind(s, (struct sockaddr *)&myaddr, sizeof(struct sockaddr_in)) < 0) {
- LogError("%s: Cannot bind -- %s\n", prog, STRERROR);
- goto error;
- }
-
- if(listen(s, backlog) < 0) {
- LogError("%s: Cannot listen -- %s\n", prog, STRERROR);
- goto error;
- }
-
- return s;
-
- error:
- if (close(s) < 0)
- LogError("%s: Socket %d close failed -- %s\n", prog, s, STRERROR);
-
- return -1;
-
-}
-
-
-/**
- * Shutdown a socket and close the descriptor.
- * @param socket The socket to shutdown and close
- * @return TRUE if the close succeed otherwise FALSE
- */
-int close_socket(int socket) {
- int r;
-
- shutdown(socket, 2);
-
- /* Try to close even if shutdown failed so we won't leak file
descriptors */
- do {
- r = close(socket);
- } while(r == -1 && errno == EINTR);
- if (r == -1)
- LogError("%s: Socket %d close failed -- %s\n", prog, socket, STRERROR);
-
- return r;
-}
-
-
-/**
- * Enable nonblocking i|o on the given socket.
- * @param socket A socket
- * @return TRUE if success, otherwise FALSE
- */
-int set_noblock(int socket) {
- int flags = fcntl(socket, F_GETFL, 0);
-
- if (fcntl(socket, F_SETFL, flags|O_NONBLOCK) == -1) {
- LogError("%s: Cannot set nonblocking -- %s\n", prog, STRERROR);
- return FALSE;
- }
- return TRUE;
-}
-
-
-/**
- * Disable nonblocking i|o on the given socket
- * @param socket A socket
- * @return TRUE if success, otherwise FALSE
- */
-int set_block(int socket) {
-
- int flags;
-
- flags= fcntl(socket, F_GETFL, 0);
- flags &= ~O_NONBLOCK;
-
- return (fcntl(socket, F_SETFL, flags) == 0);
-
-}
-
-
-/**
- * Check if data is available, if not, wait timeout seconds for data
- * to be present.
- * @param socket A socket
- * @param timeout How long to wait before timeout (value in seconds)
- * @return Return TRUE if the event occured, otherwise FALSE.
- */
-int can_read(int socket, int timeout) {
- int r = 0;
- struct pollfd fds[1];
-
- fds[0].fd = socket;
- fds[0].events = POLLIN;
- do {
- r = poll(fds, 1, timeout * 1000);
- } while (r == -1 && errno == EINTR);
- return (r > 0);
-}
-
-
-/**
- * Check if data can be sent to the socket, if not, wait timeout
- * seconds for the socket to be ready.
- * @param socket A socket
- * @param timeout How long to wait before timeout (value in seconds)
- * @return Return TRUE if the event occured, otherwise FALSE.
- */
-int can_write(int socket, int timeout) {
- int r = 0;
- struct pollfd fds[1];
-
- fds[0].fd = socket;
- fds[0].events = POLLOUT;
- do {
- r = poll(fds, 1, timeout * 1000);
- } while (r == -1 && errno == EINTR);
- return (r > 0);
-}
-
-
-/**
- * Write <code>size</code> bytes from the <code>buffer</code> to the
- * <code>socket</code>
- * @param socket the socket to write to
- * @param buffer The buffer to write
- * @param size Number of bytes to send
- * @param timeout Seconds to wait for data to be written
- * @return The number of bytes sent or -1 if an error occured.
- */
-int sock_write(int socket, const void *buffer, int size, int timeout) {
-
- ssize_t n= 0;
-
- if(size<=0)
- return 0;
-
- errno= 0;
- do {
- n= write(socket, buffer, size);
- } while(n == -1 && errno == EINTR);
-
- if(n == -1 && (errno == EAGAIN || errno == EWOULDBLOCK)) {
- if(! can_write(socket, timeout)) {
- return -1;
- }
- do {
- n= write(socket, buffer, size);
- } while(n == -1 && errno == EINTR);
- }
-
- return n;
-
-}
-
-
-/**
- * Read up to size bytes from the <code>socket</code> into the
- * <code>buffer</code>. If data is not available wait for
- * <code>timeout</code> seconds.
- * @param socket the Socket to read data from
- * @param buffer The buffer to write the data to
- * @param size Number of bytes to read from the socket
- * @param timeout Seconds to wait for data to be available
- * @return The number of bytes read or -1 if an error occured.
- */
-int sock_read(int socket, void *buffer, int size, int timeout) {
-
- ssize_t n;
-
- if(size<=0)
- return 0;
-
- errno= 0;
- do {
- n= read(socket, buffer, size);
- } while(n == -1 && errno == EINTR);
-
- if(n == -1 && (errno == EAGAIN || errno == EWOULDBLOCK)) {
- if(! can_read(socket, timeout)) {
- return -1;
- }
- do {
- n= read(socket, buffer, size);
- } while(n == -1 && errno == EINTR);
- }
-
- return n;
-
-}
-
-
-/**
- * Write <code>size</code> bytes from the <code>buffer</code> to the
- * <code>socket</code>. The given socket <b>must</b> be a connected
- * UDP socket
- * @param socket the socket to write to
- * @param buffer The buffer to write
- * @param size Number of bytes to send
- * @param timeout Seconds to wait for data to be written
- * @return The number of bytes sent or -1 if an error occured.
- */
-int udp_write(int socket, void *b, int len, int timeout) {
-
- int i, n;
-
- ASSERT(timeout>=0);
-
- for(i= 4; i>=1; i--) {
-
- do {
- n= sock_write(socket, b, len, 0);
- } while(n == -1 && errno == EINTR);
-
- if(n == -1 && (errno != EAGAIN || errno != EWOULDBLOCK))
- return -1;
-
- /* Simple retransmit scheme, wait for the server to reply
- back to our socket. This assume a request-response pattern,
- which really is the only pattern we can support */
- if(can_read(socket, timeout/i)) return n;
- DEBUG("udp_write: Resending request\n");
-
- }
-
- errno= EHOSTUNREACH;
-
- return -1;
-
-}
-
-
-/**
- * Create a ICMP socket against hostname, send echo and wait for response.
- * The 'count' echo requests is send and we expect at least one reply.
- * @param hostname The host to open a socket at
- * @param timeout If response will not come within timeout seconds abort
- * @param count How many pings to send
- * @return response time on succes, -1 on error, -2 when monit has no
- * permissions for raw socket (normally requires root or net_icmpaccess
- * privilege on Solaris)
- */
-double icmp_echo(const char *hostname, int timeout, int count) {
- struct sockaddr_in sout;
- struct sockaddr_in *sa;
- struct addrinfo hints;
- struct addrinfo *result;
- struct ip *iphdrin;
- int len_out = offsetof(struct icmp, icmp_data) + DATALEN;
- int len_in = sizeof(struct ip) + sizeof(struct icmp);
- struct icmp *icmpin = NULL;
- struct icmp *icmpout = NULL;
- uint16_t id_in, id_out, seq_in;
- int r, i, s, n = 0;
- struct timeval t_in, t_out;
- char buf[STRLEN];
- double response = -1.;
-#if ! defined NETBSD && ! defined AIX
- int sol_ip;
- unsigned ttl = 255;
-#endif
-
- ASSERT(hostname);
- ASSERT(len_out < sizeof(buf));
-
- memset(&hints, 0, sizeof(struct addrinfo));
- hints.ai_family = AF_INET;
- if (getaddrinfo(hostname, NULL, &hints, &result) != 0) {
- LogError("ICMP echo for %s -- getaddrinfo failed: %s\n", hostname,
STRERROR);
- return response;
- }
-
- if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0) {
- if (errno == EACCES || errno == EPERM) {
- DEBUG("ICMP echo for %s -- cannot create socket: %s\n", hostname,
STRERROR);
- response = -2.;
- } else {
- LogError("ICMP echo for %s -- canot create socket: %s\n", hostname,
STRERROR);
- }
- goto error2;
- }
-
-#if ! defined NETBSD && ! defined AIX
-#ifdef HAVE_SOL_IP
- sol_ip = SOL_IP;
-#else
- {
- struct protoent *pent;
- pent = getprotobyname("ip");
- sol_ip = pent ? pent->p_proto : 0;
- }
-#endif
- if (setsockopt(s, sol_ip, IP_TTL, (char *)&ttl, sizeof(ttl)) < 0) {
- LogError("ICMP echo for %s -- setsockopt failed: %s\n", hostname,
STRERROR);
- goto error1;
- }
-#endif
-
- id_out = getpid() & 0xFFFF;
- icmpout = (struct icmp *)buf;
- for (i = 0; i < count; i++) {
- int j;
- unsigned char *data = (unsigned char *)icmpout->icmp_data;
-
- icmpout->icmp_code = 0;
- icmpout->icmp_type = ICMP_ECHO;
- icmpout->icmp_id = htons(id_out);
- icmpout->icmp_seq = htons(i);
- icmpout->icmp_cksum = 0;
-
- /* Add originate timestamp to data section */
- gettimeofday(&t_out, NULL);
- memcpy(data, &t_out, sizeof(struct timeval));
- data += sizeof(struct timeval);
-
- /* Initialize rest of data section to numeric sequence */
- for (j = 0; j < DATALEN - sizeof(struct timeval); j++)
- data[j] = j;
-
- icmpout->icmp_cksum = checksum_ip((unsigned char *)icmpout, len_out);
-
- sa = (struct sockaddr_in *)result->ai_addr;
- memcpy(&sout, sa, result->ai_addrlen);
- sout.sin_family = AF_INET;
- sout.sin_port = 0;
-
- do {
- n = sendto(s, (char *)icmpout, len_out, 0, (struct sockaddr *)&sout,
sizeof(struct sockaddr));
- } while(n == -1 && errno == EINTR);
- if (n < 0) {
- LogError("ICMP echo request for %s %d/%d failed -- %s\n", hostname,
i + 1, count, STRERROR);
- continue;
- }
-
- if (can_read(s, timeout)) {
- socklen_t size = sizeof(struct sockaddr_in);
-
- do {
- n = recvfrom(s, buf, STRLEN, 0, (struct sockaddr *)&sout, &size);
- } while(n == -1 && errno == EINTR);
- if (n < 0) {
- LogError("ICMP echo response for %s %d/%d failed -- %s\n",
hostname, i + 1, count, STRERROR);
- continue;
- } else if (n < len_in) {
- LogError("ICMP echo response for %s %d/%d failed -- received %d
bytes, expected at least %d bytes\n", hostname, i + 1, count, n, len_in);
- continue;
- }
-
- iphdrin = (struct ip *)buf;
- icmpin = (struct icmp *)(buf + iphdrin->ip_hl * 4);
- id_in = ntohs(icmpin->icmp_id);
- seq_in = ntohs(icmpin->icmp_seq);
- if (icmpin->icmp_type == ICMP_ECHOREPLY) {
- if (id_in == id_out && seq_in < (uint16_t)count) {
- /* Get the response time */
- gettimeofday(&t_in, NULL);
- memcpy(&t_out, icmpin->icmp_data, sizeof(struct timeval));
- response = (double)(t_in.tv_sec - t_out.tv_sec) +
(double)(t_in.tv_usec - t_out.tv_usec) / 1000000;
- DEBUG("ICMP echo response for %s %d/%d succeeded -- received
id=%d sequence=%d response_time=%fs\n", hostname, i + 1, count, id_in,
seq_in, response);
- break; // Wait for one response only
- } else
- LogError("ICMP echo response for %s %d/%d error -- received
id=%d (expected id=%d), received sequence=%d (expected sequence=%d)\n",
hostname, i + 1, count, id_in, id_out, seq_in, i);
- } else
- DEBUG("ICMP echo response for %s %d/%d -- expected ECHOREPLY,
received response type: %x (%s), source id=%d (mine id=%d) sequence=%d
(mine sequence=%d)\n", hostname, i + 1, count, icmpin->icmp_type,
icmpin->icmp_type < 19 ? icmpnames[icmpin->icmp_type] : "unknown", id_in,
id_out, seq_in, i);
- } else
- LogError("ICMP echo response for %s %d/%d timed out -- no response
within %d seconds\n", hostname, i + 1, count, timeout);
- }
-
- error1:
- do {
- r = close(s);
- } while(r == -1 && errno == EINTR);
- if (r == -1)
- LogError("%s: Socket %d close failed -- %s\n", prog, s, STRERROR);
-
- error2:
- freeaddrinfo(result);
-
- return response;
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/*
- * Do a non blocking connect, timeout if not connected within timeout
seconds
- */
-static int do_connect(int s, const struct sockaddr *addr, socklen_t
addrlen, int timeout) {
- int error = 0;
- struct pollfd fds[1];
-
- switch (connect(s, addr, addrlen)) {
- case 0:
- return 0;
- default:
- if (errno != EINPROGRESS)
- return -1;
- break;
- }
- fds[0].fd = s;
- fds[0].events = POLLIN|POLLOUT;
- if (poll(fds, 1, timeout * 1000) == 0) {
- errno = ETIMEDOUT;
- return -1;
- }
- if (fds[0].events & POLLIN || fds[0].events & POLLOUT) {
- socklen_t len = sizeof(error);
- if (getsockopt(s, SOL_SOCKET, SO_ERROR, &error, &len) < 0)
- return -1; // Solaris pending error
- } else {
- return -1;
- }
- if (error) {
- errno = error;
- return -1;
- }
- return 0;
-}
-
-
-/*
- * Compute Internet Checksum for "count" bytes beginning at
location "addr".
- * Based on RFC1071.
- */
-static unsigned short checksum_ip(unsigned char *_addr, int count) {
-
- register long sum= 0;
- unsigned short *addr= (unsigned short *)_addr;
-
- while(count > 1) {
- sum += *addr++;
- count -= 2;
- }
-
- /* Add left-over byte, if any */
- if(count > 0)
- sum += *(unsigned char *)addr;
-
- /* Fold 32-bit sum to 16 bits */
- while(sum >> 16)
- sum= (sum & 0xffff) + (sum >> 16);
-
- return ~sum;
-
-}
-
=======================================
--- /trunk/net.h Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#ifndef NET_H
-#define NET_H
-
-#include <config.h>
-#include "monitor.h"
-
-
-/**
- * General purpose Network and Socket methods.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Christian Hopp, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-
-/**
- * Standard seconds to wait for a socket connection or for socket read
- * i/o before aborting
- */
-#define NET_TIMEOUT 5
-
-
-/**
- * Check if the hostname resolves
- * @param hostname The host to check
- * @return TRUE if hostname resolves, otherwise FALSE
- */
-int check_host(const char *hostname);
-
-
-/**
- * Verify that the socket is ready for i|o
- * @param socket A socket
- * @return TRUE if the socket is ready, otherwise FALSE.
- */
-int check_socket(int socket);
-
-
-/**
- * Verify that the udp server is up. The given socket must be a
- * connected udp socket if we should be able to test the udp server.
- * The test is conducted by sending a datagram to the server and
- * check for a returned ICMP error when reading from the socket.
- * @param socket A socket
- * @return TRUE if the socket is ready, otherwise FALSE.
- */
-int check_udp_socket(int socket);
-
-
-/**
- * Create a non-blocking socket against hostname:port with the given
- * protocol. The protocol should be either SOCK_STREAM or SOCK_DGRAM.
- * @param hostname The host to open a socket at
- * @param port The port number to connect to
- * @param protocol Socket protocol to use (SOCK_STREAM|SOCK_DGRAM)
- * @param timeout If not connected within timeout seconds abort and return
-1
- * @return The socket or -1 if an error occured.
- */
-int create_socket(const char *hostname, int port, int protocol, int
timeout);
-
-
-/**
- * Open a socket using the given Port_T structure. The protocol,
- * destination and type are selected appropriately.
- * @param p connection description
- * @return The socket or -1 if an error occured.
- */
-int create_generic_socket(Port_T p);
-
-
-/**
- * Create a non-blocking UNIX socket.
- * @param pathname The pathname to use for the unix socket
- * @param timeout If not connected within timeout seconds abort and return
-1
- * @return The socket or -1 if an error occured.
- */
-int create_unix_socket(const char *pathname, int timeout);
-
-
-/**
- * Create a blocking server socket and bind it to the specified local
- * port number, with the specified backlog. Set a socket option to
- * make the port reusable again. If a bind address is given the socket
- * will only accept connect requests to this addresses. If the bind
- * address is NULL it will accept connections on any/all local
- * addresses
- * @param port The localhost port number to open
- * @param backlog The maximum queue length for incomming connections
- * @param bindAddr the local address the server will bind to
- * @return The socket ready for accept, or -1 if an error occured.
- */
-int create_server_socket(int port, int backlog, const char *bindAddr);
-
-
-/**
- * Shutdown a socket and close the descriptor.
- * @param socket The socket to shutdown and close
- * @return TRUE if the close succeed otherwise FALSE
- */
-int close_socket(int socket);
-
-
-/**
- * Enable nonblocking i|o on the given socket.
- * @param socket A socket
- * @return TRUE if success, otherwise FALSE
- */
-int set_noblock(int socket);
-
-
-/**
- * Disable nonblocking i|o on the given socket
- * @param socket A socket
- * @return TRUE if success, otherwise FALSE
- */
-int set_block(int socket);
-
-
-/**
- * Check if data is available, if not, wait timeout seconds for data
- * to be present.
- * @param socket A socket
- * @param timeout How long to wait before timeout (value in seconds)
- * @return Return TRUE if the event occured, otherwise FALSE.
