diff --git a/conf/pmd.conf b/conf/pmd.conf index c4c5a66..f622385 100644 --- a/conf/pmd.conf +++ b/conf/pmd.conf @@ -9,6 +9,11 @@ rolepluginsdir=/etc/javelin.roles.plugins.d enabled=1 port=2081 apispec=/etc/pmd/restapispec.json +sslcert=/etc/pmd/server.crt +sslkey=/etc/pmd/server.key +logfile=/var/log/pmd/restServer.log +client-count=5 +worker-thread-count=5 [rpc-server] enabled=1 diff --git a/server/config.c b/server/config.c index ef42750..e7841a5 100644 --- a/server/config.c +++ b/server/config.c @@ -44,6 +44,21 @@ pmd_get_rest_config( (void **)&pRestConfig); BAIL_ON_PMD_ERROR(dwError); + //set defaults + pRestConfig->nWorkerThreadCount = PMD_REST_DEFAULT_WORKER_THREAD; + pRestConfig->nClientCount = PMD_REST_DEFAULT_CLIENTS; + dwError = PMDAllocateString(PMD_REST_DEFAULT_SSL_CERT, + &pRestConfig->pszSSLCert); + BAIL_ON_PMD_ERROR(dwError); + dwError = PMDAllocateString(PMD_REST_DEFAULT_SSL_KEY, + &pRestConfig->pszSSLKey); + + BAIL_ON_PMD_ERROR(dwError); + dwError = PMDAllocateString(PMD_REST_DEFAULT_LOG_FILE, + &pRestConfig->pszLogFile); + BAIL_ON_PMD_ERROR(dwError); + + pKeyValues = pSection->pKeyValues; for(; pKeyValues; pKeyValues = pKeyValues->pNext) { @@ -55,6 +70,16 @@ pmd_get_rest_config( { pRestConfig->nPort = atoi(pKeyValues->pszValue); } + else if(!strcmp(PMD_CONFIG_KEY_REST_WORKER_THREAD_COUNT, + pKeyValues->pszKey)) + { + pRestConfig->nWorkerThreadCount = atoi(pKeyValues->pszValue); + } + else if(!strcmp(PMD_CONFIG_KEY_REST_CLIENT_COUNT, + pKeyValues->pszKey)) + { + pRestConfig->nClientCount = atoi(pKeyValues->pszValue); + } else if(!strcmp(PMD_CONFIG_KEY_REST_APISPEC, pKeyValues->pszKey)) { dwError = PMDAllocateString(pKeyValues->pszValue, @@ -66,6 +91,24 @@ pmd_get_rest_config( pRestConfig->nUseKerberos = strcmp(pKeyValues->pszValue, "kerberos") == 0; } + else if(!strcmp(PMD_CONFIG_KEY_REST_SSL_CERT, pKeyValues->pszKey)) + { + dwError = PMDAllocateString(pKeyValues->pszValue, + &pRestConfig->pszSSLCert); + BAIL_ON_PMD_ERROR(dwError); + } + else if(!strcmp(PMD_CONFIG_KEY_REST_SSL_KEY, pKeyValues->pszKey)) + { + dwError = PMDAllocateString(pKeyValues->pszValue, + &pRestConfig->pszSSLKey); + BAIL_ON_PMD_ERROR(dwError); + } + else if(!strcmp(PMD_CONFIG_KEY_REST_LOG_FILE, pKeyValues->pszKey)) + { + dwError = PMDAllocateString(pKeyValues->pszValue, + &pRestConfig->pszLogFile); + BAIL_ON_PMD_ERROR(dwError); + } } *ppRestConfig = pRestConfig; @@ -171,6 +214,9 @@ pmd_free_rest_config( return; } PMD_SAFE_FREE_MEMORY(pRestConf->pszApiSpec); + PMD_SAFE_FREE_MEMORY(pRestConf->pszLogFile); + PMD_SAFE_FREE_MEMORY(pRestConf->pszSSLCert); + PMD_SAFE_FREE_MEMORY(pRestConf->pszSSLKey); PMD_SAFE_FREE_MEMORY(pRestConf); } diff --git a/server/defines.h b/server/defines.h index 513a1f2..43e1022 100644 --- a/server/defines.h +++ b/server/defines.h @@ -33,6 +33,11 @@ typedef struct _PMDHANDLE_* PPMDHANDLE; #define PMD_CONFIG_KEY_REST_PORT "port" #define PMD_CONFIG_KEY_REST_APISPEC "apispec" #define PMD_CONFIG_KEY_REST_AUTH "authenticate" +#define