search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge from vendor branch OPENSSL:
[dragonfly/vkernel-mp.git] / usr.sbin / syslogd / syslogd.c
blob54138cf485c1679533571341777613b74ff0e0a7
1 /*
2 * Copyright (c) 1983, 1988, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * @(#) Copyright (c) 1983, 1988, 1993, 1994 The Regents of the University of California. All rights reserved.
34 * @(#)syslogd.c 8.3 (Berkeley) 4/4/94
35 * $FreeBSD: src/usr.sbin/syslogd/syslogd.c,v 1.130 2004/07/04 19:52:48 cperciva Exp $
36 * $DragonFly: src/usr.sbin/syslogd/syslogd.c,v 1.5 2004/12/18 23:48:14 swildner Exp $
37 */
38
39 /*
40 * syslogd -- log system messages
41 *
42 * This program implements a system log. It takes a series of lines.
43 * Each line may have a priority, signified as "<n>" as
44 * the first characters of the line. If this is
45 * not present, a default priority is used.
46 *
47 * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will
48 * cause it to reread its configuration file.
49 *
50 * Defined Constants:
51 *
52 * MAXLINE -- the maximum line length that can be handled.
53 * DEFUPRI -- the default priority for user messages
54 * DEFSPRI -- the default priority for kernel messages
55 *
56 * Author: Eric Allman
57 * extensive changes by Ralph Campbell
58 * more extensive changes by Eric Allman (again)
59 * Extension to log by program name as well as facility and priority
60 * by Peter da Silva.
61 * -u and -v by Harlan Stenn.
62 * Priority comparison code by Harlan Stenn.
63 * Ring buffer code by Jeff Wheelhouse.
64 */
65
66 #define MAXLINE 1024 /* maximum line length */
67 #define MAXSVLINE 120 /* maximum saved line length */
68 #define DEFUPRI (LOG_USER|LOG_NOTICE)
69 #define DEFSPRI (LOG_KERN|LOG_CRIT)
70 #define TIMERINTVL 30 /* interval for checking flush, mark */
71 #define TTYMSGTIME 1 /* timeout passed to ttymsg */
72
73 #include <sys/param.h>
74 #include <sys/ioctl.h>
75 #include <sys/stat.h>
76 #include <sys/wait.h>
77 #include <sys/socket.h>
78 #include <sys/queue.h>
79 #include <sys/uio.h>
80 #include <sys/un.h>
81 #include <sys/time.h>
82 #include <sys/resource.h>
83 #include <sys/syslimits.h>
84 #include <sys/mman.h>
85 #include <sys/types.h>
86
87 #include <netinet/in.h>
88 #include <netdb.h>
89 #include <arpa/inet.h>
90
91 #include <ctype.h>
92 #include <err.h>
93 #include <errno.h>
94 #include <fcntl.h>
95 #include <libutil.h>
96 #include <limits.h>
97 #include <paths.h>
98 #include <signal.h>
99 #include <stdio.h>
100 #include <stdlib.h>
101 #include <string.h>
102 #include <sysexits.h>
103 #include <unistd.h>
104 #include <utmp.h>
105
106 #include "pathnames.h"
107 #include "ttymsg.h"
108 #include "../clog/clog.h"
109
110 #define SYSLOG_NAMES
111 #include <sys/syslog.h>
112
113 #ifdef NI_WITHSCOPEID
114 static const int withscopeid = NI_WITHSCOPEID;
115 #else
116 static const int withscopeid;
117 #endif
118
119 const char *ConfFile = _PATH_LOGCONF;
120 const char *PidFile = _PATH_LOGPID;
121 const char ctty[] = _PATH_CONSOLE;
122 const char ring_magic[] = "CLOG";
123
124 #define dprintf if (Debug) printf
125
126 #define MAXUNAMES 20 /* maximum number of user names */
127
128 #define MAXFUNIX 20
129
130 int nfunix = 1;
131 const char *funixn[MAXFUNIX] = { _PATH_LOG };
132 int funix[MAXFUNIX];
133
134 /*
135 * Flags to logmsg().
136 */
137
138 #define IGN_CONS 0x001 /* don't print on console */
139 #define SYNC_FILE 0x002 /* do fsync on file after printing */
140 #define ADDDATE 0x004 /* add a date to the message */
141 #define MARK 0x008 /* this message is a mark */
142 #define ISKERNEL 0x010 /* kernel generated message */
143
144 /*
145 * This structure represents the files that will have log
146 * copies printed.
147 * We require f_file to be valid if f_type is F_FILE, F_CONSOLE, F_TTY
148 * or if f_type if F_PIPE and f_pid > 0.
149 */
150
151 struct filed {
152 struct filed *f_next; /* next in linked list */
153 short f_type; /* entry type, see below */
154 short f_file; /* file descriptor */
155 time_t f_time; /* time this was last written */
156 char *f_host; /* host from which to recd. */
157 u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */
158 u_char f_pcmp[LOG_NFACILITIES+1]; /* compare priority */
159 #define PRI_LT 0x1
160 #define PRI_EQ 0x2
161 #define PRI_GT 0x4
162 char *f_program; /* program this applies to */
163 union {
164 char f_uname[MAXUNAMES][UT_NAMESIZE+1];
165 struct {
166 char f_hname[MAXHOSTNAMELEN];
167 struct addrinfo *f_addr;
168
169 } f_forw; /* forwarding address */
170 char f_fname[MAXPATHLEN];
171 struct {
172 char f_pname[MAXPATHLEN];
173 pid_t f_pid;
174 } f_pipe;
175 struct {
176 char f_rname[MAXPATHLEN];
177 struct clog_footer *f_footer;
178 size_t f_size;
179 } f_ring;
180 } f_un;
181 char f_prevline[MAXSVLINE]; /* last message logged */
182 char f_lasttime[16]; /* time of last occurrence */
183 char f_prevhost[MAXHOSTNAMELEN]; /* host from which recd. */
184 int f_prevpri; /* pri of f_prevline */
185 int f_prevlen; /* length of f_prevline */
186 int f_prevcount; /* repetition cnt of prevline */
187 u_int f_repeatcount; /* number of "repeated" msgs */
188 int f_flags; /* file-specific flags */
189 #define FFLAG_SYNC 0x01
190 #define FFLAG_NEEDSYNC 0x02
191 };
192
193 /*
194 * Queue of about-to-be dead processes we should watch out for.
195 */
196
197 TAILQ_HEAD(stailhead, deadq_entry) deadq_head;
198 struct stailhead *deadq_headp;
199
200 struct deadq_entry {
201 pid_t dq_pid;
202 int dq_timeout;
203 TAILQ_ENTRY(deadq_entry) dq_entries;
204 };
205
206 /*
207 * The timeout to apply to processes waiting on the dead queue. Unit
208 * of measure is `mark intervals', i.e. 20 minutes by default.
209 * Processes on the dead queue will be terminated after that time.
210 */
211
212 #define DQ_TIMO_INIT 2
213
214 typedef struct deadq_entry *dq_t;
215
216
217 /*
218 * Struct to hold records of network addresses that are allowed to log
219 * to us.
220 */
221 struct allowedpeer {
222 int isnumeric;
223 u_short port;
224 union {
225 struct {
226 struct sockaddr_storage addr;
227 struct sockaddr_storage mask;
228 } numeric;
229 char *name;
230 } u;
231 #define a_addr u.numeric.addr
232 #define a_mask u.numeric.mask
233 #define a_name u.name
234 };
235
236
237 /*
238 * Intervals at which we flush out "message repeated" messages,
239 * in seconds after previous message is logged. After each flush,
240 * we move to the next interval until we reach the largest.
241 */
242 int repeatinterval[] = { 30, 120, 600 }; /* # of secs before flush */
243 #define MAXREPEAT ((sizeof(repeatinterval) / sizeof(repeatinterval[0])) - 1)
244 #define REPEATTIME(f) ((f)->f_time + repeatinterval[(f)->f_repeatcount])
245 #define BACKOFF(f) { if (++(f)->f_repeatcount > MAXREPEAT) \
246 (f)->f_repeatcount = MAXREPEAT; \
247 }
248
249 /* values for f_type */
250 #define F_UNUSED 0 /* unused entry */
251 #define F_FILE 1 /* regular file */
252 #define F_TTY 2 /* terminal */
253 #define F_CONSOLE 3 /* console terminal */
254 #define F_FORW 4 /* remote machine */
255 #define F_USERS 5 /* list of users */
256 #define F_WALL 6 /* everyone logged on */
257 #define F_PIPE 7 /* pipe to program */
258 #define F_RING 8 /* ring buffer (circular log) */
259
260 const char *TypeNames[] = {
261 "UNUSED", "FILE", "TTY", "CONSOLE",
262 "FORW", "USERS", "WALL", "PIPE",
263 "RING"
264 };
265
266 static struct filed *Files; /* Log files that we write to */
267 static struct filed consfile; /* Console */
268
269 static int Debug; /* debug flag */
270 static int resolve = 1; /* resolve hostname */
271 static char LocalHostName[MAXHOSTNAMELEN]; /* our hostname */
272 static const char *LocalDomain; /* our local domain name */
273 static int *finet; /* Internet datagram socket */
274 static int fklog = -1; /* /dev/klog */
275 static int Initialized; /* set when we have initialized ourselves */
276 static int MarkInterval = 20 * 60; /* interval between marks in seconds */
277 static int MarkSeq; /* mark sequence number */
278 static int SecureMode; /* when true, receive only unix domain socks */
279 #ifdef INET6
280 static int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */
281 #else
282 static int family = PF_INET; /* protocol family (IPv4 only) */
283 #endif
284 static int send_to_all; /* send message to all IPv4/IPv6 addresses */
285 static int use_bootfile; /* log entire bootfile for every kern msg */
286 static int no_compress; /* don't compress messages (1=pipes, 2=all) */
287
288 static char bootfile[MAXLINE+1]; /* booted kernel file */
289
290 struct allowedpeer *AllowedPeers; /* List of allowed peers */
291 static int NumAllowed; /* Number of entries in AllowedPeers */
292
293 static int UniquePriority; /* Only log specified priority? */
294 static int LogFacPri; /* Put facility and priority in log message: */
295 /* 0=no, 1=numeric, 2=names */
296 static int KeepKernFac; /* Keep remotely logged kernel facility */
297 static int needdofsync = 0; /* Are any file(s) waiting to be fsynced? */
298
299 volatile sig_atomic_t MarkSet, WantDie;
300
301 static int allowaddr(char *);
302 static void cfline(const char *, struct filed *,
303 const char *, const char *);
304 static const char *cvthname(struct sockaddr *);
305 static void deadq_enter(pid_t, const char *);
