| Message ID | AM6PR08MB3160E08680A951F50651E12481160@AM6PR08MB3160.eurprd08.prod.outlook.com |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | R: [PATCH] suricatta: added option to bind to interface/IP address. | expand |
On 17.02.20 09:50, Pesce Luca wrote: > Hi Stefano, > rebased to current master's head (86f273c2b2258c06321ef30138c81e2d7e73b2ea), embedding patch 1 (suricatta code mods) and patch 2 (new parameter in example file) together in one patch. > Pedro's patch on swupdate.rst is here: http://patchwork.ozlabs.org/patch/1237581/ > Thanks - both patches merged into -master. Best regards, Stefano > > Regards, > Luca > > ________________________________________ > Da: Pesce Luca <Luca.Pesce@vimar.com> > Inviato: lunedì 17 febbraio 2020 09:46 > A: swupdate@googlegroups.com > Cc: Pesce Luca; Aguilar Pedro > Oggetto: [PATCH] suricatta: added option to bind to interface/IP address. > > This patch adds the -f cmdline arg and the "interface" parameter to suricatta > to optionally bind communication channel to a specific interface or IP address. > To do so, a new config option is added to curl channel interface, which then > exploits CURLOPT_INTERFACE option. > Binding to an interface is useful in multi-interface devices, where routing > can be policy-based (e.g with output traffic classification rules based on > src address/device). > > Signed-off-by: Luca Pesce <luca.pesce@vimar.com> > Signed-off-by: Pedro Aguilar <pedro.aguilar@vimar.com> > --- > corelib/channel_curl.c | 12 ++++++++++++ > examples/configuration/swupdate.cfg | 3 +++ > include/channel_curl.h | 1 + > suricatta/common.c | 3 +++ > suricatta/server_hawkbit.c | 9 +++++++-- > 5 files changed, 26 insertions(+), 2 deletions(-) > > diff --git a/corelib/channel_curl.c b/corelib/channel_curl.c > index 9062a73..c00e994 100644 > --- a/corelib/channel_curl.c > +++ b/corelib/channel_curl.c > @@ -600,6 +600,18 @@ channel_op_res_t channel_set_options(channel_t *this, > } > } > > + /* > + * If requested, use a specific interface/IP address > + */ > + if (channel_data->iface != NULL) { > + if (curl_easy_setopt(channel_curl->handle, > + CURLOPT_INTERFACE, > + channel_data->iface) != CURLE_OK) { > + result = CHANNEL_EINIT; > + goto cleanup; > + } > + } > + > switch (method) { > case CHANNEL_GET: > if (curl_easy_setopt(channel_curl->handle, CURLOPT_CUSTOMREQUEST, > diff --git a/examples/configuration/swupdate.cfg b/examples/configuration/swupdate.cfg > index 6631436..39dda88 100644 > --- a/examples/configuration/swupdate.cfg > +++ b/examples/configuration/swupdate.cfg > @@ -127,6 +127,9 @@ identify : ( > # ciphers : string in the format used by CURL to set the allowed ciphers suite > # This allows to disable some ciphers, for example > # ciphers = "!eNULL:!aNULL:!EXP:!LOW:!MEDIUM:!ADH:!AECDH:!IDEA:!SEED:!MD5:!SHA:!RC4:HIGH+EECDH:HIGH+EDH"; > +# interface : string > +# interface name (e.g. "eth0") or IP address to bind communication channel to. > +# This allows to select source interface/address for outgoing traffic, if needed. > > suricatta : > { > diff --git a/include/channel_curl.h b/include/channel_curl.h > index 0e499c6..2904712 100644 > --- a/include/channel_curl.h > +++ b/include/channel_curl.h > @@ -37,6 +37,7 @@ typedef struct { > char *url; > char *auth; > char *request_body; > + char *iface; > #ifdef CONFIG_JSON > json_object *json_reply; > #endif > diff --git a/suricatta/common.c b/suricatta/common.c > index 51b7be8..bf2bcd2 100644 > --- a/suricatta/common.c > +++ b/suricatta/common.c > @@ -42,6 +42,9 @@ void suricatta_channel_settings(void *elem, channel_data_t *chan) > GET_FIELD_STRING_RESET(LIBCFG_PARSER, elem, "proxy", tmp); > if (strlen(tmp)) > SETSTRING(chan->proxy, tmp); > + GET_FIELD_STRING_RESET(LIBCFG_PARSER, elem, "interface", tmp); > + if (strlen(tmp)) > + SETSTRING(chan->iface, tmp); > } > > server_op_res_t map_channel_retcode(channel_op_res_t response) > diff --git a/suricatta/server_hawkbit.c b/suricatta/server_hawkbit.c > index fc5d932..55f1431 100644 > --- a/suricatta/server_hawkbit.c > +++ b/suricatta/server_hawkbit.c > @@ -46,6 +46,7 @@ static struct option long_options[] = { > {"proxy", optional_argument, NULL, 'y'}, > {"targettoken", required_argument, NULL, 'k'}, > {"gatewaytoken", required_argument, NULL, 'g'}, > + {"interface", required_argument, NULL, 'f'}, > {NULL, 0, NULL, 0}}; > > static unsigned short mandatory_argument_count = 0; > @@ -1443,7 +1444,8 @@ void server_print_help(void) > "\t -y, --proxy Use proxy. Either give proxy URL, else " > "{http,all}_proxy env is tried.\n" > "\t -k, --targettoken Set target token.\n" > - "\t -g, --gatewaytoken Set gateway token.\n", > + "\t -g, --gatewaytoken Set gateway token.