search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- Add a '-k' option which does not remove input file, like bzip2(1) do.
[dragonfly.git] / usr.sbin / syslogd / syslogd.c
blobb62d490008d62132b2f4c491d67ad58ba5d5974c
1 /*
2 * Copyright (c) 1983, 1988, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * @(#) Copyright (c) 1983, 1988, 1993, 1994 The Regents of the University of California. All rights reserved.
34 * @(#)syslogd.c 8.3 (Berkeley) 4/4/94
35 * $FreeBSD: src/usr.sbin/syslogd/syslogd.c,v 1.130 2004/07/04 19:52:48 cperciva Exp $
36 * $DragonFly: src/usr.sbin/syslogd/syslogd.c,v 1.6 2007/08/09 02:17:46 dillon Exp $
37 */
38
39 /*
40 * syslogd -- log system messages
41 *
42 * This program implements a system log. It takes a series of lines.
43 * Each line may have a priority, signified as "<n>" as
44 * the first characters of the line. If this is
45 * not present, a default priority is used.
46 *
47 * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will
48 * cause it to reread its configuration file.
49 *
50 * Defined Constants:
51 *
52 * MAXLINE -- the maximum line length that can be handled.
53 * DEFUPRI -- the default priority for user messages
54 * DEFSPRI -- the default priority for kernel messages
55 *
56 * Author: Eric Allman
57 * extensive changes by Ralph Campbell
58 * more extensive changes by Eric Allman (again)
59 * Extension to log by program name as well as facility and priority
60 * by Peter da Silva.
61 * -u and -v by Harlan Stenn.
62 * Priority comparison code by Harlan Stenn.
63 * Ring buffer code by Jeff Wheelhouse.
64 */
65
66 #define MAXLINE 1024 /* maximum line length */
67 #define MAXSVLINE 120 /* maximum saved line length */
68 #define DEFUPRI (LOG_USER|LOG_NOTICE)
69 #define DEFSPRI (LOG_KERN|LOG_CRIT)
70 #define TIMERINTVL 30 /* interval for checking flush, mark */
71 #define TTYMSGTIME 1 /* timeout passed to ttymsg */
72
73 #include <sys/param.h>
74 #include <sys/ioctl.h>
75 #include <sys/stat.h>
76 #include <sys/wait.h>
77 #include <sys/socket.h>
78 #include <sys/queue.h>
79 #include <sys/uio.h>
80 #include <sys/un.h>
81 #include <sys/time.h>
82 #include <sys/resource.h>
83 #include <sys/syslimits.h>
84 #include <sys/mman.h>
85 #include <sys/types.h>
86
87 #include <netinet/in.h>
88 #include <netdb.h>
89 #include <arpa/inet.h>
90
91 #include <ctype.h>
92 #include <err.h>
93 #include <errno.h>
94 #include <fcntl.h>
95 #include <libutil.h>
96 #include <limits.h>
97 #include <paths.h>
98 #include <signal.h>
99 #include <stdio.h>
100 #include <stdlib.h>
101 #include <string.h>
102 #include <sysexits.h>
103 #include <unistd.h>
104 #include <utmp.h>
105
106 #include "pathnames.h"
107 #include "ttymsg.h"
108 #include "../clog/clog.h"
109
110 #define SYSLOG_NAMES
111 #include <sys/syslog.h>
112
113 #ifdef NI_WITHSCOPEID
114 static const int withscopeid = NI_WITHSCOPEID;
115 #else
116 static const int withscopeid;
117 #endif
118
119 const char *ConfFile = _PATH_LOGCONF;
120 const char *PidFile = _PATH_LOGPID;
121 const char ctty[] = _PATH_CONSOLE;
122 const char ring_magic[] = "CLOG";
123
124 #define dprintf if (Debug) printf
125
126 #define MAXUNAMES 20 /* maximum number of user names */
127
128 #define MAXFUNIX 20
129
130 int nfunix = 1;
131 const char *funixn[MAXFUNIX] = { _PATH_LOG };
132 int funix[MAXFUNIX];
133
134 /*
135 * Flags to logmsg().
136 */
137
138 #define IGN_CONS 0x001 /* don't print on console */
139 #define SYNC_FILE 0x002 /* do fsync on file after printing */
140 #define ADDDATE 0x004 /* add a date to the message */
141 #define MARK 0x008 /* this message is a mark */
142 #define ISKERNEL 0x010 /* kernel generated message */
143
144 /*
145 * This structure represents the files that will have log
146 * copies printed.
147 * We require f_file to be valid if f_type is F_FILE, F_CONSOLE, F_TTY
148 * or if f_type if F_PIPE and f_pid > 0.
149 */
150
151 struct filed {
152 struct filed *f_next; /* next in linked list */
153 short f_type; /* entry type, see below */
154 short f_file; /* file descriptor */
155 time_t f_time; /* time this was last written */
156 char *f_host; /* host from which to recd. */
157 u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */
158 u_char f_pcmp[LOG_NFACILITIES+1]; /* compare priority */
159 #define PRI_LT 0x1
160 #define PRI_EQ 0x2
161 #define PRI_GT 0x4
162 char *f_program; /* program this applies to */
163 union {
164 char f_uname[MAXUNAMES][UT_NAMESIZE+1];
165 struct {
166 char f_hname[MAXHOSTNAMELEN];
167 struct addrinfo *f_addr;
168
169 } f_forw; /* forwarding address */
170 char f_fname[MAXPATHLEN];
171 struct {
172 char f_pname[MAXPATHLEN];
173 pid_t f_pid;
174 } f_pipe;
175 struct {
176 char f_rname[MAXPATHLEN];
177 struct clog_footer *f_footer;
178 size_t f_size;
179 } f_ring;
180 } f_un;
181 char f_prevline[MAXSVLINE]; /* last message logged */
182 char f_lasttime[16]; /* time of last occurrence */
183 char f_prevhost[MAXHOSTNAMELEN]; /* host from which recd. */
184 int f_prevpri; /* pri of f_prevline */
185 int f_prevlen; /* length of f_prevline */
186 int f_prevcount; /* repetition cnt of prevline */
187 u_int f_repeatcount; /* number of "repeated" msgs */
188 int f_flags; /* file-specific flags */
189 #define FFLAG_SYNC 0x01
190 #define FFLAG_NEEDSYNC 0x02
191 };
192
193 /*
194 * Queue of about-to-be dead processes we should watch out for.
195 */
196
197 TAILQ_HEAD(stailhead, deadq_entry) deadq_head;
198 struct stailhead *deadq_headp;
199
200 struct deadq_entry {
201 pid_t dq_pid;
202 int dq_timeout;
203 TAILQ_ENTRY(deadq_entry) dq_entries;
204 };
205
206 /*
207 * The timeout to apply to processes waiting on the dead queue. Unit
208 * of measure is `mark intervals', i.e. 20 minutes by default.
209 * Processes on the dead queue will be terminated after that time.
210 */
211
212 #define DQ_TIMO_INIT 2
213
214 typedef struct deadq_entry *dq_t;
215
216
217 /*
218 * Struct to hold records of network addresses that are allowed to log
219 * to us.
220 */
221 struct allowedpeer {
222 int isnumeric;
223 u_short port;
224 union {
225 struct {
226 struct sockaddr_storage addr;
227 struct sockaddr_storage mask;
228 } numeric;
229 char *name;
230 } u;
231 #define a_addr u.numeric.addr
232 #define a_mask u.numeric.mask
233 #define a_name u.name
234 };
235
236
237 /*
238 * Intervals at which we flush out "message repeated" messages,
239 * in seconds after previous message is logged. After each flush,
240 * we move to the next interval until we reach the largest.
241 */
242 int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */
243 #define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1)
244 #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount])
245 #define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \
246 (f)->f_repeatcount = MAXREPEAT; \
247 }
248
249 /* values for f_type */
250 #define F_UNUSED 0 /* unused entry */
251 #define F_FILE 1 /* regular file */
252 #define F_TTY 2 /* terminal */
253 #define F_CONSOLE 3 /* console terminal */
254 #define F_FORW 4 /* remote machine */
255 #define F_USERS 5 /* list of users */
256 #define F_WALL 6 /* everyone logged on */
257 #define F_PIPE 7 /* pipe to program */
258 #define F_RING 8 /* ring buffer (circular log) */
259
260 const char *TypeNames[] = {
261 "UNUSED", "FILE", "TTY", "CONSOLE",
262 "FORW", "USERS", "WALL", "PIPE",
263 "RING"
264 };
265
266 static struct filed *Files; /* Log files that we write to */
267 static struct filed consfile; /* Console */
268
269 static int Debug; /* debug flag */
270 static int resolve = 1; /* resolve hostname */
271 static char LocalHostName[MAXHOSTNAMELEN]; /* our hostname */
272 static const char *LocalDomain; /* our local domain name */
273 static int *finet; /* Internet datagram socket */
274 static int fklog = -1; /* /dev/klog */
275 static int Initialized; /* set when we have initialized ourselves */
276 static int MarkInterval = 20 * 60; /* interval between marks in seconds */
277 static int MarkSeq; /* mark sequence number */
278 static int SecureMode; /* when true, receive only unix domain socks */
279 #ifdef INET6
280 static int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */
281 #else
282 static int family = PF_INET; /* protocol family (IPv4 only) */
283 #endif
284 static int send_to_all; /* send message to all IPv4/IPv6 addresses */
285 static int use_bootfile; /* log entire bootfile for every kern msg */
286 static int no_compress; /* don't compress messages (1=pipes, 2=all) */
287
288 static char bootfile[MAXLINE+1]; /* booted kernel file */
289
290 struct allowedpeer *AllowedPeers; /* List of allowed peers */
291 static int NumAllowed; /* Number of entries in AllowedPeers */
292
293 static int UniquePriority; /* Only log specified priority? */
294 static int LogFacPri; /* Put facility and priority in log message: */
295 /* 0=no, 1=numeric, 2=names */
296 static int KeepKernFac; /* Keep remotely logged kernel facility */
297 static int needdofsync = 0; /* Are any file(s) waiting to be fsynced? */
298
299 volatile sig_atomic_t MarkSet, WantDie;
300
301 static int allowaddr(char *);
302 static void cfline(const char *, struct filed *,
303 const char *, const char *);
304 static const char *cvthname(struct sockaddr *);
305 static void deadq_enter(pid_t, const char *);
306 static int deadq_remove(pid_t);
307 static int decode(const char *, CODE *);
308 static void die(int);
309 static void dodie(int);
310 static void dofsync(void);
311 static void domark(int);
312 static void fprintlog(struct filed *, int, const char *);
313 static int *socksetup(int, const char *);
314 static void setsockbuffer(int);
