2 * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
20 FILE_LICENCE ( GPL2_OR_LATER );
24 * Encrypted syslog protocol
31 #include <ipxe/xfer.h>
32 #include <ipxe/open.h>
33 #include <ipxe/tcpip.h>
34 #include <ipxe/dhcp.h>
35 #include <ipxe/settings.h>
36 #include <ipxe/console.h>
37 #include <ipxe/lineconsole.h>
39 #include <ipxe/syslog.h>
40 #include <config/console.h>
42 /* Set default console usage if applicable */
43 #if ! ( defined ( CONSOLE_SYSLOGS ) && CONSOLE_EXPLICIT ( CONSOLE_SYSLOGS ) )
44 #undef CONSOLE_SYSLOGS
45 #define CONSOLE_SYSLOGS ( CONSOLE_USAGE_ALL & ~CONSOLE_USAGE_TUI )
48 struct console_driver syslogs_console __console_driver;
50 /** The encrypted syslog server */
51 static struct sockaddr_tcpip logserver = {
52 .st_port = htons ( SYSLOG_PORT ),
56 * Handle encrypted syslog TLS interface close
59 * @v rc Reason for close
61 static void syslogs_close ( struct interface *intf __unused, int rc ) {
63 DBG ( "SYSLOGS console disconnected: %s\n", strerror ( rc ) );
67 * Handle encrypted syslog TLS interface window change
71 static void syslogs_window_changed ( struct interface *intf ) {
73 /* Mark console as enabled when window first opens, indicating
74 * that TLS negotiation is complete. (Do not disable console
75 * when window closes again, since TCP will close the window
76 * whenever there is unACKed data.)
78 if ( xfer_window ( intf ) ) {
79 if ( syslogs_console.disabled )
80 DBG ( "SYSLOGS console connected\n" );
81 syslogs_console.disabled = 0;
85 /** Encrypted syslog TLS interface operations */
86 static struct interface_operation syslogs_operations[] = {
87 INTF_OP ( xfer_window_changed, struct interface *,
88 syslogs_window_changed ),
89 INTF_OP ( intf_close, struct interface *, syslogs_close ),
92 /** Encrypted syslog TLS interface descriptor */
93 static struct interface_descriptor syslogs_desc =
94 INTF_DESC_PURE ( syslogs_operations );
96 /** The encrypted syslog TLS interface */
97 static struct interface syslogs = INTF_INIT ( syslogs_desc );
99 /******************************************************************************
103 ******************************************************************************
106 /** Encrypted syslog line buffer */
107 static char syslogs_buffer[SYSLOG_BUFSIZE];
109 /** Encrypted syslog severity */
110 static unsigned int syslogs_severity = SYSLOG_DEFAULT_SEVERITY;
113 * Handle ANSI set encrypted syslog priority (private sequence)
115 * @v ctx ANSI escape sequence context
116 * @v count Parameter count
117 * @v params List of graphic rendition aspects
119 static void syslogs_handle_priority ( struct ansiesc_context *ctx __unused,
120 unsigned int count __unused,
122 if ( params[0] >= 0 ) {
123 syslogs_severity = params[0];
125 syslogs_severity = SYSLOG_DEFAULT_SEVERITY;
129 /** Encrypted syslog ANSI escape sequence handlers */
130 static struct ansiesc_handler syslogs_handlers[] = {
131 { ANSIESC_LOG_PRIORITY, syslogs_handle_priority },
135 /** Encrypted syslog line console */
136 static struct line_console syslogs_line = {
137 .buffer = syslogs_buffer,
138 .len = sizeof ( syslogs_buffer ),
140 .handlers = syslogs_handlers,
144 /** Encrypted syslog recursion marker */
145 static int syslogs_entered;
148 * Print a character to encrypted syslog console
150 * @v character Character to be printed
152 static void syslogs_putchar ( int character ) {
155 /* Ignore if we are already mid-logging */
156 if ( syslogs_entered )
159 /* Fill line buffer */
160 if ( line_putchar ( &syslogs_line, character ) == 0 )
163 /* Guard against re-entry */
166 /* Send log message */
167 if ( ( rc = syslog_send ( &syslogs, syslogs_severity,
168 syslogs_buffer, "\n" ) ) != 0 ) {
169 DBG ( "SYSLOGS could not send log message: %s\n",
173 /* Clear re-entry flag */
177 /** Encrypted syslog console driver */
178 struct console_driver syslogs_console __console_driver = {
179 .putchar = syslogs_putchar,
180 .disabled = CONSOLE_DISABLED,
181 .usage = CONSOLE_SYSLOGS,
184 /******************************************************************************
188 ******************************************************************************
191 /** Encrypted syslog server setting */
192 const struct setting syslogs_setting __setting ( SETTING_MISC, syslogs ) = {
194 .description = "Encrypted syslog server",
195 .tag = DHCP_EB_SYSLOGS_SERVER,
196 .type = &setting_type_string,
200 * Apply encrypted syslog settings
202 * @ret rc Return status code
204 static int apply_syslogs_settings ( void ) {
205 static char *old_server;
207 struct interface *socket;
210 /* Fetch log server */
211 fetch_string_setting_copy ( NULL, &syslogs_setting, &server );
213 /* Do nothing unless log server has changed */
214 if ( ( ( server == NULL ) && ( old_server == NULL ) ) ||
215 ( ( server != NULL ) && ( old_server != NULL ) &&
216 ( strcmp ( server, old_server ) == 0 ) ) ) {
223 /* Reset encrypted syslog connection */
224 syslogs_console.disabled = CONSOLE_DISABLED;
225 intf_restart ( &syslogs, 0 );
227 /* Do nothing unless we have a log server */
229 DBG ( "SYSLOGS has no log server\n" );
235 if ( ( rc = add_tls ( &syslogs, server, &socket ) ) != 0 ) {
236 DBG ( "SYSLOGS cannot create TLS filter: %s\n",
241 /* Connect to log server */
242 if ( ( rc = xfer_open_named_socket ( socket, SOCK_STREAM,
243 (( struct sockaddr *) &logserver ),
244 server, NULL ) ) != 0 ) {
245 DBG ( "SYSLOGS cannot connect to log server: %s\n",
247 goto err_open_named_socket;
249 DBG ( "SYSLOGS using log server %s\n", server );
251 /* Record log server */
258 err_open_named_socket:
266 /** Encrypted syslog settings applicator */
267 struct settings_applicator syslogs_applicator __settings_applicator = {
268 .apply = apply_syslogs_settings,