- */
-int can_read(int socket, int timeout);
-
-
-/**
- * Check if data can be sent to the socket, if not, wait timeout
- * seconds for the socket to be ready.
- * @param socket A socket
- * @param timeout How long to wait before timeout (value in seconds)
- * @return Return TRUE if the event occured, otherwise FALSE.
- */
-int can_write(int socket, int timeout);
-
-
-/**
- * Write <code>size</code> bytes from the <code>buffer</code> to the
- * <code>socket</code>
- * @param socket the socket to write to
- * @param buffer The buffer to write
- * @param size Number of bytes to send
- * @param timeout Seconds to wait for data to be written
- * @return The number of bytes sent or -1 if an error occured.
- */
-int sock_write(int socket, const void *buffer, int size, int timeout);
-
-
-/**
- * Read up to size bytes from the <code>socket</code> into the
- * <code>buffer</code>. If data is not available wait for
- * <code>timeout</code> seconds.
- * @param socket the Socket to read data from
- * @param buffer The buffer to write the data to
- * @param size Number of bytes to read from the socket
- * @param timeout Seconds to wait for data to be available
- * @return The number of bytes read or -1 if an error occured.
-*/
-int sock_read(int socket, void *buffer, int size, int timeout);
-
-
-/**
- * Write <code>size</code> bytes from the <code>buffer</code> to the
- * <code>socket</code>. The given socket <b>must</b> be a connected
- * UDP socket
- * @param socket the socket to write to
- * @param buffer The buffer to write
- * @param size Number of bytes to send
- * @param timeout Seconds to wait for data to be written
- * @return The number of bytes sent or -1 if an error occured.
- */
-int udp_write(int socket, void *b, int len, int timeout);
-
-
-/**
- * Create a ICMP socket against hostname, send echo and wait for response.
- * The 'count' echo requests is send and we expect at least one reply.
- * @param hostname The host to open a socket at
- * @param timeout If response will not come within timeout seconds abort
- * @param count How many pings to send
- * @return response time on succes, -1 on error
- */
-double icmp_echo(const char *hostname, int timeout, int count);
-
-#endif
=======================================
--- /trunk/p.y Wed Mar 23 03:15:53 2011
+++ /dev/null
@@ -1,3495 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-%{
-
-/*
- * DESCRIPTION
- * Simple context-free grammar for parsing the control file.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Olivier Beyssac, <address@hidden>
- * @author Kianusch Sayah Karadji <address@hidden>
- * @author Martin Pala <address@hidden>
- * @author Christian Hopp <address@hidden>
- * @author Rory Toma <address@hidden>
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_CTYPE_H
-#include <ctype.h>
-#endif
-
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-
-#ifdef HAVE_GRP_H
-#include <grp.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_ASM_PARAM_H
-#include <asm/param.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-
-#ifndef HAVE_SOL_IP
-#include <netinet/in_systm.h>
-#include <netinet/in.h>
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_ICMP_H
-#include <netinet/ip_icmp.h>
-#endif
-
-#ifdef HAVE_REGEX_H
-#include <regex.h>
-#endif
-
-#include "net.h"
-#include "monitor.h"
-#include "protocol.h"
-#include "engine.h"
-#include "alert.h"
-#include "process.h"
-#include "ssl.h"
-#include "device.h"
-
-
-/* -------------------------------------------------------------
Definitions */
-
- struct IHavePrecedence {
- int daemon;
- int logfile;
- int pidfile;
- };
-
- struct myrate {
- unsigned count;
- unsigned cycles;
- };
-
- /* yacc interface */
- void yyerror(const char *,...);
- void yyerror2(const char *,...);
- void yywarning(const char *,...);
- void yywarning2(const char *,...);
-
- /* lexer interface */
- int yylex(void);
- extern FILE *yyin;
- extern int lineno;
- extern int arglineno;
- extern char *yytext;
- extern char *argyytext;
- extern char *currentfile;
- extern char *argcurrentfile;
- extern int buffer_stack_ptr;
-
- /* Local variables */
- static int cfg_errflag = FALSE;
- static Service_T tail = NULL;
- static Service_T current = NULL;
- static unsigned int eventset;
- static Request_T urlrequest = NULL;
- static Command_T command = NULL;
- static Command_T command1 = NULL;
- static Command_T command2 = NULL;
- static Service_T depend_list = NULL;
- static struct mygid gidset;
- static struct myuid uidset;
- static struct myperm permset;
- static struct mysize sizeset;
- static struct mymatch matchset;
- static struct myicmp icmpset;
- static struct mymail mailset;
- static struct myport portset;
- static struct mymailserver mailserverset;
- static struct myfilesystem filesystemset;
- static struct myresource resourceset;
- static struct mychecksum checksumset;
- static struct mytimestamp timestampset;
- static struct myactionrate actionrateset;
- static struct IHavePrecedence ihp = {FALSE, FALSE, FALSE};
- static struct myrate rate1 = {1, 1};
- static struct myrate rate2 = {1, 1};
- static char * htpasswd_file = NULL;
- static int digesttype = DIGEST_CLEARTEXT;
- static int hassystem = FALSE;
-
-#define BITMAP_MAX (sizeof(long long) * 8)
-
-
-/* --------------------------------------------------------------
Prototypes */
-
- static void preparse();
- static void postparse();
- static void addservice(Service_T);
- static void addmail(char *, Mail_T, Mail_T *, unsigned int, unsigned
int);
- static void createservice(int, char *, char *, int (*)(Service_T));
- static void adddependant(char *);
- static void addservicegroup(char *);
- static void addport(Port_T);
- static void addresource(Resource_T);
- static void addtimestamp(Timestamp_T, int);
- static void addactionrate(ActionRate_T);
- static void addsize(Size_T);
- static void addfilesystem(Filesystem_T);
- static void addicmp(Icmp_T);
- static void *addprotocol(int);
- static void addgeneric(Port_T, char*, char*);
- static void addcommand(int, unsigned);
- static void addargument(char *);
- static void addmmonit(URL_T, int, int, char *);
- static void addmailserver(MailServer_T);
- static int addcredentials(char *, char *, int, int);
-#ifdef HAVE_LIBPAM
- static void addpamauth(char *, int);
-#endif
- static void addhtpasswdentry(char *, char *, int);
- static uid_t get_uid(char *, uid_t);
- static gid_t get_gid(char *, gid_t);
- static void addchecksum(Checksum_T);
- static void addperm(Perm_T);
- static void addmatch(Match_T, int, int);
- static void addmatchpath(Match_T, int);
- static void adduid(Uid_T);
- static void addgid(Gid_T);
- static void addeuid(uid_t);
- static void addegid(gid_t);
- static void addeventaction(EventAction_T *, int, int);
- static void seteventaction(EventAction_T *, int, int);
- static void prepare_urlrequest(URL_T U);
- static void seturlrequest(int, char *);
- static void setlogfile(char *);
- static void setpidfile(char *);
- static void reset_mailset();
- static void reset_mailserverset();
- static void reset_portset();
- static void reset_resourceset();
- static void reset_timestampset();
- static void reset_actionrateset();
- static void reset_sizeset();
- static void reset_checksumset();
- static void reset_permset();
- static void reset_uidset();
- static void reset_gidset();
- static void reset_filesystemset();
- static void reset_icmpset();
- static void reset_rateset();
- static void check_name(char *);
- static void check_every(int);
- static int check_perm(int);
- static void check_hostname (char *);
- static void check_exec(char *);
- static int cleanup_hash_string(char *);
- static void check_depend();
- static void setsyslog(char *);
- static Command_T copycommand(Command_T);
- static int verifyMaxForward(int);
-
-%}
-
-%union {
- URL_T url;
- float real;
- int number;
- char *string;
-}
-
-%token IF ELSE THEN OR FAILED
-%token SET LOGFILE FACILITY DAEMON SYSLOG MAILSERVER HTTPD ALLOW ADDRESS
INIT
-%token READONLY CLEARTEXT MD5HASH SHA1HASH CRYPT DELAY
-%token PEMFILE ENABLE DISABLE HTTPDSSL CLIENTPEMFILE ALLOWSELFCERTIFICATION
-%token IDFILE STATEFILE SEND EXPECT EXPECTBUFFER CYCLE COUNT REMINDER
-%token PIDFILE START STOP PATHTOK
-%token HOST HOSTNAME PORT TYPE UDP TCP TCPSSL PROTOCOL CONNECTION
-%token ALERT NOALERT MAILFORMAT UNIXSOCKET SIGNATURE
-%token TIMEOUT RESTART CHECKSUM EVERY
-%token DEFAULT HTTP APACHESTATUS FTP SMTP POP IMAP CLAMAV NNTP NTP3 MYSQL
DNS
-%token SSH DWP LDAP2 LDAP3 RDATE RSYNC TNS PGSQL POSTFIXPOLICY SIP LMTP
GPS RADIUS MEMCACHE
-%token <string> STRING PATH MAILADDR MAILFROM MAILREPLYTO MAILSUBJECT
-%token <string> MAILBODY SERVICENAME STRINGNAME
-%token <number> NUMBER PERCENT LOGLIMIT CLOSELIMIT DNSLIMIT KEEPALIVELIMIT
-%token <number> REPLYLIMIT REQUESTLIMIT STARTLIMIT WAITLIMIT GRACEFULLIMIT
-%token <number> CLEANUPLIMIT
-%token <real> REAL
-%token CHECKPROC CHECKFILESYS CHECKFILE CHECKDIR CHECKHOST CHECKSYSTEM
CHECKFIFO CHECKSTATUS
-%token CHILDREN SYSTEM
-%token RESOURCE MEMORY TOTALMEMORY LOADAVG1 LOADAVG5 LOADAVG15 SWAP
-%token MODE ACTIVE PASSIVE MANUAL CPU TOTALCPU CPUUSER CPUSYSTEM CPUWAIT
-%token GROUP REQUEST DEPENDS BASEDIR SLOT EVENTQUEUE SECRET HOSTHEADER
-%token UID GID MMONIT INSTANCE USERNAME PASSWORD
-%token TIMESTAMP CHANGED SECOND MINUTE HOUR DAY
-%token SSLAUTO SSLV2 SSLV3 TLSV1 CERTMD5
-%token BYTE KILOBYTE MEGABYTE GIGABYTE
-%token INODE SPACE PERMISSION SIZE MATCH NOT IGNORE ACTION
-%token EXEC UNMONITOR ICMP ICMPECHO NONEXIST EXIST INVALID DATA RECOVERED
PASSED SUCCEEDED
-%token URL CONTENT PID PPID FSFLAG
-%token REGISTER CREDENTIALS
-%token <url> URLOBJECT
-%token <string> TARGET
-%token <number> MAXFORWARD
-%token FIPS
-
-%left GREATER LESS EQUAL NOTEQUAL
-
-
-%%
-cfgfile : /* EMPTY */
- | statement_list
- ;
-
-statement_list : statement
- | statement_list statement
- ;
-
-statement : setalert
- | setdaemon
- | setlog
- | seteventqueue
- | setmmonits
- | setmailservers
- | setmailformat
- | sethttpd
- | setpid
- | setidfile
- | setstatefile
- | setexpectbuffer
- | setinit
- | setfips
- | checkproc optproclist
- | checkfile optfilelist
- | checkfilesys optfilesyslist
- | checkdir optdirlist
- | checkhost opthostlist
- | checksystem optsystemlist
- | checkfifo optfifolist
- | checkstatus optstatuslist
- ;
-
-optproclist : /* EMPTY */
- | optproclist optproc
- ;
-
-optproc : start
- | stop
- | exist
- | pid
- | ppid
- | connection
- | connectionunix
- | actionrate
- | alert
- | every
- | mode
- | group
- | depend
- | resourceprocess
- ;
-
-optfilelist : /* EMPTY */
- | optfilelist optfile
- ;
-
-optfile : start
- | stop
- | exist
- | timestamp
- | actionrate
- | every
- | alert
- | permission
- | uid
- | gid
- | checksum
- | size
- | match
- | mode
- | group
- | depend
- ;
-
-optfilesyslist : /* EMPTY */
- | optfilesyslist optfilesys
- ;
-
-optfilesys : start
- | stop
- | exist
- | actionrate
- | every
- | alert
- | permission
- | uid
- | gid
- | mode
- | group
- | depend
- | inode
- | space
- | fsflag
- ;
-
-optdirlist : /* EMPTY */
- | optdirlist optdir
- ;
-
-optdir : start
- | stop
- | exist
- | timestamp
- | actionrate
- | every
- | alert
- | permission
- | uid
- | gid
- | mode
- | group
- | depend
- ;
-
-opthostlist : opthost
- | opthostlist opthost
- ;
-
-opthost : start
- | stop
- | exist
- | connection
- | icmp
- | actionrate
- | alert
- | every
- | mode
- | group
- | depend
- ;
-
-optsystemlist : /* EMPTY */
- | optsystemlist optsystem
- ;
-
-optsystem : start
- | stop
- | actionrate
- | alert
- | every
- | group
- | depend
- | resourcesystem
- ;
-
-optfifolist : /* EMPTY */
- | optfifolist optfifo
- ;
-
-optfifo : start
- | stop
- | exist
- | timestamp
- | actionrate
- | every
- | alert
- | permission
- | uid
- | gid
- | mode
- | group
- | depend
- ;
-
-optstatuslist : /* EMPTY */
- | optstatuslist optstatus
- ;
-
-optstatus : actionrate
- | exist
- | alert
- | every
- | group
- | depend
- ;
-
-setalert : SET alertmail '{' eventoptionlist '}' formatlist
reminder {
- addmail($<string>2, &mailset, &Run.maillist, eventset,
$<number>7);
- }
- | SET alertmail formatlist reminder {
- addmail($<string>2, &mailset, &Run.maillist,
Event_All, $<number>4);
- }
- | SET alertmail NOT '{' eventoptionlist '}' formatlist
reminder {
- addmail($<string>2, &mailset, &Run.maillist, ~eventset,
$<number>8);
- }
- ;
-
-setdaemon : SET DAEMON NUMBER startdelay {
- if (!Run.isdaemon || ihp.daemon) {
- ihp.daemon = TRUE;
- Run.isdaemon = TRUE;
- Run.polltime = $3;
- Run.startdelay = $<number>4;
- }
- }
- ;
-
-startdelay : /* EMPTY */ { $<number>$ = START_DELAY; }
- | START DELAY NUMBER { $<number>$ = $3; }
- ;
-
-setexpectbuffer : SET EXPECTBUFFER NUMBER unit {
- Run.expectbuffer = $3 * $<number>4;
- }
- ;
-
-setinit : SET INIT {
- Run.init = TRUE;
- }
- ;
-
-setfips : SET FIPS {
- #ifdef OPENSSL_FIPS
- Run.fipsEnabled = TRUE;
- #endif
- }
- ;
-
-setlog : SET LOGFILE PATH {
- if (!Run.logfile || ihp.logfile) {
- ihp.logfile = TRUE;
- setlogfile($3);
- Run.use_syslog = FALSE;
- Run.dolog =TRUE;
- }
- }
- | SET LOGFILE SYSLOG {
- setsyslog(NULL);
- }
- | SET LOGFILE SYSLOG FACILITY STRING {
- setsyslog($5); FREE($5);
- }
- ;
-
-seteventqueue : SET EVENTQUEUE BASEDIR PATH {
- Run.eventlist_dir = $4;
- }
- | SET EVENTQUEUE BASEDIR PATH SLOT NUMBER {
- Run.eventlist_dir = $4;
- Run.eventlist_slots = $6;
- }
- | SET EVENTQUEUE SLOT NUMBER {
- Run.eventlist_dir = xstrdup(MYEVENTLISTBASE);
- Run.eventlist_slots = $4;
- }
- ;
-
-setidfile : SET IDFILE PATH {
- Run.idfile = $3;
- }
- ;
-
-setstatefile : SET STATEFILE PATH {
- Run.statefile = $3;
- }
- ;
-
-setpid : SET PIDFILE PATH {
- if (!Run.pidfile || ihp.pidfile) {
- ihp.pidfile = TRUE;
- setpidfile($3);
- }
- }
- ;
-
-setmmonits : SET MMONIT mmonitlist
- ;
-
-mmonitlist : mmonit credentials
- | mmonitlist mmonit credentials
- ;
-
-mmonit : URLOBJECT nettimeout sslversion certmd5 {
- check_hostname(($<url>1)->hostname);
- addmmonit($<url>1, $<number>2, $<number>3, $<string>4);
- }
- ;
-
-credentials : /* EMPTY */
- | REGISTER CREDENTIALS {
- Run.dommonitcredentials = FALSE;
- }
- ;
-
-setmailservers : SET MAILSERVER mailserverlist nettimeout hostname {
- Run.mailserver_timeout = $<number>4;
- Run.mail_hostname = $<string>5;
- }
- ;
-
-setmailformat : SET MAILFORMAT '{' formatoptionlist '}' {
- Run.MailFormat.from = mailset.from ?
mailset.from : xstrdup(ALERT_FROM);
- Run.MailFormat.replyto = mailset.replyto ?
mailset.replyto : NULL;
- Run.MailFormat.subject = mailset.subject ?
mailset.subject : xstrdup(ALERT_SUBJECT);
- Run.MailFormat.message = mailset.message ?
