The branch, master has been updated via 00212e5c7dd229e7f8975a165d5ab8875d4917cc (commit) via 2fd1067a075fe0e4b2a36d4ea18af139d03f17bf (commit) via e6d1dd3ec4a078e5f32bc52a4a9e4b7d9a2e2d16 (commit) via 667b174d605646b53f4855e9aaf5f8ce4fdde532 (commit) from 08e06176feab1ec244496e62a916fbb77817239f (commit)
http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 00212e5c7dd229e7f8975a165d5ab8875d4917cc Author: Mathieu Parent <math.par...@gmail.com> Date: Fri Nov 25 20:58:49 2011 +0100 GNU/Hurd support CTDB has the following limitations on GNU Hurd: - The pid of a peer is not get from the socket [1]. As a consequence, the peer process is not killed when releasing IP [2]. - Gratuitous arp are not yet supported [3] - network interfaces are always considered present [4] [1]: ctdb_get_peer_pid() in common/system_gnu.c [2]: release_kill_clients() in server/ctdb_takeover.c [3]: ctdb_sys_send_arp() in common/system_gnu.c [4]: ctdb_sys_check_iface_exists() in common/system_gnu.c commit 2fd1067a075fe0e4b2a36d4ea18af139d03f17bf Author: Mathieu Parent <math.par...@gmail.com> Date: Sat Nov 5 19:04:40 2011 +0100 Move platform-specific code to common/system_* This removes #ifdef AIX and ease the addition of new platforms. commit e6d1dd3ec4a078e5f32bc52a4a9e4b7d9a2e2d16 Author: Mathieu Parent <math.par...@gmail.com> Date: Sat Nov 5 17:26:40 2011 +0100 Remove zero-length gnu_printf format string in ctdb_daemon.c (gcc warning) server/ctdbd.c: In function âmainâ: server/ctdb_daemon.c:943:7: warning: zero-length gnu_printf format string [-Wformat-zero-length] commit 667b174d605646b53f4855e9aaf5f8ce4fdde532 Author: Mathieu Parent <math.par...@gmail.com> Date: Fri Nov 25 21:12:43 2011 +0100 Fix ctdb-crash-cleanup sysconfig handling ----------------------------------------------------------------------- Summary of changes: common/system_aix.c | 11 ++ common/system_gnu.c | 364 ++++++++++++++++++++++++++++++++++++++++++ common/system_linux.c | 12 ++ config/ctdb-crash-cleanup.sh | 13 ++- configure.ac | 5 + include/ctdb_private.h | 1 + server/ctdb_daemon.c | 21 +-- 7 files changed, 410 insertions(+), 17 deletions(-) create mode 100644 common/system_gnu.c Changeset truncated at 500 lines: diff --git a/common/system_aix.c b/common/system_aix.c index 1404a82..c17598a 100644 --- a/common/system_aix.c +++ b/common/system_aix.c @@ -362,3 +362,14 @@ bool ctdb_sys_check_iface_exists(const char *iface) return true; } +int ctdb_get_peer_pid(const int fd, pid_t *peer_pid) +{ + struct peercred_struct cr; + socklen_t crl = sizeof(struct peercred_struct); + int ret; + if ((ret = getsockopt(fd, SOL_SOCKET, SO_PEERID, &cr, &crl) == 0)) { + peer_pid = cr.pid; + } + return ret; +} + diff --git a/common/system_gnu.c b/common/system_gnu.c new file mode 100644 index 0000000..604bb48 --- /dev/null +++ b/common/system_gnu.c @@ -0,0 +1,364 @@ +/* + ctdb system specific code to manage raw sockets on linux + + Copyright (C) Ronnie Sahlberg 2007 + Copyright (C) Andrew Tridgell 2007 + Copyright (C) Marc Dequènes (Duck) 2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, see <http://www.gnu.org/licenses/>. + + + This file is a copy of 'common/system_linux.c' adapted for Hurd needs, + and inspired by 'common/system_aix.c' for the pcap usage. +*/ + +#include "includes.h" +#include "system/network.h" +#include "system/filesys.h" +#include "system/wait.h" +#include "../include/ctdb_private.h" +#include "lib/tevent/tevent.h" +#include <net/ethernet.h> +#include <netinet/ip6.h> +#include <net/if_arp.h> +#include <pcap.h> + + +#ifndef ETHERTYPE_IP6 +#define ETHERTYPE_IP6 0x86dd +#endif + +/* + calculate the tcp checksum for tcp over ipv6 +*/ +static uint16_t tcp_checksum6(uint16_t *data, size_t n, struct ip6_hdr *ip6) +{ + uint32_t phdr[2]; + uint32_t sum = 0; + uint16_t sum2; + + sum += uint16_checksum((uint16_t *)(void *)&ip6->ip6_src, 16); + sum += uint16_checksum((uint16_t *)(void *)&ip6->ip6_dst, 16); + + phdr[0] = htonl(n); + phdr[1] = htonl(ip6->ip6_nxt); + sum += uint16_checksum((uint16_t *)phdr, 8); + + sum += uint16_checksum(data, n); + + sum = (sum & 0xFFFF) + (sum >> 16); + sum = (sum & 0xFFFF) + (sum >> 16); + sum2 = htons(sum); + sum2 = ~sum2; + if (sum2 == 0) { + return 0xFFFF; + } + return sum2; +} + +/* + send gratuitous arp reply after we have taken over an ip address + + saddr is the address we are trying to claim + iface is the interface name we will be using to claim the address + */ +int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) +{ + /* FIXME We dont do gratuitous arp on Hurd yet */ + return 0; +} + + +/* + simple TCP checksum - assumes data is multiple of 2 bytes long + */ +static uint16_t tcp_checksum(uint16_t *data, size_t n, struct iphdr *ip) +{ + uint32_t sum = uint16_checksum(data, n); + uint16_t sum2; + sum += uint16_checksum((uint16_t *)(void *)&ip->saddr, + sizeof(ip->saddr)); + sum += uint16_checksum((uint16_t *)(void *)&ip->daddr, + sizeof(ip->daddr)); + sum += ip->protocol + n; + sum = (sum & 0xFFFF) + (sum >> 16); + sum = (sum & 0xFFFF) + (sum >> 16); + sum2 = htons(sum); + sum2 = ~sum2; + if (sum2 == 0) { + return 0xFFFF; + } + return sum2; +} + +/* + Send tcp segment from the specified IP/port to the specified + destination IP/port. + + This is used to trigger the receiving host into sending its own ACK, + which should trigger early detection of TCP reset by the client + after IP takeover + + This can also be used to send RST segments (if rst is true) and also + if correct seq and ack numbers are provided. + */ +int ctdb_sys_send_tcp(const ctdb_sock_addr *dest, + const ctdb_sock_addr *src, + uint32_t seq, uint32_t ack, int rst) +{ + int s; + int ret; + uint32_t one = 1; + uint16_t tmpport; + ctdb_sock_addr *tmpdest; + struct { + struct iphdr ip; + struct tcphdr tcp; + } ip4pkt; + struct { + struct ip6_hdr ip6; + struct tcphdr tcp; + } ip6pkt; + + switch (src->ip.sin_family) { + case AF_INET: + ZERO_STRUCT(ip4pkt); + ip4pkt.ip.version = 4; + ip4pkt.ip.ihl = sizeof(ip4pkt.ip)/4; + ip4pkt.ip.tot_len = htons(sizeof(ip4pkt)); + ip4pkt.ip.ttl = 255; + ip4pkt.ip.protocol = IPPROTO_TCP; + ip4pkt.ip.saddr = src->ip.sin_addr.s_addr; + ip4pkt.ip.daddr = dest->ip.sin_addr.s_addr; + ip4pkt.ip.check = 0; + + ip4pkt.tcp.source = src->ip.sin_port; + ip4pkt.tcp.dest = dest->ip.sin_port; + ip4pkt.tcp.seq = seq; + ip4pkt.tcp.ack_seq = ack; + ip4pkt.tcp.ack = 1; + if (rst) { + ip4pkt.tcp.rst = 1; + } + ip4pkt.tcp.doff = sizeof(ip4pkt.tcp)/4; + /* this makes it easier to spot in a sniffer */ + ip4pkt.tcp.window = htons(1234); + ip4pkt.tcp.check = tcp_checksum((uint16_t *)&ip4pkt.tcp, sizeof(ip4pkt.tcp), &ip4pkt.ip); + + /* open a raw socket to send this segment from */ + s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW)); + if (s == -1) { + DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n", + strerror(errno))); + return -1; + } + + ret = setsockopt(s, IPPROTO_IP, IP_HDRINCL, &one, sizeof(one)); + if (ret != 0) { + DEBUG(DEBUG_CRIT,(__location__ " failed to setup IP headers (%s)\n", + strerror(errno))); + close(s); + return -1; + } + + set_nonblocking(s); + set_close_on_exec(s); + + ret = sendto(s, &ip4pkt, sizeof(ip4pkt), 0, &dest->ip, sizeof(dest->ip)); + close(s); + if (ret != sizeof(ip4pkt)) { + DEBUG(DEBUG_CRIT,(__location__ " failed sendto (%s)\n", strerror(errno))); + return -1; + } + break; + case AF_INET6: + ZERO_STRUCT(ip6pkt); + ip6pkt.ip6.ip6_vfc = 0x60; + ip6pkt.ip6.ip6_plen = htons(20); + ip6pkt.ip6.ip6_nxt = IPPROTO_TCP; + ip6pkt.ip6.ip6_hlim = 64; + ip6pkt.ip6.ip6_src = src->ip6.sin6_addr; + ip6pkt.ip6.ip6_dst = dest->ip6.sin6_addr; + + ip6pkt.tcp.source = src->ip6.sin6_port; + ip6pkt.tcp.dest = dest->ip6.sin6_port; + ip6pkt.tcp.seq = seq; + ip6pkt.tcp.ack_seq = ack; + ip6pkt.tcp.ack = 1; + if (rst) { + ip6pkt.tcp.rst = 1; + } + ip6pkt.tcp.doff = sizeof(ip6pkt.tcp)/4; + /* this makes it easier to spot in a sniffer */ + ip6pkt.tcp.window = htons(1234); + ip6pkt.tcp.check = tcp_checksum6((uint16_t *)&ip6pkt.tcp, sizeof(ip6pkt.tcp), &ip6pkt.ip6); + + s = socket(PF_INET6, SOCK_RAW, IPPROTO_RAW); + if (s == -1) { + DEBUG(DEBUG_CRIT, (__location__ " Failed to open sending socket\n")); + return -1; + + } + /* sendto() dont like if the port is set and the socket is + in raw mode. + */ + tmpdest = discard_const(dest); + tmpport = tmpdest->ip6.sin6_port; + + tmpdest->ip6.sin6_port = 0; + ret = sendto(s, &ip6pkt, sizeof(ip6pkt), 0, &dest->ip6, sizeof(dest->ip6)); + tmpdest->ip6.sin6_port = tmpport; + close(s); + + if (ret != sizeof(ip6pkt)) { + DEBUG(DEBUG_CRIT,(__location__ " failed sendto (%s)\n", strerror(errno))); + return -1; + } + break; + + default: + DEBUG(DEBUG_CRIT,(__location__ " not an ipv4/v6 address\n")); + return -1; + } + + return 0; +} + +/* + This function is used to open a raw socket to capture from + */ +int ctdb_sys_open_capture_socket(const char *iface, void **private_data) +{ + pcap_t *pt; + + pt=pcap_open_live(iface, 100, 0, 0, NULL); + if (pt == NULL) { + DEBUG(DEBUG_CRIT,("Failed to open capture device %s\n", iface)); + return -1; + } + *((pcap_t **)private_data) = pt; + + return pcap_fileno(pt); +} + +/* This function is used to close the capture socket + */ +int ctdb_sys_close_capture_socket(void *private_data) +{ + pcap_t *pt = (pcap_t *)private_data; + pcap_close(pt); + return 0; +} + + +/* + called when the raw socket becomes readable + */ +int ctdb_sys_read_tcp_packet(int s, void *private_data, + ctdb_sock_addr *src, ctdb_sock_addr *dst, + uint32_t *ack_seq, uint32_t *seq) +{ + int ret; +#define RCVPKTSIZE 100 + char pkt[RCVPKTSIZE]; + struct ether_header *eth; + struct iphdr *ip; + struct ip6_hdr *ip6; + struct tcphdr *tcp; + + ret = recv(s, pkt, RCVPKTSIZE, MSG_TRUNC); + if (ret < sizeof(*eth)+sizeof(*ip)) { + return -1; + } + + /* Ethernet */ + eth = (struct ether_header *)pkt; + + /* we want either IPv4 or IPv6 */ + if (ntohs(eth->ether_type) == ETHERTYPE_IP) { + /* IP */ + ip = (struct iphdr *)(eth+1); + + /* We only want IPv4 packets */ + if (ip->version != 4) { + return -1; + } + /* Dont look at fragments */ + if ((ntohs(ip->frag_off)&0x1fff) != 0) { + return -1; + } + /* we only want TCP */ + if (ip->protocol != IPPROTO_TCP) { + return -1; + } + + /* make sure its not a short packet */ + if (offsetof(struct tcphdr, ack_seq) + 4 + + (ip->ihl*4) + sizeof(*eth) > ret) { + return -1; + } + /* TCP */ + tcp = (struct tcphdr *)((ip->ihl*4) + (char *)ip); + + /* tell the caller which one we've found */ + src->ip.sin_family = AF_INET; + src->ip.sin_addr.s_addr = ip->saddr; + src->ip.sin_port = tcp->source; + dst->ip.sin_family = AF_INET; + dst->ip.sin_addr.s_addr = ip->daddr; + dst->ip.sin_port = tcp->dest; + *ack_seq = tcp->ack_seq; + *seq = tcp->seq; + + return 0; + } else if (ntohs(eth->ether_type) == ETHERTYPE_IP6) { + /* IP6 */ + ip6 = (struct ip6_hdr *)(eth+1); + + /* we only want TCP */ + if (ip6->ip6_nxt != IPPROTO_TCP) { + return -1; + } + + /* TCP */ + tcp = (struct tcphdr *)(ip6+1); + + /* tell the caller which one we've found */ + src->ip6.sin6_family = AF_INET6; + src->ip6.sin6_port = tcp->source; + src->ip6.sin6_addr = ip6->ip6_src; + + dst->ip6.sin6_family = AF_INET6; + dst->ip6.sin6_port = tcp->dest; + dst->ip6.sin6_addr = ip6->ip6_dst; + + *ack_seq = tcp->ack_seq; + *seq = tcp->seq; + + return 0; + } + + return -1; +} + +bool ctdb_sys_check_iface_exists(const char *iface) +{ + return true; +} + +int ctdb_get_peer_pid(const int fd, pid_t *peer_pid) +{ + /* FIXME not implemented */ + return 1; +} diff --git a/common/system_linux.c b/common/system_linux.c index ca2d475..cb26dcd 100644 --- a/common/system_linux.c +++ b/common/system_linux.c @@ -563,3 +563,15 @@ bool ctdb_sys_check_iface_exists(const char *iface) return true; } + +int ctdb_get_peer_pid(const int fd, pid_t *peer_pid) +{ + struct ucred cr; + socklen_t crl = sizeof(struct ucred); + int ret; + if ((ret = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cr, &crl) == 0)) { + peer_pid = cr.pid; + } + return ret; +} + diff --git a/config/ctdb-crash-cleanup.sh b/config/ctdb-crash-cleanup.sh index f7ccfc8..e176518 100755 --- a/config/ctdb-crash-cleanup.sh +++ b/config/ctdb-crash-cleanup.sh @@ -13,7 +13,7 @@ } [ ! -f "$CTDB_PUBLIC_ADDRESSES" ] && { - echo "No public addresses file found. Cant cleanup." + echo "No public addresses file found. Can't clean up." exit 1 } @@ -22,7 +22,16 @@ ctdb status 2>/dev/null && { exit 0 } -(cat /etc/{sysconfig,default}/ctdb | egrep "^CTDB_NATGW_PUBLIC_IP" | sed -e "s/.