306 static int deadq_remove(pid_t);
307 static int decode(const char *, CODE *);
308 static void die(int);
309 static void dodie(int);
310 static void dofsync(void);
311 static void domark(int);
312 static void fprintlog(struct filed *, int, const char *);
313 static int *socksetup(int, const char *);
314 static void init(int);
315 static void logerror(const char *);
316 static void logmsg(int, const char *, const char *, int);
317 static void log_deadchild(pid_t, int, const char *);
318 static void markit(void);
319 static int skip_message(const char *, const char *, int);
320 static void printline(const char *, char *);
321 static void printsys(char *);
322 static int p_open(const char *, pid_t *);
323 ssize_t rbwrite(struct filed *, char *, size_t);
324 ssize_t rbwritev(struct filed *, struct iovec *, int);
325 static void readklog(void);
326 static void reapchild(int);
327 static void usage(void);
328 static int validate(struct sockaddr *, const char *);
329 static void unmapped(struct sockaddr *);
330 static void wallmsg(struct filed *, struct iovec *);
331 static int waitdaemon(int, int, int);
332 static void timedout(int);
333
334 int
335 main(int argc, char *argv[])
336 {
337 int ch, i, fdsrmax = 0, l;
338 struct sockaddr_un sunx, fromunix;
339 struct sockaddr_storage frominet;
340 fd_set *fdsr = NULL;
341 FILE *fp;
342 char line[MAXLINE + 1];
343 const char *bindhostname, *hname;
344 struct timeval tv, *tvp;
345 struct sigaction sact;
346 sigset_t mask;
347 pid_t ppid = 1;
348 socklen_t len;
349
350 bindhostname = NULL;
351 while ((ch = getopt(argc, argv, "46Aa:b:cdf:kl:m:nop:P:suv")) != -1)
352 switch (ch) {
353 case '4':
354 family = PF_INET;
355 break;
356 #ifdef INET6
357 case '6':
358 family = PF_INET6;
359 break;
360 #endif
361 case 'A':
362 send_to_all++;
363 break;
364 case 'a': /* allow specific network addresses only */
365 if (allowaddr(optarg) == -1)
366 usage();
367 break;
368 case 'b':
369 bindhostname = optarg;
370 break;
371 case 'c':
372 no_compress++;
373 break;
374 case 'd': /* debug */
375 Debug++;
376 break;
377 case 'f': /* configuration file */
378 ConfFile = optarg;
379 break;
380 case 'k': /* keep remote kern fac */
381 KeepKernFac = 1;
382 break;
383 case 'l':
384 if (strlen(optarg) >= sizeof(sunx.sun_path))
385 errx(1, "%s path too long, exiting", optarg);
386 if (nfunix < MAXFUNIX)
387 funixn[nfunix++] = optarg;
388 else
389 warnx("out of descriptors, ignoring %s",
390 optarg);
391 break;
392 case 'm': /* mark interval */
393 MarkInterval = atoi(optarg) * 60;
394 break;
395 case 'n':
396 resolve = 0;
397 break;
398 case 'o':
399 use_bootfile = 1;
400 break;
401 case 'p': /* path */
402 if (strlen(optarg) >= sizeof(sunx.sun_path))
403 errx(1, "%s path too long, exiting", optarg);
404 funixn[0] = optarg;
405 break;
406 case 'P': /* path for alt. PID */
407 PidFile = optarg;
408 break;
409 case 's': /* no network mode */
410 SecureMode++;
411 break;
412 case 'u': /* only log specified priority */
413 UniquePriority++;
414 break;
415 case 'v': /* log facility and priority */
416 LogFacPri++;
417 break;
418 default:
419 usage();
420 }
421 if ((argc -= optind) != 0)
422 usage();
423
424 if (!Debug) {
425 ppid = waitdaemon(0, 0, 30);
426 if (ppid < 0)
427 err(1, "could not become daemon");
428 } else {
429 setlinebuf(stdout);
430 }
431
432 if (NumAllowed)
433 endservent();
434
435 consfile.f_type = F_CONSOLE;
436 strlcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1,
437 sizeof(consfile.f_un.f_fname));
438 strlcpy(bootfile, getbootfile(), sizeof(bootfile));
439 signal(SIGTERM, dodie);
440 signal(SIGINT, Debug ? dodie : SIG_IGN);
441 signal(SIGQUIT, Debug ? dodie : SIG_IGN);
442 /*
443 * We don't want the SIGCHLD and SIGHUP handlers to interfere
444 * with each other; they are likely candidates for being called
445 * simultaneously (SIGHUP closes pipe descriptor, process dies,
446 * SIGCHLD happens).
447 */
448 sigemptyset(&mask);
449 sigaddset(&mask, SIGHUP);
450 sact.sa_handler = reapchild;
451 sact.sa_mask = mask;
452 sact.sa_flags = SA_RESTART;
453 sigaction(SIGCHLD, &sact, NULL);
454 signal(SIGALRM, domark);
455 signal(SIGPIPE, SIG_IGN); /* We'll catch EPIPE instead. */
456 alarm(TIMERINTVL);
457
458 TAILQ_INIT(&deadq_head);
459
460 #ifndef SUN_LEN
461 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2)
462 #endif
463 for (i = 0; i < nfunix; i++) {
464 unlink(funixn[i]);
465 memset(&sunx, 0, sizeof(sunx));
466 sunx.sun_family = AF_UNIX;
467 strlcpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path));
468 funix[i] = socket(AF_UNIX, SOCK_DGRAM, 0);
469 if (funix[i] < 0 ||
470 bind(funix[i], (struct sockaddr *)&sunx,
471 SUN_LEN(&sunx)) < 0 ||
472 chmod(funixn[i], 0666) < 0) {
473 snprintf(line, sizeof line,
474 "cannot create %s", funixn[i]);
475 logerror(line);
476 dprintf("cannot create %s (%d)\n", funixn[i], errno);
477 if (i == 0)
478 die(0);
479 }
480 }
481 if (SecureMode <= 1)
482 finet = socksetup(family, bindhostname);
483
484 if (finet) {
485 if (SecureMode) {
486 for (i = 0; i < *finet; i++) {
487 if (shutdown(finet[i+1], SHUT_RD) < 0) {
488 logerror("shutdown");
489 if (!Debug)
490 die(0);
491 }
492 }
493 } else {
494 dprintf("listening on inet and/or inet6 socket\n");
495 }
496 dprintf("sending on inet and/or inet6 socket\n");
497 }
498
499 if ((fklog = open(_PATH_KLOG, O_RDONLY, 0)) >= 0)
500 if (fcntl(fklog, F_SETFL, O_NONBLOCK) < 0)
501 fklog = -1;
502 if (fklog < 0)
503 dprintf("can't open %s (%d)\n", _PATH_KLOG, errno);
504
505 /* tuck my process id away */
506 fp = fopen(PidFile, "w");
507 if (fp != NULL) {
508 fprintf(fp, "%d\n", getpid());
509 fclose(fp);
510 }
511
512 dprintf("off & running....\n");
513
514 init(0);
515 /* prevent SIGHUP and SIGCHLD handlers from running in parallel */
516 sigemptyset(&mask);
517 sigaddset(&mask, SIGCHLD);
518 sact.sa_handler = init;
519 sact.sa_mask = mask;
520 sact.sa_flags = SA_RESTART;
521 sigaction(SIGHUP, &sact, NULL);
522
523 tvp = &tv;
524 tv.tv_sec = tv.tv_usec = 0;
525
526 if (fklog != -1 && fklog > fdsrmax)
527 fdsrmax = fklog;
528 if (finet && !SecureMode) {
529 for (i = 0; i < *finet; i++) {
530 if (finet[i+1] != -1 && finet[i+1] > fdsrmax)
531 fdsrmax = finet[i+1];
532 }
533 }
534 for (i = 0; i < nfunix; i++) {
535 if (funix[i] != -1 && funix[i] > fdsrmax)
536 fdsrmax = funix[i];
537 }
538
539 fdsr = (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS),
540 sizeof(fd_mask));
541 if (fdsr == NULL)
542 errx(1, "calloc fd_set");
543
544 for (;;) {
545 if (MarkSet)
546 markit();
547 if (WantDie)
548 die(WantDie);
549
550 bzero(fdsr, howmany(fdsrmax+1, NFDBITS) *
551 sizeof(fd_mask));
552
553 if (fklog != -1)
554 FD_SET(fklog, fdsr);
555 if (finet && !SecureMode) {
556 for (i = 0; i < *finet; i++) {
557 if (finet[i+1] != -1)
558 FD_SET(finet[i+1], fdsr);
559 }
560 }
561 for (i = 0; i < nfunix; i++) {
562 if (funix[i] != -1)
563 FD_SET(funix[i], fdsr);
564 }
565
566 i = select(fdsrmax+1, fdsr, NULL, NULL,
567 needdofsync ? &tv : tvp);
568 switch (i) {
569 case 0:
570 dofsync();
571 needdofsync = 0;
572 if (tvp) {
573 tvp = NULL;
574 if (ppid != 1)
575 kill(ppid, SIGALRM);
576 }
577 continue;
578 case -1:
579 if (errno != EINTR)
580 logerror("select");
581 continue;
582 }
583 if (fklog != -1 && FD_ISSET(fklog, fdsr))
584 readklog();
585 if (finet && !SecureMode) {
586 for (i = 0; i < *finet; i++) {
587 if (FD_ISSET(finet[i+1], fdsr)) {
588 len = sizeof(frominet);
589 l = recvfrom(finet[i+1], line, MAXLINE,
590 0, (struct sockaddr *)&frominet,
591 &len);
592 if (l > 0) {
593 line[l] = '\0';
594 hname = cvthname((struct sockaddr *)&frominet);
595 unmapped((struct sockaddr *)&frominet);
596 if (validate((struct sockaddr *)&frominet, hname))
597 printline(hname, line);
598 } else if (l < 0 && errno != EINTR)
599 logerror("recvfrom inet");
600 }
601 }
602 }
603 for (i = 0; i < nfunix; i++) {
604 if (funix[i] != -1 && FD_ISSET(funix[i], fdsr)) {
605 len = sizeof(fromunix);
606 l = recvfrom(funix[i], line, MAXLINE, 0,
607 (struct sockaddr *)&fromunix, &len);
608 if (l > 0) {
609 line[l] = '\0';
610 printline(LocalHostName, line);
611 } else if (l < 0 && errno != EINTR)
612 logerror("recvfrom unix");
613 }
614 }
615 }
616 if (fdsr)
617 free(fdsr);
618 }
619
620 static void
621 unmapped(struct sockaddr *sa)
622 {
623 struct sockaddr_in6 *sin6;
624 struct sockaddr_in sin4;
625
626 if (sa->sa_family != AF_INET6)
627 return;
628 if (sa->sa_len != sizeof(struct sockaddr_in6) ||
629 sizeof(sin4) > sa->sa_len)
630 return;
631 sin6 = (struct sockaddr_in6 *)sa;
632 if (!IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
633 return;
634
635 memset(&sin4, 0, sizeof(sin4));
636 sin4.sin_family = AF_INET;
637 sin4.sin_len = sizeof(struct sockaddr_in);
638 memcpy(&sin4.sin_addr, &sin6->sin6_addr.s6_addr[12],
639 sizeof(sin4.sin_addr));
640 sin4.sin_port = sin6->sin6_port;
641
642 memcpy(sa, &sin4, sin4.sin_len);
643 }
644
645 static void
646 usage(void)
647 {
648
649 fprintf(stderr, "%s\n%s\n%s\n%s\n",
650 "usage: syslogd [-46Acdknosuv] [-a allowed_peer]",
651 " [-b bind address] [-f config_file]",
652 " [-l log_socket] [-m mark_interval]",
653 " [-P pid_file] [-p log_socket]");
654 exit(1);
655 }
656
657 /*
658 * Take a raw input line, decode the message, and print the message
659 * on the appropriate log files.