mailset.message : xstrdup(ALERT_MESSAGE);
- reset_mailset();
- }
- ;
-
-sethttpd : SET HTTPD PORT NUMBER httpdlist {
- Run.dohttpd = TRUE;
- Run.httpdport = $4;
- }
- ;
-
-mailserverlist : mailserver
- | mailserverlist mailserver
- ;
-
-mailserver : STRING username password sslversion certmd5 {
- /* Restore the current text overriden by lookahead */
- FREE(argyytext);
- argyytext = xstrdup($1);
-
- check_hostname($1);
- mailserverset.host = $1;
- mailserverset.username = $<string>2;
- mailserverset.password = $<string>3;
- mailserverset.ssl.version = $<number>4;
- if (mailserverset.ssl.version != SSL_VERSION_NONE) {
- mailserverset.ssl.use_ssl = TRUE;
- if (mailserverset.ssl.version == SSL_VERSION_SSLV2 ||
- mailserverset.ssl.version == SSL_VERSION_SSLV3)
- mailserverset.port = PORT_SMTPS;
- mailserverset.ssl.certmd5 = $<string>5;
- }
- addmailserver(&mailserverset);
- }
- | STRING PORT NUMBER username password sslversion certmd5 {
- /* Restore the current text overriden by lookahead */
- FREE(argyytext);
- argyytext = xstrdup($1);
-
- check_hostname($1);
- mailserverset.host = $1;
- mailserverset.port = $<number>3;
- mailserverset.username = $<string>4;
- mailserverset.password = $<string>5;
- mailserverset.ssl.version = $<number>6;
- if (mailserverset.ssl.version != SSL_VERSION_NONE) {
- mailserverset.ssl.use_ssl = TRUE;
- mailserverset.ssl.certmd5 = $<string>7;
- }
- addmailserver(&mailserverset);
- }
- ;
-
-httpdlist : /* EMPTY */
- | httpdlist httpdoption
- ;
-
-httpdoption : ssl
- | signature
- | bindaddress
- | allow
- ;
-
-ssl : ssldisable { Run.httpdssl = FALSE; }
- | sslenable pemfile clientpemfile allowselfcert {
- Run.httpdssl = TRUE;
- if (!have_ssl())
- yyerror("SSL is not supported");
- }
- ;
-
-sslenable : HTTPDSSL
- | HTTPDSSL ENABLE
- | ENABLE HTTPDSSL
- ;
-
-ssldisable : HTTPDSSL DISABLE
- | DISABLE HTTPDSSL
- | ssldisable PEMFILE PATH { FREE($3); }
- | ssldisable CLIENTPEMFILE PATH { FREE($3); }
- | ssldisable ALLOWSELFCERTIFICATION
- ;
-
-signature : sigenable { Run.httpdsig = TRUE; }
- | sigdisable { Run.httpdsig = FALSE; }
- ;
-
-sigenable : SIGNATURE ENABLE
- | ENABLE SIGNATURE
- ;
-
-sigdisable : SIGNATURE DISABLE
- | DISABLE SIGNATURE
- ;
-
-bindaddress : ADDRESS STRING { Run.bind_addr = $2; }
- ;
-
-pemfile : PEMFILE PATH {
- Run.httpsslpem = $2;
- if (!File_checkStat(Run.httpsslpem, "SSL server PEM
file", S_IRWXU))
- yyerror2("SSL server PEM file has too loose
permissions");
- }
- ;
-
-clientpemfile : /* EMPTY */
- | CLIENTPEMFILE PATH {
- Run.httpsslclientpem = $2;
- Run.clientssl = TRUE;
- if (!File_checkStat(Run.httpsslclientpem, "SSL client
PEM file", S_IRWXU | S_IRGRP | S_IROTH))
- yyerror2("SSL client PEM file has too loose
permissions");
- }
- ;
-
-allowselfcert : /* EMPTY */ {
- Run.allowselfcert = FALSE;
- config_ssl(Run.allowselfcert);
- }
- | ALLOWSELFCERTIFICATION {
- Run.allowselfcert = TRUE;
- config_ssl(Run.allowselfcert);
- }
- ;
-
-allow : ALLOW STRING':'STRING readonly {
- addcredentials($2,$4, DIGEST_CLEARTEXT, $<number>5);
- }
- | ALLOW '@'STRING readonly {
-#ifdef HAVE_LIBPAM
- addpamauth($3, $<number>4);
-#else
- yyerror("PAM is not supported");
- FREE($3);
-#endif
- }
- | ALLOW PATH {
- addhtpasswdentry($2, NULL, DIGEST_CLEARTEXT);
- FREE($2);
- }
- | ALLOW CLEARTEXT PATH {
- addhtpasswdentry($3, NULL, DIGEST_CLEARTEXT);
- FREE($3);
- }
- | ALLOW MD5HASH PATH {
- addhtpasswdentry($3, NULL, DIGEST_MD5);
- FREE($3);
- }
- | ALLOW CRYPT PATH {
- addhtpasswdentry($3, NULL, DIGEST_CRYPT);
- FREE($3);
- }
- | ALLOW PATH {
- htpasswd_file = $2;
- digesttype = CLEARTEXT;
- }
- allowuserlist {
- FREE(htpasswd_file);
- }
- | ALLOW CLEARTEXT PATH {
- htpasswd_file = $3;
- digesttype = DIGEST_CLEARTEXT;
- }
- allowuserlist {
- FREE(htpasswd_file);
- }
- | ALLOW MD5HASH PATH {
- htpasswd_file = $3;
- digesttype = DIGEST_MD5;
- }
- allowuserlist {
- FREE(htpasswd_file);
- }
- | ALLOW CRYPT PATH {
- htpasswd_file = $3;
- digesttype = DIGEST_CRYPT;
- }
- allowuserlist {
- FREE(htpasswd_file);
- }
- | ALLOW STRING {
- if (! (add_net_allow($2) || add_host_allow($2))) {
- yyerror2("erroneous network or host identifier %s",
$2);
- }
- FREE($2);
- }
- ;
-
-allowuserlist : allowuser
- | allowuserlist allowuser
- ;
-
-allowuser : STRING { addhtpasswdentry(htpasswd_file, $1, digesttype);
- FREE($1); }
- ;
-
-readonly : /* EMPTY */ { $<number>$ = FALSE; }
- | READONLY { $<number>$ = TRUE; }
- ;
-
-checkproc : CHECKPROC SERVICENAME PIDFILE PATH {
- createservice(TYPE_PROCESS, $<string>2, $4,
check_process);
- }
- | CHECKPROC SERVICENAME PATHTOK PATH {
- createservice(TYPE_PROCESS, $<string>2, $4,
check_process);
- }
- | CHECKPROC SERVICENAME MATCH STRING {
- createservice(TYPE_PROCESS, $<string>2, $4,
check_process);
- matchset.ignore = FALSE;
- matchset.match_path = NULL;
- matchset.match_string = xstrdup($4);
- addmatch(&matchset, ACTION_IGNORE, 0);
- }
- | CHECKPROC SERVICENAME MATCH PATH {
- createservice(TYPE_PROCESS, $<string>2, $4,
check_process);
- matchset.ignore = FALSE;
- matchset.match_path = NULL;
- matchset.match_string = xstrdup($4);
- addmatch(&matchset, ACTION_IGNORE, 0);
- }
- ;
-
-checkfile : CHECKFILE SERVICENAME PATHTOK PATH {
- createservice(TYPE_FILE, $<string>2, $4, check_file);
- }
- ;
-
-checkfilesys : CHECKFILESYS SERVICENAME PATHTOK PATH {
- createservice(TYPE_FILESYSTEM, $<string>2, $4,
check_filesystem);
- }
- ;
-
-checkdir : CHECKDIR SERVICENAME PATHTOK PATH {
- createservice(TYPE_DIRECTORY, $<string>2, $4,
check_directory);
- }
- ;
-
-checkhost : CHECKHOST SERVICENAME ADDRESS STRING {
- check_hostname($4);
- createservice(TYPE_HOST, $<string>2, $4,
check_remote_host);
- }
- ;
-
-checksystem : CHECKSYSTEM SERVICENAME {
- createservice(TYPE_SYSTEM, $<string>2, xstrdup(""),
check_system);
- hassystem = TRUE;
- }
- ;
-
-checkfifo : CHECKFIFO SERVICENAME PATHTOK PATH {
- createservice(TYPE_FIFO, $<string>2, $4, check_fifo);
- }
- ;
-
-checkstatus : CHECKSTATUS SERVICENAME PATHTOK PATH {
- createservice(TYPE_STATUS, $<string>2, $4,
check_status);
- }
- ;
-
-start : START argumentlist exectimeout {
- addcommand(START, $<number>3);
- }
- | START argumentlist useroptionlist exectimeout {
- addcommand(START, $<number>4);
- }
- ;
-
-stop : STOP argumentlist exectimeout {
- addcommand(STOP, $<number>3);
- }
- | STOP argumentlist useroptionlist exectimeout {
- addcommand(STOP, $<number>4);
- }
- ;
-
-argumentlist : argument
- | argumentlist argument
- ;
-
-useroptionlist : useroption
- | useroptionlist useroption
- ;
-
-argument : STRING { addargument($1); }
- | PATH { addargument($1); }
- ;
-
-useroption : UID STRING { addeuid( get_uid($2, 0) ); FREE($2); }
- | GID STRING { addegid( get_gid($2, 0) ); FREE($2); }
- | UID NUMBER { addeuid( get_uid(NULL, $2) ); }
- | GID NUMBER { addegid( get_gid(NULL, $2) ); }
- ;
-
-username : /* EMPTY */ { $<string>$ = NULL; }
- | USERNAME MAILADDR { $<string>$ = $2; }
- | USERNAME STRING { $<string>$ = $2; }
- ;
-
-password : /* EMPTY */ { $<string>$ = NULL; }
- | PASSWORD STRING { $<string>$ = $2; }
- ;
-
-hostname : /* EMPTY */ { $<string>$ = NULL; }
- | HOSTNAME STRING { $<string>$ = $2; }
- ;
-
-connection : IF FAILED host port type protocol nettimeout rate1
- THEN action1 recovery {
- portset.timeout = $<number>7;
- addeventaction(&(portset).action, $<number>10,
$<number>11);
- addport(&portset);
- }
- | IF FAILED URL URLOBJECT urloption nettimeout rate1
- THEN action1 recovery {
- prepare_urlrequest($<url>4);
- portset.timeout = $<number>6;
- addeventaction(&(portset).action, $<number>9,
$<number>10);
- addport(&portset);
- }
- ;
-
-connectionunix : IF FAILED unixsocket type protocol nettimeout rate1
- THEN action1 recovery {
- portset.timeout = $<number>6;
- addeventaction(&(portset).action, $<number>9,
$<number>10);
- addport(&portset);
- }
- ;
-
-icmp : IF FAILED ICMP icmptype icmpcount nettimeout rate1
- THEN action1 recovery {
- icmpset.type = $<number>4;
- icmpset.count = $<number>5;
- icmpset.timeout = $<number>6;
- addeventaction(&(icmpset).action, $<number>9,
$<number>10);
- addicmp(&icmpset);
- }
- ;
-
-host : /* EMPTY */ {
- if (current->type == TYPE_HOST)
- portset.hostname = xstrdup(current->path);
- else
- portset.hostname = xstrdup(LOCALHOST);
- }
- | HOST STRING { check_hostname($2); portset.hostname = $2;
}
- ;
-
-port : PORT NUMBER { portset.port = $2; portset.family =
AF_INET; }
- ;
-
-unixsocket : UNIXSOCKET PATH {
- portset.pathname = $2; portset.family = AF_UNIX;
- }
- ;
-
-type : /* EMPTY */ {
- portset.type = SOCK_STREAM;
- }
- | TYPE TCP {
- portset.type = SOCK_STREAM;
- }
- | TYPE TCPSSL sslversion certmd5 {
- portset.type = SOCK_STREAM;
- portset.SSL.use_ssl = TRUE;
- portset.SSL.version = $<number>3;
- if (portset.SSL.version == SSL_VERSION_NONE)
- portset.SSL.version = SSL_VERSION_AUTO;
- portset.SSL.certmd5 = $<string>4;
- }
- | TYPE UDP {
- portset.type = SOCK_DGRAM;
- }
- ;
-
-certmd5 : /* EMPTY */ { $<string>$ = NULL; }
- | CERTMD5 STRING { $<string>$ = $2; }
- ;
-
-sslversion : /* EMPTY */ { $<number>$ = SSL_VERSION_NONE; }
- | SSLV2 { $<number>$ = SSL_VERSION_SSLV2; }
- | SSLV3 { $<number>$ = SSL_VERSION_SSLV3; }
- | TLSV1 { $<number>$ = SSL_VERSION_TLS; }
- | SSLAUTO { $<number>$ = SSL_VERSION_AUTO; }
- ;
-
-protocol : /* EMPTY */ {
- portset.protocol = addprotocol(P_DEFAULT);
- }
- | PROTOCOL APACHESTATUS apache_stat_list {
- portset.protocol = addprotocol(P_APACHESTATUS);
- }
- | PROTOCOL DEFAULT {
- portset.protocol = addprotocol(P_DEFAULT);
- }
***The diff for this file has been truncated for email.***
=======================================
--- /trunk/process.c Wed Mar 23 14:25:58 2011
+++ /dev/null
@@ -1,382 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include "config.h"
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#include <stdio.h>
-
-#include "monitor.h"
-#include "process.h"
-#include "process_sysdep.h"
-
-/**
- * General purpose /proc methods.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Christian Hopp <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Initialize the proc information code
- * @return TRUE if succeeded otherwise FALSE.
- */
-int init_process_info(void) {
- memset(&systeminfo, 0, sizeof(SystemInfo_T));
- gettimeofday(&systeminfo.collected, NULL);
- if(uname(&systeminfo.uname) < 0) {
- LogError("'%s' resource monitoring initialization error -- uname
failed: %s\n", Run.system->name, STRERROR);
- return FALSE;
- }
-
- systeminfo.total_cpu_user_percent = -10;
- systeminfo.total_cpu_syst_percent = -10;
- systeminfo.total_cpu_wait_percent = -10;
-
- return (init_process_info_sysdep());
-
-}
-
-
-/**
- * Get the proc infomation (CPU percentage, MEM in MByte and percent,
- * status), enduser version.
- * @param p A Service object
- * @param pid The process id
- * @return TRUE if succeeded otherwise FALSE.