\n" > + "\t -f, --interface Set the network interface to connect to Hawkbit.\n", > CHANNEL_DEFAULT_POLLING_INTERVAL, CHANNEL_DEFAULT_RESUME_TRIES, > CHANNEL_DEFAULT_RESUME_DELAY); > } > @@ -1519,7 +1521,7 @@ server_op_res_t server_start(char *fname, int argc, char *argv[]) > /* reset to optind=1 to parse suricatta's argument vector */ > optind = 1; > opterr = 0; > - while ((choice = getopt_long(argc, argv, "t:i:c:u:p:xr:y::w:k:g:", > + while ((choice = getopt_long(argc, argv, "t:i:c:u:p:xr:y::w:k:g:f:", > long_options, NULL)) != -1) { > switch (choice) { > case 't': > @@ -1595,6 +1597,9 @@ server_op_res_t server_start(char *fname, int argc, char *argv[]) > channel_data_defaults.retry_sleep = > (unsigned int)strtoul(optarg, NULL, 10); > break; > + case 'f': > + SETSTRING(channel_data_defaults.iface, optarg); > + break; > /* Ignore not recognized options, they can be already parsed by the caller */ > case '?': > break; > -- > 2.7.4 >
Hi Stefano, great, thanks and regards, Luca
diff --git a/corelib/channel_curl.c b/corelib/channel_curl.c index 9062a73..c00e994 100644 --- a/corelib/channel_curl.c +++ b/corelib/channel_curl.c @@ -600,6 +600,18 @@ channel_op_res_t channel_set_options(channel_t *this, } } + /* + * If requested, use a specific interface/IP address + */ + if (channel_data->iface != NULL) { + if (curl_easy_setopt(channel_curl->handle, + CURLOPT_INTERFACE, + channel_data->iface) != CURLE_OK) { + result = CHANNEL_EINIT; + goto cleanup; + } + } + switch (method) { case CHANNEL_GET: if (curl_easy_setopt(channel_curl->handle, CURLOPT_CUSTOMREQUEST, diff --git a/examples/configuration/swupdate.cfg b/examples/configuration/swupdate.cfg index 6631436..39dda88 100644 --- a/examples/configuration/swupdate.cfg +++ b/examples/configuration/swupdate.cfg @@ -127,6 +127,9 @@ identify : ( # ciphers : string in the format used by CURL to set the allowed ciphers suite # This allows to disable some ciphers, for example # ciphers = "!eNULL:!aNULL:!EXP:!LOW:!MEDIUM:!ADH:!AECDH:!IDEA:!SEED:!MD5:!SHA:!RC4:HIGH+EECDH:HIGH+EDH"; +# interface : string +# interface name (e.g. "eth0") or IP address to bind communication channel to. +# This allows to select source interface/address for outgoing traffic, if needed. suricatta : { diff --git a/include/channel_curl.h b/include/channel_curl.h index 0e499c6..2904712 100644 --- a/include/channel_curl.h +++ b/include/channel_curl.h @@ -37,6 +37,7 @@ typedef struct { char *url; char *auth; char *request_body; + char *iface; #ifdef CONFIG_JSON json_object *json_reply; #endif diff --git a/suricatta/common.c b/suricatta/common.c index 51b7be8..bf2bcd2 100644 --- a/suricatta/common.c +++ b/suricatta/common.c @@ -42,6 +42,9 @@ void suricatta_channel_settings(void *elem, channel_data_t *chan) GET_FIELD_STRING_RESET(LIBCFG_PARSER, elem, "proxy", tmp); if (strlen(tmp)) SETSTRING(chan->proxy, tmp); + GET_FIELD_STRING_RESET(LIBCFG_PARSER, elem, "interface", tmp); + if (strlen(tmp)) + SETSTRING(chan->iface, tmp); } server_op_res_t map_channel_retcode(channel_op_res_t response) diff --git a/suricatta/server_hawkbit.c b/suricatta/server_hawkbit.c index fc5d932..55f1431 100644 --- a/suricatta/server_hawkbit.c +++ b/suricatta/server_hawkbit.c @@ -46,6 +46,7 @@ static struct option long_options[] = { {"proxy", optional_argument, NULL, 'y'}, {"targettoken", required_argument, NULL, 'k'}, {"gatewaytoken", required_argument, NULL, 'g'}, + {"interface", required_argument, NULL, 'f'}, {NULL, 0, NULL, 0}}; static unsigned short mandatory_argument_count = 0; @@ -1443,7 +1444,8 @@ void server_print_help(void) "\t -y, --proxy Use proxy. Either give proxy URL, else " "{http,all}_proxy env is tried.\n" "\t -k, --targettoken Set target token.\n" - "\t -g, --gatewaytoken Set gateway token.\n", + "\t -g, --gatewaytoken Set gateway token.\n" + "\t -f, --interface Set the network interface to connect to Hawkbit.\n", CHANNEL_DEFAULT_POLLING_INTERVAL, CHANNEL_DEFAULT_RESUME_TRIES, CHANNEL_DEFAULT_RESUME_DELAY); } @@ -1519,7 +1521,7 @@ server_op_res_t server_start(char *fname, int argc, char *argv[]) /* reset to optind=1 to parse suricatta's argument vector */ optind = 1; opterr = 0; - while ((choice = getopt_long(argc, argv, "t:i:c:u:p:xr:y::w:k:g:", + while ((choice = getopt_long(argc, argv, "t:i:c:u:p:xr:y::w:k:g:f:", long_options, NULL)) != -1) { switch (choice) { case 't': @@ -1595,6 +1597,9 @@ server_op_res_t server_start(char *fname, int argc, char *argv[]) channel_data_defaults.retry_sleep = (unsigned int)strtoul(optarg, NULL, 10); break; + case 'f': + SETSTRING(channel_data_defaults.iface, optarg); + break; /* Ignore not recognized options, they can be already parsed by the caller */ case '?': break;