315 static void init(int);
316 static void logerror(const char *);
317 static void logmsg(int, const char *, const char *, int);
318 static void log_deadchild(pid_t, int, const char *);
319 static void markit(void);
320 static int skip_message(const char *, const char *, int);
321 static void printline(const char *, char *);
322 static void printsys(char *);
323 static int p_open(const char *, pid_t *);
324 ssize_t rbwrite(struct filed *, char *, size_t);
325 ssize_t rbwritev(struct filed *, struct iovec *, int);
326 static void readklog(void);
327 static void reapchild(int);
328 static void usage(void);
329 static int validate(struct sockaddr *, const char *);
330 static void unmapped(struct sockaddr *);
331 static void wallmsg(struct filed *, struct iovec *);
332 static int waitdaemon(int, int, int);
333 static void timedout(int);
334
335 int
336 main(int argc, char *argv[])
337 {
338 int ch, i, fdsrmax = 0, l;
339 struct sockaddr_un sunx, fromunix;
340 struct sockaddr_storage frominet;
341 fd_set *fdsr = NULL;
342 FILE *fp;
343 char line[MAXLINE + 1];
344 const char *bindhostname, *hname;
345 struct timeval tv, *tvp;
346 struct sigaction sact;
347 sigset_t mask;
348 pid_t ppid = 1;
349 socklen_t len;
350
351 bindhostname = NULL;
352 while ((ch = getopt(argc, argv, "46Aa:b:cdf:kl:m:nop:P:suv")) != -1)
353 switch (ch) {
354 case '4':
355 family = PF_INET;
356 break;
357 #ifdef INET6
358 case '6':
359 family = PF_INET6;
360 break;
361 #endif
362 case 'A':
363 send_to_all++;
364 break;
365 case 'a': /* allow specific network addresses only */
366 if (allowaddr(optarg) == -1)
367 usage();
368 break;
369 case 'b':
370 bindhostname = optarg;
371 break;
372 case 'c':
373 no_compress++;
374 break;
375 case 'd': /* debug */
376 Debug++;
377 break;
378 case 'f': /* configuration file */
379 ConfFile = optarg;
380 break;
381 case 'k': /* keep remote kern fac */
382 KeepKernFac = 1;
383 break;
384 case 'l':
385 if (strlen(optarg) >= sizeof(sunx.sun_path))
386 errx(1, "%s path too long, exiting", optarg);
387 if (nfunix < MAXFUNIX)
388 funixn[nfunix++] = optarg;
389 else
390 warnx("out of descriptors, ignoring %s",
391 optarg);
392 break;
393 case 'm': /* mark interval */
394 MarkInterval = atoi(optarg) * 60;
395 break;
396 case 'n':
397 resolve = 0;
398 break;
399 case 'o':
400 use_bootfile = 1;
401 break;
402 case 'p': /* path */
403 if (strlen(optarg) >= sizeof(sunx.sun_path))
404 errx(1, "%s path too long, exiting", optarg);
405 funixn[0] = optarg;
406 break;
407 case 'P': /* path for alt. PID */
408 PidFile = optarg;
409 break;
410 case 's': /* no network mode */
411 SecureMode++;
412 break;
413 case 'u': /* only log specified priority */
414 UniquePriority++;
415 break;
416 case 'v': /* log facility and priority */
417 LogFacPri++;
418 break;
419 default:
420 usage();
421 }
422 if ((argc -= optind) != 0)
423 usage();
424
425 if (!Debug) {
426 ppid = waitdaemon(0, 0, 30);
427 if (ppid < 0)
428 err(1, "could not become daemon");
429 } else {
430 setlinebuf(stdout);
431 }
432
433 if (NumAllowed)
434 endservent();
435
436 consfile.f_type = F_CONSOLE;
437 strlcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1,
438 sizeof(consfile.f_un.f_fname));
439 strlcpy(bootfile, getbootfile(), sizeof(bootfile));
440 signal(SIGTERM, dodie);
441 signal(SIGINT, Debug ? dodie : SIG_IGN);
442 signal(SIGQUIT, Debug ? dodie : SIG_IGN);
443 /*
444 * We don't want the SIGCHLD and SIGHUP handlers to interfere
445 * with each other; they are likely candidates for being called
446 * simultaneously (SIGHUP closes pipe descriptor, process dies,
447 * SIGCHLD happens).
448 */
449 sigemptyset(&mask);
450 sigaddset(&mask, SIGHUP);
451 sact.sa_handler = reapchild;
452 sact.sa_mask = mask;
453 sact.sa_flags = SA_RESTART;
454 sigaction(SIGCHLD, &sact, NULL);
455 signal(SIGALRM, domark);
456 signal(SIGPIPE, SIG_IGN); /* We'll catch EPIPE instead. */
457 alarm(TIMERINTVL);
458
459 TAILQ_INIT(&deadq_head);
460
461 #ifndef SUN_LEN
462 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2)
463 #endif
464 for (i = 0; i < nfunix; i++) {
465 unlink(funixn[i]);
466 memset(&sunx, 0, sizeof(sunx));
467 sunx.sun_family = AF_UNIX;
468 strlcpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path));
469 funix[i] = socket(AF_UNIX, SOCK_DGRAM, 0);
470 if (funix[i] < 0 ||
471 bind(funix[i], (struct sockaddr *)&sunx,
472 SUN_LEN(&sunx)) < 0 ||
473 chmod(funixn[i], 0666) < 0) {
474 snprintf(line, sizeof line,
475 "cannot create %s", funixn[i]);
476 logerror(line);
477 dprintf("cannot create %s (%d)\n", funixn[i], errno);
478 if (i == 0)
479 die(0);
480 }
481 if (funix[i] >= 0)
482 setsockbuffer(funix[i]);
483 }
484 if (SecureMode <= 1)
485 finet = socksetup(family, bindhostname);
486
487 if (finet) {
488 if (SecureMode) {
489 for (i = 0; i < *finet; i++) {
490 if (shutdown(finet[i+1], SHUT_RD) < 0) {
491 logerror("shutdown");
492 if (!Debug)
493 die(0);
494 }
495 }
496 } else {
497 dprintf("listening on inet and/or inet6 socket\n");
498 }
499 dprintf("sending on inet and/or inet6 socket\n");
500 }
501
502 if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) >= 0)
503 if (fcntl(fklog, F_SETFL, O_NONBLOCK) < 0)
504 fklog = -1;
505 if (fklog < 0)
506 dprintf("can't open %s (%d)\n", _PATH_KLOG, errno);
507
508 /* tuck my process id away */
509 fp = fopen(PidFile, "w");
510 if (fp != NULL) {
511 fprintf(fp, "%d\n", getpid());
512 fclose(fp);
513 }
514
515 dprintf("off & running....\n");
516
517 init(0);
518 /* prevent SIGHUP and SIGCHLD handlers from running in parallel */
519 sigemptyset(&mask);
520 sigaddset(&mask, SIGCHLD);
521 sact.sa_handler = init;
522 sact.sa_mask = mask;
523 sact.sa_flags = SA_RESTART;
524 sigaction(SIGHUP, &sact, NULL);
525
526 tvp = &tv;
527 tv.tv_sec = tv.tv_usec = 0;
528
529 if (fklog != -1 && fklog > fdsrmax)
530 fdsrmax = fklog;
531 if (finet && !SecureMode) {
532 for (i = 0; i < *finet; i++) {
533 if (finet[i+1] != -1 && finet[i+1] > fdsrmax)
534 fdsrmax = finet[i+1];
535 }
536 }
537 for (i = 0; i < nfunix; i++) {
538 if (funix[i] != -1 && funix[i] > fdsrmax)
539 fdsrmax = funix[i];
540 }
541
542 fdsr = (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS),
543 sizeof(fd_mask));
544 if (fdsr == NULL)
545 errx(1, "calloc fd_set");
546
547 for (;;) {
548 if (MarkSet)
549 markit();
550 if (WantDie)
551 die(WantDie);
552
553 bzero(fdsr, howmany(fdsrmax+1, NFDBITS) *
554 sizeof(fd_mask));
555
556 if (fklog != -1)
557 FD_SET(fklog, fdsr);
558 if (finet && !SecureMode) {
559 for (i = 0; i < *finet; i++) {
560 if (finet[i+1] != -1)
561 FD_SET(finet[i+1], fdsr);
562 }
563 }
564 for (i = 0; i < nfunix; i++) {
565 if (funix[i] != -1)
566 FD_SET(funix[i], fdsr);
567 }
568
569 i = select(fdsrmax+1, fdsr, NULL, NULL,
570 needdofsync ? &tv : tvp);
571 switch (i) {
572 case 0:
573 dofsync();
574 needdofsync = 0;
575 if (tvp) {
576 tvp = NULL;
577 if (ppid != 1)
578 kill(ppid, SIGALRM);
579 }
580 continue;
581 case -1:
582 if (errno != EINTR)
583 logerror("select");
584 continue;
585 }
586 if (fklog != -1 && FD_ISSET(fklog, fdsr))
587 readklog();
588 if (finet && !SecureMode) {
589 for (i = 0; i < *finet; i++) {
590 if (FD_ISSET(finet[i+1], fdsr)) {
591 len = sizeof(frominet);
592 l = recvfrom(finet[i+1], line, MAXLINE,
593 0, (struct sockaddr *)&frominet,
594 &len);
595 if (l > 0) {
596 line[l] = '\0';
597 hname = cvthname((struct sockaddr *)&frominet);
598 unmapped((struct sockaddr *)&frominet);
599 if (validate((struct sockaddr *)&frominet, hname))
600 printline(hname, line);
601 } else if (l < 0 && errno != EINTR)
602 logerror("recvfrom inet");
603 }
604 }
605 }
606 for (i = 0; i < nfunix; i++) {
607 if (funix[i] != -1 && FD_ISSET(funix[i], fdsr)) {
608 len = sizeof(fromunix);
609 l = recvfrom(funix[i], line, MAXLINE, 0,
610 (struct sockaddr *)&fromunix, &len);
611 if (l > 0) {
612 line[l] = '\0';
613 printline(LocalHostName, line);
614 } else if (l < 0 && errno != EINTR)
615 logerror("recvfrom unix");
616 }
617 }
618 }
619 if (fdsr)
620 free(fdsr);
621 }
622
623 static void
624 unmapped(struct sockaddr *sa)
625 {
626 struct sockaddr_in6 *sin6;
627 struct sockaddr_in sin4;
628
629 if (sa->sa_family != AF_INET6)
630 return;
631 if (sa->sa_len != sizeof(struct sockaddr_in6) ||
632 sizeof(sin4) > sa->sa_len)
633 return;
634 sin6 = (struct sockaddr_in6 *)sa;
635 if (!IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
636 return;
637
638 memset(&sin4, 0, sizeof(sin4));
639 sin4.sin_family = AF_INET;
640 sin4.sin_len = sizeof(struct sockaddr_in);
641 memcpy(&sin4.sin_addr, &sin6->sin6_addr.s6_addr[12],
642 sizeof(sin4.sin_addr));
643 sin4.sin_port = sin6->sin6_port;
644
645 memcpy(sa, &sin4, sin4.sin_len);
646 }
647
648 static void
649 usage(void)
650 {
651
652 fprintf(stderr, "%s\n%s\n%s\n%s\n",
653 "usage: syslogd [-46Acdknosuv] [-a allowed_peer]",
654 " [-b bind address] [-f config_file]",
655 " [-l log_socket] [-m mark_interval]",
656 " [-P pid_file] [-p log_socket]");
657 exit(1);
658 }
659
660 /*
661 * Take a raw input line, decode the message, and print the message
662 * on the appropriate log files.
663 */
664 static void
665 printline(const char *hname, char *msg)
666 {
667 char *p, *q;
668 long n;
669 int c, pri;
670 char line[MAXLINE + 1];
671
672 /* test for special codes */
673 p = msg;
674 pri = DEFUPRI;
675 if (*p == '<') {
676 errno = 0;
677 n = strtol(p + 1, &q, 10);
678 if (*q == '>' && n >= 0 && n < INT_MAX && errno == 0) {
679 p = q + 1;
680 pri = n;
681 }
682 }
683 if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
684 pri = DEFUPRI;
685
686 /*
687 * Don't allow users to log kernel messages.
