Date: Wed, 13 Jun 2018 06:57:26 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@pdx.rh.CN85.dnsmgr.net> To: Ed Schouten <ed@freebsd.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: Re: svn commit: r335059 - in stable/11: usr.bin/wall usr.sbin/syslogd Message-ID: <201806131357.w5DDvQw8039745@pdx.rh.CN85.dnsmgr.net> In-Reply-To: <201806131341.w5DDfN7T043988@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Author: ed > Date: Wed Jun 13 13:41:23 2018 > New Revision: 335059 > URL: https://svnweb.freebsd.org/changeset/base/335059 > > Log: > MFC r309925, r309931, r309933, r310035, r310278, r310310, r310311, > r310323, r310349, r310350, r310351, r310352, r310383, r310384, > r310385, r310386, r310393, r310453, r310456, r310494, r310504, > r310528, r310890, r310893, r310974, r311918, r312921, r313357, > r314563, r314585, r314642, r315322, r315618, r315620, r315622, > r315643, r316951, r316973, r326338, r326339, r326573, r331270, > r332099, r332110, r332111, r332118, r332165, r332510 and r332511. > > This commit brings syslogd(8) in sync with the copy in HEAD. The key > improvement of this change is that it adds support for RFC 5424 log > ingestion and exposition (enabled by passing in -O rfc5424). This allows > for saner logging in environments with multiple time zones. > > The list of changes to merge back were obtained by running: > > svn mergeinfo --show-revs eligible \ > ^/head/usr.sbin/syslogd ^/stable/11/usr.sbin/syslogd > > Of the commits listed, r314436, r325188 and r326025 were excluded, as > they affect a significant number of unrelated files (SPDX and 4-clause > license renumbering). Due to the large number of directly committed Thank you very much for avoiding the SPDX area! I have pending clean up in stable/11 around those. > changes on this branch, I had no choice but to perform the merge as > follows: > > svn merge --accept=theirs-full -c <list of revisions> ^/head . > > This would, however, cause some unrelated changes, such as undoing the > r333356 (MFC of r332877) and still adding the SPDX tag to syslogd.c. > These have been reverted manually. > > Requested by: Dave Cottlehuber > Thanks to: dim@ for sharing his insight on hackers@ > > Modified: > stable/11/usr.bin/wall/ttymsg.c > stable/11/usr.bin/wall/ttymsg.h I see no mention of any changes to wall in the commit, was this intentional? The changes don't seem to be related to syslogd directly. > stable/11/usr.sbin/syslogd/Makefile > stable/11/usr.sbin/syslogd/syslogd.8 > stable/11/usr.sbin/syslogd/syslogd.c > Directory Properties: > stable/11/ (props changed) > > Modified: stable/11/usr.bin/wall/ttymsg.c > ============================================================================== > --- stable/11/usr.bin/wall/ttymsg.c Wed Jun 13 13:15:04 2018 (r335058) > +++ stable/11/usr.bin/wall/ttymsg.c Wed Jun 13 13:41:23 2018 (r335059) > @@ -59,7 +59,7 @@ static const char sccsid[] = "@(#)ttymsg.c 8.2 (Berkel > const char * > ttymsg(struct iovec *iov, int iovcnt, const char *line, int tmout) > { > - struct iovec localiov[7]; > + struct iovec localiov[TTYMSG_IOV_MAX]; > ssize_t left, wret; > int cnt, fd; > char device[MAXNAMLEN] = _PATH_DEV; > > Modified: stable/11/usr.bin/wall/ttymsg.h > ============================================================================== > --- stable/11/usr.bin/wall/ttymsg.h Wed Jun 13 13:15:04 2018 (r335058) > +++ stable/11/usr.bin/wall/ttymsg.h Wed Jun 13 13:41:23 2018 (r335059) > @@ -1,3 +1,5 @@ > /* $FreeBSD$ */ > > +#define TTYMSG_IOV_MAX 32 > + > const char *ttymsg(struct iovec *, int, const char *, int); > > Modified: stable/11/usr.sbin/syslogd/Makefile > ============================================================================== > --- stable/11/usr.sbin/syslogd/Makefile Wed Jun 13 13:15:04 2018 (r335058) > +++ stable/11/usr.sbin/syslogd/Makefile Wed Jun 13 13:41:23 2018 (r335059) > @@ -11,8 +11,9 @@ SRCS= syslogd.c ttymsg.c > > LIBADD= util > > -WARNS?= 3 > - > +.if ${MK_INET_SUPPORT} != "no" > +CFLAGS+= -DINET > +.endif > .if ${MK_INET6_SUPPORT} != "no" > CFLAGS+= -DINET6 > .endif > > Modified: stable/11/usr.sbin/syslogd/syslogd.8 > ============================================================================== > --- stable/11/usr.sbin/syslogd/syslogd.8 Wed Jun 13 13:15:04 2018 (r335058) > +++ stable/11/usr.sbin/syslogd/syslogd.8 Wed Jun 13 13:41:23 2018 (r335059) > @@ -28,7 +28,7 @@ > .