- */
-int update_process_data(Service_T s, ProcessTree_T *pt, int treesize,
pid_t pid) {
- int leaf;
-
- ASSERT(s);
- ASSERT(systeminfo.mem_kbyte_max > 0);
-
- /* save the previous pid and set actual one */
- s->inf->priv.process._pid = s->inf->priv.process.pid;
- s->inf->priv.process.pid = pid;
-
- if ((leaf = findprocess(pid, pt, treesize)) != -1) {
-
- /* save the previous ppid and set actual one */
- s->inf->priv.process._ppid = s->inf->priv.process.ppid;
- s->inf->priv.process.ppid = pt[leaf].ppid;
- s->inf->priv.process.uptime = time(NULL) -
pt[leaf].starttime;
- s->inf->priv.process.children = pt[leaf].children_sum;
- s->inf->priv.process.mem_kbyte = pt[leaf].mem_kbyte;
- s->inf->priv.process.status_flag = pt[leaf].status_flag;
- s->inf->priv.process.total_mem_kbyte = pt[leaf].mem_kbyte_sum;
- s->inf->priv.process.cpu_percent = pt[leaf].cpu_percent;
- s->inf->priv.process.total_cpu_percent = pt[leaf].cpu_percent_sum;
-
- if (systeminfo.mem_kbyte_max == 0) {
- s->inf->priv.process.total_mem_percent = 0;
- s->inf->priv.process.mem_percent = 0;
- } else {
- s->inf->priv.process.total_mem_percent =
(int)((double)pt[leaf].mem_kbyte_sum * 1000.0 / systeminfo.mem_kbyte_max);
- s->inf->priv.process.mem_percent =
(int)((double)pt[leaf].mem_kbyte * 1000.0 / systeminfo.mem_kbyte_max);
- }
-
- } else {
- s->inf->priv.process.ppid = 0;
- s->inf->priv.process.uptime = 0;
- s->inf->priv.process.children = 0;
- s->inf->priv.process.total_mem_kbyte = 0;
- s->inf->priv.process.total_mem_percent = 0;
- s->inf->priv.process.mem_kbyte = 0;
- s->inf->priv.process.mem_percent = 0;
- s->inf->priv.process.cpu_percent = 0;
- s->inf->priv.process.total_cpu_percent = 0;
- }
-
- return TRUE;
-}
-
-
-/**
- * Updates the system wide statistic
- * @return TRUE if successful, otherwise FALSE
- */
-int update_system_load(ProcessTree_T *pt, int treesize) {
-
- if (Run.doprocess) {
-
- ASSERT(systeminfo.mem_kbyte_max > 0);
-
- /** Get load average triplet */
- if (-1 == getloadavg_sysdep(systeminfo.loadavg, 3)) {
- LogError("'%s' statistic error -- load average gathering failed\n",
Run.system->name);
- goto error1;
- }
-
- /** Get memory usage statistic */
- if (! used_system_memory_sysdep(&systeminfo)) {
- LogError("'%s' statistic error -- memory usage gathering failed\n",
Run.system->name);
- goto error2;
- }
- systeminfo.total_mem_percent = (int)(1000 *
(double)systeminfo.total_mem_kbyte / (double)systeminfo.mem_kbyte_max);
- systeminfo.total_swap_percent = systeminfo.swap_kbyte_max ? (int)(1000
* (double)systeminfo.total_swap_kbyte /
(double)systeminfo.swap_kbyte_max) : 0;
-
- /** Get CPU usage statistic */
- if (! used_system_cpu_sysdep(&systeminfo)) {
- LogError("'%s' statistic error -- cpu usage gathering failed\n",
Run.system->name);
- goto error3;
- }
-
- return TRUE;
- }
-
-error1:
- systeminfo.loadavg[0] = 0;
- systeminfo.loadavg[1] = 0;
- systeminfo.loadavg[2] = 0;
-error2:
- systeminfo.total_mem_kbyte = 0;
- systeminfo.total_mem_percent = 0;
-error3:
- systeminfo.total_cpu_user_percent = 0;
- systeminfo.total_cpu_syst_percent = 0;
- systeminfo.total_cpu_wait_percent = 0;
-
- return FALSE;
-}
-
-
-/**
- * Initialize the process tree
- * @return treesize >= 0 if succeeded otherwise < 0
- */
-int initprocesstree(ProcessTree_T **pt_r, int *size_r, ProcessTree_T
**oldpt_r, int *oldsize_r) {
- int i;
- int oldentry;
- ProcessTree_T *pt;
- ProcessTree_T *oldpt;
- int root = -1;
-
- if (*pt_r != NULL) {
- if (oldpt_r && *oldpt_r != NULL)
- delprocesstree(oldpt_r, oldsize_r);
- *oldpt_r = *pt_r;
- *oldsize_r = *size_r;
- }
-
- if ((*size_r = initprocesstree_sysdep(pt_r)) <= 0) {
- DEBUG("system statistic error -- cannot initialize the process tree =>
process resource monitoring disabled\n");
- Run.doprocess = FALSE;
- return -1;
- } else if (Run.doprocess == FALSE) {
- DEBUG("system statistic -- initialization of the process tree
succeeded => process resource monitoring enabled\n");
- Run.doprocess = TRUE;
- }
-
- pt = *pt_r;
- oldpt = *oldpt_r;
-
- if (pt == NULL)
- return 0;
-
- for (i = 0; i < (volatile int)*size_r; i ++) {
- if (oldpt && ((oldentry = findprocess(pt[i].pid, oldpt,
*oldsize_r)) != -1)) {
- pt[i].cputime_prev = oldpt[oldentry].cputime;
- pt[i].time_prev = oldpt[oldentry].time;
-
- /* The cpu_percent may be set already (for example by HPUX module) */
- if (pt[i].cpu_percent == 0 && pt[i].cputime_prev != 0 &&
pt[i].cputime != 0 && pt[i].cputime > pt[i].cputime_prev) {
- pt[i].cpu_percent = (int)((1000 * (double)(pt[i].cputime -
pt[i].cputime_prev) / (pt[i].time - pt[i].time_prev)) / systeminfo.cpus);
- if (pt[i].cpu_percent > 1000 / systeminfo.cpus)
- pt[i].cpu_percent = 1000 / systeminfo.cpus;
- }
- } else {
- pt[i].cputime_prev = 0;
- pt[i].time_prev = 0.0;
- pt[i].cpu_percent = 0;
- }
-
- if (pt[i].pid == pt[i].ppid) {
- pt[i].parent = i;
- continue;
- }
-
- if ((pt[i].parent = findprocess(pt[i].ppid, pt, *size_r)) == -1) {
- /* Parent process wasn't found - on Linux this is normal: main
process with PID 0 is not listed, similarly in FreeBSD jail.
- * We create virtual process entry for missing parent so we can have
full tree-like structure with root. */
- int j = (*size_r)++;
-
- pt = *pt_r = xresize(*pt_r, *size_r * sizeof(ProcessTree_T));
- memset(&pt[j], 0, sizeof(ProcessTree_T));
- pt[j].ppid = pt[j].pid = pt[i].ppid;
- pt[i].parent = j;
- }
-
- if (! connectchild(pt, pt[i].parent, i)) {
- /* connection to parent process has failed, this is usually caused
in the part above */
- DEBUG("system statistic error -- cannot connect process id %d to its
parent %d\n", pt[i].pid, pt[i].ppid);
- pt[i].pid = 0;
- continue;
- }
- }
-
- /* The main process in Solaris zones and FreeBSD host doesn't have pid
1, so try to find process which is parent of itself */
- for (i = 0; i < *size_r; i++) {
- if (pt[i].pid == pt[i].ppid) {
- root = i;
- break;
- }
- }
-
- if (root == -1) {
- DEBUG("system statistic error -- cannot find root process id\n");
- return -1;
- }
-
- fillprocesstree(pt, root);
- update_system_load(*pt_r, *size_r);
-
- return *size_r;
-}
-
-
-/**
- * Search a leaf in the processtree
- * @param pid pid of the process
- * @param pt processtree
- * @param treesize size of the processtree
- * @return process index if succeeded otherwise -1
- */
-int findprocess(int pid, ProcessTree_T *pt, int size) {
- int i;
-
- ASSERT(pt);
-
- if (size <= 0)
- return -1;
-
- for (i = 0; i < size; i++)
- if (pid == pt[i].pid)
- return i;
-
- return -1;
-}
-
-/**
- * Delete the process tree
- */
-void delprocesstree(ProcessTree_T **reference, int *size) {
- int i;
- ProcessTree_T *pt = *reference;
-
- if (pt == NULL || size <= 0)
- return;
- for (i = 0; i < *size; i++) {
- FREE(pt[i].cmdline);
- FREE(pt[i].children);
- }
- FREE(pt);
- *reference = NULL;
- *size = 0;
- return;
-}
-
-
-void process_testmatch(char *pattern) {
-#ifdef HAVE_REGEX_H
- regex_t *regex_comp;
- int reg_return;
-#endif
-
-#ifdef HAVE_REGEX_H
- NEW(regex_comp);
- if ((reg_return = regcomp(regex_comp, pattern, REG_NOSUB|REG_EXTENDED)))
{
- char errbuf[STRLEN];
- regerror(reg_return, regex_comp, errbuf, STRLEN);
- regfree(regex_comp);
- FREE(regex_comp);
- printf("Regex %s parsing error: %s\n", pattern, errbuf);
- exit(1);
- }
-#endif
- initprocesstree(&ptree, &ptreesize, &oldptree, &oldptreesize);
- if (Run.doprocess) {
- int i, count = 0;
- printf("List of processes matching pattern \"%s\":\n", pattern);
- printf("------------------------------------------\n");
- for (i = 0; i < ptreesize; i++) {
- int match = FALSE;
- if (ptree[i].cmdline && ! strstr(ptree[i].cmdline, "procmatch")) {
-#ifdef HAVE_REGEX_H
- match = regexec(regex_comp, ptree[i].cmdline, 0, NULL, 0) ?
FALSE : TRUE;
-#else
- match = strstr(ptree[i].cmdline, pattern) ? TRUE : FALSE;
-#endif
- if (match) {
- printf("\t%s\n", ptree[i].cmdline);
- count++;
- }
- }
- }
- printf("------------------------------------------\n");
- printf("Total matches: %d\n", count);
- if (count > 1)
- printf("WARNING: multiple processes matched the pattern. The check
is FIRST-MATCH based, please refine the pattern\n");
- }
-}
-
-
=======================================
--- /trunk/process.h Mon Mar 21 08:32:15 2011
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#ifndef MONIT_PROCESS_H
-#define MONIT_PROCESS_H
-
-#include <config.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#define PROCESS_ZOMBIE 1
-
-int update_process_data(Service_T s, ProcessTree_T *, int treesize, pid_t
pid);
-int init_process_info(void);
-int update_system_load(ProcessTree_T *, int);
-int findprocess(int, ProcessTree_T *, int);
-int initprocesstree(ProcessTree_T **, int *, ProcessTree_T **, int *);
-void delprocesstree(ProcessTree_T **, int *);
-void process_testmatch(char *);
-
-#endif
-
=======================================
--- /trunk/sendmail.c Wed Mar 23 14:29:55 2011
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_STDARG_H
-#include <stdarg.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_SETJMP_H
-#include <setjmp.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#include "monitor.h"
-#include "net.h"
-#include "socket.h"
-#include "base64.h"
-
-
-/**
- * Connect to a SMTP server and send mail.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- *
- * @file
- */
-
-
-/* -------------------------------------------------------------
Definitions */
-
-
-typedef struct {
- Socket_T socket;
- sigjmp_buf error;
- const char *server;
- int port;
- const char *username;
- const char *password;
- Ssl_T ssl;
- char localhost[STRLEN];
-} SendMail_T;
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static void do_status(SendMail_T *S);
-static void open_server(SendMail_T *S);
-static void do_send(SendMail_T *S, const char *, ...);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Send mail messages via SMTP
- * @param mail A Mail object
- * @return FALSE if failed, TRUE if succeeded
- */
-int sendmail(Mail_T mail) {
-
- int i;
- int rv;
- Mail_T m;
- SendMail_T S;
- char *b64 = NULL;
- char now[STRLEN];
-
- ASSERT(mail);
-
- S.socket = NULL;
- if(sigsetjmp(S.error, TRUE)) {
- rv = FALSE;
- goto exit;
- } else {
- rv = TRUE;
- }
-
- open_server(&S);
-
- Util_getRFC822Date(NULL, now, STRLEN);
-
- snprintf(S.localhost, sizeof(S.localhost), "%s", Run.mail_hostname ?
Run.mail_hostname : Run.localhostname);
-
- do_status(&S);
-
- /* Use EHLO if TLS or Authentication is requested */
- if((S.ssl.use_ssl && S.ssl.version == SSL_VERSION_TLS) || S.username) {
- do_send(&S, "EHLO %s\r\n", S.localhost);
- } else {
- do_send(&S, "HELO %s\r\n", S.localhost);
- }
- do_status(&S);
-
- /* Switch to TLS now if configured */
- if(S.ssl.use_ssl && S.ssl.version == SSL_VERSION_TLS) {
- do_send(&S, "STARTTLS\r\n");
- do_status(&S);
- if(!socket_switch2ssl(S.socket, S.ssl)) {
- rv = FALSE;
- goto exit;
- }
- /* After starttls, send ehlo again: RFC 3207: 4.2 Result of the
STARTTLS Command */
- do_send(&S, "EHLO %s\r\n", S.localhost);
- do_status(&S);
- }
-
- /* Authenticate if possible */
- if(S.username) {
- unsigned char buffer[STRLEN];
- int len;
-
- len = snprintf((char *)buffer, STRLEN, "%c%s%c%s", '\0',
S.username, '\0', S.password?S.password:"");
- b64 = encode_base64(len, buffer);
- do_send(&S, "AUTH PLAIN %s\r\n", b64);
- do_status(&S);
- }
-
- for(i = 0, m= mail; m; m= m->next, i++) {
- do_send(&S, "MAIL FROM: <%s>\r\n", m->from);
- do_status(&S);
- do_send(&S, "RCPT TO: <%s>\r\n", m->to);
- do_status(&S);
- do_send(&S, "DATA\r\n");
- do_status(&S);
- do_send(&S, "From: %s\r\n", m->from);
- if (m->replyto)
- do_send(&S, "Reply-To: %s\r\n", m->replyto);
- do_send(&S, "To: %s\r\n", m->to);
- do_send(&S, "Subject: %s\r\n", m->subject);
- do_send(&S, "Date: %s\r\n", now);
- do_send(&S, "X-Mailer: %s %s\r\n", prog, VERSION);
- do_send(&S, "Mime-Version: 1.0\r\n");
- do_send(&S, "Content-Type: text/plain; charset=\"iso-8859-1\"\r\n");
- do_send(&S, "Content-Transfer-Encoding: 8bit\r\n");
- do_send(&S, "Message-id: <address@hidden>\r\n", time(NULL), random(),
S.localhost);
- do_send(&S, "\r\n");
- do_send(&S, "%s\r\n", m->message);
- do_send(&S, ".\r\n");
- do_status(&S);
- }
- do_send(&S, "QUIT\r\n");
- do_status(&S);
-
-exit:
- if(S.socket)
- socket_free(&S.socket);
-
- FREE(b64);
-
- return rv;
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-void do_send(SendMail_T *S, const char *s, ...) {
-
- long len;
- va_list ap;
- char *msg= NULL;
-
- va_start(ap,s);
- msg= Util_formatString(s, ap, &len);
- va_end(ap);
-
- if (socket_write(S->socket, msg, strlen(msg)) <= 0) {
- FREE(msg);
- LogError("Sendmail: error sending data to the server '%s' -- %s\n",
- S->server, STRERROR);
- siglongjmp(S->error, TRUE);
- }
-
- FREE(msg);
-
-}
-
-
-static void do_status(SendMail_T *S) {
-
- int status;
- char buf[STRLEN];
-
- if(!socket_readln(S->socket, buf, sizeof(buf))) {
- LogError("Sendmail: error receiving data from the mailserver '%s'
-- %s\n",
- S->server, STRERROR);
- siglongjmp(S->error, TRUE);
- }
-
- Util_chomp(buf);
-
- sscanf(buf, "%d", &status);
-
- if(status >= 400) {
- LogError("Sendmail error: %s\n", buf);
- siglongjmp(S->error, TRUE);
- }
-
-}
-
-
-static void open_server(SendMail_T *S) {
-
- MailServer_T mta= Run.mailservers;
-
- if(mta) {
- S->server = mta->host;
- S->port = mta->port;
- S->username = mta->username;
- S->password = mta->password;
- S->ssl = mta->ssl;
- } else {
- LogError("No mail servers are defined -- see manual for 'set
mailserver' statement\n");
- siglongjmp(S->error, TRUE);
- }
-
- do {
-
- /* wait with ssl-connect if SSL_VERSION_TLS is set (rfc2487) */
- if(!S->ssl.use_ssl || S->ssl.version == SSL_VERSION_TLS) {
- S->socket= socket_new(S->server, S->port, SOCKET_TCP, FALSE,
- Run.mailserver_timeout);
- } else {
- S->socket= socket_create_t(S->server, S->port, SOCKET_TCP,
- S->ssl, Run.mailserver_timeout);
- }
- if(S->socket)
- break;
-
- LogError("Cannot open a connection to the mailserver '%s:%i' -- %s\n",
- S->server, S->port, STRERROR);
-
- if(mta && (mta= mta->next)) {
- S->server = mta->host;
- S->port = mta->port;
- S->username = mta->username;
- S->password = mta->password;
- S->ssl = mta->ssl;
- LogInfo("Trying the next mail server '%s:%i'\n", S->server, S->port);
- continue;
- } else {
- LogError("No mail servers are available\n");
- siglongjmp(S->error, TRUE);
- }
- } while(TRUE);
-
-}
-
=======================================
--- /trunk/sha.c Thu Jun 4 12:28:53 2009
+++ /dev/null
@@ -1,437 +0,0 @@
-/* sha.c - Functions to compute the SHA1 hash (message-digest) of files
- or blocks of memory. Complies to the NIST specification FIPS-180-1.
-
- Copyright (C) 2000, 2001, 2003 Scott G. Miller
-
- Credits:
- Robert Klep <address@hidden> -- Expansion function fix
-*/
-
-/*
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; either version 3, or (at your option) any
- later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-*/
-
-#include <config.h>
-#include <sys/types.h>
-
-#if STDC_HEADERS || defined _LIBC
-# include <stdlib.h>
-# include <string.h>
-#else
-# ifndef HAVE_MEMCPY
-# define memcpy(d, s, n) bcopy ((s), (d), (n))
-# endif
-#endif
-
-#include "md5.h"
-#include "sha.h"
-
-/*
- Not-swap is a macro that does an endian swap on architectures that are
- big-endian, as SHA needs some data in a little-endian format
-*/
-
-#ifdef WORDS_BIGENDIAN
-# define NOTSWAP(n) (n)
-# define SWAP(n) \
- (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >>
24))
-#else
-# define
NOTSWAP(n) \
- (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >>
24))
-# define SWAP(n) (n)
-#endif
-
-#define BLOCKSIZE 4096
-/* Ensure that BLOCKSIZE is a multiple of 64. */
-#if BLOCKSIZE % 64 != 0
-/* FIXME-someday (soon?): use #error instead of this kludge. */
-"invalid BLOCKSIZE"
-#endif
-
-/* This array contains the bytes used to pad the buffer to the next
- 64-byte boundary. (RFC 1321, 3.1: Step 1) */
-static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
-
-
-/*
- Takes a pointer to a 160 bit block of data (five 32 bit ints) and
- intializes it to the start constants of the SHA1 algorithm. This
- must be called before using hash in the call to sha_hash
-*/
-void
-sha_init_ctx (struct sha_ctx *ctx)
-{
- ctx->A = 0x67452301;
- ctx->B = 0xefcdab89;
- ctx->C = 0x98badcfe;
- ctx->D = 0x10325476;
- ctx->E = 0xc3d2e1f0;
-
- ctx->total[0] = ctx->total[1] = 0;
- ctx->buflen = 0;
-}
-
-/* Put result from CTX in first 20 bytes following RESBUF. The result
- must be in little endian byte order.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-void *
-sha_read_ctx (const struct sha_ctx *ctx, void *resbuf)
-{
- ((md5_uint32 *) resbuf)[0] = NOTSWAP (ctx->A);
- ((md5_uint32 *) resbuf)[1] = NOTSWAP (ctx->B);
- ((md5_uint32 *) resbuf)[2] = NOTSWAP (ctx->C);
- ((md5_uint32 *) resbuf)[3] = NOTSWAP (ctx->D);
- ((md5_uint32 *) resbuf)[4] = NOTSWAP (ctx->E);
-
- return resbuf;
-}
-
-/* Process the remaining bytes in the internal buffer and the usual
- prolog according to the standard and write the result to RESBUF.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-void *
-sha_finish_ctx (struct sha_ctx *ctx, void *resbuf)
-{
- /* Take yet unprocessed bytes into account. */
- md5_uint32 bytes = ctx->buflen;
- size_t pad;
-
- /* Now count remaining bytes. */
- ctx->total[0] += bytes;
- if (ctx->total[0] < bytes)
- ++ctx->total[1];
-
- pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
- memcpy (&ctx->buffer[bytes], fillbuf, pad);
-
- /* Put the 64-bit file length in *bits* at the end of the buffer. */
- *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = NOTSWAP (ctx->total[0]
<< 3);
- *(md5_uint32 *) &ctx->buffer[bytes + pad] = NOTSWAP ((ctx->total[1] <<
3) |
- (ctx->total[0] >> 29));
-
- /* Process last bytes. */
- sha_process_block (ctx->buffer, bytes + pad + 8, ctx);
-
- return sha_read_ctx (ctx, resbuf);
-}
-
-/* Compute SHA1 message digest for bytes read from STREAM. The
- resulting message digest number will be written into the 16 bytes
- beginning at RESBLOCK. */
-int
-sha_stream (FILE *stream, void *resblock)
-{
- struct sha_ctx ctx;
- char buffer[BLOCKSIZE + 72];
- size_t sum;
-
- /* Initialize the computation context. */
- sha_init_ctx (&ctx);
-
- /* Iterate over full file contents. */
- while (1)
- {
- /* We read the file in blocks of BLOCKSIZE bytes. One call of the
- computation function processes the whole buffer so that with the
- next round of the loop another block can be read. */
- size_t n;
- sum = 0;
-
- /* Read block. Take care for partial reads. */
- while (1)
- {
- n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
-
- sum += n;
-
- if (sum == BLOCKSIZE)
- break;
-
- if (n == 0)
- {
- /* Check for the error flag IFF N == 0, so that we don't
- exit the loop after a partial read due to e.g., EAGAIN
- or EWOULDBLOCK. */
- if (ferror (stream))
- return 1;
- goto process_partial_block;
- }
-
- /* We've read at least one byte, so ignore errors. But always
- check for EOF, since feof may be true even though N > 0.