688 * NOTE: since LOG_KERN == 0 this will also match
689 * messages with no facility specified.
690 */
691 if ((pri & LOG_FACMASK) == LOG_KERN && !KeepKernFac)
692 pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
693
694 q = line;
695
696 while ((c = (unsigned char)*p++) != '\0' &&
697 q < &line[sizeof(line) - 4]) {
698 if ((c & 0x80) && c < 0xA0) {
699 c &= 0x7F;
700 *q++ = 'M';
701 *q++ = '-';
702 }
703 if (isascii(c) && iscntrl(c)) {
704 if (c == '\n') {
705 *q++ = ' ';
706 } else if (c == '\t') {
707 *q++ = '\t';
708 } else {
709 *q++ = '^';
710 *q++ = c ^ 0100;
711 }
712 } else {
713 *q++ = c;
714 }
715 }
716 *q = '\0';
717
718 logmsg(pri, line, hname, 0);
719 }
720
721 /*
722 * Read /dev/klog while data are available, split into lines.
723 */
724 static void
725 readklog(void)
726 {
727 char *p, *q, line[MAXLINE + 1];
728 int len, i;
729
730 len = 0;
731 for (;;) {
732 i = read(fklog, line + len, MAXLINE - 1 - len);
733 if (i > 0) {
734 line[i + len] = '\0';
735 } else {
736 if (i < 0 && errno != EINTR && errno != EAGAIN) {
737 logerror("klog");
738 fklog = -1;
739 }
740 break;
741 }
742
743 for (p = line; (q = strchr(p, '\n')) != NULL; p = q + 1) {
744 *q = '\0';
745 printsys(p);
746 }
747 len = strlen(p);
748 if (len >= MAXLINE - 1) {
749 printsys(p);
750 len = 0;
751 }
752 if (len > 0)
753 memmove(line, p, len + 1);
754 }
755 if (len > 0)
756 printsys(line);
757 }
758
759 /*
760 * Take a raw input line from /dev/klog, format similar to syslog().
761 */
762 static void
763 printsys(char *msg)
764 {
765 char *p, *q;
766 long n;
767 int flags, isprintf, pri;
768
769 flags = ISKERNEL | SYNC_FILE | ADDDATE; /* fsync after write */
770 p = msg;
771 pri = DEFSPRI;
772 isprintf = 1;
773 if (*p == '<') {
774 errno = 0;
775 n = strtol(p + 1, &q, 10);
776 if (*q == '>' && n >= 0 && n < INT_MAX && errno == 0) {
777 p = q + 1;
778 pri = n;
779 isprintf = 0;
780 }
781 }
782 /*
783 * Kernel printf's and LOG_CONSOLE messages have been displayed
784 * on the console already.
785 */
786 if (isprintf || (pri & LOG_FACMASK) == LOG_CONSOLE)
787 flags |= IGN_CONS;
788 if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
789 pri = DEFSPRI;
790 logmsg(pri, p, LocalHostName, flags);
791 }
792
793 static time_t now;
794
795 /*
796 * Match a program or host name against a specification.
797 * Return a non-0 value if the message must be ignored
798 * based on the specification.
799 */
800 static int
801 skip_message(const char *name, const char *spec, int checkcase) {
802 const char *s;
803 char prev, next;
804 int exclude = 0;
805 /* Behaviour on explicit match */
806
807 if (spec == NULL)
808 return 0;
809 switch (*spec) {
810 case '-':
811 exclude = 1;
812 /*FALLTHROUGH*/
813 case '+':
814 spec++;
815 break;
816 default:
817 break;
818 }
819 if (checkcase)
820 s = strstr (spec, name);
821 else
822 s = strcasestr (spec, name);
823
824 if (s != NULL) {
825 prev = (s == spec ? ',' : *(s - 1));
826 next = *(s + strlen (name));
827
828 if (prev == ',' && (next == '\0' || next == ','))
829 /* Explicit match: skip iff the spec is an
830 exclusive one. */
831 return exclude;
832 }
833
834 /* No explicit match for this name: skip the message iff
835 the spec is an inclusive one. */
836 return !exclude;
837 }
838
839 /*
840 * Log a message to the appropriate log files, users, etc. based on
841 * the priority.
842 */
843 static void
844 logmsg(int pri, const char *msg, const char *from, int flags)
845 {
846 struct filed *f;
847 int i, fac, msglen, omask, prilev;
848 const char *timestamp;
849 char prog[NAME_MAX+1];
850 char buf[MAXLINE+1];
851
852 dprintf("logmsg: pri %o, flags %x, from %s, msg %s\n",
853 pri, flags, from, msg);
854
855 omask = sigblock(sigmask(SIGHUP)|sigmask(SIGALRM));
856
857 /*
858 * Check to see if msg looks non-standard.
859 */
860 msglen = strlen(msg);
861 if (msglen < 16 || msg[3] != ' ' || msg[6] != ' ' ||
862 msg[9] != ':' || msg[12] != ':' || msg[15] != ' ')
863 flags |= ADDDATE;
864
865 time(&now);
866 if (flags & ADDDATE) {
867 timestamp = ctime(&now) + 4;
868 } else {
869 timestamp = msg;
870 msg += 16;
871 msglen -= 16;
872 }
873
874 /* skip leading blanks */
875 while (isspace(*msg)) {
876 msg++;
877 msglen--;
878 }
879
880 /* extract facility and priority level */
881 if (flags & MARK)
882 fac = LOG_NFACILITIES;
883 else
884 fac = LOG_FAC(pri);
885 prilev = LOG_PRI(pri);
886
887 /* extract program name */
888 for (i = 0; i < NAME_MAX; i++) {
889 if (!isprint(msg[i]) || msg[i] == ':' || msg[i] == '[' ||
890 msg[i] == '/')
891 break;
892 prog[i] = msg[i];
893 }
894 prog[i] = 0;
895
896 /* add kernel prefix for kernel messages */
897 if (flags & ISKERNEL) {
898 snprintf(buf, sizeof(buf), "%s: %s",
899 use_bootfile ? bootfile : "kernel", msg);
900 msg = buf;
901 msglen = strlen(buf);
902 }
903
904 /* log the message to the particular outputs */
905 if (!Initialized) {
906 f = &consfile;
907 f->f_file = open(ctty, O_WRONLY, 0);
908
909 if (f->f_file >= 0) {
910 strlcpy(f->f_lasttime, timestamp,
911 sizeof(f->f_lasttime));
912 fprintlog(f, flags, msg);
913 close(f->f_file);
914 }
915 sigsetmask(omask);
916 return;
917 }
918 for (f = Files; f; f = f->f_next) {
919 /* skip messages that are incorrect priority */
920 if (!(((f->f_pcmp[fac] & PRI_EQ) && (f->f_pmask[fac] == prilev))
921 ||((f->f_pcmp[fac] & PRI_LT) && (f->f_pmask[fac] < prilev))
922 ||((f->f_pcmp[fac] & PRI_GT) && (f->f_pmask[fac] > prilev))
923 )
924 || f->f_pmask[fac] == INTERNAL_NOPRI)
925 continue;
926
927 /* skip messages with the incorrect hostname */
928 if (skip_message(from, f->f_host, 0))
929 continue;
930
931 /* skip messages with the incorrect program name */
932 if (skip_message(prog, f->f_program, 1))
933 continue;
934
935 /* skip message to console if it has already been printed */
936 if (f->f_type == F_CONSOLE && (flags & IGN_CONS))
937 continue;
938
939 /* don't output marks to recently written files */
940 if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
941 continue;
942
943 /*
944 * suppress duplicate lines to this file
945 */
946 if (no_compress - (f->f_type != F_PIPE) < 1 &&
947 (flags & MARK) == 0 && msglen == f->f_prevlen &&
948 !strcmp(msg, f->f_prevline) &&
949 !strcasecmp(from, f->f_prevhost)) {
950 strlcpy(f->f_lasttime, timestamp,
951 sizeof(f->f_lasttime));
952 f->f_prevcount++;
953 dprintf("msg repeated %d times, %ld sec of %d\n",
954 f->f_prevcount, (long)(now - f->f_time),
955 repeatinterval[f->f_repeatcount]);
956 /*
957 * If domark would have logged this by now,
958 * flush it now (so we don't hold isolated messages),
959 * but back off so we'll flush less often
960 * in the future.
961 */
962 if (now > REPEATTIME(f)) {
963 fprintlog(f, flags, (char *)NULL);
964 BACKOFF(f);
965 }
966 } else {
967 /* new line, save it */
968 if (f->f_prevcount)
969 fprintlog(f, 0, (char *)NULL);
970 f->f_repeatcount = 0;
971 f->f_prevpri = pri;
972 strlcpy(f->f_lasttime, timestamp,
973 sizeof(f->f_lasttime));
974 strlcpy(f->f_prevhost, from,
975 sizeof(f->f_prevhost));
976 if (msglen < MAXSVLINE) {
977 f->f_prevlen = msglen;
978 strlcpy(f->f_prevline, msg, sizeof(f->f_prevline));
979 fprintlog(f, flags, (char *)NULL);
980 } else {
981 f->f_prevline[0] = 0;
982 f->f_prevlen = 0;
983 fprintlog(f, flags, msg);
984 }
985 }
986 }
987 sigsetmask(omask);
988 }
989
990 static void
991 dofsync(void)
992 {
993 struct filed *f;
994
995 for (f = Files; f; f = f->f_next) {
996 if ((f->f_type == F_FILE) &&
997 (f->f_flags & FFLAG_NEEDSYNC)) {
998 f->f_flags &= ~FFLAG_NEEDSYNC;
999 fsync(f->f_file);
1000 }
1001 }
1002 }
1003
1004 static void
1005 fprintlog(struct filed *f, int flags, const char *msg)
1006 {
1007 struct iovec iov[7];
1008 struct iovec *v;
1009 struct addrinfo *r;
1010 int i, l, lsent = 0;
1011 char line[MAXLINE + 1], repbuf[80], greetings[200], *wmsg = NULL;
1012 char nul[] = "", space[] = " ", lf[] = "\n", crlf[] = "\r\n";
1013 const char *msgret;
1014
1015 v = iov;
1016 if (f->f_type == F_WALL) {
1017 v->iov_base = greetings;
1018 v->iov_len = snprintf(greetings, sizeof greetings,
1019 "\r\n\7Message from syslogd@%s at %.24s ...\r\n",
1020 f->f_prevhost, ctime(&now));
1021 if (v->iov_len > 0)
1022 v++;
1023 v->iov_base = nul;
1024 v->iov_len = 0;
1025 v++;
1026 } else {
1027 v->iov_base = f->f_lasttime;
1028 v->iov_len = 15;
1029 v++;
1030 v->iov_base = space;
1031 v->iov_len = 1;
1032 v++;
1033 }
1034
1035 if (LogFacPri) {
1036 static char fp_buf[30]; /* Hollow laugh */
1037 int fac = f->f_prevpri & LOG_FACMASK;
1038 int pri = LOG_PRI(f->f_prevpri);
1039 const char *f_s = NULL;
1040 char f_n[5]; /* Hollow laugh */
1041 const char *p_s = NULL;
1042 char p_n[5]; /* Hollow laugh */
1043
1044 if (LogFacPri > 1) {
1045 CODE *c;
1046
1047 for (c = facilitynames; c->c_name; c++) {
1048 if (c->c_val == fac) {
1049 f_s = c->c_name;
1050 break;
1051 }
1052 }
1053 for (c = prioritynames; c->c_name; c++) {
1054 if (c->c_val == pri) {
1055 p_s = c->c_name;
1056 break;
1057 }
1058 }
1059 }
1060 if (!f_s) {
1061 snprintf(f_n, sizeof f_n, "%d", LOG_FAC(fac));
1062 f_s = f_n;
1063 }
1064 if (!p_s) {
1065 snprintf(p_n, sizeof p_n, "%d", pri);
1066 p_s = p_n;
1067 }
1068 snprintf(fp_buf, sizeof fp_buf, "<%s.%s> ", f_s, p_s);
1069 v->iov_base = fp_buf;
1070 v->iov_len = strlen(fp_buf);
1071 } else {
1072 v->iov_base = nul;
1073 v->iov_len = 0;
1074 }
1075 v++;
1076
1077 v->iov_base = f->f_prevhost;
1078 v->iov_len = strlen(v->iov_base);
1079 v++;
1080 v->iov_base = space;
1081 v->iov_len = 1;
1082 v++;
1083
1084 if (msg) {
1085 wmsg = strdup(msg); /* XXX iov_base needs a `const' sibling. */
1086 if (wmsg == NULL) {
1087 logerror("strdup");
1088 exit(1);
1089 }
1090 v->iov_base = wmsg;
1091 v->iov_len = strlen(msg);
1092 } else if (f->f_prevcount > 1) {
1093 v->iov_base = repbuf;
1094 v->iov_len = snprintf(repbuf, sizeof repbuf,
1095 "last message repeated %d times", f->f_prevcount);
1096 } else {
1097 v->iov_base = f->f_prevline;
1098 v->iov_len = f->f_prevlen;
1099 }
1100 v++;
1101
1102 dprintf("Logging to %s", TypeNames[f->f_type]);
1103 f->f_time = now;
1104
1105 switch (f->f_type) {
1106 case F_UNUSED:
1107 dprintf("\n");
1108 break;
1109
1110 case F_FORW:
1111 dprintf(" %s\n", f->f_un.f_forw.f_hname);
1112 /* check for local vs remote messages */
1113 if (strcasecmp(f->f_prevhost, LocalHostName))
1114 l = snprintf(line, sizeof line - 1,
1115 "<%d>%.15s Forwarded from %s: %s",
1116 f->f_prevpri, (char *)iov[0].iov_base,
1117 f->f_prevhost, (char *)iov[5].iov_base);
1118 else
1119 l = snprintf(line, sizeof line - 1, "<%d>%.15s %s",
1120 f->f_prevpri, (char *)iov[0].iov_base,
1121 (char *)iov[5].iov_base);
1122 if (l < 0)
1123 l = 0;
1124 else if (l > MAXLINE)
1125 l = MAXLINE;
1126
1127 if (finet) {
1128 for (r = f->f_un.f_forw.f_addr; r; r = r->ai_next) {
1129 for (i = 0; i < *finet; i++) {
1130 #if 0
1131 /*
1132 * should we check AF first, or just
1133 * trial and error? FWD
1134 */
1135 if (r->ai_family ==
1136 address_family_of(finet[i+1]))
1137 #endif
1138 lsent = sendto(finet[i+1], line, l, 0,
1139 r->ai_addr, r->ai_addrlen);
1140 if (lsent == l)
1141 break;
1142 }
1143 if (lsent == l && !send_to_all)
1144 break;
1145 }
1146 dprintf("lsent/l: %d/%d\n", lsent, l);
1147 if (lsent != l) {
1148 int e = errno;
1149 logerror("sendto");
1150 errno = e;
1151 switch (errno) {
1152 case EHOSTUNREACH:
1153 case EHOSTDOWN:
1154 break;
1155 /* case EBADF: */
1156 /* case EACCES: */
1157 /* case ENOTSOCK: */
1158 /* case EFAULT: */
1159 /* case EMSGSIZE: */
1160 /* case EAGAIN: */
1161 /* case ENOBUFS: */
1162 /* case ECONNREFUSED: */
1163 default:
1164 dprintf("removing entry\n");
1165 f->f_type = F_UNUSED;
1166 break;
1167 }
1168 }
1169 }
1170 break;
1171
1172 case F_FILE:
1173 dprintf(" %s\n", f->f_un.f_fname);
1174 v->iov_base = lf;
1175 v->iov_len = 1;
1176 if (writev(f->f_file, iov, 7) < 0) {
1177 int e = errno;
1178 close(f->f_file);
1179 f->f_type = F_UNUSED;
1180 errno = e;
1181 logerror(f->f_un.f_fname);
1182 } else if ((flags & SYNC_FILE) && (f->f_flags & FFLAG_SYNC)) {
1183 f->f_flags |= FFLAG_NEEDSYNC;
1184 needdofsync = 1;
1185 }
1186 break;
1187
1188 case F_RING:
1189 dprintf(" %s\n", f->f_un.f_ring.f_rname);
1190 v->iov_base = "\n";
1191 v->iov_len = 1;
1192 if (rbwritev(f, iov, 7) == -1) {
1193 int e = errno;
1194 munmap(f->f_un.f_ring.f_footer,
1195 sizeof(struct clog_footer));
1196 close(f->f_file);
1197 f->f_type = F_UNUSED;
1198 errno = e;
1199 logerror(f->f_un.f_fname);
1200 }
1201 break;
1202
1203 case F_PIPE:
1204 dprintf(" %s\n", f->f_un.f_pipe.f_pname);
1205 v->iov_base = lf;
1206 v->iov_len = 1;
1207 if (f->f_un.f_pipe.f_pid == 0) {
1208 if ((f->f_file = p_open(f->f_un.f_pipe.f_pname,
1209 &f->f_un.f_pipe.f_pid)) < 0) {
1210 f->f_type = F_UNUSED;
1211 logerror(f->f_un.f_pipe.f_pname);
1212 break;
1213 }
1214 }
1215 if (writev(f->f_file, iov, 7) < 0) {
1216 int e = errno;
1217 close(f->f_file);
1218 if (f->f_un.f_pipe.f_pid > 0)
1219 deadq_enter(f->f_un.f_pipe.f_pid,
1220 f->f_un.f_pipe.f_pname);
1221 f->f_un.f_pipe.f_pid = 0;
1222 errno = e;
1223 logerror(f->f_un.f_pipe.f_pname);
1224 }
1225 break;
1226
1227 case F_CONSOLE:
1228 if (flags & IGN_CONS) {
1229 dprintf(" (ignored)\n");
1230 break;
1231 }
1232 /* FALLTHROUGH */
1233
1234 case F_TTY:
1235 dprintf(" %s%s\n", _PATH_DEV, f->f_un.f_fname);
1236 v->iov_base = crlf;
1237 v->iov_len = 2;
1238
1239 errno = 0; /* ttymsg() only sometimes returns an errno */
1240 if ((msgret = ttymsg(iov, 7, f->f_un.f_fname, 10))) {
1241 f->f_type = F_UNUSED;
1242 logerror(msgret);
1243 }
1244 break;
1245
1246 case F_USERS:
1247 case F_WALL:
1248 dprintf("\n");
1249 v->iov_base = crlf;
1250 v->iov_len = 2;
1251 wallmsg(f, iov);
1252 break;
1253 }
1254 f->f_prevcount = 0;
1255 if (msg)
1256 free(wmsg);
1257 }
1258
1259 /*
1260 * WALLMSG -- Write a message to the world at large
1261 *
1262 * Write the specified message to either the entire
1263 * world, or a list of approved users.
1264 */
1265 static void
1266 wallmsg(struct filed *f, struct iovec *iov)
1267 {
1268 static int reenter; /* avoid calling ourselves */
1269 FILE *uf;
1270 struct utmp ut;
1271 int i;
1272 const char *p;
1273 char line[sizeof(ut.ut_line) + 1];
1274
1275 if (reenter++)
1276 return;
1277 if ((uf = fopen(_PATH_UTMP, "r")) == NULL) {
1278 logerror(_PATH_UTMP);
1279 reenter = 0;
1280 return;
1281 }
1282 /* NOSTRICT */
1283 while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) {
1284 if (ut.ut_name[0] == '\0')
1285 continue;
1286 /* We must use strncpy since ut_* may not be NUL terminated. */
1287 strncpy(line, ut.ut_line, sizeof(line) - 1);
1288 line[sizeof(line) - 1] = '\0';
1289 if (f->f_type == F_WALL) {
1290 if ((p = ttymsg(iov, 7, line, TTYMSGTIME)) != NULL) {
1291 errno = 0; /* already in msg */
1292 logerror(p);
1293 }
1294 continue;
1295 }
1296 /* should we send the message to this user? */
1297 for (i = 0; i < MAXUNAMES; i++) {
1298 if (!f->f_un.f_uname[i][0])
1299 break;
1300 if (!strncmp(f->f_un.f_uname[i], ut.ut_name,
1301 UT_NAMESIZE)) {
1302 if ((p = ttymsg(iov, 7, line, TTYMSGTIME))
1303 != NULL) {
1304 errno = 0; /* already in msg */
1305 logerror(p);
1306 }
1307 break;
1308 }
1309 }
1310 }
1311 fclose(uf);
1312 reenter = 0;
1313 }
1314
1315 static void
1316 reapchild(int signo __unused)
1317 {
1318 int status;
1319 pid_t pid;
1320 struct filed *f;
1321
1322 while ((pid = wait3(&status, WNOHANG, (struct rusage *)NULL)) > 0) {
1323 if (!Initialized)
1324 /* Don't tell while we are initting. */
1325 continue;
1326
1327 /* First, look if it's a process from the dead queue. */
1328 if (deadq_remove(pid))
1329 goto oncemore;
1330
1331 /* Now, look in list of active processes. */
1332 for (f = Files; f; f = f->f_next)
1333 if (f->f_type == F_PIPE &&
1334 f->f_un.f_pipe.f_pid == pid) {
1335 close(f->f_file);
1336 f->f_un.f_pipe.f_pid = 0;
1337 log_deadchild(pid, status,
1338 f->f_un.f_pipe.f_pname);
1339 break;
1340 }
1341 oncemore:
1342 continue;
1343 }
1344 }
1345
1346 /*
1347 * Return a printable representation of a host address.
1348 */
1349 static const char *
1350 cvthname(struct sockaddr *f)
1351 {
1352 int error, hl;
1353 sigset_t omask, nmask;
1354 static char hname[NI_MAXHOST], ip[NI_MAXHOST];
1355
1356 error = getnameinfo((struct sockaddr *)f,
1357 ((struct sockaddr *)f)->sa_len,
1358 ip, sizeof ip, NULL, 0,
1359 NI_NUMERICHOST | withscopeid);
1360 dprintf("cvthname(%s)\n", ip);
1361
1362 if (error) {
1363 dprintf("Malformed from address %s\n", gai_strerror(error));
1364 return ("???");
1365 }
1366 if (!resolve)
1367 return (ip);
1368
1369 sigemptyset(&nmask);
1370 sigaddset(&nmask, SIGHUP);
1371 sigprocmask(SIG_BLOCK, &nmask, &omask);
1372 error = getnameinfo((struct sockaddr *)f,
1373 ((struct sockaddr *)f)->sa_len,
1374 hname, sizeof hname, NULL, 0,
1375 NI_NAMEREQD | withscopeid);
1376 sigprocmask(SIG_SETMASK, &omask, NULL);
1377 if (error) {
1378 dprintf("Host name for your address (%s) unknown\n", ip);
1379 return (ip);
1380 }
1381 hl = strlen(hname);
1382 if (hl > 0 && hname[hl-1] == '.')