\" @(#)syslogd.8 8.1 (Berkeley) 6/6/93 > .\" $FreeBSD$ > .\" > -.Dd June 16, 2015 > +.Dd April 15, 2018 > .Dt SYSLOGD 8 > .Os > .Sh NAME > @@ -36,18 +36,22 @@ > .Nd log systems messages > .Sh SYNOPSIS > .Nm > -.Op Fl 468ACcdFkNnosTuv > +.Op Fl 468ACcdFHkNnosTuv > .Op Fl a Ar allowed_peer > .Op Fl b Ar bind_address > .Op Fl f Ar config_file > -.Op Fl l Oo Ar mode : Oc Ns Ar path > +.Op Fl l Oo Ar mode Ns \&: Oc Ns Ar path > .Op Fl m Ar mark_interval > +.Op Fl O Ar format > .Op Fl P Ar pid_file > .Op Fl p Ar log_socket > +.Op Fl S Ar logpriv_socket > .Sh DESCRIPTION > The > .Nm > -utility reads and logs messages to the system console, log files, other > +utility reads and logs messages to the system console, > +log files, > +other > machines and/or users as specified by its configuration file. > .Pp > The options are as follows: > @@ -63,7 +67,8 @@ to use IPv6 addresses only. > .It Fl 8 > Tells > .Nm > -not to interfere with 8-bit data. Normally > +not to interfere with 8-bit data. > +Normally > .Nm > will replace C1 control characters > .Pq ISO 8859 and Unicode characters > @@ -98,21 +103,23 @@ options may be specified. > The > .Ar allowed_peer > option may be any of the following: > -.Bl -tag -width "ipaddr/masklen[:service]XX" > +.Bl -tag -width "ipaddr[/prefixlen][:service]XX" > .It Xo > .Sm off > .Ar ipaddr > -.No / Ar masklen > -.Op : Ar service > +.Op / Ar masklen > +.Op \&: Ar service > +.Pp > +.Ar ipaddr > +.Op / Ar prefixlen > +.Op \&: Ar service > .Sm on > .Xc > Accept datagrams from > +.Ar ipaddr , > .Ar ipaddr > -(in the usual dotted quad notation) with > -.Ar masklen > -bits being taken into account when doing the address comparison. > -.Ar ipaddr > -can be also IPv6 address by enclosing the address with > +can be specified as an IPv4 address or as an IPv6 > +address enclosed with > .Ql \&[ > and > .Ql \&] . > @@ -125,7 +132,7 @@ A > .Ar service > of > .Ql \&* > -allows packets being sent from any UDP port. > +accepts UDP packets from any source port. > The default > .Ar service > is > @@ -136,16 +143,18 @@ is IPv4 address, a missing > .Ar masklen > will be substituted by the historic class A or class B netmasks if > .Ar ipaddr > -belongs into the address range of class A or B, respectively, or > -by 24 otherwise. > +belongs into the address range of class A or B, > +respectively, > +or by 24 otherwise. > If > .Ar ipaddr > -is IPv6 address, a missing > +is IPv6 address, > +a missing > .Ar masklen > will be substituted by 128. > .It Xo > .Sm off > -.Ar domainname Op : Ar service > +.Ar domainname Op \&: Ar service > .Sm on > .Xc > Accept datagrams where the reverse address lookup yields > @@ -154,16 +163,9 @@ for the sender address. > The meaning of > .Ar service > is as explained above. > -.It Xo > -.Sm off > -.No * Ar domainname Op : Ar service > -.Sm on > -.Xc > -Same as before, except that any source host whose name > -.Em ends > -in > .Ar domainname > -will get permission. > +can contain special characters of a shell-style pattern such as > +.Ql Li \&* . > .El > .Pp > The > @@ -174,13 +176,13 @@ option is also specified. > .It Xo > .Fl b > .Sm off > -.Ar bind_address Op : Ar service > +.Ar bind_address Op \&: Ar service > .Sm on > .Xc > .It Xo > .Fl b > .Sm off > -.Li : Ar service > +.Li \&: Ar service > .Sm on > .Xc > Bind to a specific address and/or port. > @@ -197,35 +199,40 @@ is > This option can be specified multiple times to bind to > multiple addresses and/or ports. > .It Fl C > -Create log files that do not exist (permission is set to > -.Li 0600 ) . > +Create log files that do not exist > +.Pq permission is set to Ql Li 0600 . > .It Fl c > Disable the compression of repeated instances of the same line > into a single line of the form > .Dq Li "last message repeated N times" > when the output is a pipe to another program. > -If specified twice, disable this compression in all cases. > +If specified twice, > +disable this compression in all cases. > .It Fl d > Put > .Nm > into debugging mode. > This is probably only of use to developers working on > .Nm . > -.It Fl