From: Tyler Hicks <tyhicks@canonical.com>
To: Steve Grubb <sgrubb@redhat.com>
Cc: linux-audit@redhat.com
Subject: [PATCH 3/5] Move periodic watcher into auditd-listen.c
Date: Wed, 1 Aug 2012 00:00:22 -0700 [thread overview]
Message-ID: <1343804424-3172-4-git-send-email-tyhicks@canonical.com> (raw)
In-Reply-To: <1343804424-3172-1-git-send-email-tyhicks@canonical.com>
Move the periodic watcher (un)initialization and handler code into
auditd-listen.c to allow for easy disabling at build time. The
(un)initialization is now handled by auditd_tcp_listen_init() and
auditd_tcp_listen_uninit().
---
src/auditd-config.h | 2 --
src/auditd-listen.c | 40 +++++++++++++++++++++++++++++++++++++---
src/auditd-listen.h | 4 ++--
src/auditd.c | 32 +-------------------------------
4 files changed, 40 insertions(+), 38 deletions(-)
diff --git a/src/auditd-config.h b/src/auditd-config.h
index 9bf6698..f58a521 100644
--- a/src/auditd-config.h
+++ b/src/auditd-config.h
@@ -96,7 +96,5 @@ int start_config_manager(struct auditd_reply_list *rep);
void shutdown_config(void);
void free_config(struct daemon_conf *config);
-void periodic_reconfigure(void);
-
#endif
diff --git a/src/auditd-listen.c b/src/auditd-listen.c
index 0caf324..01c14a0 100644
--- a/src/auditd-listen.c
+++ b/src/auditd-listen.c
@@ -75,6 +75,7 @@ typedef struct ev_tcp {
static int listen_socket;
static struct ev_io tcp_listen_watcher;
+static struct ev_periodic periodic_watcher;
static int min_port, max_port, max_per_addr;
static int use_libwrap = 1;
#ifdef USE_GSSAPI
@@ -87,6 +88,8 @@ static char msgbuf[MAX_AUDIT_MESSAGE_LENGTH + 1];
static struct ev_tcp *client_chain = NULL;
+static void auditd_tcp_listen_check_idle (struct ev_loop *loop );
+
static char *sockaddr_to_ipv4(struct sockaddr_in *addr)
{
unsigned char *uaddr = (unsigned char *)&(addr->sin_addr);
@@ -873,11 +876,26 @@ static void auditd_set_ports(int minp, int maxp, int max_p_addr)
max_per_addr = max_p_addr;
}
+static void periodic_handler(struct ev_loop *loop, struct ev_periodic *per,
+ int revents )
+{
+ struct daemon_conf *config = (struct daemon_conf *) per->data;
+
+ if (config->tcp_client_max_idle)
+ auditd_tcp_listen_check_idle (loop);
+}
+
int auditd_tcp_listen_init ( struct ev_loop *loop, struct daemon_conf *config )
{
struct sockaddr_in address;
int one = 1;
+ ev_periodic_init (&periodic_watcher, periodic_handler,
+ 0, config->tcp_client_max_idle, NULL);
+ periodic_watcher.data = config;
+ if (config->tcp_client_max_idle)
+ ev_periodic_start (loop, &periodic_watcher);
+
/* If the port is not set, that means we aren't going to
listen for connections. */
if (config->tcp_listen_port == 0)
@@ -963,7 +981,8 @@ int auditd_tcp_listen_init ( struct ev_loop *loop, struct daemon_conf *config )
return 0;
}
-void auditd_tcp_listen_uninit ( struct ev_loop *loop )
+void auditd_tcp_listen_uninit ( struct ev_loop *loop,
+ struct daemon_conf *config )
{
#ifdef USE_GSSAPI
OM_uint32 status;
@@ -987,9 +1006,12 @@ void auditd_tcp_listen_uninit ( struct ev_loop *loop )
ev_io_stop (loop, &client_chain->io);
close_client (client_chain);
}
+
+ if (config->tcp_client_max_idle)
+ ev_periodic_stop (loop, &periodic_watcher);
}
-void auditd_tcp_listen_check_idle (struct ev_loop *loop )
+static void auditd_tcp_listen_check_idle (struct ev_loop *loop )
{
struct ev_tcp *ev, *next = NULL;
int active;
@@ -1010,6 +1032,18 @@ void auditd_tcp_listen_check_idle (struct ev_loop *loop )
}
}
+static void periodic_reconfigure(struct daemon_conf *config)
+{
+ struct ev_loop *loop = ev_default_loop (EVFLAG_AUTO);
+ if (config->tcp_client_max_idle) {
+ ev_periodic_set (&periodic_watcher, ev_now (loop),
+ config->tcp_client_max_idle, NULL);
+ ev_periodic_start (loop, &periodic_watcher);
+ } else {
+ ev_periodic_stop (loop, &periodic_watcher);
+ }
+}
+
void auditd_tcp_listen_reconfigure ( struct daemon_conf *nconf,
struct daemon_conf *oconf )
{
@@ -1026,7 +1060,7 @@ void auditd_tcp_listen_reconfigure ( struct daemon_conf *nconf,
}
if (oconf->tcp_client_max_idle != nconf->tcp_client_max_idle) {