1383 hname[--hl] = '\0';
1384 trimdomain(hname, hl);
1385 return (hname);
1386 }
1387
1388 static void
1389 dodie(int signo)
1390 {
1391
1392 WantDie = signo;
1393 }
1394
1395 static void
1396 domark(int signo __unused)
1397 {
1398
1399 MarkSet = 1;
1400 }
1401
1402 /*
1403 * Print syslogd errors some place.
1404 */
1405 static void
1406 logerror(const char *type)
1407 {
1408 char buf[512];
1409 static int recursed = 0;
1410
1411 /* If there's an error while trying to log an error, give up. */
1412 if (recursed)
1413 return;
1414 recursed++;
1415 if (errno)
1416 snprintf(buf,
1417 sizeof buf, "syslogd: %s: %s", type, strerror(errno));
1418 else
1419 snprintf(buf, sizeof buf, "syslogd: %s", type);
1420 errno = 0;
1421 dprintf("%s\n", buf);
1422 logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE);
1423 recursed--;
1424 }
1425
1426 static void
1427 die(int signo)
1428 {
1429 struct filed *f;
1430 int was_initialized;
1431 char buf[100];
1432 int i;
1433
1434 was_initialized = Initialized;
1435 Initialized = 0; /* Don't log SIGCHLDs. */
1436 for (f = Files; f != NULL; f = f->f_next) {
1437 /* flush any pending output */
1438 if (f->f_prevcount)
1439 fprintlog(f, 0, (char *)NULL);
1440 if (f->f_type == F_PIPE && f->f_un.f_pipe.f_pid > 0) {
1441 close(f->f_file);
1442 f->f_un.f_pipe.f_pid = 0;
1443 }
1444 }
1445 Initialized = was_initialized;
1446 if (signo) {
1447 dprintf("syslogd: exiting on signal %d\n", signo);
1448 snprintf(buf, sizeof(buf), "exiting on signal %d", signo);
1449 errno = 0;
1450 logerror(buf);
1451 }
1452 for (i = 0; i < nfunix; i++)
1453 if (funixn[i] && funix[i] != -1)
1454 unlink(funixn[i]);
1455 exit(1);
1456 }
1457
1458 /*
1459 * INIT -- Initialize syslogd from configuration table
1460 */
1461 static void
1462 init(int signo)
1463 {
1464 int i;
1465 FILE *cf;
1466 struct filed *f, *next, **nextp;
1467 char *p;
1468 char cline[LINE_MAX];
1469 char prog[NAME_MAX+1];
1470 char host[MAXHOSTNAMELEN];
1471 char oldLocalHostName[MAXHOSTNAMELEN];
1472 char hostMsg[2*MAXHOSTNAMELEN+40];
1473 char bootfileMsg[LINE_MAX];
1474
1475 dprintf("init\n");
1476
1477 /*
1478 * Load hostname (may have changed).
1479 */
1480 if (signo != 0)
1481 strlcpy(oldLocalHostName, LocalHostName,
1482 sizeof(oldLocalHostName));
1483 if (gethostname(LocalHostName, sizeof(LocalHostName)))
1484 err(EX_OSERR, "gethostname() failed");
1485 if ((p = strchr(LocalHostName, '.')) != NULL) {
1486 *p++ = '\0';
1487 LocalDomain = p;
1488 } else {
1489 LocalDomain = "";
1490 }
1491
1492 /*
1493 * Close all open log files.
1494 */
1495 Initialized = 0;
1496 for (f = Files; f != NULL; f = next) {
1497 /* flush any pending output */
1498 if (f->f_prevcount)
1499 fprintlog(f, 0, (char *)NULL);
1500
1501 switch (f->f_type) {
1502 case F_FILE:
1503 case F_FORW:
1504 case F_CONSOLE:
1505 case F_TTY:
1506 close(f->f_file);
1507 break;
1508 case F_PIPE:
1509 if (f->f_un.f_pipe.f_pid > 0) {
1510 close(f->f_file);
1511 deadq_enter(f->f_un.f_pipe.f_pid,
1512 f->f_un.f_pipe.f_pname);
1513 }
1514 f->f_un.f_pipe.f_pid = 0;
1515 break;
1516 case F_RING:
1517 munmap(f->f_un.f_ring.f_footer,
1518 sizeof(struct clog_footer));
1519 close(f->f_file);
1520 break;
1521 }
1522 next = f->f_next;
1523 if (f->f_program) free(f->f_program);
1524 if (f->f_host) free(f->f_host);
1525 free((char *)f);
1526 }
1527 Files = NULL;
1528 nextp = &Files;
1529
1530 /* open the configuration file */
1531 if ((cf = fopen(ConfFile, "r")) == NULL) {
1532 dprintf("cannot open %s\n", ConfFile);
1533 *nextp = (struct filed *)calloc(1, sizeof(*f));
1534 if (*nextp == NULL) {
1535 logerror("calloc");
1536 exit(1);
1537 }
1538 cfline("*.ERR\t/dev/console", *nextp, "*", "*");
1539 (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f));
1540 if ((*nextp)->f_next == NULL) {
1541 logerror("calloc");
1542 exit(1);
1543 }
1544 cfline("*.PANIC\t*", (*nextp)->f_next, "*", "*");
1545 Initialized = 1;
1546 return;
1547 }
1548
1549 /*
1550 * Foreach line in the conf table, open that file.
1551 */
1552 f = NULL;
1553 strlcpy(host, "*", sizeof(host));
1554 strlcpy(prog, "*", sizeof(prog));
1555 while (fgets(cline, sizeof(cline), cf) != NULL) {
1556 /*
1557 * check for end-of-section, comments, strip off trailing
1558 * spaces and newline character. #!prog is treated specially:
1559 * following lines apply only to that program.
1560 */
1561 for (p = cline; isspace(*p); ++p)
1562 continue;
1563 if (*p == 0)
1564 continue;
1565 if (*p == '#') {
1566 p++;
1567 if (*p != '!' && *p != '+' && *p != '-')
1568 continue;
1569 }
1570 if (*p == '+' || *p == '-') {
1571 host[0] = *p++;
1572 while (isspace(*p))
1573 p++;
1574 if ((!*p) || (*p == '*')) {
1575 strlcpy(host, "*", sizeof(host));
1576 continue;
1577 }
1578 if (*p == '@')
1579 p = LocalHostName;
1580 for (i = 1; i < MAXHOSTNAMELEN - 1; i++) {
1581 if (!isalnum(*p) && *p != '.' && *p != '-'
1582 && *p != ',')
1583 break;
1584 host[i] = *p++;
1585 }
1586 host[i] = '\0';
1587 continue;
1588 }
1589 if (*p == '!') {
1590 p++;
1591 while (isspace(*p)) p++;
1592 if ((!*p) || (*p == '*')) {
1593 strlcpy(prog, "*", sizeof(prog));
1594 continue;
1595 }
1596 for (i = 0; i < NAME_MAX; i++) {
1597 if (!isprint(p[i]))
1598 break;
1599 prog[i] = p[i];
1600 }
1601 prog[i] = 0;
1602 continue;
1603 }
1604 for (i = strlen(cline) - 1; i >= 0 && isspace(cline[i]); i--)
1605 cline[i] = '\0';
1606 f = (struct filed *)calloc(1, sizeof(*f));
1607 if (f == NULL) {
1608 logerror("calloc");
1609 exit(1);
1610 }
1611 *nextp = f;
1612 nextp = &f->f_next;
1613 cfline(cline, f, prog, host);
1614 }
1615
1616 /* close the configuration file */
1617 fclose(cf);
1618
1619 Initialized = 1;
1620
1621 if (Debug) {
1622 for (f = Files; f; f = f->f_next) {
1623 for (i = 0; i <= LOG_NFACILITIES; i++)
1624 if (f->f_pmask[i] == INTERNAL_NOPRI)
1625 printf("X ");
1626 else
1627 printf("%d ", f->f_pmask[i]);
1628 printf("%s: ", TypeNames[f->f_type]);
1629 switch (f->f_type) {
1630 case F_FILE:
1631 printf("%s", f->f_un.f_fname);
1632 break;
1633
1634 case F_CONSOLE:
1635 case F_TTY:
1636 printf("%s%s", _PATH_DEV, f->f_un.f_fname);
1637 break;
1638
1639 case F_FORW:
1640 printf("%s", f->f_un.f_forw.f_hname);
1641 break;
1642
1643 case F_RING:
1644 printf("%s", f->f_un.f_ring.f_rname);
1645 break;
1646
1647 case F_PIPE:
1648 printf("%s", f->f_un.f_pipe.f_pname);
1649 break;
1650
1651 case F_USERS:
1652 for (i = 0; i < MAXUNAMES && *f->f_un.f_uname[i]; i++)
1653 printf("%s, ", f->f_un.f_uname[i]);
1654 break;
1655 }
1656 if (f->f_program)
1657 printf(" (%s)", f->f_program);
1658 printf("\n");
1659 }
1660 }
1661
1662 logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, ADDDATE);
1663 dprintf("syslogd: restarted\n");
1664 /*
1665 * Log a change in hostname, but only on a restart.
1666 */
1667 if (signo != 0 && strcmp(oldLocalHostName, LocalHostName) != 0) {
1668 snprintf(hostMsg, sizeof(hostMsg),
1669 "syslogd: hostname changed, \"%s\" to \"%s\"",
1670 oldLocalHostName, LocalHostName);
1671 logmsg(LOG_SYSLOG|LOG_INFO, hostMsg, LocalHostName, ADDDATE);
1672 dprintf("%s\n", hostMsg);
1673 }
1674 /*
1675 * Log the kernel boot file if we aren't going to use it as
1676 * the prefix, and if this is *not* a restart.
1677 */
1678 if (signo == 0 && !use_bootfile) {
1679 snprintf(bootfileMsg, sizeof(bootfileMsg),
1680 "syslogd: kernel boot file is %s", bootfile);
1681 logmsg(LOG_KERN|LOG_INFO, bootfileMsg, LocalHostName, ADDDATE);
1682 dprintf("%s\n", bootfileMsg);
1683 }
1684 }
1685
1686 /*
1687 * Crack a configuration file line
1688 */
1689 static void
1690 cfline(const char *line, struct filed *f, const char *prog, const char *host)
1691 {
1692 struct addrinfo hints, *res;
1693 int error, i, pri, syncfile;
1694 const char *p, *q;
1695 char *bp;
1696 char buf[MAXLINE], ebuf[100];
1697 struct stat sb;
1698
1699 dprintf("cfline(\"%s\", f, \"%s\", \"%s\")\n", line, prog, host);
1700
1701 errno = 0; /* keep strerror() stuff out of logerror messages */
1702
1703 /* clear out file entry */
1704 memset(f, 0, sizeof(*f));
1705 for (i = 0; i <= LOG_NFACILITIES; i++)
1706 f->f_pmask[i] = INTERNAL_NOPRI;
1707
1708 /* save hostname if any */
1709 if (host && *host == '*')
1710 host = NULL;
1711 if (host) {
1712 int hl;
1713
1714 f->f_host = strdup(host);
1715 if (f->f_host == NULL) {
1716 logerror("strdup");
1717 exit(1);
1718 }
1719 hl = strlen(f->f_host);
1720 if (hl > 0 && f->f_host[hl-1] == '.')