660 */
661 static void
662 printline(const char *hname, char *msg)
663 {
664 char *p, *q;
665 long n;
666 int c, pri;
667 char line[MAXLINE + 1];
668
669 /* test for special codes */
670 p = msg;
671 pri = DEFUPRI;
672 if (*p == '<') {
673 errno = 0;
674 n = strtol(p + 1, &q, 10);
675 if (*q == '>' && n >= 0 && n < INT_MAX && errno == 0) {
676 p = q + 1;
677 pri = n;
678 }
679 }
680 if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
681 pri = DEFUPRI;
682
683 /*
684 * Don't allow users to log kernel messages.
685 * NOTE: since LOG_KERN == 0 this will also match
686 * messages with no facility specified.
687 */
688 if ((pri & LOG_FACMASK) == LOG_KERN && !KeepKernFac)
689 pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
690
691 q = line;
692
693 while ((c = (unsigned char)*p++) != '\0' &&
694 q < &line[sizeof(line) - 4]) {
695 if ((c & 0x80) && c < 0xA0) {
696 c &= 0x7F;
697 *q++ = 'M';
698 *q++ = '-';
699 }
700 if (isascii(c) && iscntrl(c)) {
701 if (c == '\n') {
702 *q++ = ' ';
703 } else if (c == '\t') {
704 *q++ = '\t';
705 } else {
706 *q++ = '^';
707 *q++ = c ^ 0100;
708 }
709 } else {
710 *q++ = c;
711 }
712 }
713 *q = '\0';
714
715 logmsg(pri, line, hname, 0);
716 }
717
718 /*
719 * Read /dev/klog while data are available, split into lines.
720 */
721 static void
722 readklog(void)
723 {
724 char *p, *q, line[MAXLINE + 1];
725 int len, i;
726
727 len = 0;
728 for (;;) {
729 i = read(fklog, line + len, MAXLINE - 1 - len);
730 if (i > 0) {
731 line[i + len] = '\0';
732 } else {
733 if (i < 0 && errno != EINTR && errno != EAGAIN) {
734 logerror("klog");
735 fklog = -1;
736 }
737 break;
738 }
739
740 for (p = line; (q = strchr(p, '\n')) != NULL; p = q + 1) {
741 *q = '\0';
742 printsys(p);
743 }
744 len = strlen(p);
745 if (len >= MAXLINE - 1) {
746 printsys(p);
747 len = 0;
748 }
749 if (len > 0)
750 memmove(line, p, len + 1);
751 }
752 if (len > 0)
753 printsys(line);
754 }
755
756 /*
757 * Take a raw input line from /dev/klog, format similar to syslog().
758 */
759 static void
760 printsys(char *msg)
761 {
762 char *p, *q;
763 long n;
764 int flags, isprintf, pri;
765
766 flags = ISKERNEL | SYNC_FILE | ADDDATE; /* fsync after write */
767 p = msg;
768 pri = DEFSPRI;
769 isprintf = 1;
770 if (*p == '<') {
771 errno = 0;
772 n = strtol(p + 1, &q, 10);
773 if (*q == '>' && n >= 0 && n < INT_MAX && errno == 0) {
774 p = q + 1;
775 pri = n;
776 isprintf = 0;
777 }
778 }
779 /*
780 * Kernel printf's and LOG_CONSOLE messages have been displayed
781 * on the console already.
782 */
783 if (isprintf || (pri & LOG_FACMASK) == LOG_CONSOLE)
784 flags |= IGN_CONS;
785 if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
786 pri = DEFSPRI;
787 logmsg(pri, p, LocalHostName, flags);
788 }
789
790 static time_t now;
791
792 /*
793 * Match a program or host name against a specification.
794 * Return a non-0 value if the message must be ignored
795 * based on the specification.
796 */
797 static int
798 skip_message(const char *name, const char *spec, int checkcase) {
799 const char *s;
800 char prev, next;
801 int exclude = 0;
802 /* Behaviour on explicit match */
803
804 if (spec == NULL)
805 return 0;
806 switch (*spec) {
807 case '-':
808 exclude = 1;
809 /*FALLTHROUGH*/
810 case '+':
811 spec++;
812 break;
813 default:
814 break;
815 }
816 if (checkcase)
817 s = strstr (spec, name);
818 else
819 s = strcasestr (spec, name);
820
821 if (s != NULL) {
822 prev = (s == spec ? ',' : *(s - 1));
823 next = *(s + strlen (name));
824
825 if (prev == ',' && (next == '\0' || next == ','))
826 /* Explicit match: skip iff the spec is an
827 exclusive one. */
828 return exclude;
829 }
830
831 /* No explicit match for this name: skip the message iff
832 the spec is an inclusive one. */
833 return !exclude;
834 }
835
836 /*
837 * Log a message to the appropriate log files, users, etc. based on
838 * the priority.
839 */
840 static void
841 logmsg(int pri, const char *msg, const char *from, int flags)
842 {
843 struct filed *f;
844 int i, fac, msglen, omask, prilev;
845 const char *timestamp;
846 char prog[NAME_MAX+1];
847 char buf[MAXLINE+1];
848
849 dprintf("logmsg: pri %o, flags %x, from %s, msg %s\n",
850 pri, flags, from, msg);
851
852 omask = sigblock(sigmask(SIGHUP)|sigmask(SIGALRM));
853
854 /*
855 * Check to see if msg looks non-standard.
856 */
857 msglen = strlen(msg);
858 if (msglen < 16 || msg[3] != ' ' || msg[6] != ' ' ||
859 msg[9] != ':' || msg[12] != ':' || msg[15] != ' ')
860 flags |= ADDDATE;
861
862 time(&now);
863 if (flags & ADDDATE) {
864 timestamp = ctime(&now) + 4;
865 } else {
866 timestamp = msg;
867 msg += 16;
868 msglen -= 16;
869 }
870
871 /* skip leading blanks */
872 while (isspace(*msg)) {
873 msg++;
874 msglen--;
875 }
876
877 /* extract facility and priority level */
878 if (flags & MARK)
879 fac = LOG_NFACILITIES;
880 else
881 fac = LOG_FAC(pri);
882 prilev = LOG_PRI(pri);
883
884 /* extract program name */
885 for (i = 0; i < NAME_MAX; i++) {
886 if (!isprint(msg[i]) || msg[i] == ':' || msg[i] == '[' ||
887 msg[i] == '/')
888 break;
889 prog[i] = msg[i];
890 }
891 prog[i] = 0;
892
893 /* add kernel prefix for kernel messages */
894 if (flags & ISKERNEL) {
895 snprintf(buf, sizeof(buf), "%s: %s",
896 use_bootfile ? bootfile : "kernel", msg);
897 msg = buf;
898 msglen = strlen(buf);
899 }
900
901 /* log the message to the particular outputs */
902 if (!Initialized) {
903 f = &consfile;
904 f->f_file = open(ctty, O_WRONLY, 0);
905
906 if (f->f_file >= 0) {
907 strlcpy(f->f_lasttime, timestamp,
908 sizeof(f->f_lasttime));
909 fprintlog(f, flags, msg);
910 close(f->f_file);
911 }
912 sigsetmask(omask);
913 return;
914 }
915 for (f = Files; f; f = f->f_next) {
916 /* skip messages that are incorrect priority */
917 if (!(((f->f_pcmp[fac] & PRI_EQ) && (f->f_pmask[fac] == prilev))
918 ||((f->f_pcmp[fac] & PRI_LT) && (f->f_pmask[fac] < prilev))
919 ||((f->f_pcmp[fac] & PRI_GT) && (f->f_pmask[fac] > prilev))
920 )
921 || f->f_pmask[fac] == INTERNAL_NOPRI)
922 continue;
923
924 /* skip messages with the incorrect hostname */
925 if (skip_message(from, f->f_host, 0))
926 continue;
927
928 /* skip messages with the incorrect program name */
929 if (skip_message(prog, f->f_program, 1))
930 continue;
931
932 /* skip message to console if it has already been printed */
933 if (f->f_type == F_CONSOLE && (flags & IGN_CONS))
934 continue;
935
936 /* don't output marks to recently written files */
937 if ((flags & MARK) && (now - f->f_time) < MarkInterval / 2)
938 continue;
939
940 /*
941 * suppress duplicate lines to this file
942 */
943 if (no_compress - (f->f_type != F_PIPE) < 1 &&
944 (flags & MARK) == 0 && msglen == f->f_prevlen &&
945 !strcmp(msg, f->f_prevline) &&
946 !strcasecmp(from, f->f_prevhost)) {
947 strlcpy(f->f_lasttime, timestamp,
948 sizeof(f->f_lasttime));
949 f->f_prevcount++;
950 dprintf("msg repeated %d times, %ld sec of %d\n",
951 f->f_prevcount, (long)(now - f->f_time),
952 repeatinterval[f->f_repeatcount]);
953 /*
954 * If domark would have logged this by now,
955 * flush it now (so we don't hold isolated messages),
956 * but back off so we'll flush less often
957 * in the future.