- Otherwise, we could end up calling fread after EOF. */
- if (feof (stream))
- goto process_partial_block;
- }
-
- /* Process buffer with BLOCKSIZE bytes. Note that
- BLOCKSIZE % 64 == 0
- */
- sha_process_block (buffer, BLOCKSIZE, &ctx);
- }
-
- process_partial_block:;
-
- /* Process any remaining bytes. */
- if (sum > 0)
- sha_process_bytes (buffer, sum, &ctx);
-
- /* Construct result in desired memory. */
- sha_finish_ctx (&ctx, resblock);
- return 0;
-}
-
-/* Compute MD5 message digest for LEN bytes beginning at BUFFER. The
- result is always in little endian byte order, so that a byte-wise
- output yields to the wanted ASCII representation of the message
- digest. */
-void *
-sha_buffer (const char *buffer, size_t len, void *resblock)
-{
- struct sha_ctx ctx;
-
- /* Initialize the computation context. */
- sha_init_ctx (&ctx);
-
- /* Process whole buffer but last len % 64 bytes. */
- sha_process_bytes (buffer, len, &ctx);
-
- /* Put result in desired memory area. */
- return sha_finish_ctx (&ctx, resblock);
-}
-
-void
-sha_process_bytes (const void *buffer, size_t len, struct sha_ctx *ctx)
-{
- /* When we already have some bits in our internal buffer concatenate
- both inputs first. */
- if (ctx->buflen != 0)
- {
- size_t left_over = ctx->buflen;
- size_t add = 128 - left_over > len ? len : 128 - left_over;
-
- memcpy (&ctx->buffer[left_over], buffer, add);
- ctx->buflen += add;
-
- if (ctx->buflen > 64)
- {
- sha_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
-
- ctx->buflen &= 63;
- /* The regions in the following copy operation cannot overlap. */
- memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
- ctx->buflen);
- }
-
- buffer = (const char *) buffer + add;
- len -= add;
- }
-
- /* Process available complete blocks. */
- if (len >= 64)
- {
-#if !_STRING_ARCH_unaligned
-/* To check alignment gcc has an appropriate operator. Other
- compilers don't. */
-# if __GNUC__ >= 2
-# define UNALIGNED_P(p) (((md5_uintptr) p) % __alignof__ (md5_uint32) !=
0)
-# else
-# define UNALIGNED_P(p) (((md5_uintptr) p) % sizeof (md5_uint32) != 0)
-# endif
- if (UNALIGNED_P (buffer))
- while (len > 64)
- {
- sha_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
- buffer = (const char *) buffer + 64;
- len -= 64;
- }
- else
-#endif
- {
- sha_process_block (buffer, len & ~63, ctx);
- buffer = (const char *) buffer + (len & ~63);
- len &= 63;
- }
- }
-
- /* Move remaining bytes in internal buffer. */
- if (len > 0)
- {
- size_t left_over = ctx->buflen;
-
- memcpy (&ctx->buffer[left_over], buffer, len);
- left_over += len;
- if (left_over >= 64)
- {
- sha_process_block (ctx->buffer, 64, ctx);
- left_over -= 64;
- memcpy (ctx->buffer, &ctx->buffer[64], left_over);
- }
- ctx->buflen = left_over;
- }
-}
-
-/* --- Code below is the primary difference between md5.c and sha.c --- */
-
-/* SHA1 round constants */
-#define K1 0x5a827999L
-#define K2 0x6ed9eba1L
-#define K3 0x8f1bbcdcL
-#define K4 0xca62c1d6L
-
-/* Round functions. Note that F2 is the same as F4. */
-#define F1(B,C,D) ( D ^ ( B & ( C ^ D ) ) )
-#define F2(B,C,D) (B ^ C ^ D)
-#define F3(B,C,D) ( ( B & C ) | ( D & ( B | C ) ) )
-#define F4(B,C,D) (B ^ C ^ D)
-
-/* Process LEN bytes of BUFFER, accumulating context into CTX.
- It is assumed that LEN % 64 == 0.
- Most of this code comes from GnuPG's cipher/sha1.c. */
-
-void
-sha_process_block (const void *buffer, size_t len, struct sha_ctx *ctx)
-{
- const md5_uint32 *words = buffer;
- size_t nwords = len / sizeof (md5_uint32);
- const md5_uint32 *endp = words + nwords;
- md5_uint32 x[16];
- md5_uint32 a = ctx->A;
- md5_uint32 b = ctx->B;
- md5_uint32 c = ctx->C;
- md5_uint32 d = ctx->D;
- md5_uint32 e = ctx->E;
-
- /* First increment the byte count. RFC 1321 specifies the possible
- length of the file up to 2^64 bits. Here we only compute the
- number of bytes. Do a double word increment. */
- ctx->total[0] += len;
- if (ctx->total[0] < len)
- ++ctx->total[1];
-
-#define M(I) ( tm = x[I&0x0f] ^ x[(I-14)&0x0f] \
- ^ x[(I-8)&0x0f] ^ x[(I-3)&0x0f] \
- , (x[I&0x0f] = rol(tm, 1)) )
-
-#define R(A,B,C,D,E,F,K,M) do { E += rol( A, 5 ) \
- + F( B, C, D ) \
- + K \
- + M; \
- B = rol( B, 30 ); \
- } while(0)
-
- while (words < endp)
- {
- md5_uint32 tm;
- int t;
- /* FIXME: see sha1.c for a better implementation. */
- for (t = 0; t < 16; t++)
- {
- x[t] = NOTSWAP (*words);
- words++;
- }
-
- R( a, b, c, d, e, F1, K1, x[ 0] );
- R( e, a, b, c, d, F1, K1, x[ 1] );
- R( d, e, a, b, c, F1, K1, x[ 2] );
- R( c, d, e, a, b, F1, K1, x[ 3] );
- R( b, c, d, e, a, F1, K1, x[ 4] );
- R( a, b, c, d, e, F1, K1, x[ 5] );
- R( e, a, b, c, d, F1, K1, x[ 6] );
- R( d, e, a, b, c, F1, K1, x[ 7] );
- R( c, d, e, a, b, F1, K1, x[ 8] );
- R( b, c, d, e, a, F1, K1, x[ 9] );
- R( a, b, c, d, e, F1, K1, x[10] );
- R( e, a, b, c, d, F1, K1, x[11] );
- R( d, e, a, b, c, F1, K1, x[12] );
- R( c, d, e, a, b, F1, K1, x[13] );
- R( b, c, d, e, a, F1, K1, x[14] );
- R( a, b, c, d, e, F1, K1, x[15] );
- R( e, a, b, c, d, F1, K1, M(16) );
- R( d, e, a, b, c, F1, K1, M(17) );
- R( c, d, e, a, b, F1, K1, M(18) );
- R( b, c, d, e, a, F1, K1, M(19) );
- R( a, b, c, d, e, F2, K2, M(20) );
- R( e, a, b, c, d, F2, K2, M(21) );
- R( d, e, a, b, c, F2, K2, M(22) );
- R( c, d, e, a, b, F2, K2, M(23) );
- R( b, c, d, e, a, F2, K2, M(24) );
- R( a, b, c, d, e, F2, K2, M(25) );
- R( e, a, b, c, d, F2, K2, M(26) );
- R( d, e, a, b, c, F2, K2, M(27) );
- R( c, d, e, a, b, F2, K2, M(28) );
- R( b, c, d, e, a, F2, K2, M(29) );
- R( a, b, c, d, e, F2, K2, M(30) );
- R( e, a, b, c, d, F2, K2, M(31) );
- R( d, e, a, b, c, F2, K2, M(32) );
- R( c, d, e, a, b, F2, K2, M(33) );
- R( b, c, d, e, a, F2, K2, M(34) );
- R( a, b, c, d, e, F2, K2, M(35) );
- R( e, a, b, c, d, F2, K2, M(36) );
- R( d, e, a, b, c, F2, K2, M(37) );
- R( c, d, e, a, b, F2, K2, M(38) );
- R( b, c, d, e, a, F2, K2, M(39) );
- R( a, b, c, d, e, F3, K3, M(40) );
- R( e, a, b, c, d, F3, K3, M(41) );
- R( d, e, a, b, c, F3, K3, M(42) );
- R( c, d, e, a, b, F3, K3, M(43) );
- R( b, c, d, e, a, F3, K3, M(44) );
- R( a, b, c, d, e, F3, K3, M(45) );
- R( e, a, b, c, d, F3, K3, M(46) );
- R( d, e, a, b, c, F3, K3, M(47) );
- R( c, d, e, a, b, F3, K3, M(48) );
- R( b, c, d, e, a, F3, K3, M(49) );
- R( a, b, c, d, e, F3, K3, M(50) );
- R( e, a, b, c, d, F3, K3, M(51) );
- R( d, e, a, b, c, F3, K3, M(52) );
- R( c, d, e, a, b, F3, K3, M(53) );
- R( b, c, d, e, a, F3, K3, M(54) );
- R( a, b, c, d, e, F3, K3, M(55) );
- R( e, a, b, c, d, F3, K3, M(56) );
- R( d, e, a, b, c, F3, K3, M(57) );
- R( c, d, e, a, b, F3, K3, M(58) );
- R( b, c, d, e, a, F3, K3, M(59) );
- R( a, b, c, d, e, F4, K4, M(60) );
- R( e, a, b, c, d, F4, K4, M(61) );
- R( d, e, a, b, c, F4, K4, M(62) );
- R( c, d, e, a, b, F4, K4, M(63) );
- R( b, c, d, e, a, F4, K4, M(64) );
- R( a, b, c, d, e, F4, K4, M(65) );
- R( e, a, b, c, d, F4, K4, M(66) );
- R( d, e, a, b, c, F4, K4, M(67) );
- R( c, d, e, a, b, F4, K4, M(68) );
- R( b, c, d, e, a, F4, K4, M(69) );
- R( a, b, c, d, e, F4, K4, M(70) );
- R( e, a, b, c, d, F4, K4, M(71) );
- R( d, e, a, b, c, F4, K4, M(72) );
- R( c, d, e, a, b, F4, K4, M(73) );
- R( b, c, d, e, a, F4, K4, M(74) );
- R( a, b, c, d, e, F4, K4, M(75) );
- R( e, a, b, c, d, F4, K4, M(76) );
- R( d, e, a, b, c, F4, K4, M(77) );
- R( c, d, e, a, b, F4, K4, M(78) );
- R( b, c, d, e, a, F4, K4, M(79) );
-
- a = ctx->A += a;
- b = ctx->B += b;
- c = ctx->C += c;
- d = ctx->D += d;
- e = ctx->E += e;
- }
-}
=======================================
--- /trunk/sha.h Thu Jun 4 12:28:53 2009
+++ /dev/null
@@ -1,92 +0,0 @@
-/* sha.h - Declaration of functions and datatypes for SHA1 sum computing
- library functions.
-
- Copyright (C) 1999, Scott G. Miller
-*/
-
-#ifndef _SHA_H
-#define _SHA_H 1
-
-#include <config.h>
-#include <stdio.h>
-#include "md5.h"
-
-/* Structure to save state of computation between the single steps. */
-struct sha_ctx
-{
- md5_uint32 A;
- md5_uint32 B;
- md5_uint32 C;
- md5_uint32 D;
- md5_uint32 E;
-
- md5_uint32 total[2];
- md5_uint32 buflen;
- char buffer[128];
-};
-
-
-/* Starting with the result of former calls of this function (or the
- initialization function update the context for the next LEN bytes
- starting at BUFFER.
- It is necessary that LEN is a multiple of 64!!! */
-extern void sha_process_block __P ((const void *buffer, size_t len,
- struct sha_ctx *ctx));
-
-/* Starting with the result of former calls of this function (or the
- initialization function update the context for the next LEN bytes
- starting at BUFFER.
- It is NOT required that LEN is a multiple of 64. */
-extern void sha_process_bytes __P((const void *buffer, size_t len,
- struct sha_ctx *ctx));
-
-/* Initialize structure containing state of computation. */
-extern void sha_init_ctx __P ((struct sha_ctx *ctx));
-
-/* Process the remaining bytes in the buffer and put result from CTX
- in first 16 bytes following RESBUF. The result is always in little
- endian byte order, so that a byte-wise output yields to the wanted
- ASCII representation of the message digest.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-extern void *sha_finish_ctx __P ((struct sha_ctx *ctx, void *resbuf));
-
-
-/* Put result from CTX in first 16 bytes following RESBUF. The result is
- always in little endian byte order, so that a byte-wise output yields
- to the wanted ASCII representation of the message digest.
-
- IMPORTANT: On some systems it is required that RESBUF is correctly
- aligned for a 32 bits value. */
-extern void *sha_read_ctx __P ((const struct sha_ctx *ctx, void *resbuf));
-
-
-/* Compute MD5 message digest for bytes read from STREAM. The
- resulting message digest number will be written into the 16 bytes
- beginning at RESBLOCK. */
-extern int sha_stream __P ((FILE *stream, void *resblock));
-
-/* Compute MD5 message digest for LEN bytes beginning at BUFFER. The
- result is always in little endian byte order, so that a byte-wise
- output yields to the wanted ASCII representation of the message
- digest. */
-extern void *sha_buffer __P ((const char *buffer, size_t len, void
*resblock));
-
-
-/* The following is from gnupg-1.0.2's cipher/bithelp.h. */
-/* Rotate a 32 bit integer by n bytes */
-#if defined __GNUC__ && defined __i386__
-static inline md5_uint32
-rol(md5_uint32 x, int n)
-{
- __asm__("roll %%cl,%0"
- :"=r" (x)
- :"0" (x),"c" (n));
- return x;
-}
-#else
-# define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
-#endif
-
-#endif
=======================================
--- /trunk/signal.c Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#include "monitor.h"
-
-/**
- * Signal handeling routines.