f > +.It Fl f Ar config_file > Specify the pathname of an alternate configuration file; > the default is > .Pa /etc/syslog.conf . > .It Fl F > Run > .Nm > -in the foreground, rather than going into daemon mode. This is useful if > -some other process uses > +in the foreground, > +rather than going into daemon mode. > +This is useful if some other process uses > .Xr fork 2 > and > .Xr exec 3 > to run > .Nm , > and wants to monitor when and how it exits. > +.It Fl H > +When logging remote messages use hostname from the message (if supplied) > +instead of using address from which the message was received. > .It Fl k > Disable the translation of > messages received with facility > @@ -236,68 +243,107 @@ Usually the > .Dq kern > facility is reserved for messages read directly from > .Pa /dev/klog . > -.It Fl m > +.It Fl m Ar mark_interval > Select the number of minutes between > .Dq mark > -messages; the default is 20 minutes. > +messages; > +the default is 20 minutes. > .It Fl N > -Disable binding on UDP sockets. RFC 3164 recommends that outgoing > -syslogd messages should originate from the privileged port, this > -option > +Disable binding on UDP sockets. > +RFC 3164 recommends that outgoing > +.Nm > +messages should originate from the privileged port, > +this option > .Em disables > -the recommended behavior. This option inherits > +the recommended behavior. > +This option inherits > .Fl s . > .It Fl n > -Disable dns query for every request. > +Disable DNS query for every request. > +.It Fl O Ar format > +Select the output format of generated log messages. > +The values > +.Ar bsd > +and > +.Ar rfc3164 > +are used to generate RFC 3164 log messages. > +The values > +.Ar syslog > +and > +.Ar rfc5424 > +are used to generate RFC 5424 log messages, > +having RFC 3339 timestamps with microsecond precision. > +The default is to generate RFC 3164 log messages. > .It Fl o > Prefix kernel messages with the full kernel boot file as determined by > .Xr getbootfile 3 . > Without this, the kernel message prefix is always > .Dq Li kernel: . > -.It Fl p > +.It Fl p Ar log_socket > Specify the pathname of an alternate log socket to be used instead; > the default is > .Pa /var/run/log . > -.It Fl P > +When a single > +.Fl p > +option is specified, > +the default pathname is replaced with the specified one. > +When two or more > +.Fl p > +options are specified, > +the remaining pathnames are treated as additional log sockets. > +.It Fl P Ar pid_file > Specify an alternative file in which to store the process ID. > The default is > .Pa /var/run/syslog.pid . > -.It Fl S > +.It Fl S Ar logpriv_socket > Specify the pathname of an alternate log socket for privileged > -applications to be used instead; the default is > +applications to be used instead; > +the default is > .Pa /var/run/logpriv . > -.It Fl l > +When a single > +.Fl S > +option is specified, > +the default pathname is replaced with the specified one. > +When two or more > +.Fl S > +options are specified, > +the remaining pathnames are treated as additional log sockets. > +.It Fl l Oo Ar mode Ns \&: Oc Ns Ar path > Specify a location where > .Nm > should place an additional log socket. > The primary use for this is to place additional log sockets in > .Pa /var/run/log > of various chroot filespaces. > -File permissions for socket can be specified in octal representation > -before socket name, delimited with a colon. > -Path to socket location must be absolute. > +File permissions for socket can be specified in octal representation in > +.Ar mode , > +delimited with a colon. > +The socket location must be specified as an absolute pathname in > +.Ar path . > .It Fl s > Operate in secure mode. > Do not log messages from remote machines. > -If > -specified twice, no network socket will be opened at all, which also > -disables logging to remote machines. > +If specified twice, > +no network socket will be opened at all, > +which also disables logging to remote machines. > .It Fl T > Always use the local time and date for messages received from the network, > instead of the timestamp field supplied in the message by the remote host. > -This is useful if some of the originating hosts can't keep time properly > +This is useful if some of the originating hosts cannot keep time properly > or are unable to generate a correct timestamp. > .It Fl u > Unique priority logging. > Only log messages at the specified priority. > -Without this option, messages at the stated priority or higher are logged. > +Without this option, > +messages at the stated priority or higher are logged. > This option changes the default comparison from > .Dq => > to > .Dq = . > .It Fl v > Verbose logging. > -If specified once, the numeric facility and priority are > +If specified once, > +the numeric facility and priority are > logged with each locally-written message. > If specified more than once, > the names of the facility and priority are logged with each locally-written > @@ -324,7 +370,7 @@ from an Internet domain socket specified in > .Pa /etc/services , > and from the special device > .Pa /dev/klog > -(to read kernel messages). > +.Pq to read kernel messages . > .Pp > The > .Nm > @@ -339,8 +385,10 @@ This can be used to kill or reconfigure > The message sent to > .Nm > should consist of a single line. > -The message can contain a priority code, which should be a preceding > -decimal number in angle braces, for example, > +The message can contain a priority code, > +which should be a preceding > +decimal number in angle braces, > +for example, > .Sq Aq 5 . > This priority code should map into the priorities defined in the > include file > @@ -348,9 +396,10 @@ include file > .Pp > For security reasons, > .Nm > -will not append to log files that do not exist (unless > -.Fl C > -option is specified); > +will not append to log files that do not exist > +.Po unless Fl C > +option is specified > +.Pc ; > therefore, they must be created manually before running > .Nm . > .Pp > @@ -399,23 +448,23 @@ options are > extensions. > .Sh BUGS > The ability to log messages received in UDP packets is equivalent to > -an unauthenticated remote disk-filling service, and should probably be > -disabled by default. > +an unauthenticated remote disk-filling service, > +and should probably be disabled by default. > Some sort of > .No inter- Ns Nm syslogd > authentication mechanism ought to be worked out. > -To prevent the worst > -abuse, use of the > +To prevent the worst abuse, > +use of the > .Fl a > option is therefore highly recommended. > .Pp > The > .Fl a > -matching algorithm does not pretend to be very efficient; use of numeric > -IP addresses is faster than domain name comparison. > -Since the allowed > -peer list is being walked linearly, peer groups where frequent messages > -are being anticipated from should be put early into the > +matching algorithm does not pretend to be very efficient; > +use of numeric IP addresses is faster than domain name comparison. > +Since the allowed peer list is being walked linearly, > +peer groups where frequent messages are being anticipated > +from should be put early into the > .Fl a > list. > .Pp > > Modified: stable/11/usr.sbin/syslogd/syslogd.c > ============================================================================== > --- stable/11/usr.sbin/syslogd/syslogd.c Wed Jun 13 13:15:04 2018 (r335058) > +++ stable/11/usr.sbin/syslogd/syslogd.c Wed Jun 13 13:41:23 2018 (r335059) > @@ -26,6 +26,33 @@ > * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > * SUCH DAMAGE. > */ > +/*- > + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD > + * > + * Copyright (c) 2018 Prodrive Technologies, https://prodrive-technologies.com/ > + * Author: Ed Schouten <ed@FreeBSD.org> > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * 1. Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * 2. Redistributions in binary form must reproduce the above copyright > + * notice, this list of conditions and the following disclaimer in the > + * documentation and/or other materials provided with the distribution. > + * > + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND > + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE > + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE > + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS > + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT > + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY > + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > + * SUCH DAMAGE. > + */ > > #ifndef lint > static const char copyright[] = > @@ -69,8 +96,7 @@ __FBSDID("$FreeBSD$"); > */ > > /* Maximum number of characters in time of last occurrence */ > -#define MAXDATELEN 16 > -#define MAXLINE 1024 /* maximum line length */ > +#define MAXLINE 2048 /* maximum line length */ > #define MAXSVLINE MAXLINE /* maximum saved line length */ > #define DEFUPRI (LOG_USER|LOG_NOTICE) > #define DEFSPRI (LOG_KERN|LOG_CRIT) > @@ -90,21 +116,25 @@ __FBSDID("$FreeBSD$"); > #include <sys/uio.h> > #include <sys/un.h> > #include <sys/wait.h> > -#include <sys/types.h> > > +#if defined(INET) || defined(INET6) > #include <netinet/in.h> > -#include <netdb.h> > #include <arpa/inet.h> > +#endif > > +#include <assert.h> > #include <ctype.h> > #include <dirent.h> > #include <err.h> > #include <errno.h> > #include <fcntl.h> > +#include <fnmatch.h> > #include <libutil.h> > #include <limits.h> > +#include <netdb.h> > #include <paths.h> > #include <signal.h> > +#include <stdbool.h> > #include <stdio.h> > #include <stdlib.h> > #include <string.h> > @@ -118,54 +148,69 @@ __FBSDID("$FreeBSD$"); > #define SYSLOG_NAMES > #include <sys/syslog.h> > > -const char *ConfFile = _PATH_LOGCONF; > -const char *PidFile = _PATH_LOGPID; > -const char ctty[] = _PATH_CONSOLE; > -static const char include_str[] = "include"; > -static const char include_ext[] = ".conf"; > +static const char *ConfFile = _PATH_LOGCONF; > +static const char *PidFile = _PATH_LOGPID; > +static const char ctty[] = _PATH_CONSOLE; > +static const char include_str[] = "include"; > +static const char include_ext[] = ".conf"; > > #define dprintf if (Debug) printf > > #define MAXUNAMES 20 /* maximum number of user names */ > > +#define sstosa(ss) ((struct sockaddr *)(ss)) > +#ifdef INET > +#define sstosin(ss) ((struct sockaddr_in *)(void *)(ss)) > +#define satosin(sa) ((struct sockaddr_in *)(void *)(sa)) > +#endif > +#ifdef INET6 > +#define sstosin6(ss) ((struct sockaddr_in6 *)(void *)(ss)) > +#define satosin6(sa) ((struct sockaddr_in6 *)(void *)(sa)) > +#define s6_addr32 __u6_addr.__u6_addr32 > +#define IN6_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \ > + (((d)->s6_addr32[0] ^ (a)->s6_addr32[0]) & (m)->s6_addr32[0]) == 0 && \ > + (((d)->s6_addr32[1] ^ (a)->s6_addr32[1]) & (m)->s6_addr32[1]) == 0 && \ > + (((d)->s6_addr32[2] ^ (a)->s6_addr32[2]) & (m)->s6_addr32[2]) == 0 && \ > + (((d)->s6_addr32[3] ^ (a)->s6_addr32[3]) & (m)->s6_addr32[3]) == 0 ) > +#endif > /* > - * List of hosts for binding. > + * List of peers and sockets for binding. > */ > -static STAILQ_HEAD(, host) hqueue; > -struct host { > - char *name; > - STAILQ_ENTRY(host) next; > +struct peer { > + const char *pe_name; > + const char *pe_serv; > + mode_t pe_mode; > + STAILQ_ENTRY(peer) next; > }; > +static STAILQ_HEAD(, peer) pqueue = STAILQ_HEAD_INITIALIZER(pqueue); > > -/* > - * Unix sockets. > - * We have two default sockets, one with 666 permissions, > - * and one for privileged programs. > - */ > -struct funix { > - int s; > - const char *name; > - mode_t mode; > - STAILQ_ENTRY(funix) next; > +struct socklist { > + struct sockaddr_storage sl_ss; > + int sl_socket; > + struct peer *sl_peer; > + int (*sl_recv)(struct socklist *); > + STAILQ_ENTRY(socklist) next; > }; > -struct funix funix_secure = { -1, _PATH_LOG_PRIV, S_IRUSR | S_IWUSR, > - { NULL } }; > -struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE, > - { &funix_secure } }; > +static STAILQ_HEAD(, socklist) shead = STAILQ_HEAD_INITIALIZER(shead); > > -STAILQ_HEAD(, funix) funixes = { &funix_default, > - &(funix_secure.next.stqe_next) }; > - > /* > * Flags to logmsg(). > */ > > #define IGN_CONS 0x001 /* don't print on console */ > #define SYNC_FILE 0x002 /* do fsync on file after printing */ > -#define ADDDATE 0x004 /* add a date to the message */ > #define MARK 0x008 /* this message is a mark */ > -#define ISKERNEL 0x010 /* kernel generated message */ > > +/* Timestamps of log entries. */ > +struct logtime { > + struct tm tm; > + suseconds_t usec; > +}; > + > +/* Traditional syslog timestamp format. */ > +#define RFC3164_DATELEN 15 > +#define RFC3164_DATEFMT "%b %e %H:%M:%S" > + > /* > * This structure represents the files that will have log > * copies printed. > @@ -174,7 +219,7 @@ STAILQ_HEAD(, funix) funixes = { &funix_default, > */ > > struct filed { > - struct filed *f_next; /* next in linked list */ > + STAILQ_ENTRY(filed) next; /* next in linked list */ > short f_type; /* entry type, see below */ > short f_file; /* file descriptor */ > time_t f_time; /* time this was last written */ > @@ -198,11 +243,16 @@ struct filed { > pid_t f_pid; > } f_pipe; > } f_un; > +#define fu_uname f_un.f_uname > +#define fu_forw_hname f_un.f_forw.f_hname > +#define fu_forw_addr f_un.f_forw.f_addr > +#define fu_fname f_un.f_fname > +#define fu_pipe_pname f_un.f_pipe.f_pname > +#define fu_pipe_pid f_un.f_pipe.f_pid > char f_prevline[MAXSVLINE]; /* last message logged */ > - char f_lasttime[MAXDATELEN]; /* time of last occurrence */ > - char f_prevhost[MAXHOSTNAMELEN]; /* host from which recd. */ > + struct logtime f_lasttime; /* time of last occurrence */ > int f_prevpri; /* pri of f_prevline */ > - int f_prevlen; /* length of f_prevline */ > + size_t f_prevlen; /* length of f_prevline */ > int f_prevcount; /* repetition cnt of prevline */ > u_int f_repeatcount; /* number of "repeated" msgs */ > int f_flags; /* file-specific flags */ > @@ -213,15 +263,13 @@ struct filed { > /* > * Queue of about-to-be dead processes we should watch out for. > */ > - > -TAILQ_HEAD(stailhead, deadq_entry) deadq_head; > -struct stailhead *deadq_headp; > - > struct deadq_entry { > pid_t dq_pid; > int dq_timeout; > TAILQ_ENTRY(deadq_entry) dq_entries; > }; > +static TAILQ_HEAD(, deadq_entry) deadq_head = > + TAILQ_HEAD_INITIALIZER(deadq_head); > > /* > * The timeout to apply to processes waiting on the dead queue. Unit > @@ -231,9 +279,6 @@ struct deadq_entry { > > #define DQ_TIMO_INIT 2 > > -typedef struct deadq_entry *dq_t; > - > - > /* > * Struct to hold records of network addresses that are allowed to log > * to us. > @@ -251,7 +296,9 @@ struct allowedpeer { > #define a_addr u.numeric.addr > #define a_mask u.numeric.mask > #define a_name u.name > + STAILQ_ENTRY(allowedpeer) next; > }; > +static STAILQ_HEAD(, allowedpeer) aphead = STAILQ_HEAD_INITIALIZER(aphead); > > > /* > @@ -259,12 +306,13 @@ struct allowedpeer { > * in seconds after previous message is logged. After each flush, > * we move to the next interval until we reach the largest. > */ > -int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */ > -#define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1) > +static int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */ > +#define MAXREPEAT (nitems(repeatinterval) - 1) > #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount]) > -#define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \ > - (f)->f_repeatcount = MAXREPEAT; \ > - } > +#define BACKOFF(f) do { \ > + if (++(f)->f_repeatcount > MAXREPEAT) \ > + (f)->f_repeatcount = MAXREPEAT; \ > + } while (0) > > /* values for f_type */ > #define F_UNUSED 0 /* unused entry */ > @@ -276,12 +324,13 @@ int repeatinterval[] = { 30, 120, 600 }; /* # of secs > #define F_WALL 6 /* everyone logged on */ > #define F_PIPE 7 /* pipe to program */ > > -const char *TypeNames[8] = { > +static const char *TypeNames[] = { > "UNUSED", "FILE", "TTY", "CONSOLE", > "FORW", "USERS", "WALL", "PIPE" > }; > > -static struct filed *Files; /* Log files that we write to */ > +static STAILQ_HEAD(, filed) fhead = > + STAILQ_HEAD_INITIALIZER(fhead); /* Log files that we write to */ > static struct filed consfile; /* Console */ > > static int Debug; /* debug flag */ > @@ -289,8 +338,6 @@ static int Foreground = 0; /* Run in foreground, inste > static int resolve = 1; /* resolve hostname */ > static char LocalHostName[MAXHOSTNAMELEN]; /* our hostname */ > static const char *LocalDomain; /* our local domain name */ > -static int *finet; /* Internet datagram sockets */ > -static int fklog = -1; /* /dev/klog */ > static int Initialized; /* set when we have initialized ourselves */ > static int MarkInterval = 20 * 60; /* interval between marks in seconds */ > static int MarkSeq; /* mark sequence number */ > @@ -309,9 +356,8 @@ static int logflags = O_WRONLY|O_APPEND; /* flags used > > static char bootfile[MAXLINE+1]; /* booted