958 */
959 if (now > REPEATTIME(f)) {
960 fprintlog(f, flags, (char *)NULL);
961 BACKOFF(f);
962 }
963 } else {
964 /* new line, save it */
965 if (f->f_prevcount)
966 fprintlog(f, 0, (char *)NULL);
967 f->f_repeatcount = 0;
968 f->f_prevpri = pri;
969 strlcpy(f->f_lasttime, timestamp,
970 sizeof(f->f_lasttime));
971 strlcpy(f->f_prevhost, from,
972 sizeof(f->f_prevhost));
973 if (msglen < MAXSVLINE) {
974 f->f_prevlen = msglen;
975 strlcpy(f->f_prevline, msg, sizeof(f->f_prevline));
976 fprintlog(f, flags, (char *)NULL);
977 } else {
978 f->f_prevline[0] = 0;
979 f->f_prevlen = 0;
980 fprintlog(f, flags, msg);
981 }
982 }
983 }
984 sigsetmask(omask);
985 }
986
987 static void
988 dofsync(void)
989 {
990 struct filed *f;
991
992 for (f = Files; f; f = f->f_next) {
993 if ((f->f_type == F_FILE) &&
994 (f->f_flags & FFLAG_NEEDSYNC)) {
995 f->f_flags &= ~FFLAG_NEEDSYNC;
996 fsync(f->f_file);
997 }
998 }
999 }
1000
1001 static void
1002 fprintlog(struct filed *f, int flags, const char *msg)
1003 {
1004 struct iovec iov[7];
1005 struct iovec *v;
1006 struct addrinfo *r;
1007 int i, l, lsent = 0;
1008 char line[MAXLINE + 1], repbuf[80], greetings[200], *wmsg = NULL;
1009 char nul[] = "", space[] = " ", lf[] = "\n", crlf[] = "\r\n";
1010 const char *msgret;
1011
1012 v = iov;
1013 if (f->f_type == F_WALL) {
1014 v->iov_base = greetings;
1015 v->iov_len = snprintf(greetings, sizeof greetings,
1016 "\r\n\7Message from syslogd@%s at %.24s ...\r\n",
1017 f->f_prevhost, ctime(&now));
1018 if (v->iov_len > 0)
1019 v++;
1020 v->iov_base = nul;
1021 v->iov_len = 0;
1022 v++;
1023 } else {
1024 v->iov_base = f->f_lasttime;
1025 v->iov_len = 15;
1026 v++;
1027 v->iov_base = space;
1028 v->iov_len = 1;
1029 v++;
1030 }
1031
1032 if (LogFacPri) {
1033 static char fp_buf[30]; /* Hollow laugh */
1034 int fac = f->f_prevpri & LOG_FACMASK;
1035 int pri = LOG_PRI(f->f_prevpri);
1036 const char *f_s = NULL;
1037 char f_n[5]; /* Hollow laugh */
1038 const char *p_s = NULL;
1039 char p_n[5]; /* Hollow laugh */
1040
1041 if (LogFacPri > 1) {
1042 CODE *c;
1043
1044 for (c = facilitynames; c->c_name; c++) {
1045 if (c->c_val == fac) {
1046 f_s = c->c_name;
1047 break;
1048 }
1049 }
1050 for (c = prioritynames; c->c_name; c++) {
1051 if (c->c_val == pri) {
1052 p_s = c->c_name;
1053 break;
1054 }
1055 }
1056 }
1057 if (!f_s) {
1058 snprintf(f_n, sizeof f_n, "%d", LOG_FAC(fac));
1059 f_s = f_n;
1060 }
1061 if (!p_s) {
1062 snprintf(p_n, sizeof p_n, "%d", pri);
1063 p_s = p_n;
1064 }
1065 snprintf(fp_buf, sizeof fp_buf, "<%s.%s> ", f_s, p_s);
1066 v->iov_base = fp_buf;
1067 v->iov_len = strlen(fp_buf);
1068 } else {
1069 v->iov_base = nul;
1070 v->iov_len = 0;
1071 }
1072 v++;
1073
1074 v->iov_base = f->f_prevhost;
1075 v->iov_len = strlen(v->iov_base);
1076 v++;
1077 v->iov_base = space;
1078 v->iov_len = 1;
1079 v++;
1080
1081 if (msg) {
1082 wmsg = strdup(msg); /* XXX iov_base needs a `const' sibling. */
1083 if (wmsg == NULL) {
1084 logerror("strdup");
1085 exit(1);
1086 }
1087 v->iov_base = wmsg;
1088 v->iov_len = strlen(msg);
1089 } else if (f->f_prevcount > 1) {
1090 v->iov_base = repbuf;
1091 v->iov_len = snprintf(repbuf, sizeof repbuf,
1092 "last message repeated %d times", f->f_prevcount);
1093 } else {
1094 v->iov_base = f->f_prevline;
1095 v->iov_len = f->f_prevlen;
1096 }
1097 v++;
1098
1099 dprintf("Logging to %s", TypeNames[f->f_type]);
1100 f->f_time = now;
1101
1102 switch (f->f_type) {
1103 case F_UNUSED:
1104 dprintf("\n");
1105 break;
1106
1107 case F_FORW:
1108 dprintf(" %s\n", f->f_un.f_forw.f_hname);
1109 /* check for local vs remote messages */
1110 if (strcasecmp(f->f_prevhost, LocalHostName))
1111 l = snprintf(line, sizeof line - 1,
1112 "<%d>%.15s Forwarded from %s: %s",
1113 f->f_prevpri, (char *)iov[0].iov_base,
1114 f->f_prevhost, (char *)iov[5].iov_base);
1115 else
1116 l = snprintf(line, sizeof line - 1, "<%d>%.15s %s",
1117 f->f_prevpri, (char *)iov[0].iov_base,
1118 (char *)iov[5].iov_base);
1119 if (l < 0)
1120 l = 0;
1121 else if (l > MAXLINE)
1122 l = MAXLINE;
1123
1124 if (finet) {
1125 for (r = f->f_un.f_forw.f_addr; r; r = r->ai_next) {
1126 for (i = 0; i < *finet; i++) {
1127 #if 0
1128 /*
1129 * should we check AF first, or just
1130 * trial and error? FWD
1131 */
1132 if (r->ai_family ==
1133 address_family_of(finet[i+1]))
1134 #endif
1135 lsent = sendto(finet[i+1], line, l, 0,
1136 r->ai_addr, r->ai_addrlen);
1137 if (lsent == l)
1138 break;
1139 }
1140 if (lsent == l && !send_to_all)
1141 break;
1142 }
1143 dprintf("lsent/l: %d/%d\n", lsent, l);
1144 if (lsent != l) {
1145 int e = errno;
1146 logerror("sendto");
1147 errno = e;
1148 switch (errno) {
1149 case EHOSTUNREACH:
1150 case EHOSTDOWN:
1151 break;
1152 /* case EBADF: */
1153 /* case EACCES: */
1154 /* case ENOTSOCK: */
1155 /* case EFAULT: */
1156 /* case EMSGSIZE: */
1157 /* case EAGAIN: */
1158 /* case ENOBUFS: */
1159 /* case ECONNREFUSED: */
1160 default:
1161 dprintf("removing entry\n");
1162 f->f_type = F_UNUSED;
1163 break;
1164 }
1165 }
1166 }
1167 break;
1168
1169 case F_FILE:
1170 dprintf(" %s\n", f->f_un.f_fname);
1171 v->iov_base = lf;
1172 v->iov_len = 1;
1173 if (writev(f->f_file, iov, 7) < 0) {
1174 int e = errno;
1175 close(f->f_file);
1176 f->f_type = F_UNUSED;
1177 errno = e;
1178 logerror(f->f_un.f_fname);
1179 } else if ((flags & SYNC_FILE) && (f->f_flags & FFLAG_SYNC)) {
1180 f->f_flags |= FFLAG_NEEDSYNC;
1181 needdofsync = 1;
1182 }
1183 break;
1184
1185 case F_RING:
1186 dprintf(" %s\n", f->f_un.f_ring.f_rname);
1187 v->iov_base = "\n";
1188 v->iov_len = 1;
1189 if (rbwritev(f, iov, 7) == -1) {
1190 int e = errno;
1191 munmap(f->f_un.f_ring.f_footer,
1192 sizeof(struct clog_footer));
1193 close(f->f_file);
1194 f->f_type = F_UNUSED;
1195 errno = e;
1196 logerror(f->f_un.f_fname);
1197 }
1198 break;
1199
1200 case F_PIPE:
1201 dprintf(" %s\n", f->f_un.f_pipe.f_pname);
1202 v->iov_base = lf;
1203 v->iov_len = 1;
1204 if (f->f_un.f_pipe.f_pid == 0) {
1205 if ((f->f_file = p_open(f->f_un.f_pipe.f_pname,
1206 &f->f_un.f_pipe.f_pid)) < 0) {
1207 f->f_type = F_UNUSED;
1208 logerror(f->f_un.f_pipe.f_pname);
1209 break;
1210 }
1211 }
1212 if (writev(f->f_file, iov, 7) < 0) {
1213 int e = errno;
1214 close(f->f_file);
1215 if (f->f_un.f_pipe.f_pid > 0)
1216 deadq_enter(f->f_un.f_pipe.f_pid,
1217 f->f_un.f_pipe.f_pname);
1218 f->f_un.f_pipe.f_pid = 0;
1219 errno = e;
1220 logerror(f->f_un.f_pipe.f_pname);
1221 }
1222 break;
1223
1224 case F_CONSOLE:
1225 if (flags & IGN_CONS) {
1226 dprintf(" (ignored)\n");
1227 break;
1228 }
1229 /* FALLTHROUGH */
1230
1231 case F_TTY:
1232 dprintf(" %s%s\n", _PATH_DEV, f->f_un.f_fname);
1233 v->iov_base = crlf;
1234 v->iov_len = 2;
1235
1236 errno = 0; /* ttymsg() only sometimes returns an errno */
1237 if ((msgret = ttymsg(iov, 7, f->f_un.f_fname, 10))) {
1238 f->f_type = F_UNUSED;
1239 logerror(msgret);
1240 }
1241 break;
1242
1243 case F_USERS:
1244 case F_WALL:
1245 dprintf("\n");
1246 v->iov_base = crlf;
1247 v->iov_len = 2;
1248 wallmsg(f, iov);
1249 break;
1250 }
1251 f->f_prevcount = 0;
1252 if (msg)
1253 free(wmsg);
1254 }
1255
1256 /*
1257 * WALLMSG -- Write a message to the world at large
1258 *
1259 * Write the specified message to either the entire
1260 * world, or a list of approved users.
1261 */
1262 static void
1263 wallmsg(struct filed *f, struct iovec *iov)
1264 {
1265 static int reenter; /* avoid calling ourselves */
1266 FILE *uf;
1267 struct utmp ut;
1268 int i;
1269 const char *p;
1270 char line[sizeof(ut.ut_line) + 1];
1271
1272 if (reenter++)
1273 return;
1274 if ((uf = fopen(_PATH_UTMP, "r")) == NULL) {
1275 logerror(_PATH_UTMP);
1276 reenter = 0;
1277 return;
1278 }
1279 /* NOSTRICT */
1280 while (fread((char *)&ut, sizeof(ut), 1, uf) == 1) {
1281 if (ut.ut_name[0] == '\0')
1282 continue;
1283 /* We must use strncpy since ut_* may not be NUL terminated. */
1284 strncpy(line, ut.ut_line, sizeof(line) - 1);
1285 line[sizeof(line) - 1] = '\0';
1286 if (f->f_type == F_WALL) {
1287 if ((p = ttymsg(iov, 7, line, TTYMSGTIME)) != NULL) {
1288 errno = 0; /* already in msg */
1289 logerror(p);
1290 }
1291 continue;
1292 }
1293 /* should we send the message to this user? */
1294 for (i = 0; i < MAXUNAMES; i++) {
1295 if (!f->f_un.f_uname[i][0])
1296 break;
1297 if (!strncmp(f->f_un.f_uname[i], ut.ut_name,
1298 UT_NAMESIZE)) {
1299 if ((p = ttymsg(iov, 7, line, TTYMSGTIME))
1300 != NULL) {
1301 errno = 0; /* already in msg */
1302 logerror(p);
1303 }
1304 break;
1305 }
1306 }
1307 }
1308 fclose(uf);
1309 reenter = 0;
1310 }
1311
1312 static void
1313 reapchild(int signo __unused)
1314 {
1315 int status;
1316 pid_t pid;
1317 struct filed *f;
1318
1319 while ((pid = wait3(&status, WNOHANG, (struct rusage *)NULL)) > 0) {
1320 if (!Initialized)
1321 /* Don't tell while we are initting. */
1322 continue;
1323
1324 /* First, look if it's a process from the dead queue. */
1325 if (deadq_remove(pid))
1326 goto oncemore;
1327
1328 /* Now, look in list of active processes. */
1329 for (f = Files; f; f = f->f_next)
1330 if (f->f_type == F_PIPE &&
1331 f->f_un.f_pipe.f_pid == pid) {
1332 close(f->f_file);
1333 f->f_un.f_pipe.f_pid = 0;
1334 log_deadchild(pid, status,
1335 f->f_un.f_pipe.f_pname);
1336 break;
1337 }
1338 oncemore:
1339 continue;
1340 }
1341 }
1342
1343 /*
1344 * Return a printable representation of a host address.