PMD_CONFIG_KEY_REST_SSL_CERT "sslcert" +#define PMD_CONFIG_KEY_REST_SSL_KEY "sslkey" +#define PMD_CONFIG_KEY_REST_WORKER_THREAD_COUNT "worker-thread-count" +#define PMD_CONFIG_KEY_REST_CLIENT_COUNT "client-count" +#define PMD_CONFIG_KEY_REST_LOG_FILE "logfile" #define PMD_CONFIG_KEY_SERVERTYPE "servertype" #define PMD_CONFIG_KEY_CURRENTHASH "currenthash" @@ -51,3 +56,10 @@ typedef struct _PMDHANDLE_* PPMDHANDLE; #define PKG_PRIVSEP "pkg_privsep" #define NET_PRIVSEP "net_privsep" #define USERMGMT_PRIVSEP "usermgmt_privsep" + +#define VMREST_STOP_TIMEOUT_SECS 2 +#define PMD_REST_DEFAULT_WORKER_THREAD 5 +#define PMD_REST_DEFAULT_CLIENTS 5 +#define PMD_REST_DEFAULT_LOG_FILE "/var/log/pmd/restServer.log" +#define PMD_REST_DEFAULT_SSL_CERT "/etc/pmd/server.crt" +#define PMD_REST_DEFAULT_SSL_KEY "/etc/pmd/server.key" diff --git a/server/restserver.c b/server/restserver.c index 4f8f337..41d0c13 100644 --- a/server/restserver.c +++ b/server/restserver.c @@ -22,6 +22,7 @@ StartRestServer( PREST_API_DEF pApiDef = NULL; PREST_PROCESSOR pRestProcessor = NULL; PPMD_REST_CONFIG pRestConfig = NULL; + REST_CONF stRestConfig = {0}; MODULE_REG_MAP stRegMap[] = { @@ -46,9 +47,19 @@ StartRestServer( BAIL_ON_PMD_ERROR(dwError); } + stRestConfig.serverPort = pRestConfig->nPort; + stRestConfig.nWorkerThr = pRestConfig->nWorkerThreadCount; + stRestConfig.nClientCnt = pRestConfig->nClientCount; + stRestConfig.pszSSLCertificate = pRestConfig->pszSSLCert; + stRestConfig.pszSSLKey = pRestConfig->pszSSLKey; + stRestConfig.pszDebugLogFile = pRestConfig->pszLogFile; + stRestConfig.isSecure = 1; + stRestConfig.debugLogLevel = VMREST_LOG_LEVEL_ERROR; + stRestConfig.useSysLog = 1; +fprintf(stdout, "log = %s\n", stRestConfig.pszDebugLogFile); + dwError = VmRESTInit( - NULL, - "/etc/pmd/restconfig.txt", + &stRestConfig, &gpServerEnv->pRestHandle); BAIL_ON_PMD_ERROR(dwError); @@ -96,7 +107,7 @@ StopRestServer() fprintf(stdout, "rest server not started. skipping stop.\n"); return; } - VmRESTStop(gpServerEnv->pRestHandle); + VmRESTStop(gpServerEnv->pRestHandle, VMREST_STOP_TIMEOUT_SECS); gpServerEnv->pRestHandle = NULL; fprintf(stdout, "stopped rest server.\n"); } diff --git a/server/restutils/restutils.c b/server/restutils/restutils.c index bf2b9fc..cd0509f 100644 --- a/server/restutils/restutils.c +++ b/server/restutils/restutils.c @@ -387,7 +387,7 @@ get_uri_from_request( char *pszURI = NULL; char *pszTempURI = NULL; - dwError = VmRESTGetHttpURI(pRequest, &pszRealURI); + dwError = VmRESTGetHttpURI(pRequest, 1, &pszRealURI); BAIL_ON_PMD_ERROR(dwError); pszTempURI = strchr(pszRealURI, '?'); diff --git a/server/structs.h b/server/structs.h index 6d17d0a..5714bc7 100644 --- a/server/structs.h +++ b/server/structs.h @@ -23,7 +23,12 @@ typedef struct _PMD_REST_CONFIG_ int nEnabled; int nPort; int nUseKerberos; + int nWorkerThreadCount; + int nClientCount; char *pszApiSpec; + char *pszSSLCert; + char *pszSSLKey; + char *pszLogFile; }PMD_REST_CONFIG, *PPMD_REST_CONFIG; typedef struct _PMD_CONFIG_