1721 f->f_host[--hl] = '\0';
1722 trimdomain(f->f_host, hl);
1723 }
1724
1725 /* save program name if any */
1726 if (prog && *prog == '*')
1727 prog = NULL;
1728 if (prog) {
1729 f->f_program = strdup(prog);
1730 if (f->f_program == NULL) {
1731 logerror("strdup");
1732 exit(1);
1733 }
1734 }
1735
1736 /* scan through the list of selectors */
1737 for (p = line; *p && *p != '\t' && *p != ' ';) {
1738 int pri_done;
1739 int pri_cmp;
1740 int pri_invert;
1741
1742 /* find the end of this facility name list */
1743 for (q = p; *q && *q != '\t' && *q != ' ' && *q++ != '.'; )
1744 continue;
1745
1746 /* get the priority comparison */
1747 pri_cmp = 0;
1748 pri_done = 0;
1749 pri_invert = 0;
1750 if (*q == '!') {
1751 pri_invert = 1;
1752 q++;
1753 }
1754 while (!pri_done) {
1755 switch (*q) {
1756 case '<':
1757 pri_cmp |= PRI_LT;
1758 q++;
1759 break;
1760 case '=':
1761 pri_cmp |= PRI_EQ;
1762 q++;
1763 break;
1764 case '>':
1765 pri_cmp |= PRI_GT;
1766 q++;
1767 break;
1768 default:
1769 pri_done++;
1770 break;
1771 }
1772 }
1773
1774 /* collect priority name */
1775 for (bp = buf; *q && !strchr("\t,; ", *q); )
1776 *bp++ = *q++;
1777 *bp = '\0';
1778
1779 /* skip cruft */
1780 while (strchr(",;", *q))
1781 q++;
1782
1783 /* decode priority name */
1784 if (*buf == '*') {
1785 pri = LOG_PRIMASK + 1;
1786 pri_cmp = PRI_LT | PRI_EQ | PRI_GT;
1787 } else {
1788 /* Ignore trailing spaces. */
1789 for (i = strlen(buf) - 1; i >= 0 && buf[i] == ' '; i--)
1790 buf[i] = '\0';
1791
1792 pri = decode(buf, prioritynames);
1793 if (pri < 0) {
1794 snprintf(ebuf, sizeof ebuf,
1795 "unknown priority name \"%s\"", buf);
1796 logerror(ebuf);
1797 return;
1798 }
1799 }
1800 if (!pri_cmp)
1801 pri_cmp = (UniquePriority)
1802 ? (PRI_EQ)
1803 : (PRI_EQ | PRI_GT)
1804 ;
1805 if (pri_invert)
1806 pri_cmp ^= PRI_LT | PRI_EQ | PRI_GT;
1807
1808 /* scan facilities */
1809 while (*p && !strchr("\t.; ", *p)) {
1810 for (bp = buf; *p && !strchr("\t,;. ", *p); )
1811 *bp++ = *p++;
1812 *bp = '\0';
1813
1814 if (*buf == '*') {
1815 for (i = 0; i < LOG_NFACILITIES; i++) {
1816 f->f_pmask[i] = pri;
1817 f->f_pcmp[i] = pri_cmp;
1818 }
1819 } else {
1820 i = decode(buf, facilitynames);
1821 if (i < 0) {
1822 snprintf(ebuf, sizeof ebuf,
1823 "unknown facility name \"%s\"",
1824 buf);
1825 logerror(ebuf);
1826 return;
1827 }
1828 f->f_pmask[i >> 3] = pri;
1829 f->f_pcmp[i >> 3] = pri_cmp;
1830 }
1831 while (*p == ',' || *p == ' ')
1832 p++;
1833 }
1834
1835 p = q;
1836 }
1837
1838 /* skip to action part */
1839 while (*p == '\t' || *p == ' ')
1840 p++;
1841
1842 if (*p == '-') {
1843 syncfile = 0;
1844 p++;
1845 } else
1846 syncfile = 1;
1847
1848 switch (*p) {
1849 case '@':
1850 strlcpy(f->f_un.f_forw.f_hname, ++p,
1851 sizeof(f->f_un.f_forw.f_hname));
1852 memset(&hints, 0, sizeof(hints));
1853 hints.ai_family = family;
1854 hints.ai_socktype = SOCK_DGRAM;
1855 error = getaddrinfo(f->f_un.f_forw.f_hname, "syslog", &hints,
1856 &res);
1857 if (error) {
1858 logerror(gai_strerror(error));
1859 break;
1860 }
1861 f->f_un.f_forw.f_addr = res;
1862 f->f_type = F_FORW;
1863 break;
1864
1865 case '/':
1866 if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) {
1867 f->f_type = F_UNUSED;
1868 logerror(p);
1869 break;
1870 }
1871 if (syncfile)
1872 f->f_flags |= FFLAG_SYNC;
1873 if (isatty(f->f_file)) {
1874 if (strcmp(p, ctty) == 0)
1875 f->f_type = F_CONSOLE;
1876 else
1877 f->f_type = F_TTY;
1878 strlcpy(f->f_un.f_fname, p + sizeof(_PATH_DEV) - 1,
1879 sizeof(f->f_un.f_fname));
1880 } else {
1881 strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname));
1882 f->f_type = F_FILE;
1883 }
1884 break;
1885
1886 case '%':
1887 if ((f->f_file = open(p + 1, O_RDWR, 0 )) < 0) {
1888 f->f_type = F_UNUSED;
1889 logerror(p + 1);
1890 break;
1891 }
1892 if (fstat(f->f_file,&sb) < 0) {
1893 close(f->f_file);
1894 f->f_type = F_UNUSED;
1895 logerror(p+1);
1896 break;
1897 }
1898 f->f_un.f_ring.f_footer =
1899 mmap(NULL, sizeof(struct clog_footer),
1900 PROT_READ|PROT_WRITE, MAP_SHARED,
1901 f->f_file, sb.st_size-sizeof(struct clog_footer));
1902 if (f->f_un.f_ring.f_footer == NULL) {
1903 close(f->f_file);
1904 f->f_type = F_UNUSED;
1905 logerror(p + 1);
1906 break;
1907 }
1908 if (memcmp(&(f->f_un.f_ring.f_footer->cf_magic), MAGIC_CONST, 4) != 0) {
1909 munmap(f->f_un.f_ring.f_footer,
1910 sizeof(struct clog_footer));
1911 close(f->f_file);
1912 f->f_type = F_UNUSED;
1913 errno = ENODEV;
1914 logerror(p + 1);
1915 break;
1916 }
1917 f->f_un.f_ring.f_size = sb.st_size;
1918 strcpy(f->f_un.f_ring.f_rname, p + 1);
1919 f->f_type = F_RING;
1920 break;
1921
1922 case '|':
1923 f->f_un.f_pipe.f_pid = 0;
1924 strlcpy(f->f_un.f_fname, p + 1, sizeof(f->f_un.f_fname));
1925 f->f_type = F_PIPE;
1926 break;
1927
1928 case '*':
1929 f->f_type = F_WALL;
1930 break;
1931
1932 default:
1933 for (i = 0; i < MAXUNAMES && *p; i++) {
1934 for (q = p; *q && *q != ','; )
1935 q++;
1936 strncpy(f->f_un.f_uname[i], p, UT_NAMESIZE);
1937 if ((q - p) > UT_NAMESIZE)
1938 f->f_un.f_uname[i][UT_NAMESIZE] = '\0';
1939 else
1940 f->f_un.f_uname[i][q - p] = '\0';
1941 while (*q == ',' || *q == ' ')
1942 q++;
1943 p = q;
1944 }
1945 f->f_type = F_USERS;
1946 break;
1947 }
1948 }
1949
1950
1951 /*
1952 * Decode a symbolic name to a numeric value
1953 */
1954 static int
1955 decode(const char *name, CODE *codetab)
1956 {
1957 CODE *c;
1958 char *p, buf[40];
1959
1960 if (isdigit(*name))
1961 return (atoi(name));
1962
1963 for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) {
1964 if (isupper(*name))
1965 *p = tolower(*name);
1966 else
1967 *p = *name;
1968 }
1969 *p = '\0';
1970 for (c = codetab; c->c_name; c++)
1971 if (!strcmp(buf, c->c_name))
1972 return (c->c_val);
1973
1974 return (-1);
1975 }
1976
1977 static void
1978 markit(void)
1979 {
1980 struct filed *f;
1981 dq_t q, next;
1982
1983 now = time((time_t *)NULL);
1984 MarkSeq += TIMERINTVL;
1985 if (MarkSeq >= MarkInterval) {
1986 logmsg(LOG_INFO, "-- MARK --",
1987 LocalHostName, ADDDATE|MARK);
1988 MarkSeq = 0;
1989 }
1990
1991 for (f = Files; f; f = f->f_next) {
1992 if (f->f_prevcount && now >= REPEATTIME(f)) {
1993 dprintf("flush %s: repeated %d times, %d sec.\n",
1994 TypeNames[f->f_type], f->f_prevcount,
1995 repeatinterval[f->f_repeatcount]);
1996 fprintlog(f, 0, (char *)NULL);
1997 BACKOFF(f);
1998 }
1999 }
2000
2001 /* Walk the dead queue, and see if we should signal somebody. */
2002 for (q = TAILQ_FIRST(&deadq_head); q != NULL; q = next) {
2003 next = TAILQ_NEXT(q, dq_entries);
2004
2005 switch (q->dq_timeout) {
2006 case 0:
2007 /* Already signalled once, try harder now. */
2008 if (kill(q->dq_pid, SIGKILL) != 0)
2009 deadq_remove(q->dq_pid);
2010 break;
2011
2012 case 1:
2013 /*
2014 * Timed out on dead queue, send terminate
2015 * signal. Note that we leave the removal
2016 * from the dead queue to reapchild(), which
2017 * will also log the event (unless the process
2018 * didn't even really exist, in case we simply
2019 * drop it from the dead queue).
2020 */
2021 if (kill(q->dq_pid, SIGTERM) != 0)
2022 deadq_remove(q->dq_pid);
2023 /* FALLTHROUGH */
2024
2025 default:
2026 q->dq_timeout--;
2027 }
2028 }
2029 MarkSet = 0;
2030 alarm(TIMERINTVL);
2031 }
2032
2033 /*
2034 * fork off and become a daemon, but wait for the child to come online
2035 * before returing to the parent, or we get disk thrashing at boot etc.
2036 * Set a timer so we don't hang forever if it wedges.
2037 */
2038 static int
2039 waitdaemon(int nochdir, int noclose, int maxwait)
2040 {
2041 int fd;
2042 int status;
2043 pid_t pid, childpid;
2044
2045 switch (childpid = fork()) {
2046 case -1:
2047 return (-1);
2048 case 0:
2049 break;
2050 default:
2051 signal(SIGALRM, timedout);
2052 alarm(maxwait);
2053 while ((pid = wait3(&status, 0, NULL)) != -1) {
2054 if (WIFEXITED(status))
2055 errx(1, "child pid %d exited with return code %d",
2056 pid, WEXITSTATUS(status));
2057 if (WIFSIGNALED(status))
2058 errx(1, "child pid %d exited on signal %d%s",
2059 pid, WTERMSIG(status),
2060 WCOREDUMP(status) ? " (core dumped)" :
2061 "");
2062 if (pid == childpid) /* it's gone... */
2063 break;
2064 }
2065 exit(0);
2066 }
2067
2068 if (setsid() == -1)
2069 return (-1);
2070
2071 if (!nochdir)
2072 chdir("/");
2073
2074 if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
2075 dup2(fd, STDIN_FILENO);
2076 dup2(fd, STDOUT_FILENO);
2077 dup2(fd, STDERR_FILENO);
2078 if (fd > 2)
2079 close (fd);
2080 }
2081 return (getppid());
2082 }
2083
2084 /*
2085 * We get a SIGALRM from the child when it's running and finished doing it's
2086 * fsync()'s or O_SYNC writes for all the boot messages.
2087 *
2088 * We also get a signal from the kernel if the timer expires, so check to
2089 * see what happened.
2090 */
2091 static void
2092 timedout(int sig __unused)
2093 {
2094 int left;
2095 left = alarm(0);
2096 signal(SIGALRM, SIG_DFL);
2097 if (left == 0)
2098 errx(1, "timed out waiting for child");
2099 else
2100 _exit(0);
2101 }
2102
2103 /*
2104 * Add `s' to the list of allowable peer addresses to accept messages
2105 * from.
2106 *
2107 * `s' is a string in the form:
2108 *
2109 * [*]domainname[:{servicename|portnumber|*}]
2110 *
2111 * or
2112 *
2113 * netaddr/maskbits[:{servicename|portnumber|*}]
2114 *
2115 * Returns -1 on error, 0 if the argument was valid.
2116 */
2117 static int
2118 allowaddr(char *s)
2119 {
2120 char *cp1, *cp2;
2121 struct allowedpeer ap;
2122 struct servent *se;
2123 int masklen = -1, i;
2124 struct addrinfo hints, *res;
2125 struct in_addr *addrp, *maskp;
2126 u_int32_t *addr6p, *mask6p;
2127 char ip[NI_MAXHOST];
2128
2129 #ifdef INET6
2130 if (*s != '[' || (cp1 = strchr(s + 1, ']')) == NULL)
2131 #endif
2132 cp1 = s;
2133 if ((cp1 = strrchr(cp1, ':'))) {
2134 /* service/port provided */
2135 *cp1++ = '\0';
2136 if (strlen(cp1) == 1 && *cp1 == '*')
2137 /* any port allowed */
2138 ap.port = 0;
2139 else if ((se = getservbyname(cp1, "udp"))) {
2140 ap.port = ntohs(se->s_port);
2141 } else {
2142 ap.port = strtol(cp1, &cp2, 0);
2143 if (*cp2 != '\0')
2144 return (-1); /* port not numeric */
2145 }
2146 } else {
2147 if ((se = getservbyname("syslog", "udp")))
2148 ap.port = ntohs(se->s_port);
2149 else
2150 /* sanity, should not happen */
2151 ap.port = 514;
2152 }
2153
2154 if ((cp1 = strchr(s, '/')) != NULL &&
2155 strspn(cp1 + 1, "0123456789") == strlen(cp1 + 1)) {
2156 *cp1 = '\0';
2157 if ((masklen = atoi(cp1 + 1)) < 0)
2158 return (-1);
2159 }
2160 #ifdef INET6
2161 if (*s == '[') {
2162 cp2 = s + strlen(s) - 1;
2163 if (*cp2 == ']') {
2164 ++s;
2165 *cp2 = '\0';
2166 } else {
2167 cp2 = NULL;
2168 }
2169 } else {
2170 cp2 = NULL;
2171 }
2172 #endif
2173 memset(&hints, 0, sizeof(hints));
2174 hints.ai_family = PF_UNSPEC;
2175 hints.ai_socktype = SOCK_DGRAM;
2176 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
2177 if (getaddrinfo(s, NULL, &hints, &res) == 0) {
2178 ap.isnumeric = 1;
2179 memcpy(&ap.a_addr, res->ai_addr, res->ai_addrlen);
2180 memset(&ap.a_mask, 0, sizeof(ap.a_mask));
2181 ap.a_mask.ss_family = res->ai_family;
2182 if (res->ai_family == AF_INET) {
2183 ap.a_mask.ss_len = sizeof(struct sockaddr_in);
2184 maskp = &((struct sockaddr_in *)&ap.a_mask)->sin_addr;
2185 addrp = &((struct sockaddr_in *)&ap.a_addr)->sin_addr;
2186 if (masklen < 0) {
2187 /* use default netmask */
2188 if (IN_CLASSA(ntohl(addrp->s_addr)))
2189 maskp->s_addr = htonl(IN_CLASSA_NET);
2190 else if (IN_CLASSB(ntohl(addrp->s_addr)))
2191 maskp->s_addr = htonl(IN_CLASSB_NET);
2192 else
2193 maskp->s_addr = htonl(IN_CLASSC_NET);
2194 } else if (masklen <= 32) {
2195 /* convert masklen to netmask */
2196 if (masklen == 0)
2197 maskp->s_addr = 0;
2198 else
2199 maskp->s_addr = htonl(~((1 << (32 - masklen)) - 1));
2200 } else {
2201 freeaddrinfo(res);
2202 return (-1);
2203 }
2204 /* Lose any host bits in the network number. */
2205 addrp->s_addr &= maskp->s_addr;
2206 }
2207 #ifdef INET6
2208 else if (res->ai_family == AF_INET6 && masklen <= 128) {
2209 ap.a_mask.ss_len = sizeof(struct sockaddr_in6);
2210 if (masklen < 0)
2211 masklen = 128;
2212 mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr;
2213 /* convert masklen to netmask */
2214 while (masklen > 0) {
2215 if (masklen < 32) {
2216 *mask6p = htonl(~(0xffffffff >> masklen));
2217 break;
2218 }
2219 *mask6p++ = 0xffffffff;
2220 masklen -= 32;
2221 }
2222 /* Lose any host bits in the network number. */
2223 mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr;
2224 addr6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_addr)->sin6_addr;
2225 for (i = 0; i < 4; i++)
2226 addr6p[i] &= mask6p[i];
2227 }
2228 #endif
2229 else {
2230 freeaddrinfo(res);
2231 return (-1);
2232 }
2233 freeaddrinfo(res);
2234 } else {
2235 /* arg `s' is domain name */
2236 ap.isnumeric = 0;
2237 ap.a_name = s;
2238 if (cp1)
2239 *cp1 = '/';
2240 #ifdef INET6
2241 if (cp2) {
2242 *cp2 = ']';
2243 --s;
2244 }
2245 #endif
2246 }
2247
2248 if (Debug) {
2249 printf("allowaddr: rule %d: ", NumAllowed);
2250 if (ap.isnumeric) {
2251 printf("numeric, ");
2252 getnameinfo((struct sockaddr *)&ap.a_addr,
2253 ((struct sockaddr *)&ap.a_addr)->sa_len,
2254 ip, sizeof ip, NULL, 0,
2255 NI_NUMERICHOST | withscopeid);
2256 printf("addr = %s, ", ip);
2257 getnameinfo((struct sockaddr *)&ap.a_mask,
2258 ((struct sockaddr *)&ap.a_mask)->sa_len,
2259 ip, sizeof ip, NULL, 0,
2260 NI_NUMERICHOST | withscopeid);
2261 printf("mask = %s; ", ip);
2262 } else {
2263 printf("domainname = %s; ", ap.a_name);
2264 }
2265 printf("port = %d\n", ap.port);
2266 }
2267
2268 if ((AllowedPeers = realloc(AllowedPeers,
2269 ++NumAllowed * sizeof(struct allowedpeer)))
2270 == NULL) {
2271 logerror("realloc");
2272 exit(1);
2273 }
2274 memcpy(&AllowedPeers[NumAllowed - 1], &ap, sizeof(struct allowedpeer));
2275 return (0);
2276 }
2277
2278 /*
2279 * Validate that the remote peer has permission to log to us.
2280 */
2281 static int
2282 validate(struct sockaddr *sa, const char *hname)
2283 {
2284 int i, j, reject;
2285 size_t l1, l2;
2286 char *cp, name[NI_MAXHOST], ip[NI_MAXHOST], port[NI_MAXSERV];
2287 struct allowedpeer *ap;
2288 struct sockaddr_in *sin4, *a4p = NULL, *m4p = NULL;
2289 struct sockaddr_in6 *sin6, *a6p = NULL, *m6p = NULL;
2290 struct addrinfo hints, *res;
2291 u_short sport;
2292
2293 if (NumAllowed == 0)
2294 /* traditional behaviour, allow everything */
2295 return (1);
2296
2297 strlcpy(name, hname, sizeof(name));
2298 memset(&hints, 0, sizeof(hints));
2299 hints.ai_family = PF_UNSPEC;
2300 hints.ai_socktype = SOCK_DGRAM;
2301 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
2302 if (getaddrinfo(name, NULL, &hints, &res) == 0)
2303 freeaddrinfo(res);
2304 else if (strchr(name, '.') == NULL) {
2305 strlcat(name, ".", sizeof name);
2306 strlcat(name, LocalDomain, sizeof name);
2307 }
2308 if (getnameinfo(sa, sa->sa_len, ip, sizeof ip, port, sizeof port,
2309 NI_NUMERICHOST | withscopeid | NI_NUMERICSERV) != 0)
2310 return (0); /* for safety, should not occur */
2311 dprintf("validate: dgram from IP %s, port %s, name %s;\n",
2312 ip, port, name);
2313 sport = atoi(port);
2314
2315 /* now, walk down the list */
2316 for (i = 0, ap = AllowedPeers; i < NumAllowed; i++, ap++) {
2317 if (ap->port != 0 && ap->port != sport) {
2318 dprintf("rejected in rule %d due to port mismatch.\n", i);
2319 continue;
2320 }
2321
2322 if (ap->isnumeric) {
2323 if (ap->a_addr.ss_family != sa->sa_family) {
2324 dprintf("rejected in rule %d due to address family mismatch.\n", i);
2325 continue;
2326 }
2327 if (ap->a_addr.ss_family == AF_INET) {
2328 sin4 = (struct sockaddr_in *)sa;
2329 a4p = (struct sockaddr_in *)&ap->a_addr;
2330 m4p = (struct sockaddr_in *)&ap->a_mask;
2331 if ((sin4->sin_addr.s_addr & m4p->sin_addr.s_addr)
2332 != a4p->sin_addr.s_addr) {
2333 dprintf("rejected in rule %d due to IP mismatch.\n", i);
2334 continue;
2335 }
2336 }
2337 #ifdef INET6
2338 else if (ap->a_addr.ss_family == AF_INET6) {
2339 sin6 = (struct sockaddr_in6 *)sa;
2340 a6p = (struct sockaddr_in6 *)&ap->a_addr;
2341 m6p = (struct sockaddr_in6 *)&ap->a_mask;
2342 #ifdef NI_WITHSCOPEID
2343 if (a6p->sin6_scope_id != 0 &&
2344 sin6->sin6_scope_id != a6p->sin6_scope_id) {
2345 dprintf("rejected in rule %d due to scope mismatch.\n", i);
2346 continue;
2347 }
2348 #endif
2349 reject = 0;
2350 for (j = 0; j < 16; j += 4) {
2351 if ((*(u_int32_t *)&sin6->sin6_addr.s6_addr[j] & *(u_int32_t *)&m6p->sin6_addr.s6_addr[j])
2352 != *(u_int32_t *)&a6p->sin6_addr.s6_addr[j]) {
2353 ++reject;
2354 break;
2355 }
2356 }
2357 if (reject) {
2358 dprintf("rejected in rule %d due to IP mismatch.\n", i);
2359 continue;
2360 }
2361 }
2362 #endif
2363 else
2364 continue;
2365 } else {
2366 cp = ap->a_name;
2367 l1 = strlen(name);
2368 if (*cp == '*') {
2369 /* allow wildmatch */
2370 cp++;
2371 l2 = strlen(cp);
2372 if (l2 > l1 || memcmp(cp, &name[l1 - l2], l2) != 0) {
2373 dprintf("rejected in rule %d due to name mismatch.\n", i);
2374 continue;
2375 }
2376 } else {
2377 /* exact match */
2378 l2 = strlen(cp);
2379 if (l2 != l1 || memcmp(cp, name, l1) != 0) {
2380 dprintf("rejected in rule %d due to name mismatch.\n", i);
2381 continue;
2382 }
2383 }
2384 }
2385 dprintf("accepted in rule %d.\n", i);
2386 return (1); /* hooray! */
2387 }
2388 return (0);
2389 }
2390
2391 /*
2392 * Fairly similar to popen(3), but returns an open descriptor, as
2393 * opposed to a FILE *.
2394 */
2395 static int
2396 p_open(const char *prog, pid_t *rpid)
2397 {
2398 int pfd[2], nulldesc, i;
2399 pid_t pid;
2400 sigset_t omask, mask;
2401 char *argv[4]; /* sh -c cmd NULL */
2402 char errmsg[200];
2403
2404 if (pipe(pfd) == -1)
2405 return (-1);
2406 if ((nulldesc = open(_PATH_DEVNULL, O_RDWR)) == -1)
2407 /* we are royally screwed anyway */
2408 return (-1);
2409
2410 sigemptyset(&mask);
2411 sigaddset(&mask, SIGALRM);
2412 sigaddset(&mask, SIGHUP);
2413 sigprocmask(SIG_BLOCK, &mask, &omask);
2414 switch ((pid = fork())) {
2415 case -1:
2416 sigprocmask(SIG_SETMASK, &omask, 0);
2417 close(nulldesc);
2418 return (-1);
2419
2420 case 0:
2421 argv[0] = strdup("sh");
2422 argv[1] = strdup("-c");
2423 argv[2] = strdup(prog);
2424 argv[3] = NULL;
2425 if (argv[0] == NULL || argv[1] == NULL || argv[2] == NULL) {
2426 logerror("strdup");
2427 exit(1);
2428 }
2429
2430 alarm(0);
2431 setsid(); /* Avoid catching SIGHUPs. */
2432
2433 /*
2434 * Throw away pending signals, and reset signal
2435 * behaviour to standard values.
2436 */
2437 signal(SIGALRM, SIG_IGN);
2438 signal(SIGHUP, SIG_IGN);
2439 sigprocmask(SIG_SETMASK, &omask, 0);
2440 signal(SIGPIPE, SIG_DFL);
2441 signal(SIGQUIT, SIG_DFL);
2442 signal(SIGALRM, SIG_DFL);
2443 signal(SIGHUP, SIG_DFL);
2444
2445 dup2(pfd[0], STDIN_FILENO);
2446 dup2(nulldesc, STDOUT_FILENO);
2447 dup2(nulldesc, STDERR_FILENO);
2448 for (i = getdtablesize(); i > 2; i--)
2449 close(i);
2450
2451 execvp(_PATH_BSHELL, argv);
2452 _exit(255);
2453 }
2454
2455 sigprocmask(SIG_SETMASK, &omask, 0);
2456 close(nulldesc);
2457 close(pfd[0]);
2458 /*
2459 * Avoid blocking on a hung pipe. With O_NONBLOCK, we are
2460 * supposed to get an EWOULDBLOCK on writev(2), which is
2461 * caught by the logic above anyway, which will in turn close
2462 * the pipe, and fork a new logging subprocess if necessary.
2463 * The stale subprocess will be killed some time later unless
2464 * it terminated itself due to closing its input pipe (so we
2465 * get rid of really dead puppies).
2466 */
2467 if (fcntl(pfd[1], F_SETFL, O_NONBLOCK) == -1) {
2468 /* This is bad. */
2469 snprintf(errmsg, sizeof errmsg,
2470 "Warning: cannot change pipe to PID %d to "
2471 "non-blocking behaviour.",
2472 (int)pid);
2473 logerror(errmsg);
2474 }
2475 *rpid = pid;
2476 return (pfd[1]);
2477 }
2478
2479 static void
2480 deadq_enter(pid_t pid, const char *name)
2481 {
2482 dq_t p;
2483 int status;
2484
2485 /*
2486 * Be paranoid, if we can't signal the process, don't enter it
2487 * into the dead queue (perhaps it's already dead). If possible,
2488 * we try to fetch and log the child's status.
2489 */
2490 if (kill(pid, 0) != 0) {
2491 if (waitpid(pid, &status, WNOHANG) > 0)
2492 log_deadchild(pid, status, name);
2493 return;
2494 }
2495
2496 p = malloc(sizeof(struct deadq_entry));
2497 if (p == NULL) {
2498 logerror("malloc");
2499 exit(1);
2500 }
2501
2502 p->dq_pid = pid;
2503 p->dq_timeout = DQ_TIMO_INIT;
2504 TAILQ_INSERT_TAIL(&deadq_head, p, dq_entries);
2505 }
2506
2507 static int
2508 deadq_remove(pid_t pid)
2509 {
2510 dq_t q;
2511
2512 TAILQ_FOREACH(q, &deadq_head, dq_entries) {
2513 if (q->dq_pid == pid) {
2514 TAILQ_REMOVE(&deadq_head, q, dq_entries);
2515 free(q);
2516 return (1);
2517 }
2518 }
2519
2520 return (0);
2521 }
2522
2523 static void
2524 log_deadchild(pid_t pid, int status, const char *name)
2525 {
2526 int code;
2527 char buf[256];
2528 const char *reason;
2529
2530 errno = 0; /* Keep strerror() stuff out of logerror messages. */
2531 if (WIFSIGNALED(status)) {
2532 reason = "due to signal";
2533 code = WTERMSIG(status);
2534 } else {
2535 reason = "with status";
2536 code = WEXITSTATUS(status);
2537 if (code == 0)
2538 return;
2539 }
2540 snprintf(buf, sizeof buf,
2541 "Logging subprocess %d (%s) exited %s %d.",
2542 pid, name, reason, code);
2543 logerror(buf);
2544 }
2545
2546 static int *
2547 socksetup(int af, const char *bindhostname)
2548 {
2549 struct addrinfo hints, *res, *r;
2550 int error, maxs, *s, *socks;
2551
2552 memset(&hints, 0, sizeof(hints));
2553 hints.ai_flags = AI_PASSIVE;
2554 hints.ai_family = af;
2555 hints.ai_socktype = SOCK_DGRAM;
2556 error = getaddrinfo(bindhostname, "syslog", &hints, &res);
2557 if (error) {
2558 logerror(gai_strerror(error));
2559 errno = 0;
2560 die(0);
2561 }
2562
2563 /* Count max number of sockets we may open */
2564 for (maxs = 0, r = res; r; r = r->ai_next, maxs++);
2565 socks = malloc((maxs+1) * sizeof(int));
2566 if (socks == NULL) {
2567 logerror("couldn't allocate memory for sockets");
2568 die(0);
2569 }
2570
2571 *socks = 0; /* num of sockets counter at start of array */
2572 s = socks + 1;
2573 for (r = res; r; r = r->ai_next) {
2574 *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol);
2575 if (*s < 0) {
2576 logerror("socket");
2577 continue;
2578 }
2579 if (r->ai_socktype != SOCK_STREAM)
2580 setsockbuffer(*s);
2581 if (r->ai_family == AF_INET6) {
2582 int on = 1;
2583 if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY,
2584 (char *)&on, sizeof (on)) < 0) {
2585 logerror("setsockopt");
2586 close(*s);
2587 continue;
2588 }
2589 }
2590 if (bind(*s, r->ai_addr, r->ai_addrlen) < 0) {
2591 close(*s);
2592 logerror("bind");
2593 continue;
2594 }
2595
2596 (*socks)++;
2597 s++;
2598 }
2599
2600 if (*socks == 0) {
2601 free(socks);
2602 if (Debug)
2603 return (NULL);
2604 else
2605 die(0);
2606 }
2607 if (res)
2608 freeaddrinfo(res);
2609
2610 return (socks);
2611 }
2612
2613 /*
2614 * Most systems default to a fairly small amount of receive buffer space,
2615 * set a reasonable buffer size.
2616 */
2617 static
2618 void
2619 setsockbuffer(int fd)
2620 {
2621 int bytes = 65536;
2622
2623 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &bytes, sizeof(bytes));
2624 }
2625
2626 ssize_t
2627 rbwritev(struct filed *f, struct iovec *iov, int iovcnt)
2628 {
2629 int i;
2630 ssize_t out = 0;
2631 ssize_t error;
2632
2633 for (i = 0; i < iovcnt; i++) {
2634 error = rbwrite(f, iov[i].iov_base, iov[i].iov_len);
2635 if (error == -1)
2636 return (-1);
2637 out += error;
2638 }
2639 return (out);
2640 }
2641
2642
2643 ssize_t
2644 rbwrite(struct filed *f, char *buf, size_t nbytes)
2645 {
2646 size_t maxwrite;
2647 ssize_t error;
2648 ssize_t out;
2649
2650 maxwrite = f->f_un.f_ring.f_footer->cf_max -
2651 f->f_un.f_ring.f_footer->cf_next;
2652 out = 0;
2653
2654 f->f_un.f_ring.f_footer->cf_lock = 1;
2655 while (nbytes > 0) {
2656 maxwrite = f->f_un.f_ring.f_footer->cf_max -
2657 f->f_un.f_ring.f_footer->cf_next;
2658 if (maxwrite > nbytes)
2659 maxwrite = nbytes;
2660 error = pwrite(f->f_file, buf, maxwrite,
2661 f->f_un.f_ring.f_footer->cf_next);
2662 if (error == -1) {
2663 f->f_un.f_ring.f_footer->cf_lock = 0;
2664 return (-1);
2665 }
2666 nbytes -= error;
2667 out += error;
2668 buf += error;
2669 f->f_un.f_ring.f_footer->cf_next += error;
2670 if (f->f_un.f_ring.f_footer->cf_next ==
2671 f->f_un.f_ring.f_footer->cf_max) {
2672 f->f_un.f_ring.f_footer->cf_next = 0;
2673 f->f_un.f_ring.f_footer->cf_wrap = 1;
2674 }
2675
2676 }
2677
2678 f->f_un.f_ring.f_footer->cf_lock = 0;
2679 return (out);
2680 }
DragonFly BSD