1345 */
1346 static const char *
1347 cvthname(struct sockaddr *f)
1348 {
1349 int error, hl;
1350 sigset_t omask, nmask;
1351 static char hname[NI_MAXHOST], ip[NI_MAXHOST];
1352
1353 error = getnameinfo((struct sockaddr *)f,
1354 ((struct sockaddr *)f)->sa_len,
1355 ip, sizeof ip, NULL, 0,
1356 NI_NUMERICHOST | withscopeid);
1357 dprintf("cvthname(%s)\n", ip);
1358
1359 if (error) {
1360 dprintf("Malformed from address %s\n", gai_strerror(error));
1361 return ("???");
1362 }
1363 if (!resolve)
1364 return (ip);
1365
1366 sigemptyset(&nmask);
1367 sigaddset(&nmask, SIGHUP);
1368 sigprocmask(SIG_BLOCK, &nmask, &omask);
1369 error = getnameinfo((struct sockaddr *)f,
1370 ((struct sockaddr *)f)->sa_len,
1371 hname, sizeof hname, NULL, 0,
1372 NI_NAMEREQD | withscopeid);
1373 sigprocmask(SIG_SETMASK, &omask, NULL);
1374 if (error) {
1375 dprintf("Host name for your address (%s) unknown\n", ip);
1376 return (ip);
1377 }
1378 hl = strlen(hname);
1379 if (hl > 0 && hname[hl-1] == '.')
1380 hname[--hl] = '\0';
1381 trimdomain(hname, hl);
1382 return (hname);
1383 }
1384
1385 static void
1386 dodie(int signo)
1387 {
1388
1389 WantDie = signo;
1390 }
1391
1392 static void
1393 domark(int signo __unused)
1394 {
1395
1396 MarkSet = 1;
1397 }
1398
1399 /*
1400 * Print syslogd errors some place.
1401 */
1402 static void
1403 logerror(const char *type)
1404 {
1405 char buf[512];
1406 static int recursed = 0;
1407
1408 /* If there's an error while trying to log an error, give up. */
1409 if (recursed)
1410 return;
1411 recursed++;
1412 if (errno)
1413 snprintf(buf,
1414 sizeof buf, "syslogd: %s: %s", type, strerror(errno));
1415 else
1416 snprintf(buf, sizeof buf, "syslogd: %s", type);
1417 errno = 0;
1418 dprintf("%s\n", buf);
1419 logmsg(LOG_SYSLOG|LOG_ERR, buf, LocalHostName, ADDDATE);
1420 recursed--;
1421 }
1422
1423 static void
1424 die(int signo)
1425 {
1426 struct filed *f;
1427 int was_initialized;
1428 char buf[100];
1429 int i;
1430
1431 was_initialized = Initialized;
1432 Initialized = 0; /* Don't log SIGCHLDs. */
1433 for (f = Files; f != NULL; f = f->f_next) {
1434 /* flush any pending output */
1435 if (f->f_prevcount)
1436 fprintlog(f, 0, (char *)NULL);
1437 if (f->f_type == F_PIPE && f->f_un.f_pipe.f_pid > 0) {
1438 close(f->f_file);
1439 f->f_un.f_pipe.f_pid = 0;
1440 }
1441 }
1442 Initialized = was_initialized;
1443 if (signo) {
1444 dprintf("syslogd: exiting on signal %d\n", signo);
1445 snprintf(buf, sizeof(buf), "exiting on signal %d", signo);
1446 errno = 0;
1447 logerror(buf);
1448 }
1449 for (i = 0; i < nfunix; i++)
1450 if (funixn[i] && funix[i] != -1)
1451 unlink(funixn[i]);
1452 exit(1);
1453 }
1454
1455 /*
1456 * INIT -- Initialize syslogd from configuration table
1457 */
1458 static void
1459 init(int signo)
1460 {
1461 int i;
1462 FILE *cf;
1463 struct filed *f, *next, **nextp;
1464 char *p;
1465 char cline[LINE_MAX];
1466 char prog[NAME_MAX+1];
1467 char host[MAXHOSTNAMELEN];
1468 char oldLocalHostName[MAXHOSTNAMELEN];
1469 char hostMsg[2*MAXHOSTNAMELEN+40];
1470 char bootfileMsg[LINE_MAX];
1471
1472 dprintf("init\n");
1473
1474 /*
1475 * Load hostname (may have changed).
1476 */
1477 if (signo != 0)
1478 strlcpy(oldLocalHostName, LocalHostName,
1479 sizeof(oldLocalHostName));
1480 if (gethostname(LocalHostName, sizeof(LocalHostName)))
1481 err(EX_OSERR, "gethostname() failed");
1482 if ((p = strchr(LocalHostName, '.')) != NULL) {
1483 *p++ = '\0';
1484 LocalDomain = p;
1485 } else {
1486 LocalDomain = "";
1487 }
1488
1489 /*
1490 * Close all open log files.
1491 */
1492 Initialized = 0;
1493 for (f = Files; f != NULL; f = next) {
1494 /* flush any pending output */
1495 if (f->f_prevcount)
1496 fprintlog(f, 0, (char *)NULL);
1497
1498 switch (f->f_type) {
1499 case F_FILE:
1500 case F_FORW:
1501 case F_CONSOLE:
1502 case F_TTY:
1503 close(f->f_file);
1504 break;
1505 case F_PIPE:
1506 if (f->f_un.f_pipe.f_pid > 0) {
1507 close(f->f_file);
1508 deadq_enter(f->f_un.f_pipe.f_pid,
1509 f->f_un.f_pipe.f_pname);
1510 }
1511 f->f_un.f_pipe.f_pid = 0;
1512 break;
1513 case F_RING:
1514 munmap(f->f_un.f_ring.f_footer,
1515 sizeof(struct clog_footer));
1516 close(f->f_file);
1517 break;
1518 }
1519 next = f->f_next;
1520 if (f->f_program) free(f->f_program);
1521 if (f->f_host) free(f->f_host);
1522 free((char *)f);
1523 }
1524 Files = NULL;
1525 nextp = &Files;
1526
1527 /* open the configuration file */
1528 if ((cf = fopen(ConfFile, "r")) == NULL) {
1529 dprintf("cannot open %s\n", ConfFile);
1530 *nextp = (struct filed *)calloc(1, sizeof(*f));
1531 if (*nextp == NULL) {
1532 logerror("calloc");
1533 exit(1);
1534 }
1535 cfline("*.ERR\t/dev/console", *nextp, "*", "*");
1536 (*nextp)->f_next = (struct filed *)calloc(1, sizeof(*f));
1537 if ((*nextp)->f_next == NULL) {
1538 logerror("calloc");
1539 exit(1);
1540 }
1541 cfline("*.PANIC\t*", (*nextp)->f_next, "*", "*");
1542 Initialized = 1;
1543 return;
1544 }
1545
1546 /*
1547 * Foreach line in the conf table, open that file.
1548 */
1549 f = NULL;
1550 strlcpy(host, "*", sizeof(host));
1551 strlcpy(prog, "*", sizeof(prog));
1552 while (fgets(cline, sizeof(cline), cf) != NULL) {
1553 /*
1554 * check for end-of-section, comments, strip off trailing
1555 * spaces and newline character. #!prog is treated specially:
1556 * following lines apply only to that program.
1557 */
1558 for (p = cline; isspace(*p); ++p)
1559 continue;
1560 if (*p == 0)
1561 continue;
1562 if (*p == '#') {
1563 p++;
1564 if (*p != '!' && *p != '+' && *p != '-')
1565 continue;
1566 }
1567 if (*p == '+' || *p == '-') {
1568 host[0] = *p++;
1569 while (isspace(*p))
1570 p++;
1571 if ((!*p) || (*p == '*')) {
1572 strlcpy(host, "*", sizeof(host));
1573 continue;
1574 }
1575 if (*p == '@')
1576 p = LocalHostName;
1577 for (i = 1; i < MAXHOSTNAMELEN - 1; i++) {
1578 if (!isalnum(*p) && *p != '.' && *p != '-'
1579 && *p != ',')
1580 break;
1581 host[i] = *p++;
1582 }
1583 host[i] = '\0';
1584 continue;
1585 }
1586 if (*p == '!') {
1587 p++;
1588 while (isspace(*p)) p++;
1589 if ((!*p) || (*p == '*')) {
1590 strlcpy(prog, "*", sizeof(prog));
1591 continue;
1592 }
1593 for (i = 0; i < NAME_MAX; i++) {
1594 if (!isprint(p[i]))
1595 break;
1596 prog[i] = p[i];
1597 }
1598 prog[i] = 0;
1599 continue;
1600 }
1601 for (i = strlen(cline) - 1; i >= 0 && isspace(cline[i]); i--)
1602 cline[i] = '\0';
1603 f = (struct filed *)calloc(1, sizeof(*f));
1604 if (f == NULL) {
1605 logerror("calloc");
1606 exit(1);
1607 }
1608 *nextp = f;
1609 nextp = &f->f_next;
1610 cfline(cline, f, prog, host);
1611 }
1612
1613 /* close the configuration file */
1614 fclose(cf);
1615
1616 Initialized = 1;
1617
1618 if (Debug) {
1619 for (f = Files; f; f = f->f_next) {
1620 for (i = 0; i <= LOG_NFACILITIES; i++)
1621 if (f->f_pmask[i] == INTERNAL_NOPRI)
1622 printf("X ");
1623 else
1624 printf("%d ", f->f_pmask[i]);
1625 printf("%s: ", TypeNames[f->f_type]);
1626 switch (f->f_type) {
1627 case F_FILE:
1628 printf("%s", f->f_un.f_fname);
1629 break;
1630
1631 case F_CONSOLE:
1632 case F_TTY:
1633 printf("%s%s", _PATH_DEV, f->f_un.f_fname);
1634 break;
1635
1636 case F_FORW:
1637 printf("%s", f->f_un.f_forw.f_hname);
1638 break;
1639
1640 case F_RING:
1641 printf("%s", f->f_un.f_ring.f_rname);
1642 break;
1643
1644 case F_PIPE:
1645 printf("%s", f->f_un.f_pipe.f_pname);
1646 break;
1647
1648 case F_USERS:
1649 for (i = 0; i < MAXUNAMES && *f->f_un.f_uname[i]; i++)
1650 printf("%s, ", f->f_un.f_uname[i]);
1651 break;
1652 }
1653 if (f->f_program)
1654 printf(" (%s)", f->f_program);
1655 printf("\n");
1656 }
1657 }
1658
1659 logmsg(LOG_SYSLOG|LOG_INFO, "syslogd: restart", LocalHostName, ADDDATE);
1660 dprintf("syslogd: restarted\n");
1661 /*
1662 * Log a change in hostname, but only on a restart.
1663 */
1664 if (signo != 0 && strcmp(oldLocalHostName, LocalHostName) != 0) {
1665 snprintf(hostMsg, sizeof(hostMsg),
1666 "syslogd: hostname changed, \"%s\" to \"%s\"",
1667 oldLocalHostName, LocalHostName);
1668 logmsg(LOG_SYSLOG|LOG_INFO, hostMsg, LocalHostName, ADDDATE);
1669 dprintf("%s\n", hostMsg);
1670 }
1671 /*
1672 * Log the kernel boot file if we aren't going to use it as
1673 * the prefix, and if this is *not* a restart.
1674 */
1675 if (signo == 0 && !use_bootfile) {
1676 snprintf(bootfileMsg, sizeof(bootfileMsg),
1677 "syslogd: kernel boot file is %s", bootfile);
1678 logmsg(LOG_KERN|LOG_INFO, bootfileMsg, LocalHostName, ADDDATE);
1679 dprintf("%s\n", bootfileMsg);
1680 }
1681 }
1682
1683 /*
1684 * Crack a configuration file line
1685 */
1686 static void
1687 cfline(const char *line, struct filed *f, const char *prog, const char *host)
1688 {
1689 struct addrinfo hints, *res;
1690 int error, i, pri, syncfile;
1691 const char *p, *q;
1692 char *bp;
1693 char buf[MAXLINE], ebuf[100];
1694 struct stat sb;
1695
1696 dprintf("cfline(\"%s\", f, \"%s\", \"%s\")\n", line, prog, host);
1697
1698 errno = 0; /* keep strerror() stuff out of logerror messages */
1699
1700 /* clear out file entry */
1701 memset(f, 0, sizeof(*f));
1702 for (i = 0; i <= LOG_NFACILITIES; i++)
1703 f->f_pmask[i] = INTERNAL_NOPRI;
1704
1705 /* save hostname if any */
1706 if (host && *host == '*')
1707 host = NULL;
1708 if (host) {
1709 int hl;
1710
1711 f->f_host = strdup(host);
1712 if (f->f_host == NULL) {
1713 logerror("strdup");
1714 exit(1);
1715 }
1716 hl = strlen(f->f_host);
1717 if (hl > 0 && f->f_host[hl-1] == '.')
1718 f->f_host[--hl] = '\0';
1719 trimdomain(f->f_host, hl);
1720 }
1721
1722 /* save program name if any */
1723 if (prog && *prog == '*')
1724 prog = NULL;
1725 if (prog) {
1726 f->f_program = strdup(prog);
1727 if (f->f_program == NULL) {
1728 logerror("strdup");
1729 exit(1);
1730 }
1731 }
1732
1733 /* scan through the list of selectors */
1734 for (p = line; *p && *p != '\t' && *p != ' ';) {
1735 int pri_done;
1736 int pri_cmp;
1737 int pri_invert;
1738
1739 /* find the end of this facility name list */
1740 for (q = p; *q && *q != '\t' && *q != ' ' && *q++ != '.'; )
1741 continue;
1742
1743 /* get the priority comparison */
1744 pri_cmp = 0;
1745 pri_done = 0;
1746 pri_invert = 0;
1747 if (*q == '!') {
1748 pri_invert = 1;
1749 q++;
1750 }
1751 while (!pri_done) {
1752 switch (*q) {
1753 case '<':
1754 pri_cmp |= PRI_LT;
1755 q++;
1756 break;
1757 case '=':
1758 pri_cmp |= PRI_EQ;
1759 q++;
1760 break;
1761 case '>':
1762 pri_cmp |= PRI_GT;
1763 q++;
1764 break;
1765 default:
1766 pri_done++;
1767 break;
1768 }
1769 }
1770
1771 /* collect priority name */
1772 for (bp = buf; *q && !strchr("\t,; ", *q); )
1773 *bp++ = *q++;
1774 *bp = '\0';
1775
1776 /* skip cruft */
1777 while (strchr(",;", *q))
1778 q++;
1779
1780 /* decode priority name */
1781 if (*buf == '*') {
1782 pri = LOG_PRIMASK + 1;
1783 pri_cmp = PRI_LT | PRI_EQ | PRI_GT;
1784 } else {
1785 /* Ignore trailing spaces. */
1786 for (i = strlen(buf) - 1; i >= 0 && buf[i] == ' '; i--)
1787 buf[i] = '\0';
1788
1789 pri = decode(buf, prioritynames);
1790 if (pri < 0) {
1791 snprintf(ebuf, sizeof ebuf,
1792 "unknown priority name \"%s\"", buf);
1793 logerror(ebuf);
1794 return;
1795 }
1796 }
1797 if (!pri_cmp)
1798 pri_cmp = (UniquePriority)
1799 ? (PRI_EQ)
1800 : (PRI_EQ | PRI_GT)
1801 ;
1802 if (pri_invert)
1803 pri_cmp ^= PRI_LT | PRI_EQ | PRI_GT;
1804
1805 /* scan facilities */
1806 while (*p && !strchr("\t.; ", *p)) {
1807 for (bp = buf; *p && !strchr("\t,;. ", *p); )
1808 *bp++ = *p++;
1809 *bp = '\0';
1810
1811 if (*buf == '*') {
1812 for (i = 0; i < LOG_NFACILITIES; i++) {
1813 f->f_pmask[i] = pri;
1814 f->f_pcmp[i] = pri_cmp;
1815 }
1816 } else {
1817 i = decode(buf, facilitynames);
1818 if (i < 0) {
1819 snprintf(ebuf, sizeof ebuf,
1820 "unknown facility name \"%s\"",
1821 buf);
1822 logerror(ebuf);
1823 return;
1824 }
1825 f->f_pmask[i >> 3] = pri;
1826 f->f_pcmp[i >> 3] = pri_cmp;
1827 }
1828 while (*p == ',' || *p == ' ')
1829 p++;
1830 }
1831
1832 p = q;
1833 }
1834
1835 /* skip to action part */
1836 while (*p == '\t' || *p == ' ')
1837 p++;
1838
1839 if (*p == '-') {
1840 syncfile = 0;
1841 p++;
1842 } else
1843 syncfile = 1;
1844
1845 switch (*p) {
1846 case '@':
1847 strlcpy(f->f_un.f_forw.f_hname, ++p,
1848 sizeof(f->f_un.f_forw.f_hname));
1849 memset(&hints, 0, sizeof(hints));
1850 hints.ai_family = family;
1851 hints.ai_socktype = SOCK_DGRAM;
1852 error = getaddrinfo(f->f_un.f_forw.f_hname, "syslog", &hints,
1853 &res);
1854 if (error) {
1855 logerror(gai_strerror(error));
1856 break;
1857 }
1858 f->f_un.f_forw.f_addr = res;
1859 f->f_type = F_FORW;
1860 break;
1861
1862 case '/':
1863 if ((f->f_file = open(p, O_WRONLY|O_APPEND, 0)) < 0) {
1864 f->f_type = F_UNUSED;
1865 logerror(p);
1866 break;
1867 }
1868 if (syncfile)
1869 f->f_flags |= FFLAG_SYNC;
1870 if (isatty(f->f_file)) {
1871 if (strcmp(p, ctty) == 0)
1872 f->f_type = F_CONSOLE;
1873 else
1874 f->f_type = F_TTY;
1875 strlcpy(f->f_un.f_fname, p + sizeof(_PATH_DEV) - 1,
1876 sizeof(f->f_un.f_fname));
1877 } else {
1878 strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname));
1879 f->f_type = F_FILE;
1880 }
1881 break;
1882
1883 case '%':
1884 if ((f->f_file = open(p + 1, O_RDWR, 0 )) < 0) {
1885 f->f_type = F_UNUSED;
1886 logerror(p + 1);
1887 break;
1888 }
1889 if (fstat(f->f_file,&sb) < 0) {
1890 close(f->f_file);
1891 f->f_type = F_UNUSED;
1892 logerror(p+1);
1893 break;
1894 }
1895 f->f_un.f_ring.f_footer =
1896 mmap(NULL, sizeof(struct clog_footer),
1897 PROT_READ|PROT_WRITE, MAP_SHARED,
1898 f->f_file, sb.st_size-sizeof(struct clog_footer));
1899 if (f->f_un.f_ring.f_footer == NULL) {
1900 close(f->f_file);
1901 f->f_type = F_UNUSED;
1902 logerror(p + 1);
1903 break;
1904 }
1905 if (memcmp(&(f->f_un.f_ring.f_footer->cf_magic), MAGIC_CONST, 4) != 0) {
1906 munmap(f->f_un.f_ring.f_footer,
1907 sizeof(struct clog_footer));
1908 close(f->f_file);
1909 f->f_type = F_UNUSED;
1910 errno = ENODEV;
1911 logerror(p + 1);
1912 break;
1913 }
1914 f->f_un.f_ring.f_size = sb.st_size;
1915 strcpy(f->f_un.f_ring.f_rname, p + 1);
1916 f->f_type = F_RING;
1917 break;
1918
1919 case '|':
1920 f->f_un.f_pipe.f_pid = 0;
1921 strlcpy(f->f_un.f_fname, p + 1, sizeof(f->f_un.f_fname));
1922 f->f_type = F_PIPE;
1923 break;
1924
1925 case '*':
1926 f->f_type = F_WALL;
1927 break;
1928
1929 default:
1930 for (i = 0; i < MAXUNAMES && *p; i++) {
1931 for (q = p; *q && *q != ','; )
1932 q++;
1933 strncpy(f->f_un.f_uname[i], p, UT_NAMESIZE);
1934 if ((q - p) > UT_NAMESIZE)
1935 f->f_un.f_uname[i][UT_NAMESIZE] = '\0';
1936 else
1937 f->f_un.f_uname[i][q - p] = '\0';
1938 while (*q == ',' || *q == ' ')
1939 q++;
1940 p = q;
1941 }
1942 f->f_type = F_USERS;
1943 break;
1944 }
1945 }
1946
1947
1948 /*
1949 * Decode a symbolic name to a numeric value
1950 */
1951 static int
1952 decode(const char *name, CODE *codetab)
1953 {
1954 CODE *c;
1955 char *p, buf[40];
1956
1957 if (isdigit(*name))
1958 return (atoi(name));
1959
1960 for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) {
1961 if (isupper(*name))
1962 *p = tolower(*name);
1963 else
1964 *p = *name;
1965 }
1966 *p = '\0';
1967 for (c = codetab; c->c_name; c++)
1968 if (!strcmp(buf, c->c_name))
1969 return (c->c_val);
1970
1971 return (-1);
1972 }
1973
1974 static void
1975 markit(void)
1976 {
1977 struct filed *f;
1978 dq_t q, next;
1979
1980 now = time((time_t *)NULL);
1981 MarkSeq += TIMERINTVL;
1982 if (MarkSeq >= MarkInterval) {
1983 logmsg(LOG_INFO, "-- MARK --",
1984 LocalHostName, ADDDATE|MARK);
1985 MarkSeq = 0;
1986 }
1987
1988 for (f = Files; f; f = f->f_next) {
1989 if (f->f_prevcount && now >= REPEATTIME(f)) {
1990 dprintf("flush %s: repeated %d times, %d sec.\n",
1991 TypeNames[f->f_type], f->f_prevcount,
1992 repeatinterval[f->f_repeatcount]);
1993 fprintlog(f, 0, (char *)NULL);
1994 BACKOFF(f);
1995 }
1996 }
1997
1998 /* Walk the dead queue, and see if we should signal somebody. */
1999 for (q = TAILQ_FIRST(&deadq_head); q != NULL; q = next) {
2000 next = TAILQ_NEXT(q, dq_entries);
2001
2002 switch (q->dq_timeout) {
2003 case 0:
2004 /* Already signalled once, try harder now. */
2005 if (kill(q->dq_pid, SIGKILL) != 0)
2006 deadq_remove(q->dq_pid);
2007 break;
2008
2009 case 1:
2010 /*
2011 * Timed out on dead queue, send terminate
2012 * signal. Note that we leave the removal
2013 * from the dead queue to reapchild(), which
2014 * will also log the event (unless the process
2015 * didn't even really exist, in case we simply
2016 * drop it from the dead queue).
2017 */
2018 if (kill(q->dq_pid, SIGTERM) != 0)
2019 deadq_remove(q->dq_pid);
2020 /* FALLTHROUGH */
2021
2022 default:
2023 q->dq_timeout--;
2024 }
2025 }
2026 MarkSet = 0;
2027 alarm(TIMERINTVL);
2028 }
2029
2030 /*
2031 * fork off and become a daemon, but wait for the child to come online
2032 * before returing to the parent, or we get disk thrashing at boot etc.
2033 * Set a timer so we don't hang forever if it wedges.
2034 */
2035 static int
2036 waitdaemon(int nochdir, int noclose, int maxwait)
2037 {
2038 int fd;
2039 int status;
2040 pid_t pid, childpid;
2041
2042 switch (childpid = fork()) {
2043 case -1:
2044 return (-1);
2045 case 0:
2046 break;
2047 default:
2048 signal(SIGALRM, timedout);
2049 alarm(maxwait);
2050 while ((pid = wait3(&status, 0, NULL)) != -1) {
2051 if (WIFEXITED(status))
2052 errx(1, "child pid %d exited with return code %d",
2053 pid, WEXITSTATUS(status));
2054 if (WIFSIGNALED(status))
2055 errx(1, "child pid %d exited on signal %d%s",
2056 pid, WTERMSIG(status),
2057 WCOREDUMP(status) ? " (core dumped)" :
2058 "");
2059 if (pid == childpid) /* it's gone... */
2060 break;
2061 }
2062 exit(0);
2063 }
2064
2065 if (setsid() == -1)
2066 return (-1);
2067
2068 if (!nochdir)
2069 chdir("/");
2070
2071 if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
2072 dup2(fd, STDIN_FILENO);
2073 dup2(fd, STDOUT_FILENO);
2074 dup2(fd, STDERR_FILENO);
2075 if (fd > 2)
2076 close (fd);
2077 }
2078 return (getppid());
2079 }
2080
2081 /*
2082 * We get a SIGALRM from the child when it's running and finished doing it's
2083 * fsync()'s or O_SYNC writes for all the boot messages.
2084 *
2085 * We also get a signal from the kernel if the timer expires, so check to
2086 * see what happened.
2087 */
2088 static void
2089 timedout(int sig __unused)
2090 {
2091 int left;
2092 left = alarm(0);
2093 signal(SIGALRM, SIG_DFL);
2094 if (left == 0)
2095 errx(1, "timed out waiting for child");
2096 else
2097 _exit(0);
2098 }
2099
2100 /*
2101 * Add `s' to the list of allowable peer addresses to accept messages
2102 * from.
2103 *
2104 * `s' is a string in the form:
2105 *
2106 * [*]domainname[:{servicename|portnumber|*}]
2107 *
2108 * or
2109 *
2110 * netaddr/maskbits[:{servicename|portnumber|*}]
2111 *
2112 * Returns -1 on error, 0 if the argument was valid.
2113 */
2114 static int
2115 allowaddr(char *s)
2116 {
2117 char *cp1, *cp2;
2118 struct allowedpeer ap;
2119 struct servent *se;
2120 int masklen = -1, i;
2121 struct addrinfo hints, *res;
2122 struct in_addr *addrp, *maskp;
2123 u_int32_t *addr6p, *mask6p;
2124 char ip[NI_MAXHOST];
2125
2126 #ifdef INET6
2127 if (*s != '[' || (cp1 = strchr(s + 1, ']')) == NULL)
2128 #endif
2129 cp1 = s;
2130 if ((cp1 = strrchr(cp1, ':'))) {
2131 /* service/port provided */
2132 *cp1++ = '\0';
2133 if (strlen(cp1) == 1 && *cp1 == '*')
2134 /* any port allowed */
2135 ap.port = 0;
2136 else if ((se = getservbyname(cp1, "udp"))) {
2137 ap.port = ntohs(se->s_port);
2138 } else {
2139 ap.port = strtol(cp1, &cp2, 0);
2140 if (*cp2 != '\0')
2141 return (-1); /* port not numeric */
2142 }
2143 } else {
2144 if ((se = getservbyname("syslog", "udp")))
2145 ap.port = ntohs(se->s_port);
2146 else
2147 /* sanity, should not happen */
2148 ap.port = 514;
2149 }
2150
2151 if ((cp1 = strchr(s, '/')) != NULL &&
2152 strspn(cp1 + 1, "0123456789") == strlen(cp1 + 1)) {
2153 *cp1 = '\0';
2154 if ((masklen = atoi(cp1 + 1)) < 0)
2155 return (-1);
2156 }
2157 #ifdef INET6
2158 if (*s == '[') {
2159 cp2 = s + strlen(s) - 1;
2160 if (*cp2 == ']') {
2161 ++s;
2162 *cp2 = '\0';
2163 } else {
2164 cp2 = NULL;
2165 }
2166 } else {
2167 cp2 = NULL;
2168 }
2169 #endif
2170 memset(&hints, 0, sizeof(hints));
2171 hints.ai_family = PF_UNSPEC;
2172 hints.ai_socktype = SOCK_DGRAM;
2173 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
2174 if (getaddrinfo(s, NULL, &hints, &res) == 0) {
2175 ap.isnumeric = 1;
2176 memcpy(&ap.a_addr, res->ai_addr, res->ai_addrlen);
2177 memset(&ap.a_mask, 0, sizeof(ap.a_mask));
2178 ap.a_mask.ss_family = res->ai_family;
2179 if (res->ai_family == AF_INET) {
2180 ap.a_mask.ss_len = sizeof(struct sockaddr_in);
2181 maskp = &((struct sockaddr_in *)&ap.a_mask)->sin_addr;
2182 addrp = &((struct sockaddr_in *)&ap.a_addr)->sin_addr;
2183 if (masklen < 0) {
2184 /* use default netmask */
2185 if (IN_CLASSA(ntohl(addrp->s_addr)))
2186 maskp->s_addr = htonl(IN_CLASSA_NET);
2187 else if (IN_CLASSB(ntohl(addrp->s_addr)))
2188 maskp->s_addr = htonl(IN_CLASSB_NET);
2189 else
2190 maskp->s_addr = htonl(IN_CLASSC_NET);
2191 } else if (masklen <= 32) {
2192 /* convert masklen to netmask */
2193 if (masklen == 0)
2194 maskp->s_addr = 0;
2195 else
2196 maskp->s_addr = htonl(~((1 << (32 - masklen)) - 1));
2197 } else {
2198 freeaddrinfo(res);
2199 return (-1);
2200 }
2201 /* Lose any host bits in the network number. */
2202 addrp->s_addr &= maskp->s_addr;
2203 }
2204 #ifdef INET6
2205 else if (res->ai_family == AF_INET6 && masklen <= 128) {
2206 ap.a_mask.ss_len = sizeof(struct sockaddr_in6);
2207 if (masklen < 0)
2208 masklen = 128;
2209 mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr;
2210 /* convert masklen to netmask */
2211 while (masklen > 0) {
2212 if (masklen < 32) {
2213 *mask6p = htonl(~(0xffffffff >> masklen));
2214 break;
2215 }
2216 *mask6p++ = 0xffffffff;
2217 masklen -= 32;
2218 }
2219 /* Lose any host bits in the network number. */
2220 mask6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_mask)->sin6_addr;
2221 addr6p = (u_int32_t *)&((struct sockaddr_in6 *)&ap.a_addr)->sin6_addr;
2222 for (i = 0; i < 4; i++)
2223 addr6p[i] &= mask6p[i];
2224 }
2225 #endif
2226 else {
2227 freeaddrinfo(res);
2228 return (-1);
2229 }
2230 freeaddrinfo(res);
2231 } else {
2232 /* arg `s' is domain name */
2233 ap.isnumeric = 0;
2234 ap.a_name = s;
2235 if (cp1)
2236 *cp1 = '/';
2237 #ifdef INET6
2238 if (cp2) {
2239 *cp2 = ']';
2240 --s;
2241 }
2242 #endif
2243 }
2244
2245 if (Debug) {
2246 printf("allowaddr: rule %d: ", NumAllowed);
2247 if (ap.isnumeric) {
2248 printf("numeric, ");
2249 getnameinfo((struct sockaddr *)&ap.a_addr,
2250 ((struct sockaddr *)&ap.a_addr)->sa_len,
2251 ip, sizeof ip, NULL, 0,
2252 NI_NUMERICHOST | withscopeid);
2253 printf("addr = %s, ", ip);
2254 getnameinfo((struct sockaddr *)&ap.a_mask,
2255 ((struct sockaddr *)&ap.a_mask)->sa_len,
2256 ip, sizeof ip, NULL, 0,
2257 NI_NUMERICHOST | withscopeid);
2258 printf("mask = %s; ", ip);
2259 } else {
2260 printf("domainname = %s; ", ap.a_name);
2261 }
2262 printf("port = %d\n", ap.port);
2263 }
2264
2265 if ((AllowedPeers = realloc(AllowedPeers,
2266 ++NumAllowed * sizeof(struct allowedpeer)))
2267 == NULL) {
2268 logerror("realloc");
2269 exit(1);
2270 }
2271 memcpy(&AllowedPeers[NumAllowed - 1], &ap, sizeof(struct allowedpeer));
2272 return (0);
2273 }
2274
2275 /*
2276 * Validate that the remote peer has permission to log to us.