kernel file */ > > -struct allowedpeer *AllowedPeers; /* List of allowed peers */ > -static int NumAllowed; /* Number of entries in AllowedPeers */ > static int RemoteAddDate; /* Always set the date on remote messages */ > +static int RemoteHostname; /* Log remote hostname from the message */ > > static int UniquePriority; /* Only log specified priority? */ > static int LogFacPri; /* Put facility and priority in log message: */ > @@ -319,39 +365,53 @@ static int LogFacPri; /* Put facility and priority in > static int KeepKernFac; /* Keep remotely logged kernel facility */ > static int needdofsync = 0; /* Are any file(s) waiting to be fsynced? */ > static struct pidfh *pfh; > +static int sigpipe[2]; /* Pipe to catch a signal during select(). */ > +static bool RFC3164OutputFormat = true; /* Use legacy format by default. */ > > -volatile sig_atomic_t MarkSet, WantDie; > +static volatile sig_atomic_t MarkSet, WantDie, WantInitialize, WantReapchild; > > +struct iovlist; > + > static int allowaddr(char *); > -static void cfline(const char *, struct filed *, > - const char *, const char *); > +static int addfile(struct filed *); > +static int addpeer(struct peer *); > +static int addsock(struct sockaddr *, socklen_t, struct socklist *); > +static struct filed *cfline(const char *, const char *, const char *); > static const char *cvthname(struct sockaddr *); > static void deadq_enter(pid_t, const char *); > -static int deadq_remove(pid_t); > +static int deadq_remove(struct deadq_entry *); > +static int deadq_removebypid(pid_t); > static int decode(const char *, const CODE *); > static void die(int) __dead2; > static void dodie(int); > static void dofsync(void); > static void domark(int); > -static void fprintlog(struct filed *, int, const char *); > -static int *socksetup(int, char *); > +static void fprintlog_first(struct filed *, const char *, const char *, > + const char *, const char *, const char *, const char *, int); > +static void fprintlog_write(struct filed *, struct iovlist *, int); > +static void fprintlog_successive(struct filed *, int); > static void init(int); > static void logerror(const char *); > -static void logmsg(int, const char *, const char *, int); > +static void logmsg(int, const struct logtime *, const char *, const char *, > + const char *, const char *, const char *, const char *, int); > static void log_deadchild(pid_t, int, const char *); > static void markit(void); > +static int socksetup(struct peer *); > +static int socklist_recv_file(struct socklist *); > +static int socklist_recv_sock(struct socklist *); > +static int socklist_recv_signal(struct socklist *); > +static void sighandler(int); > static int skip_message(const char *, const char *, int); > -static void printline(const char *, char *, int); > +static void parsemsg(const char *, char *); > static void printsys(char *); > static int p_open(const char *, pid_t *); > -static void readklog(void); > static void reapchild(int); > static const char *ttymsg_check(struct iovec *, int, char *, int); > static void usage(void); > static int validate(struct sockaddr *, const char *); > static void unmapped(struct sockaddr *); > static void wallmsg(struct filed *, struct iovec *, const int iovlen); > -static int waitdaemon(int, int, int); > +static int waitdaemon(int); > static void timedout(int); > static void increase_rcvbuf(int); > > @@ -364,11 +424,11 @@ close_filed(struct filed *f) > > switch (f->f_type) { > case F_FORW: > - if (f->f_un.f_forw.f_addr) { > - freeaddrinfo(f->f_un.f_forw.f_addr); > - f->f_un.f_forw.f_addr = NULL; > - } > - /*FALLTHROUGH*/ > + if (f->f_un.f_forw.f_addr) { > + freeaddrinfo(f->f_un.f_forw.f_addr); > + f->f_un.f_forw.f_addr = NULL; > + } > + /* FALLTHROUGH */ > > case F_FILE: > case F_TTY: > @@ -376,41 +436,79 @@ close_filed(struct filed *f) > f->f_type = F_UNUSED; > break; > case F_PIPE: > - f->f_un.f_pipe.f_pid = 0; > + f->fu_pipe_pid = 0; > break; > } > (void)close(f->f_file); > f->f_file = -1; > } > > +static int > +addfile(struct filed *f0) > +{ > + struct filed *f; > + > + f = calloc(1, sizeof(*f)); > + if (f == NULL) > + err(1, "malloc failed"); > + *f = *f0; > + STAILQ_INSERT_TAIL(&fhead, f, next); > + > + return (0); > +} > + > +static int > +addpeer(struct peer *pe0) > +{ > + struct peer *pe; > + > + pe = calloc(1, sizeof(*pe)); > + if (pe == NULL) > + err(1, "malloc failed"); > + *pe = *pe0; > + STAILQ_INSERT_TAIL(&pqueue, pe, next); > + > + return (0); > +} > + > +static int > +addsock(struct sockaddr *sa, socklen_t sa_len, struct socklist *sl0) > +{ > + struct socklist *sl; > + > + sl = calloc(1, sizeof(*sl)); > + if (sl == NULL) > + err(1, "malloc failed"); > + *sl = *sl0; > + if (sa != NULL && sa_len > 0) > + memcpy(&sl->sl_ss, sa, sa_len); > + STAILQ_INSERT_TAIL(&shead, sl, next); > + > + return (0); > +} > + > int > main(int argc, char *argv[]) > { > - int ch, i, fdsrmax = 0, l; > - struct sockaddr_un sunx, fromunix; > - struct sockaddr_storage frominet; > + int ch, i, s, fdsrmax = 0, bflag = 0, pflag = 0, Sflag = 0; > fd_set *fdsr = NULL; > - char line[MAXLINE + 1]; > - const char *hname; > struct timeval tv, *tvp; > - struct sigaction sact; > - struct host *host; > - struct funix *fx, *fx1; > - sigset_t mask; > + struct peer *pe; > + struct socklist *sl; > pid_t ppid = 1, spid; > - socklen_t len; > + char *p; > > if (madvise(NULL, 0, MADV_PROTECT) != 0) > dprintf("madvise() failed: %s\n", strerror(errno)); > > - STAILQ_INIT(&hqueue); > - > - while ((ch = getopt(argc, argv, "468Aa:b:cCdf:Fkl:m:nNop:P:sS:Tuv")) > + while ((ch = getopt(argc, argv, "468Aa:b:cCdf:FHkl:m:nNoO:p:P:sS:Tuv")) > != -1) > switch (ch) { > +#ifdef INET > case '4': > family = PF_INET; > break; > +#endif > #ifdef INET6 > case '6': > family = PF_INET6; > @@ -427,13 +525,31 @@ main(int argc, char *argv[]) > usage(); > break; > case 'b': > - { > - if ((host = malloc(sizeof(struct host))) == NULL) > - err(1, "malloc failed"); > - host->name = optarg; > - STAILQ_INSERT_TAIL(&hqueue, host, next); > + bflag = 1; > + p = strchr(optarg, ']'); > + if (p != NULL) > + p = strchr(p + 1, ':'); > + else { > + p = strchr(optarg, ':'); > + if (p != NULL && strchr(p + 1, ':') != NULL) > + p = NULL; /* backward compatibility */ > + } > + if (p == NULL) { > + /* A hostname or filename only. */ > + addpeer(&(struct peer){ > + .pe_name = optarg, > + .pe_serv = "syslog" > + }); > + } else { > + /* The case of "name:service". */ > + *p++ = '\0'; > + addpeer(&(struct peer){ > + .pe_serv = p, > + .pe_name = (strlen(optarg) == 0) ? > + NULL : optarg, > + }); > + } > break; > - } > case 'c': > no_compress++; > break; > @@ -449,19 +565,32 @@ main(int argc, char *argv[]) > case 'F': /* run in foreground instead of daemon */ > Foreground++; > break; > + case 'H': > + RemoteHostname = 1; > + break; > case 'k': /* keep remote kern fac */ > KeepKernFac = 1; > break; > case 'l': > + case 'p': > + case 'S': > { > long perml; > mode_t mode; > char *name, *ep; > > - if (optarg[0] == '/') { > + if (ch == 'l') > mode = DEFFILEMODE; > + else if (ch == 'p') { > + mode = DEFFILEMODE; > + pflag = 1; > + } else { > + mode = S_IRUSR | S_IWUSR; > + Sflag = 1; > + } > + if (optarg[0] == '/') > name = optarg; > - } else if ((name = strchr(optarg, ':')) != NULL) { > + else if ((name = strchr(optarg, ':')) != NULL) { > *name++ = '\0'; > if (name[0] != '/') > errx(1, "socket name must be absolute " > @@ -476,17 +605,13 @@ main(int argc, char *argv[]) > } else > errx(1, "invalid mode %s, exiting", > optarg); > - } else /* doesn't begin with '/', and no ':' */ > - errx(1, "can't parse path %s", optarg); > - > - if (strlen(name) >= sizeof(sunx.sun_path)) > - errx(1, "%s path too long, exiting", name); > - if ((fx = malloc(sizeof(struct funix))) == NULL) > - err(1, "malloc failed"); > - fx->s = -1; > - fx->name = name; > - fx->mode = mode; > - STAILQ_INSERT_TAIL(&funixes, fx, next); > + } else > + errx(1, "invalid filename %s, exiting", > + optarg); > + addpeer(&(struct peer){ > + .pe_name = name, > + .pe_mode = mode > + }); > break; > } > case 'm': /* mark interval */ > @@ -499,25 +624,25 @@ main(int argc, char *argv[]) > case 'n': > resolve = 0; > break; > + case 'O': > + if (strcmp(optarg, "bsd") == 0 || > + strcmp(optarg, "rfc3164") == 0) > + RFC3164OutputFormat = true; > > *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** > > -- Rod Grimes rgrimes@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806131357.w5DDvQw8039745>