- *
- * @author W. Richard Stevens
- * @author Jan-Henrik Haukeland, <address@hidden>
- *
- * @file
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Replace the standard signal() function, with a more reliable
- * using sigaction. From W. Richard Stevens' "Advanced Programming
- * in the UNIX Environment"
- */
-Sigfunc *signal(int signo, Sigfunc *func) {
-
- struct sigaction act, oact;
-
- act.sa_handler = func;
- sigemptyset(&act.sa_mask);
- act.sa_flags = 0;
- if (signo == SIGALRM) {
-#ifdef SA_INTERRUPT
- act.sa_flags |= SA_INTERRUPT; /* SunOS */
-#endif
- } else {
-#ifdef SA_RESTART
- act.sa_flags |= SA_RESTART; /* SVR4, 44BSD */
-#endif
- }
- if (sigaction(signo, &act, &oact) < 0)
- return(SIG_ERR);
-
- return(oact.sa_handler);
-
-}
-
-
-/**
- * Set a collective thread signal block for signals honored by monit
- * @param new The signal mask to use for the block
- * @param old The signal mask used to save the previous mask
- */
-void set_signal_block(sigset_t *new, sigset_t *old) {
-
- sigemptyset(new);
- sigaddset(new, SIGHUP);
- sigaddset(new, SIGINT);
- sigaddset(new, SIGUSR1);
- sigaddset(new, SIGTERM);
- pthread_sigmask(SIG_BLOCK, new, old);
-
-}
-
-
-/**
- * Set the thread signal mask back to the old mask
- * @param old The signal mask to restore
- */
-void unset_signal_block(sigset_t *old) {
-
- pthread_sigmask(SIG_SETMASK, old, NULL);
-
-}
=======================================
--- /trunk/socket.c Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,562 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include "config.h"
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-
-#include "net.h"
-#include "ssl.h"
-#include "monitor.h"
-#include "socket.h"
-
-
-
-/**
- * Implementation of the socket interface.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @file
- */
-
-
-/* -------------------------------------------------------------
Definitions */
-
-#define TYPE_LOCAL 0
-#define TYPE_ACCEPT 1
-#define RBUFFER_SIZE 1024
-
-struct Socket_T {
- int port;
- int type;
- int socket;
- char *host;
- Port_T Port;
- int timeout;
- int connection_type;
- ssl_connection *ssl;
- ssl_server_connection *sslserver;
- int length;
- int offset;
- unsigned char buffer[RBUFFER_SIZE+1];
-};
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static int fill(Socket_T S, int timeout);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-Socket_T socket_new(const char *host, int port, int type, int use_ssl,
- int timeout) {
-
- Ssl_T ssl;
-
- ssl.use_ssl= use_ssl;
- ssl.version= SSL_VERSION_AUTO;
- ssl.certmd5= NULL;
-
- return socket_create_t(host, port, type, ssl, timeout);
-
-}
-
-
-Socket_T socket_create(void *port) {
-
- int s;
- Port_T p= port;
-
- ASSERT(port);
-
- if((s= create_generic_socket(p)) != -1) {
-
- Socket_T S= NULL;
-
- NEW(S);
- S->socket= s;
- S->length= 0;
- S->offset= 0;
- S->type= p->type;
- S->port= p->port;
- S->timeout= p->timeout;
- S->connection_type= TYPE_LOCAL;
-
- if(p->family==AF_UNIX) {
- S->host= xstrdup(LOCALHOST);
- } else {
- S->host= xstrdup(p->hostname);
- }
-
- if(p->SSL.use_ssl && !socket_switch2ssl(S, p->SSL)) {
- socket_free(&S);
- return NULL;
- }
-
- S->Port= port;
- return S;
- }
-
- return NULL;
-}
-
-
-Socket_T socket_create_t(const char *host, int port, int type, Ssl_T ssl,
- int timeout) {
-
- int s;
- int proto= type==SOCKET_UDP?SOCK_DGRAM:SOCK_STREAM;
-
- ASSERT(host);
- ASSERT((type==SOCKET_UDP)||(type==SOCKET_TCP));
- if(ssl.use_ssl) {
- ASSERT(type==SOCKET_TCP);
- }
- ASSERT(timeout>0);
-
- if((s= create_socket(host, port, proto, timeout)) != -1) {
-
- Socket_T S= NULL;
-
- NEW(S);
- S->socket= s;
- S->length= 0;
- S->offset= 0;
- S->port= port;
- S->type= proto;
- S->timeout= timeout;
- S->host= xstrdup(host);
- S->connection_type= TYPE_LOCAL;
-
- if(ssl.use_ssl && !socket_switch2ssl(S, ssl)) {
- socket_free(&S);
- return NULL;
- }
-
- return S;
- }
-
- return NULL;
-}
-
-
-Socket_T socket_create_a(int socket, const char *remote_host,
- int port, void *sslserver) {
-
- Socket_T S;
-
- ASSERT(socket>=0);
- ASSERT(remote_host);
-
- NEW(S);
- S->length= 0;
- S->offset= 0;
- S->port= port;
- S->socket= socket;
- S->type= SOCK_STREAM;
- S->timeout= NET_TIMEOUT;
- S->host= xstrdup(remote_host);
- S->connection_type= TYPE_ACCEPT;
-
- if(sslserver) {
- S->sslserver= sslserver;
- if(! (S->ssl= insert_accepted_ssl_socket(S->sslserver))) {
- goto ssl_error;
- }
- if(! embed_accepted_ssl_socket(S->ssl, S->socket)) {
- goto ssl_error;
- }
- }
-
- return S;
-
-ssl_error:
- socket_free(&S);
- return NULL;
-
-}
-
-
-void socket_free(Socket_T *S) {
-
- ASSERT(S && *S);
-
-#ifdef HAVE_OPENSSL
- if((*S)->ssl && (*S)->ssl->handler) {
- if((*S)->connection_type==TYPE_LOCAL) {
- close_ssl_socket((*S)->ssl);
- delete_ssl_socket((*S)->ssl);
- } else if((*S)->connection_type==TYPE_ACCEPT && (*S)->sslserver) {
- close_accepted_ssl_socket((*S)->sslserver, (*S)->ssl);
- }
- } else
-#endif
-
- close_socket((*S)->socket);
- FREE((*S)->host);
- FREE(*S);
-
-}
-
-
-/* ------------------------------------------------------------ Properties
*/
-
-
-int socket_is_ready(Socket_T S) {
-
- ASSERT(S);
-
- switch(S->type) {
-
- case SOCK_STREAM:
- return check_socket(S->socket);
-
- case SOCK_DGRAM:
- return check_udp_socket(S->socket);
-
- default:
- break;
- }
-
- return FALSE;
-
-}
-
-
-int socket_is_secure(Socket_T S) {
-
- ASSERT(S);
-
- return (S->ssl != NULL);
-
-}
-
-
-int socket_get_socket(Socket_T S) {
-
- ASSERT(S);
-
- return S->socket;
-
-}
-
-
-int socket_get_type(Socket_T S) {
-
- ASSERT(S);
-
- return S->type;
-
-}
-
-
-void *socket_get_Port(Socket_T S) {
-
- ASSERT(S);
-
- return S->Port;
-
-}
-
-
-int socket_get_remote_port(Socket_T S) {
-
- ASSERT(S);
-
- return S->port;
-
-}
-
-
-const char *socket_get_remote_host(Socket_T S) {
-
- ASSERT(S);
-
- return S->host;
-
-}
-
-
-int socket_get_local_port(Socket_T S) {
- struct sockaddr sock;
- socklen_t len = sizeof(sock);
-
- ASSERT(S);
-
- if(getsockname (S->socket, &sock, &len ) == 0)
- return ntohs (((struct sockaddr_in *)&sock)->sin_port);
- return -1;
-
-}
-
-
-const char *socket_get_local_host(Socket_T S) {
- struct sockaddr sock;
- socklen_t len = sizeof(sock);
-
- ASSERT(S);
-
- if(getsockname(S->socket, &sock, &len) == 0)
- return inet_ntoa(((struct sockaddr_in *)&sock)->sin_addr);
- return NULL;
-
-}
-
-
-/* ---------------------------------------------------------------- Public
*/
-
-
-int socket_switch2ssl(Socket_T S, Ssl_T ssl) {
-
- if(! (S->ssl= new_ssl_connection(NULL, ssl.version)))
- return FALSE;
-
- if(! embed_ssl_socket(S->ssl, S->socket))
- return FALSE;
-
- if(ssl.certmd5 && !check_ssl_md5sum(S->ssl, ssl.certmd5)) {
- LogError("md5sum of certificate does not match!");
- return FALSE;
- }
-
- return TRUE;
-}
-
-
-int socket_print(Socket_T S, const char *m, ...) {
-
- int n;
- long l;
- va_list ap;
- char *buf= NULL;
-
- ASSERT(S);
- ASSERT(m);
-
- va_start(ap, m);
- buf= Util_formatString(m, ap, &l);
- va_end(ap);
-
- n= socket_write(S, buf, l);
- FREE(buf);
-
- return n;
-
-}
-
-
-int socket_write(Socket_T S, void *b, int size) {
-
- int n= 0;
- void *p= b;
-
- ASSERT(S);
-
- /* Clear any extra data read from the server */
- socket_reset(S);
-
- while(size > 0) {
-
- if(S->ssl) {
- n= send_ssl_socket(S->ssl, p, size, S->timeout);
- } else {
- if(S->type==SOCK_DGRAM)
- n= udp_write(S->socket, p, size, S->timeout);
- else
- n= sock_write(S->socket, p, size, S->timeout);
- }
-
- if(n <= 0) break;
- p+= n;
- size-= n;
-
- }
-
- if(n < 0) {
- /* No write or a partial write is an error */
- return -1;
- }
-
- return (int)(p - b);
-
-}
-
-
-int socket_read_byte(Socket_T S) {
-
- ASSERT(S);
-
- if(S->offset >= S->length) {
- if(fill(S, S->timeout) <= 0)
- return -1;
- }
-
- return S->buffer[S->offset++];
-
-}
-
-
-int socket_read(Socket_T S, void *b, int size) {
-
- int c;
- unsigned char *p= b;
-
- ASSERT(S);
-
- while((size-- > 0) && ((c= socket_read_byte(S)) >= 0)) {
- *p++= c;
- }
-
- return (long)p - (long)b;
-
-}
-
-
-char *socket_readln(Socket_T S, char *s, int size) {
-
- int c;
- unsigned char *p= (unsigned char *)s;
-
- ASSERT(S);
-
- while(--size && ((c= socket_read_byte(S)) > 0)) { // Stop when \0 is read
- *p++= c;
- if(c == '\n')
- break;
- }
-
- *p= 0;
-
- if(*s)
- return s;
-
- return NULL;
-
-}
-
-
-void socket_reset(Socket_T S) {
-
- ASSERT(S);
-
- /* Throw away any pending incomming data */
- while(fill(S, 0) > 0);
- S->offset= 0;
- S->length= 0;
-
-}
-
-
-int socket_shutdown_write(Socket_T S) {
- ASSERT(S);
- return (shutdown(S->socket, 1) == 0);
-}
-
-
-/* --------------------------------------------------------------- Private
*/
-
-
-/*
- * Fill the internal buffer. If an error occurs or if the read
- * operation timed out -1 is returned.
- * @param S A Socket object
- * @param timeout The number of seconds to wait for data to be read
- * @return TRUE (the length of data read) or -1 if an error occured
- */
-static int fill(Socket_T S, int timeout) {
-
- int n;
-
- S->offset= 0;
- S->length= 0;
- /* Optimizing, assuming a request/response pattern and that a udp_write
- was issued before we are called, we don't have to wait for data */
- if(S->type==SOCK_DGRAM) timeout= 0;
-
- /* Read as much as we can, but only block on the first read */
- while(RBUFFER_SIZE > S->length) {
-
- if(S->ssl) {
- n= recv_ssl_socket(S->ssl, S->buffer + S->length,
- RBUFFER_SIZE-S->length, timeout);
- } else {
- n= sock_read(S->socket, S->buffer + S->length,
- RBUFFER_SIZE-S->length, timeout);
- }
-
- timeout= 0;
-
- if(n > 0) {
- S->length+= n;
- continue;
- } else if(n < 0) {
- if(errno == EAGAIN || errno == EWOULDBLOCK || S->type==SOCK_DGRAM)
break;
- return -1;
- } else
- break;
-
- }
-
- return S->length;
-
-}
=======================================
--- /trunk/socket.h Wed Jan 19 10:40:32 2011
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#ifndef MONIT_SOCKET_H
-#define MONIT_SOCKET_H
-
-#define SOCKET_TCP 1
-#define SOCKET_UDP 2
-
-
-/**
- * This class implements a <b>Socket</b>. A socket is an endpoint for
- * communication between two machines.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @file
- */
-
-
-typedef struct Socket_T *Socket_T;
-
-
-/**
- * Create a new Socket opened against host:port. The returned Socket
- * is a connected socket. This method can be used to create either TCP
- * or UDP sockets and the type parameter is used to select the socket
- * type. If the use_ssl parameter is TRUE the socket is created using
- * SSL. Only TCP sockets may use SSL.
- * @param host The remote host to open the Socket against. The host
- * may be a hostname found in the DNS or an IP address string.
- * @param port The port number to connect to
- * @param type The socket type to use (SOCKET_TCP or SOCKET_UPD)
- * @param use_ssl if TRUE the socket is created supporting SSL
- * @param timeout The timeout value in seconds
- * @return The connected Socket or NULL if an error occurred
- */
-Socket_T socket_new(const char *host, int port, int type, int use_ssl,
- int timeout);
-
-
-/**
- * Factory method for creating a new Socket from a monit Port object
- * @param port The port object to create a socket from
- * @return The connected Socket or NULL if an error occurred
- */
-Socket_T socket_create(void *port);
-
-
-/**
- * Create a new Socket opened against host:port with an explicit
- * ssl value for connect and read. Otherwise, same as socket_new()
- * @param host The remote host to open the Socket against. The host
- * may be a hostname found in the DNS or an IP address string.
- * @param port The port number to connect to
- * @param type The socket type to use (SOCKET_TCP or SOCKET_UPD)
- * @param ssl Options for SSL
- * @param timeout The timeout value in seconds
- * @return The connected Socket or NULL if an error occurred
- */
-Socket_T socket_create_t(const char *host, int port, int type, Ssl_T ssl,
- int timeout);
-
-
-/**
- * Factory method for creating a Socket object from an accepted
- * socket. The given socket must be a socket created from accept(2).
- * If the sslserver context is non-null the socket will support
- * ssl. This method does only support TCP sockets.
- * @param socket The accepted socket
- * @param remote_host The remote host from where the socket connection
- * originated
- * @param port The localhost port number from where the connection
- * arrived.
- * @param sslserver A ssl server connection context, may be NULL
- * @return A Socket or NULL if an error occurred
- */
-Socket_T socket_create_a(int socket, const char *remote_host,
- int port, void *sslserver);
-
-
-/**
- * Destroy a Socket object. Close the socket and release allocated
- * resources.
- * @param S A Socket object reference
- */
-void socket_free(Socket_T *S);
-
-
-/**
- * Returns TRUE if the socket is ready for i|o
- * @param S A Socket object
- * @return TRUE if the socket is ready otherwise FALSE
- */
-int socket_is_ready(Socket_T S);
-
-
-/**
- * Return TRUE if the connection is encrypted with SSL
- * @param S A Socket object
- * @return TRUE if SSL is used otherwise FALSE
- */
-int socket_is_secure(Socket_T S);
-
-
-/**
- * Get the underlying socket descriptor
- * @param S A Socket object
- * @return The socket descriptor
- */
-int socket_get_socket(Socket_T S);
-
-
-/**
- * Get the type of this socket.
- * @param S A Socket object
- * @return The socket type
- */
-int socket_get_type(Socket_T S);
-
-
-/**
- * Get the Port object used to create this socket. If no Port object
- * was used this method returns NULL.
- * @param S A Socket object
- * @return The Port object or NULL
- */
-void *socket_get_Port(Socket_T S);
-
-
-/**
- * Get the remote port number the socket is connected to
- * @param S A Socket object
- * @return The remote host's port number
- */
-int socket_get_remote_port(Socket_T S);
-
-
-/**
- * Get the remote host this socket is connected to. The host is either
- * a host name in DNS or an IP address string.
- * @param S A Socket object
- * @return The remote host
- */
-const char *socket_get_remote_host(Socket_T S);
-
-
-/**
- * Get the local (ephemeral) port number this socket is using.
- * @param S A Socket object
- * @return The port number on success otherwise -1
- */
-int socket_get_local_port(Socket_T S);
-
-
-/**
- * Get the local interface IP address
- * @param S A Socket object
- * @return The local host interface address or NULL if an error occurred
- */
-const char *socket_get_local_host(Socket_T S);
-
-
-/**
- * Switches a connected socket to ssl.
- * @param S The already connected socket
- * @param ssl Options for ssl
- * @return TRUE if ssl is ready otherwise FALSE
- */
-int socket_switch2ssl(Socket_T S, Ssl_T ssl);
-
-
-/**
- * Writes a character string. Use this function to send text based
- * messages to a client.
- * @param S A Socket_T object
- * @param m A String to send to the client
- * @return The bytes sent or -1 if an error occured
- */
-int socket_print(Socket_T S, const char *m, ...);
-
-
-/**
- * Write size bytes from the buffer b.
- * @param S A Socket_T object
- * @param b The data to be written
- * @param size The size of the data in b
- * @return The bytes sent or -1 if an error occured
- */
-int socket_write(Socket_T S, void *b, int size);
-
-
-/**
- * Read a single byte. The byte is returned as an int in the range 0
- * to 255.
- * @param S A Socket_T object
- * @return The byte read, or -1 if the end of the stream has been reached
- */
-int socket_read_byte(Socket_T S);
-
-
-/**
- * Reads size bytes and stores them into the byte buffer pointed to by b.
- * @param S A Socket_T object
- * @param b A Byte buffer
- * @param size The size of the buffer b
- * @return The bytes read or -1 if an error occured
- */
-int socket_read(Socket_T S, void *b, int size);
-
-
-/**
- * Reads in at most one less than size <code>characters</code> and
- * stores them into the buffer pointed to by s. Reading stops after
- * an EOF or a newline. If a newline is read, it is stored into the
- * buffer. A '\0' is stored after the last character in the buffer.
- * @param S A Socket_T object
- * @param s A character buffer to store the string in
- * @param size The size of the string buffer, s
- * @return s on success, and NULL on error or when end of file occurs
- * while no characters have been read.
- */
-char *socket_readln(Socket_T S, char *s, int size);
-
-
-/**
- * Clears any data that exists in the input buffer
- * @param S A Socket_T object
- */
-void socket_reset(Socket_T S);
-
-
-/**
- * Shut down the writing side of the socket
- * @param S A Socket object
- * @return TRUE if the write side was shutdown otherwise FALSE
- */
-int socket_shutdown_write(Socket_T S);
-
-
-#endif
=======================================
--- /trunk/spawn.c Mon Mar 21 08:32:15 2011
+++ /dev/null
@@ -1,322 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-#include <config.h>
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include "event.h"
-#include "alert.h"
-#include "monitor.h"
-#include "engine.h"
-
-
-/**
- * Function for spawning of a process. This function fork's twice to
- * avoid creating any zombie processes. Inspired by code from
- * W. Richard Stevens book, APUE.
- *
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Peter Holdaway <address@hidden>
- *
- * @file
- */
-
-
-/* -------------------------------------------------------------
Definitions */
-
-
-/* Do not exceed 8 bits here */
-enum ExitStatus_E {
- setgid_ERROR = 0x1,
- setuid_ERROR = 0x2,
- redirect_ERROR = 0x4,
- fork_ERROR = 0x8
-};
-
-typedef struct En {
- char env[STRLEN];
- struct En *next;
-} *Environment_T;
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-static void put_monit_environment(Environment_T e);
-static void free_monit_environment(Environment_T *e);
-static void push_monit_environment(const char *env, Environment_T *list);
-static void set_monit_environment(Service_T s, Command_T C, Event_T event,
Environment_T *e);
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Execute the given command. If the execution fails, the wait_start()
- * thread in control.c should notice this and send an alert message.
- * @param P A Service object
- * @param C A Command object
- * @param E An optional event object. May be NULL.
- */
-void spawn(Service_T S, Command_T C, Event_T E) {
- pid_t pid;
- sigset_t mask;
- sigset_t save;
- int stat_loc= 0;
- int exit_status;
- Environment_T environment= NULL;
-
- ASSERT(S);
- ASSERT(C);
-
- if(access(C->arg[0], X_OK) != 0) {
- LogError("Error: Could not execute %s\n", C->arg[0]);
- return;
- }
-
- /*
- * Block SIGCHLD
- */
- sigemptyset(&mask);
- sigaddset(&mask, SIGCHLD);
- pthread_sigmask(SIG_BLOCK, &mask, &save);
-
- set_monit_environment(S, C, E, &environment);
-
- pid= fork();
- if(pid < 0) {
- LogError("Cannot fork a new process\n");
- exit(1);
- }
-
- if(pid == 0) {
- /*
- * Reset to the original umask so programs will inherit the
- * same file creation mask monit was started with
- */
- umask(Run.umask);
-
- /*
- * Switch uid/gid if requested
- */
- if(C->has_gid) {
- if(0 != setgid(C->gid)) {
- stat_loc |= setgid_ERROR;
- }
- }
- if(C->has_uid) {
- if(0 != setuid(C->uid)) {
- stat_loc |= setuid_ERROR;
- }
- }
-
- put_monit_environment(environment);
-
- if(! Run.isdaemon) {
- int i;
- for(i= 0; i < 3; i++)
- if(close(i) == -1 || open("/dev/null", O_RDWR) != i)
- stat_loc |= redirect_ERROR;
- }
-
- Util_closeFds();
-
- setsid();
-
- pid = fork();
- if(pid < 0) {
- stat_loc |= fork_ERROR;
- _exit(stat_loc);
- }
-
- if(pid == 0) {
- /*
- * Reset all signals, so the spawned process is *not* created
- * with any inherited SIG_BLOCKs
- */
- sigemptyset(&mask);
- pthread_sigmask(SIG_SETMASK, &mask, NULL);
- signal(SIGINT, SIG_DFL);
- signal(SIGHUP, SIG_DFL);
- signal(SIGTERM, SIG_DFL);
- signal(SIGUSR1, SIG_DFL);
- signal(SIGPIPE, SIG_DFL);
-
- (void) execv(C->arg[0], C->arg);
- _exit(1);
- }
-
- /* Exit first child and return errors to parent */
- _exit(stat_loc);
- }
-
- /* Wait for first child - aka second parent, to exit */
- if(waitpid(pid, &stat_loc, 0) != pid) {
- LogError("Waitpid error\n");
- }
-
- exit_status= WEXITSTATUS(stat_loc);
- if (exit_status & setgid_ERROR)
- LogError("Failed to change gid to '%d' for '%s'\n", C->gid, C->arg[0]);
- if (exit_status & setuid_ERROR)
- LogError("Failed to change uid to '%d' for '%s'\n", C->uid, C->arg[0]);
- if (exit_status & fork_ERROR)
- LogError("Cannot fork a new process for '%s'\n", C->arg[0]);
- if (exit_status & redirect_ERROR)
- LogError("Cannot redirect IO to /dev/null for '%s'\n", C->arg[0]);
-
- free_monit_environment(&environment);
- ASSERT(environment == NULL);
-
- /*
- * Restore the signal mask
- */
- pthread_sigmask(SIG_SETMASK, &save, NULL);
-
- /*
- * We do not need to wait for the second child since we forked twice,
- * the init system-process will wait for it. So we just return
- */
-
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/*
- * Setup the environment with special MONIT_xxx variables. The program
- * executed may use such variable for various purposes.
- */
-static void set_monit_environment(Service_T s, Command_T C, Event_T event,
Environment_T *e) {
- char buf[STRLEN];
- char date[STRLEN];
-
- Util_getRFC822Date(NULL, date, STRLEN);
-
- snprintf(buf, STRLEN, "MONIT_DATE=%s", date);
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_SERVICE=%s", s->name);
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_HOST=%s", Run.localhostname);
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_EVENT=%s", event ?
Event_get_description(event) : C == s->start ? "Started" : C ==
s->stop ? "Stopped" : "No Event");
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_DESCRIPTION=%s", event ?
Event_get_message(event) : C == s->start ? "Started" : C ==
s->stop ? "Stopped" : "No Event");
- push_monit_environment(buf, e);
-
- if (s->type == TYPE_PROCESS) {
- snprintf(buf, STRLEN, "MONIT_PROCESS_PID=%d", Util_isProcessRunning(s,
FALSE));
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_PROCESS_MEMORY=%ld",
s->inf->priv.process.mem_kbyte);
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_PROCESS_CHILDREN=%d",
s->inf->priv.process.children);
- push_monit_environment(buf, e);
-
- snprintf(buf, STRLEN, "MONIT_PROCESS_CPU_PERCENT=%d",
s->inf->priv.process.cpu_percent);
- push_monit_environment(buf, e);
- }
-
-}
-
-
-static void push_monit_environment(char const *env, Environment_T *list) {
- Environment_T e= NULL;
- NEW(e);
- strncpy(e->env, env, sizeof(e->env) - 1);
- e->env[sizeof(e->env) - 1] = 0;
- e->next= *list;
- *list= e;
-}
-
-
-static void put_monit_environment(Environment_T e) {
- while(e != NULL) {
- putenv(e->env);
- e= e->next;
- }
-}
-
-
-static void free_monit_environment(Environment_T *e) {
- if(e&&*e) {
- free_monit_environment(&(*e)->next);
- FREE((*e));
- }
-}
-
=======================================
--- /trunk/ssl.c Wed Apr 6 00:41:56 2011
+++ /dev/null
@@ -1,1025 +0,0 @@
-/*
- * Copyright (C) 2011 Tildeslash Ltd. All rights reserved.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- *
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you
- * do not wish to do so, delete this exception statement from your
- * version. If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
-
-
-#include <config.h>
-
-
-#ifdef HAVE_OPENSSL
-
-
-#ifdef HAVE_STDIO_H
-#include <stdio.h>
-#endif
-
-#ifdef HAVE_MEMORY_H
-#include <memory.h>
-#endif
-
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_PTHREAD_H
-#include <pthread.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/x509_vfy.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-
-#include "monitor.h"
-#include "net.h"
-#include "ssl.h"
-
-
-/* --------------------------------------------------------------
Prototypes */
-
-
-#define SSLERROR ERR_error_string(ERR_get_error(),NULL)
-
-static int unsigned long ssl_thread_id();
-static void ssl_mutex_lock(int, int n, const char *, int );
-static int verify_init(ssl_server_connection *);
-static int verify_callback(int, X509_STORE_CTX *);
-static int check_preverify(X509_STORE_CTX *);
-static void cleanup_ssl_socket(ssl_connection *);
-static void cleanup_ssl_server_socket(ssl_server_connection *);
-static int handle_error(int, ssl_connection *);
-static int update_ssl_cert_data(ssl_connection *);
-static ssl_server_connection *new_ssl_server_connection(char *, char *);
-static int start_ssl();
-
-static int allow_self_certification = FALSE;
-static int ssl_initialized = FALSE;
-static pthread_mutex_t ssl_mutex =
PTHREAD_MUTEX_INITIALIZER;
-static pthread_mutex_t *ssl_mutex_table;
-
-
-/* -------------------------------------------------------------
Definitions */
-
-
-/**
- * Number of random bytes to obtain
- */
-#define RANDOM_BYTES 1024
-
-/**
- * The PRIMARY random device selected for seeding the PRNG. We use a
- * non-blocking pseudo random device, to generate pseudo entropy.
- */
-#define URANDOM_DEVICE "/dev/urandom"
-
-/**
- * If a non-blocking device is not found on the system a blocking
- * entropy producer is tried instead.
- */
-#define RANDOM_DEVICE "/dev/random"
-
-
-/**
- * SSL Socket methods.
- *
- * @author Christian Hopp <address@hidden>
- * @author Jan-Henrik Haukeland, <address@hidden>
- * @author Martin Pala, <address@hidden>
- *
- * @file
- */
-
-/**
- * For some of the code I was enlightened by:
- *
- * An Introduction to OpenSSL Programming, Part I of II
- *
- * by Eric Rescorla
- * Linux Journal 9/2001
- * http://www.linuxjournal.com/article.php?sid=4822
- */
-
-
-/* ------------------------------------------------------------------
Public */
-
-
-/**
- * Embeds a socket in a ssl connection.
- * @param socket the socket to be used.
- * @return The ssl connection or NULL if an error occured.
- */
-int embed_ssl_socket(ssl_connection *ssl, int socket) {
- int ssl_error;
- time_t ssl_time;
-
- if (!ssl)
- return FALSE;
-
- if (!ssl_initialized)
- start_ssl();
-
- if (socket >= 0) {
- ssl->socket = socket;
- } else {
- LogError("%s: Socket error!\n", prog);
- goto sslerror;
- }
-
- if ((ssl->handler = SSL_new (ssl->ctx)) == NULL) {
- LogError("%s: Cannot initialize the SSL handler -- %s\n", prog,
SSLERROR);
- goto sslerror;
- }
-
- set_noblock(ssl->socket);
-
- if ((ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE)) ==
NULL) {
- LogError("%s: Cannot generate IO buffer -- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);
- ssl_time = time(NULL);
-
- while ((ssl_error = SSL_connect (ssl->handler)) < 0) {
- if ((time(NULL) - ssl_time) > SSL_TIMEOUT) {
- LogError("%s: SSL service timeout!\n", prog);
- goto sslerror;
- }
-
- if (!handle_error(ssl_error, ssl))
- goto sslerror;
-
- if (!BIO_should_retry(ssl->socket_bio))
- goto sslerror;
- }
-
- ssl->cipher = (char *) SSL_get_cipher(ssl->handler);
-
- if (! update_ssl_cert_data(ssl)) {
- LogError("%s: Cannot get the SSL server certificate!\n", prog);
- goto sslerror;
- }
-
- return TRUE;
-
-sslerror:
- cleanup_ssl_socket(ssl);
- return FALSE;
-}
-
-
-/**
- * Compare certificate with given md5 sum
- * @param ssl reference to ssl connection
- * @param md5sum string of the md5sum to test against
- * @return TRUE, if sums do not match FALSE
- */
-int check_ssl_md5sum(ssl_connection *ssl, char *md5sum) {
- unsigned int i = 0;
-
- ASSERT(md5sum);
-
- while ((i < ssl->cert_md5_len) && (md5sum[2*i] != '\0') &&
(md5sum[2*i+1] != '\0')) {
- unsigned char c = (md5sum[2*i] > 57 ? md5sum[2*i] - 87 : md5sum[2*i] -
48) * 0x10+ (md5sum[2*i+1] > 57 ? md5sum[2*i+1] - 87 : md5sum[2*i+1] - 48);
- if (c != ssl->cert_md5[i])
- return FALSE;
- i++;
- }
- return TRUE;
-}
-
-
-/**
- * Closes a ssl connection (ssl socket + net socket)
- * @param ssl ssl connection
- * @return TRUE, or FALSE if an error has occured.
- */
-int close_ssl_socket(ssl_connection *ssl) {
- int rv;
-
- if (!ssl)
- return FALSE;
-
- if (! (rv = SSL_shutdown(ssl->handler))) {
- shutdown(ssl->socket, 1);
- rv = SSL_shutdown(ssl->handler);
- }
-
- close_socket(ssl->socket);
- cleanup_ssl_socket(ssl);
-
- return (rv > 0) ? TRUE : FALSE;
-}
-
-
-/**
- * Garbage collection for non-reusable parts a ssl connection
- * @param ssl ssl connection
- */
-void delete_ssl_socket(ssl_connection *ssl) {
- if (!ssl)
- return;
-
- cleanup_ssl_socket(ssl);
-
- if (ssl->ctx && !ssl->accepted)
- SSL_CTX_free(ssl->ctx);
-
- ssl->ctx = NULL;
-
- FREE(ssl);
-}
-
-
-/**
- * Initializes a ssl connection for server use.
- * @param pemfilename Filename for the key/cert file
- * @return An ssl connection, or NULL if an error occured.
- */
-ssl_server_connection *init_ssl_server(char *pemfile, char *clientpemfile)
{
- SSL_METHOD *server_method = NULL;
- ssl_server_connection *ssl_server;
-
- ASSERT(pemfile);
-
- if (!ssl_initialized)
- start_ssl();
-
- ssl_server = new_ssl_server_connection(pemfile, clientpemfile);
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- server_method = TLSv1_server_method();
- else
-#endif
- server_method = SSLv23_server_method();
- if (!(ssl_server->method = server_method)) {
- LogError("%s: Cannot initialize the SSL method -- %s\n", prog,
SSLERROR);
- goto sslerror;
- }
-
- if (!(ssl_server->ctx = SSL_CTX_new(ssl_server->method))) {
- LogError("%s: Cannot initialize SSL server certificate handler
-- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- if (SSL_CTX_use_certificate_chain_file(ssl_server->ctx, pemfile) != 1) {
- LogError("%s: Cannot initialize SSL server certificate -- %s\n", prog,
SSLERROR);
- goto sslerror;
- }
-
- if (SSL_CTX_use_PrivateKey_file(ssl_server->ctx, pemfile,
SSL_FILETYPE_PEM) != 1) {
- LogError("%s: Cannot initialize SSL server private key -- %s\n", prog,
SSLERROR);
- goto sslerror;
- }
-
- if (SSL_CTX_check_private_key(ssl_server->ctx) != 1) {
- LogError("%s: The private key doesn't match the certificate public key
-- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- /* Disable session cache */
- SSL_CTX_set_session_cache_mode(ssl_server->ctx, SSL_SESS_CACHE_OFF);
-
- /*
- * We need this to force transmission of client certs
- */
- if (!verify_init(ssl_server)) {
- LogError("%s: Verification engine was not properly initialized
-- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- if (ssl_server->clientpemfile) {
- STACK_OF(X509_NAME) *stack =
SSL_CTX_get_client_CA_list(ssl_server->ctx);
- LogInfo("%s: Found %d client certificates\n", prog,
sk_X509_NAME_num(stack));
- }
-
- return ssl_server;
-
-sslerror:
- delete_ssl_server_socket(ssl_server);
- return NULL;
-}
-
-
-/**
- * Deletes a SSL server connection.
- * @param ssl_server data for ssl server connection
- */
-void delete_ssl_server_socket(ssl_server_connection *ssl_server) {
- if (!ssl_server)
- return;
-
- cleanup_ssl_server_socket(ssl_server);
-
- if (ssl_server->ctx)
- SSL_CTX_free(ssl_server->ctx);
-
- FREE(ssl_server);
-}
-
-
-/**
- * Inserts an SSL connection in the connection list of a server.
- * @param ssl_server data for ssl server connection
- * @return new SSL connection for the connection, or NULL if failed
- */
-ssl_connection *insert_accepted_ssl_socket(ssl_server_connection
*ssl_server) {
- ssl_connection *ssl;
-
- ASSERT(ssl_server);
-
- if (!ssl_initialized)
- start_ssl();
-
- NEW(ssl);
- ssl->method = NULL;
- ssl->handler = NULL;
- ssl->cert = NULL;
- ssl->cipher = NULL;
- ssl->socket = 0;
- ssl->next = NULL;
- ssl->accepted = FALSE;
- ssl->cert_md5= NULL;
- ssl->cert_md5_len = 0;
- ssl->clientpemfile = NULL;
-
- if (ssl_server->clientpemfile != NULL)
- ssl->clientpemfile = xstrdup(ssl_server->clientpemfile);
-
- LOCK(ssl_mutex);
-
- ssl->prev = NULL;
- ssl->next = ssl_server->ssl_conn_list;
-
- if ( ssl->next != NULL )
- ssl->next->prev = ssl;
-
- END_LOCK;
-
- ssl_server->ssl_conn_list = ssl;
- ssl->ctx = ssl_server->ctx;
- ssl->accepted = TRUE;
-
- return ssl;
-}
-
-
-/**
- * Closes an accepted SSL server connection and deletes it form the
- * connection list.