oconf->tcp_client_max_idle = nconf->tcp_client_max_idle;
- periodic_reconfigure();
+ periodic_reconfigure(oconf);
}
if (oconf->tcp_listen_port != nconf->tcp_listen_port ||
oconf->tcp_listen_queue != nconf->tcp_listen_queue) {
diff --git a/src/auditd-listen.h b/src/auditd-listen.h
index 440b6ab..024fd6f 100644
--- a/src/auditd-listen.h
+++ b/src/auditd-listen.h
@@ -26,8 +26,8 @@
#include "ev.h"
int auditd_tcp_listen_init ( struct ev_loop *loop, struct daemon_conf *config );
-void auditd_tcp_listen_uninit ( struct ev_loop *loop );
-void auditd_tcp_listen_check_idle ( struct ev_loop *loop );
+void auditd_tcp_listen_uninit ( struct ev_loop *loop,
+ struct daemon_conf *config );
void auditd_tcp_listen_reconfigure ( struct daemon_conf *nconf,
struct daemon_conf *oconf );
diff --git a/src/auditd.c b/src/auditd.c
index e0ee702..a369434 100644
--- a/src/auditd.c
+++ b/src/auditd.c
@@ -68,7 +68,6 @@ static int do_fork = 1;
static struct auditd_reply_list *rep = NULL;
static int hup_info_requested = 0, usr1_info_requested = 0;
static char subj[SUBJ_LEN];
-static struct ev_periodic periodic_watcher;
/* Local function prototypes */
int send_audit_event(int type, const char *str);
@@ -442,27 +441,6 @@ static void netlink_handler(struct ev_loop *loop, struct ev_io *io,
}
}
-static void periodic_handler(struct ev_loop *loop, struct ev_periodic *per,
- int revents )
-{
- struct daemon_conf *config = (struct daemon_conf *) per->data;
-
- if (config->tcp_client_max_idle)
- auditd_tcp_listen_check_idle (loop);
-}
-
-void periodic_reconfigure(void)
-{
- struct ev_loop *loop = ev_default_loop (EVFLAG_AUTO);
- if (config.tcp_client_max_idle) {
- ev_periodic_set (&periodic_watcher, ev_now (loop),
- config.tcp_client_max_idle, NULL);
- ev_periodic_start (loop, &periodic_watcher);
- } else {
- ev_periodic_stop (loop, &periodic_watcher);
- }
-}
-
int main(int argc, char *argv[])
{
struct sigaction sa;
@@ -719,12 +697,6 @@ int main(int argc, char *argv[])
ev_signal_init (&sigchld_watcher, child_handler, SIGCHLD);
ev_signal_start (loop, &sigchld_watcher);
- ev_periodic_init (&periodic_watcher, periodic_handler,
- 0, config.tcp_client_max_idle, NULL);
- periodic_watcher.data = &config;
- if (config.tcp_client_max_idle)
- ev_periodic_start (loop, &periodic_watcher);
-
if (auditd_tcp_listen_init (loop, &config)) {
char emsg[DEFAULT_BUF_SZ];
if (*subj)
@@ -755,15 +727,13 @@ int main(int argc, char *argv[])
if (!stop)
ev_loop (loop, 0);
- auditd_tcp_listen_uninit (loop);
+ auditd_tcp_listen_uninit (loop, &config);
// Tear down IO watchers Part 1
ev_signal_stop (loop, &sighup_watcher);
ev_signal_stop (loop, &sigusr1_watcher);
ev_signal_stop (loop, &sigusr2_watcher);
ev_signal_stop (loop, &sigterm_watcher);
- if (config.tcp_client_max_idle)
- ev_periodic_stop (loop, &periodic_watcher);
/* Write message to log that we are going down */
rc = audit_request_signal_info(fd);
--
1.7.9.5
next prev parent reply other threads:[~2012-08-01 7:00 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-01 7:00 [PATCH 0/5] Build time disabling of auditd network listener Tyler Hicks
2012-08-01 7:00 ` [PATCH 1/5] Move auditd listener reconfigure code into auditd-listen.c Tyler Hicks
2012-08-01 7:00 ` [PATCH 2/5] Store daemon config pointer in the periodic watcher's private data Tyler Hicks
2012-08-01 7:00 ` Tyler Hicks [this message]
2012-08-01 7:00 ` [PATCH 4/5] Consolidate periodic handler code Tyler Hicks
2012-08-01 7:00 ` [PATCH 5/5] Conditionally build auditd network listener support Tyler Hicks
2012-09-10 18:39 ` [PATCH 0/5] Build time disabling of auditd network listener Tyler Hicks
2012-09-11 13:12 ` Steve Grubb
2012-09-11 17:10 ` Tyler Hicks
2012-10-26 17:09 ` Tyler Hicks
2012-10-26 17:14 ` Steve Grubb
2012-11-05 14:17 ` Steve Grubb
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1343804424-3172-4-git-send-email-tyhicks@canonical.com \
--to=tyhicks@canonical.com \
--cc=linux-audit@redhat.com \
--cc=sgrubb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox