Mercurial > illumos > illumos-gate
view usr/src/cmd/cmd-inet/usr.lib/ilbd/ilbd_support.c @ 10946:324bab2b3370
PSARC 2008/575 ILB: Integrated L3/L4 Load balancer
6882718 in-kernel simple L3/L4 load balancing service should be provided in Solaris
6884202 ipobs_hook() in ip_input() invalidates DB_REF assumption
| author | Sangeeta Misra <Sangeeta.Misra@Sun.COM> |
|---|---|
| date | Tue, 03 Nov 2009 23:15:19 -0800 |
| parents | |
| children |
line wrap: on
line source
/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #include <stdio.h> #include <stdlib.h> #include <strings.h> #include <unistd.h> #include <stropts.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/stropts.h> #include <sys/sockio.h> #include <errno.h> #include <sys/list.h> #include <auth_attr.h> #include <auth_list.h> #include <secdb.h> #include <libilb.h> #include "libilb_impl.h" #include "ilbd.h" /* * logs error messages, either to stderr or syslog, depending on * the -d option */ static boolean_t ilbd_debugging = B_FALSE; /* Socket to issue ioctl() to the kernel */ static int ksock = -1; void ilbd_enable_debug(void) { ilbd_debugging = B_TRUE; } boolean_t is_debugging_on(void) { return (ilbd_debugging); } /* * All routines log to syslog, unless the daemon is running in * the foreground, in which case the logging goes to stderr. * The following logging functions are available: * * * logdebug(): A printf-like function for outputting debug messages * (messages at LOG_DEBUG) that are only of use to developers. * * logerr(): A printf-like function for outputting error messages * (messages at LOG_ERR) from the daemon. * * logperror*(): A set of functions used to output error messages * (messages at LOG_ERR); these automatically append strerror(errno) * and a newline to the message passed to them. * * NOTE: since the logging functions write to syslog, the messages passed * to them are not eligible for localization. Thus, gettext() must * *not* be used. * */ /* PRINTFLIKE2 */ void ilbd_log(int pri, const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (ilbd_debugging == B_TRUE) { (void) vfprintf(stderr, fmt, ap); (void) fprintf(stderr, "\n"); } else { vsyslog(pri, fmt, ap); } va_end(ap); } /* PRINTFLIKE1 */ void logperror(const char *str) { if (ilbd_debugging == B_TRUE) (void) fprintf(stderr, "%s: %s\n", str, strerror(errno)); else syslog(LOG_ERR, "%s: %m", str); } ilb_status_t ilbd_check_client_config_auth(const struct passwd *pwd) { if (chkauthattr(NET_ILB_CONFIG_AUTH, pwd->pw_name) == 0) { logdebug("user %s is not authorized for" " configuration operation", pwd->pw_name); return (ILB_STATUS_CFGAUTH); } return (ILB_STATUS_OK); } ilb_status_t ilbd_check_client_enable_auth(const struct passwd *pwd) { if (chkauthattr(NET_ILB_ENABLE_AUTH, pwd->pw_name) == 0) { logdebug("user %s is not authorized for" " enable/disable operation", pwd->pw_name); return (ILB_STATUS_CFGAUTH); } return (ILB_STATUS_OK); } /* * input param. "err" should be one of the errnos defined in * /usr/include/sys/errno.h * this list is NOT complete. */ ilb_status_t ilb_map_errno2ilbstat(int err) { ilb_status_t rc = ILB_STATUS_INTERNAL; switch (err) { case 0: rc = ILB_STATUS_OK; /* for completeness' sake */ break; case EINVAL: rc = ILB_STATUS_EINVAL; break; case ENOENT: rc = ILB_STATUS_ENOENT; break; case ENOMEM: rc = ILB_STATUS_ENOMEM; break; case EINPROGRESS: rc = ILB_STATUS_INPROGRESS; break; case EEXIST: rc = ILB_STATUS_EEXIST; break; } return (rc); } static int i_get_kcmd_sz(void *cmdp) { int sz; switch (((ilb_rule_cmd_t *)cmdp)->cmd) { case ILB_DESTROY_RULE: case ILB_ENABLE_RULE: case ILB_DISABLE_RULE: sz = sizeof (ilb_name_cmd_t); break; case ILB_CREATE_RULE: case ILB_LIST_RULE: sz = sizeof (ilb_rule_cmd_t); break; case ILB_NUM_RULES: sz = sizeof (ilb_num_rules_cmd_t); break; case ILB_NUM_SERVERS: sz = sizeof (ilb_num_servers_cmd_t); break; case ILB_ADD_SERVERS: { ilb_servers_info_cmd_t *kcmd = (ilb_servers_info_cmd_t *)cmdp; sz = sizeof (*kcmd) + ((kcmd->num_servers - 1) * sizeof (kcmd->servers)); break; } case ILB_RULE_NAMES: { ilb_rule_names_cmd_t *kcmd = (ilb_rule_names_cmd_t *)cmdp; sz = sizeof (*kcmd) + ((kcmd->num_names - 1) * sizeof (kcmd->buf)); break; } case ILB_DEL_SERVERS: case ILB_ENABLE_SERVERS: case ILB_DISABLE_SERVERS: { ilb_servers_cmd_t *kcmd = (ilb_servers_cmd_t *)cmdp; sz = sizeof (*kcmd) + ((kcmd->num_servers - 1) * sizeof (kcmd->servers)); break; } default: sz = -1; break; } return (sz); } /* * parameter 'sz' is optional (indicated by == 0); if it's not set * we try to derive it from cmdp->cmd */ ilb_status_t do_ioctl(void *cmdp, ssize_t sz) { struct strioctl ioc; int i_rc; if (ksock == -1) { ksock = socket(AF_INET, SOCK_DGRAM, 0); if (ksock == -1) { logperror("do_ioctl: AF_INET socket call" " failed"); return (ILB_STATUS_INTERNAL); } } (void) memset(&ioc, 0, sizeof (ioc)); ioc.ic_cmd = SIOCILB; ioc.ic_timout = 0; ioc.ic_dp = cmdp; if (sz == 0) { sz = i_get_kcmd_sz(cmdp); if (sz == -1) { logdebug("do_ioctl: unknown command"); return (ILB_STATUS_INVAL_CMD); } } ioc.ic_len = sz; i_rc = ioctl(ksock, I_STR, (caddr_t)&ioc); if (i_rc == -1) { logdebug("do_ioctl: SIOCILB ioctl (%d) failed: %s", *(ilb_cmd_t *)cmdp, strerror(errno)); return (ilb_map_errno2ilbstat(errno)); } return (ILB_STATUS_OK); } /* * Create an OK reply to a client request. It is assumed that the passed * in buffer is large enough to hold the reply. */ void ilbd_reply_ok(uint32_t *rbuf, size_t *rbufsz) { ilb_comm_t *ic = (ilb_comm_t *)rbuf; ic->ic_cmd = ILBD_CMD_OK; /* Default is one exchange of request/response. */ ic->ic_flags = ILB_COMM_END; *rbufsz = sizeof (ilb_comm_t); } /* * Create an error reply to a client request. It is assumed that the passed * in buffer is large enough to hold the reply. */ void ilbd_reply_err(uint32_t *rbuf, size_t *rbufsz, ilb_status_t status) { ilb_comm_t *ic = (ilb_comm_t *)rbuf; ic->ic_cmd = ILBD_CMD_ERROR; /* Default is one exchange of request/response. */ ic->ic_flags = ILB_COMM_END; *(ilb_status_t *)&ic->ic_data = status; *rbufsz = sizeof (ilb_comm_t) + sizeof (ilb_status_t); }