- * @param ssl_server data for ssl server connection
- * @param ssl data the connection to be deleted
- */
-void close_accepted_ssl_socket(ssl_server_connection *ssl_server,
ssl_connection *ssl) {
- if (!ssl || !ssl_server)
- return;
-
- close_socket(ssl->socket);
-
- LOCK(ssl_mutex);
-
- if (ssl->prev == NULL)
- ssl_server->ssl_conn_list = ssl->next;
- else
- ssl->prev->next = ssl->next;
-
- END_LOCK;
-
- delete_ssl_socket(ssl);
-}
-
-
-/**
- * Embeds an accepted server socket in an existing ssl connection.
- * @param ssl ssl connection
- * @param socket the socket to be used.
- * @return TRUE, or FALSE if an error has occured.
- */
-int embed_accepted_ssl_socket(ssl_connection *ssl, int socket) {
- int ssl_error;
- time_t ssl_time;
-
- ASSERT(ssl);
-
- ssl->socket = socket;
-
- if (!ssl_initialized)
- start_ssl();
-
- if (!(ssl->handler = SSL_new(ssl->ctx))) {
- LogError("%s: Cannot initialize the SSL handler -- %s\n", prog,
SSLERROR);
- return FALSE;
- }
-
- if (socket < 0) {
- LogError("%s: Socket error!\n", prog);
- return FALSE;
- }
-
- set_noblock(ssl->socket);
-
- if (!(ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE))) {
- LogError("%s: Cannot generate IO buffer -- %s\n", prog, SSLERROR);
- return FALSE;
- }
-
- SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);
-
- ssl_time = time(NULL);
-
- while ((ssl_error = SSL_accept(ssl->handler)) < 0) {
-
- if ((time(NULL) - ssl_time) > SSL_TIMEOUT) {
- LogError("%s: SSL service timeout!\n", prog);
- return FALSE;
- }
-
- if (!handle_error(ssl_error, ssl))
- return FALSE;
-
- if (!BIO_should_retry(ssl->socket_bio))
- return FALSE;
-
- }
-
- ssl->cipher = (char *)SSL_get_cipher(ssl->handler);
-
- if (!update_ssl_cert_data(ssl) && ssl->clientpemfile) {
- LogError("%s: The client did not supply a required client
certificate!\n",
- prog);
- return FALSE;
- }
-
- if (SSL_get_verify_result(ssl->handler) > 0) {
- LogError("%s: Verification of the certificate has failed!\n", prog);
- return FALSE;
- }
-
- return TRUE;
-}
-
-
-/**
- * Send data package though the ssl connection
- * @param ssl ssl connection
- * @param buffer array containg the data
- * @param len size of the data container
- * @param timeout Seconds to wait for data to be written
- * @return number of bytes transmitted, -1 in case of an error
- */
-int send_ssl_socket(ssl_connection *ssl, void *buffer, int len, int
timeout) {
- int n = 0;
-
- ASSERT(ssl);
-
- do {
- n = SSL_write(ssl->handler, buffer, len);
- } while (n <= 0 && BIO_should_retry(ssl->socket_bio) &&
can_write(ssl->socket, timeout));
-
- return (n > 0) ? n : -1;
-}
-
-
-/**
- * Receive data package though the ssl connection
- * @param ssl ssl connection
- * @param buffer array to hold the data
- * @param len size of the data container
- * @param timeout Seconds to wait for data to be available
- * @return number of bytes transmitted, -1 in case of an error
- */
-int recv_ssl_socket(ssl_connection *ssl, void *buffer, int len, int
timeout) {
- int n = 0;
-
- ASSERT(ssl);
-
- do {
- n = SSL_read(ssl->handler, buffer, len);
- } while (n < 0 && BIO_should_retry(ssl->socket_bio) &&
can_read(ssl->socket, timeout));
-
- return (n >= 0) ? n : -1;
-}
-
-
-/**
- * Stop SSL support library
- * @return TRUE, or FALSE if an error has occured.
- */
-void stop_ssl() {
- if (ssl_initialized) {
- int i;
- ssl_initialized = FALSE;
- ERR_free_strings();
- CRYPTO_set_id_callback(NULL);
- CRYPTO_set_locking_callback(NULL);
- for (i = 0; i < CRYPTO_num_locks(); i++)
- assert(pthread_mutex_destroy(&ssl_mutex_table[i]) == 0);
- FREE(ssl_mutex_table);
- RAND_cleanup();
- }
-}
-
-
-/**
- * Configures the ssl engine
- */
-void config_ssl(int conf_allow_self_cert) {
- allow_self_certification = conf_allow_self_cert;
-}
-
-
-/**
- * Generate a new ssl connection
- * @return ssl connection container
- */
-ssl_connection *new_ssl_connection(char *clientpemfile, int sslversion) {
- ssl_connection *ssl;
-
- if (!ssl_initialized)
- start_ssl();
-
- NEW(ssl);
- ssl->socket_bio = NULL;
- ssl->handler = NULL;
- ssl->cert = NULL;
- ssl->cipher = NULL;
- ssl->socket = 0;
- ssl->next = NULL;
- ssl->accepted = FALSE;
- ssl->cert_md5 = NULL;
- ssl->cert_md5_len = 0;
- ssl->clientpemfile = clientpemfile ? xstrdup(clientpemfile) : NULL;
-
- switch (sslversion) {
-
- case SSL_VERSION_AUTO:
-#ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- ssl->method = TLSv1_client_method();
- } else
-#endif
- ssl->method = SSLv23_client_method();
- break;
-
- case SSL_VERSION_SSLV2:
-#ifdef OPENSSL_NO_SSL2
- LogError("SSLv2 is not allowed - use either SSLv3 or TLSv1");
- goto sslerror;
-#else
-#ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- LogError("SSLv2 is not allowed in FIPS mode - use TLSv1");
- goto sslerror;
- } else
-#endif
- ssl->method = SSLv2_client_method();
-#endif
- break;
-
- case SSL_VERSION_SSLV3:
-#ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- LogError("SSLv3 is not allowed in FIPS mode - use TLSv1");
- goto sslerror;
- } else
-#endif
- ssl->method = SSLv3_client_method();
- break;
-
- case SSL_VERSION_TLS:
- ssl->method = TLSv1_client_method();
- break;
-
- default:
- LogError("%s: Unknown SSL version!\n", prog);
- goto sslerror;
-
- }
-
- if (!ssl->method) {
- LogError("%s: Cannot initialize SSL method -- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- if (!(ssl->ctx = SSL_CTX_new(ssl->method))) {
- LogError("%s: Cannot initialize SSL server certificate handler
-- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- if (ssl->clientpemfile) {
-
- if (SSL_CTX_use_certificate_chain_file(ssl->ctx, ssl->clientpemfile)
<= 0) {
- LogError("%s: Cannot initialize SSL server certificate -- %s\n",
prog, SSLERROR);
- goto sslerror;
- }
-
- if (SSL_CTX_use_PrivateKey_file(ssl->ctx, ssl->clientpemfile,
SSL_FILETYPE_PEM) <= 0) {
- LogError("%s: Cannot initialize SSL server private key -- %s\n",
prog, SSLERROR);
- goto sslerror;
- }
-
- if (!SSL_CTX_check_private_key(ssl->ctx)) {
- LogError("%s: Private key does not match the certificate public key
-- %s\n", prog, SSLERROR);
- goto sslerror;
- }
-
- }
-
- return ssl;
-
-sslerror:
- delete_ssl_socket(ssl);
- return NULL;
-}
-
-
-/* -----------------------------------------------------------------
Private */
-
-
-/**
- * Init verification of transmitted client certs
- */
-static int verify_init(ssl_server_connection *ssl_server) {
- struct stat stat_buf;
-
- if (!ssl_server->clientpemfile) {
- SSL_CTX_set_verify(ssl_server->ctx, SSL_VERIFY_NONE, NULL);
- return TRUE;
- }
-
- if (stat(ssl_server->clientpemfile, &stat_buf) == -1) {
- LogError("%s: Cannot stat the SSL pem path '%s' -- %s\n", prog,
Run.httpsslclientpem, STRERROR);
- return FALSE;
- }
-
- if (S_ISDIR(stat_buf.st_mode)) {
-
- if (!SSL_CTX_load_verify_locations(ssl_server->ctx, NULL ,
ssl_server->clientpemfile)) {
- LogError("%s: Error setting verify directory to %s -- %s\n", prog,
Run.httpsslclientpem, SSLERROR);
- return FALSE;
- }
-
- LogInfo("%s: Loaded SSL client pem directory '%s'\n", prog,
ssl_server->clientpemfile);
-
- /* Monit's server cert for cli support */
-
- if (!SSL_CTX_load_verify_locations(ssl_server->ctx,
ssl_server->pemfile, NULL)) {
- LogError("%s: Error loading verify certificates from %s -- %s\n",
prog, ssl_server->pemfile, SSLERROR);
- return FALSE;
- }
-
- LogInfo("%s: Loaded monit's SSL pem server file '%s'\n", prog,
ssl_server->pemfile);
-
- } else if (S_ISREG(stat_buf.st_mode)) {
-
- if (!SSL_CTX_load_verify_locations(ssl_server->ctx,
ssl_server->clientpemfile, NULL)) {
- LogError("%s: Error loading verify certificates from %s -- %s\n",
prog, Run.httpsslclientpem, SSLERROR);
- return FALSE;
- }
-
- LogInfo("%s: Loaded SSL pem client file '%s'\n", prog,
ssl_server->clientpemfile);
-
- /* Monits server cert for cli support ! */
-
- if (!SSL_CTX_load_verify_locations(ssl_server->ctx,
ssl_server->pemfile, NULL)) {
- LogError("%s: Error loading verify certificates from %s -- %s\n",
prog, ssl_server->pemfile, SSLERROR);
- return FALSE;
- }
-
- LogInfo("%s: Loaded monit's SSL pem server file '%s'\n", prog,
ssl_server->pemfile);
-
- SSL_CTX_set_client_CA_list(ssl_server->ctx,
SSL_load_client_CA_file(ssl_server->clientpemfile));
-
- } else {
- LogError("%s: SSL client pem path is no file or directory %s\n", prog,
ssl_server->clientpemfile);
- return FALSE;
- }
-
- SSL_CTX_set_verify(ssl_server->ctx, SSL_VERIFY_PEER, verify_callback);
-
- return TRUE;
-}
-
-
-/**
- * Check the transmitted client certs and a compare with client cert
database
- */
-static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) {
- char subject[STRLEN];
- X509_OBJECT found_cert;
-
- X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), subject,
STRLEN-1);
-
- if (!preverify_ok && !check_preverify(ctx))
- return 0;
-
- if (ctx->error_depth == 0 && X509_STORE_get_by_subject(ctx,
X509_LU_X509, X509_get_subject_name(ctx->current_cert), &found_cert) != 1) {
- LogError("%s: SSL connection rejected. No matching certificate found
-- %s\n", prog, SSLERROR);
- return 0;
- }
-
- return 1;
-}
-
-
-/**
- * Analyse errors found before actual verification
- * @return TRUE if successful
- */
-static int check_preverify(X509_STORE_CTX *ctx) {
- if ((ctx->error != X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) &&
(ctx->error != X509_V_ERR_INVALID_PURPOSE)) {
- /* Remote site specified a certificate, but it's not correct */
- LogError("%s: SSL connection rejected because certificate verification
has failed -- error %i\n", prog, ctx->error);
- /* Reject connection */
- return FALSE;
- }
-
- if (allow_self_certification && (ctx->error ==
X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)) {
- /* Let's accept self signed certs for the moment! */
- LogInfo("%s: SSL connection accepted with self signed certificate!\n",
prog);
- ctx->error = 0;
- return TRUE;
- }
-
- /* Reject connection */
- LogError("%s: SSL connection rejected because certificate verification
has failed -- error %i!\n", prog, ctx->error);
- return FALSE;
-}
-
-
-/**
- * Helper function for the SSL threadding support
- * @return current thread number
- */
-static int unsigned long ssl_thread_id() {
- return ((unsigned long) pthread_self());
-}
-
-
-/**
- * Helper function for the SSL threadding support
- */
-static void ssl_mutex_lock(int mode, int n, const char *file, int line) {
- if (mode & CRYPTO_LOCK)
- assert(pthread_mutex_lock( & ssl_mutex_table[n]) == 0);
- else
- assert(pthread_mutex_unlock( & ssl_mutex_table[n]) == 0);
-}
-
-
-/**
- * Handle errors during read, write, connect and accept
- * @return TRUE if non fatal, FALSE if non fatal and retry
- */
-static int handle_error(int code, ssl_connection *ssl) {
- int ssl_error = SSL_get_error(ssl->handler, code);
-
- switch (ssl_error) {
-
- case SSL_ERROR_WANT_READ:
- if (can_read(ssl->socket, SSL_TIMEOUT))
- return TRUE;
- LogError("%s: Openssl read timeout error!\n", prog);
- break;
-
- case SSL_ERROR_WANT_WRITE:
- if (can_read(ssl->socket, SSL_TIMEOUT))
- return TRUE;
- LogError("%s: Openssl write timeout error!\n", prog);
- break;
-
- case SSL_ERROR_SYSCALL:
- LogError("%s: Openssl syscall error: %s!\n", prog, STRERROR);
- break;
-
- case SSL_ERROR_SSL:
- LogError("%s: Openssl engine error: %s\n", prog, SSLERROR);
- break;
-
- default:
- LogError("%s: Openssl error!\n", prog);
- break;
-
- }
-
- return FALSE;
-}
-
-
-/**
- * Garbage collection for non reusable parts of the ssl connection
- * @param ssl ssl connection
- */
-static void cleanup_ssl_socket(ssl_connection *ssl) {
- if (!ssl)
- return;
-
- if (ssl->cert) {
- X509_free(ssl->cert);
- ssl->cert = NULL;
- }
-
- if (ssl->handler) {
- SSL_free(ssl->handler);
- ssl->handler = NULL;
- }
-
- if (ssl->socket_bio) {
- /* no BIO_free(ssl->socket_bio); necessary, because BIO is freed by
ssl->handler */
- ssl->socket_bio = NULL;
- }
-
- FREE(ssl->cert_issuer);
- FREE(ssl->cert_subject);
- FREE(ssl->cert_md5);
- FREE(ssl->clientpemfile);
-}
-
-
-/**
- * Garbage collection for a SSL server connection.
- * @param ssl_server data for ssl server connection
- */
-static void cleanup_ssl_server_socket(ssl_server_connection *ssl_server) {
- if (!ssl_server)
- return;
-
- FREE(ssl_server->pemfile);
- FREE(ssl_server->clientpemfile);
-
- while (ssl_server->ssl_conn_list) {
- ssl_connection *ssl = ssl_server->ssl_conn_list;
- ssl_server->ssl_conn_list = ssl_server->ssl_conn_list->next;
- close_accepted_ssl_socket(ssl_server, ssl);
- }
-}
-
-
-/**
- * Updates some data in the ssl connection
- * @param ssl reference to ssl connection
- * @return TRUE, if not successful FALSE
- */
-static int update_ssl_cert_data(ssl_connection *ssl) {
- unsigned char md5[EVP_MAX_MD_SIZE];
-
- ASSERT(ssl);
-
- if (!(ssl->cert = SSL_get_peer_certificate(ssl->handler)))
- return FALSE;
-
-#ifdef OPENSSL_FIPS
- if (!FIPS_mode()) {
- /* In FIPS-140 mode, MD5 is unavailable. */
-#endif
- ssl->cert_issuer = X509_NAME_oneline (X509_get_issuer_name(ssl->cert),
0, 0);
- ssl->cert_subject = X509_NAME_oneline
(X509_get_subject_name(ssl->cert), 0, 0);
- X509_digest(ssl->cert, EVP_md5(), md5, &ssl->cert_md5_len);
- ssl->cert_md5= (unsigned char *)xstrdup((char *)md5);
-#ifdef OPENSSL_FIPS
- }
-#endif
- return TRUE;
-}
-
-
-/**
- * Generate a new ssl server connection
- * @return ssl server connection container
- */
-static ssl_server_connection *new_ssl_server_connection(char * pemfile,
char * clientpemfile) {
- ssl_server_connection *ssl_server;
-
- ASSERT(pemfile);
-
- NEW(ssl_server);
- ssl_server->ctx = NULL;
- ssl_server->method = NULL;
- ssl_server->server_socket = 0;
- ssl_server->ssl_conn_list = NULL;
- ssl_server->pemfile = xstrdup(pemfile);
- ssl_server->clientpemfile = clientpemfile ? xstrdup(clientpemfile) :
NULL;
-
- return ssl_server;
-}
-
-#ifdef OPENSSL_FIPS
-/**
- * Enable FIPS mode, if it isn't enabled yet.
- */
-void enable_fips_mode() {
- if (!FIPS_mode()) {
- ASSERT(FIPS_mode_set(1));
- LogInfo("FIPS-140 mode is enabled\n");
- }
-}
-#endif
-
-/**
- * Start SSL support library. It has to be run before the SSL support
- * can be used.
- * @return TRUE, or FALSE if an error has occured.
- */
-static int start_ssl() {
- if (! ssl_initialized) {
- int i;
- int locks = CRYPTO_num_locks();
-
-#ifdef OPENSSL_FIPS
- if (Run.fipsEnabled)
***The diff for this file has been truncated for email.***
=======================================
***Additional files exist in this changeset.***
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [monit-dev] [monit] r386 committed - moved to branch,
monit <=