*=//" -e "s/\/.*//";cat "$CTDB_PUBLIC_ADDRESSES" | cut -d/ -f1) | while read _IP; do +if [ -f /etc/sysconfig/ctdb ]; then + CTDB_CONFIG=/etc/sysconfig/ctdb +elif [ -f /etc/default/ctdb ]; then + CTDB_CONFIG=/etc/default/ctdb +else + echo "CTDB config not found. Can't clean up." + exit 1 +fi + +(cat $CTDB_CONFIG | egrep "^CTDB_NATGW_PUBLIC_IP" | sed -e "s/.*=//" -e "s/\/.*//";cat "$CTDB_PUBLIC_ADDRESSES" | cut -d/ -f1) | while read _IP; do _IP_HELD=`/sbin/ip addr show | grep "inet $_IP/"` [ -z "$_IP_HELD" ] || { _IFACE=`echo $_IP_HELD | sed -e "s/.*\s//"` diff --git a/configure.ac b/configure.ac index 13ca48a..9f54624 100644 --- a/configure.ac +++ b/configure.ac @@ -28,6 +28,11 @@ case `uname` in CTDB_SCSI_IO= CTDB_PCAP_LDFLAGS=-lpcap ;; + GNU) + CTDB_SYSTEM_OBJ=common/system_gnu.o + CTDB_SCSI_IO= + CTDB_PCAP_LDFLAGS=-lpcap + ;; *) echo unknown system cant configure exit diff --git a/include/ctdb_private.h b/include/ctdb_private.h index f545eaa..5ce32a1 100644 --- a/include/ctdb_private.h +++ b/include/ctdb_private.h @@ -1132,6 +1132,7 @@ uint32_t uint16_checksum(uint16_t *data, size_t n); int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface); bool ctdb_sys_have_ip(ctdb_sock_addr *addr); bool ctdb_sys_check_iface_exists(const char *iface); +int ctdb_get_peer_pid(const int fd, pid_t *peer_pid); int ctdb_sys_send_tcp(const ctdb_sock_addr *dest, const ctdb_sock_addr *src, uint32_t seq, uint32_t ack, int rst); diff --git a/server/ctdb_daemon.c b/server/ctdb_daemon.c index 8bf435c..69488df 100644 --- a/server/ctdb_daemon.c +++ b/server/ctdb_daemon.c @@ -894,13 +894,7 @@ static void ctdb_accept_client(struct event_context *ev, struct fd_event *fde, struct ctdb_context *ctdb = talloc_get_type(private_data, struct ctdb_context); struct ctdb_client *client; struct ctdb_client_pid_list *client_pid; -#ifdef _AIX - struct peercred_struct cr; - socklen_t crl = sizeof(struct peercred_struct); -#else - struct ucred cr; - socklen_t crl = sizeof(struct ucred); -#endif + pid_t peer_pid = 0; memset(&addr, 0, sizeof(addr)); len = sizeof(addr); @@ -915,18 +909,14 @@ static void ctdb_accept_client(struct event_context *ev, struct fd_event *fde, DEBUG(DEBUG_DEBUG,(__location__ " Created SOCKET FD:%d to connected child\n", fd)); client = talloc_zero(ctdb, struct ctdb_client); -#ifdef _AIX - if (getsockopt(fd, SOL_SOCKET, SO_PEERID, &cr, &crl) == 0) { -#else - if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cr, &crl) == 0) { -#endif - DEBUG(DEBUG_INFO,("Connected client with pid:%u\n", (unsigned)cr.pid)); + if (ctdb_get_peer_pid(fd, &peer_pid) == 0) { + DEBUG(DEBUG_INFO,("Connected client with pid:%u\n", (unsigned)peer_pid)); } -- CTDB repository