2277 */
2278 static int
2279 validate(struct sockaddr *sa, const char *hname)
2280 {
2281 int i, j, reject;
2282 size_t l1, l2;
2283 char *cp, name[NI_MAXHOST], ip[NI_MAXHOST], port[NI_MAXSERV];
2284 struct allowedpeer *ap;
2285 struct sockaddr_in *sin4, *a4p = NULL, *m4p = NULL;
2286 struct sockaddr_in6 *sin6, *a6p = NULL, *m6p = NULL;
2287 struct addrinfo hints, *res;
2288 u_short sport;
2289
2290 if (NumAllowed == 0)
2291 /* traditional behaviour, allow everything */
2292 return (1);
2293
2294 strlcpy(name, hname, sizeof(name));
2295 memset(&hints, 0, sizeof(hints));
2296 hints.ai_family = PF_UNSPEC;
2297 hints.ai_socktype = SOCK_DGRAM;
2298 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
2299 if (getaddrinfo(name, NULL, &hints, &res) == 0)
2300 freeaddrinfo(res);
2301 else if (strchr(name, '.') == NULL) {
2302 strlcat(name, ".", sizeof name);
2303 strlcat(name, LocalDomain, sizeof name);
2304 }
2305 if (getnameinfo(sa, sa->sa_len, ip, sizeof ip, port, sizeof port,
2306 NI_NUMERICHOST | withscopeid | NI_NUMERICSERV) != 0)
2307 return (0); /* for safety, should not occur */
2308 dprintf("validate: dgram from IP %s, port %s, name %s;\n",
2309 ip, port, name);
2310 sport = atoi(port);
2311
2312 /* now, walk down the list */
2313 for (i = 0, ap = AllowedPeers; i < NumAllowed; i++, ap++) {
2314 if (ap->port != 0 && ap->port != sport) {
2315 dprintf("rejected in rule %d due to port mismatch.\n", i);
2316 continue;
2317 }
2318
2319 if (ap->isnumeric) {
2320 if (ap->a_addr.ss_family != sa->sa_family) {
2321 dprintf("rejected in rule %d due to address family mismatch.\n", i);
2322 continue;
2323 }
2324 if (ap->a_addr.ss_family == AF_INET) {
2325 sin4 = (struct sockaddr_in *)sa;
2326 a4p = (struct sockaddr_in *)&ap->a_addr;
2327 m4p = (struct sockaddr_in *)&ap->a_mask;
2328 if ((sin4->sin_addr.s_addr & m4p->sin_addr.s_addr)
2329 != a4p->sin_addr.s_addr) {
2330 dprintf("rejected in rule %d due to IP mismatch.\n", i);
2331 continue;
2332 }
2333 }
2334 #ifdef INET6
2335 else if (ap->a_addr.ss_family == AF_INET6) {
2336 sin6 = (struct sockaddr_in6 *)sa;
2337 a6p = (struct sockaddr_in6 *)&ap->a_addr;
2338 m6p = (struct sockaddr_in6 *)&ap->a_mask;
2339 #ifdef NI_WITHSCOPEID
2340 if (a6p->sin6_scope_id != 0 &&
2341 sin6->sin6_scope_id != a6p->sin6_scope_id) {
2342 dprintf("rejected in rule %d due to scope mismatch.\n", i);
2343 continue;
2344 }
2345 #endif
2346 reject = 0;
2347 for (j = 0; j < 16; j += 4) {
2348 if ((*(u_int32_t *)&sin6->sin6_addr.s6_addr[j] & *(u_int32_t *)&m6p->sin6_addr.s6_addr[j])
2349 != *(u_int32_t *)&a6p->sin6_addr.s6_addr[j]) {
2350 ++reject;
2351 break;
2352 }
2353 }
2354 if (reject) {
2355 dprintf("rejected in rule %d due to IP mismatch.\n", i);
2356 continue;
2357 }
2358 }
2359 #endif
2360 else
2361 continue;
2362 } else {
2363 cp = ap->a_name;
2364 l1 = strlen(name);
2365 if (*cp == '*') {
2366 /* allow wildmatch */
2367 cp++;
2368 l2 = strlen(cp);
2369 if (l2 > l1 || memcmp(cp, &name[l1 - l2], l2) != 0) {
2370 dprintf("rejected in rule %d due to name mismatch.\n", i);
2371 continue;
2372 }
2373 } else {
2374 /* exact match */
2375 l2 = strlen(cp);
2376 if (l2 != l1 || memcmp(cp, name, l1) != 0) {
2377 dprintf("rejected in rule %d due to name mismatch.\n", i);
2378 continue;
2379 }
2380 }
2381 }
2382 dprintf("accepted in rule %d.\n", i);
2383 return (1); /* hooray! */
2384 }
2385 return (0);
2386 }
2387
2388 /*
2389 * Fairly similar to popen(3), but returns an open descriptor, as
2390 * opposed to a FILE *.
2391 */
2392 static int
2393 p_open(const char *prog, pid_t *rpid)
2394 {
2395 int pfd[2], nulldesc, i;
2396 pid_t pid;
2397 sigset_t omask, mask;
2398 char *argv[4]; /* sh -c cmd NULL */
2399 char errmsg[200];
2400
2401 if (pipe(pfd) == -1)
2402 return (-1);
2403 if ((nulldesc = open(_PATH_DEVNULL, O_RDWR)) == -1)
2404 /* we are royally screwed anyway */
2405 return (-1);
2406
2407 sigemptyset(&mask);
2408 sigaddset(&mask, SIGALRM);
2409 sigaddset(&mask, SIGHUP);
2410 sigprocmask(SIG_BLOCK, &mask, &omask);
2411 switch ((pid = fork())) {
2412 case -1:
2413 sigprocmask(SIG_SETMASK, &omask, 0);
2414 close(nulldesc);
2415 return (-1);
2416
2417 case 0:
2418 argv[0] = strdup("sh");
2419 argv[1] = strdup("-c");
2420 argv[2] = strdup(prog);
2421 argv[3] = NULL;
2422 if (argv[0] == NULL || argv[1] == NULL || argv[2] == NULL) {
2423 logerror("strdup");
2424 exit(1);
2425 }
2426
2427 alarm(0);
2428 setsid(); /* Avoid catching SIGHUPs. */
2429
2430 /*
2431 * Throw away pending signals, and reset signal
2432 * behaviour to standard values.
2433 */
2434 signal(SIGALRM, SIG_IGN);
2435 signal(SIGHUP, SIG_IGN);
2436 sigprocmask(SIG_SETMASK, &omask, 0);
2437 signal(SIGPIPE, SIG_DFL);
2438 signal(SIGQUIT, SIG_DFL);
2439 signal(SIGALRM, SIG_DFL);
2440 signal(SIGHUP, SIG_DFL);
2441
2442 dup2(pfd[0], STDIN_FILENO);
2443 dup2(nulldesc, STDOUT_FILENO);
2444 dup2(nulldesc, STDERR_FILENO);
2445 for (i = getdtablesize(); i > 2; i--)
2446 close(i);
2447
2448 execvp(_PATH_BSHELL, argv);
2449 _exit(255);
2450 }
2451
2452 sigprocmask(SIG_SETMASK, &omask, 0);
2453 close(nulldesc);
2454 close(pfd[0]);
2455 /*
2456 * Avoid blocking on a hung pipe. With O_NONBLOCK, we are
2457 * supposed to get an EWOULDBLOCK on writev(2), which is
2458 * caught by the logic above anyway, which will in turn close
2459 * the pipe, and fork a new logging subprocess if necessary.
2460 * The stale subprocess will be killed some time later unless
2461 * it terminated itself due to closing its input pipe (so we
2462 * get rid of really dead puppies).
2463 */
2464 if (fcntl(pfd[1], F_SETFL, O_NONBLOCK) == -1) {
2465 /* This is bad. */
2466 snprintf(errmsg, sizeof errmsg,
2467 "Warning: cannot change pipe to PID %d to "
2468 "non-blocking behaviour.",
2469 (int)pid);
2470 logerror(errmsg);
2471 }
2472 *rpid = pid;
2473 return (pfd[1]);
2474 }
2475
2476 static void
2477 deadq_enter(pid_t pid, const char *name)
2478 {
2479 dq_t p;
2480 int status;
2481
2482 /*
2483 * Be paranoid, if we can't signal the process, don't enter it
2484 * into the dead queue (perhaps it's already dead). If possible,
2485 * we try to fetch and log the child's status.
2486 */
2487 if (kill(pid, 0) != 0) {
2488 if (waitpid(pid, &status, WNOHANG) > 0)
2489 log_deadchild(pid, status, name);
2490 return;
2491 }
2492
2493 p = malloc(sizeof(struct deadq_entry));
2494 if (p == NULL) {
2495 logerror("malloc");
2496 exit(1);
2497 }
2498
2499 p->dq_pid = pid;
2500 p->dq_timeout = DQ_TIMO_INIT;
2501 TAILQ_INSERT_TAIL(&deadq_head, p, dq_entries);
2502 }
2503
2504 static int
2505 deadq_remove(pid_t pid)
2506 {
2507 dq_t q;
2508
2509 TAILQ_FOREACH(q, &deadq_head, dq_entries) {
2510 if (q->dq_pid == pid) {
2511 TAILQ_REMOVE(&deadq_head, q, dq_entries);
2512 free(q);
2513 return (1);
2514 }
2515 }
2516
2517 return (0);
2518 }
2519
2520 static void
2521 log_deadchild(pid_t pid, int status, const char *name)
2522 {
2523 int code;
2524 char buf[256];
2525 const char *reason;
2526
2527 errno = 0; /* Keep strerror() stuff out of logerror messages. */
2528 if (WIFSIGNALED(status)) {
2529 reason = "due to signal";
2530 code = WTERMSIG(status);
2531 } else {
2532 reason = "with status";
2533 code = WEXITSTATUS(status);
2534 if (code == 0)
2535 return;
2536 }
2537 snprintf(buf, sizeof buf,
2538 "Logging subprocess %d (%s) exited %s %d.",
2539 pid, name, reason, code);
2540 logerror(buf);
2541 }
2542
2543 static int *
2544 socksetup(int af, const char *bindhostname)
2545 {
2546 struct addrinfo hints, *res, *r;
2547 int error, maxs, *s, *socks;
2548
2549 memset(&hints, 0, sizeof(hints));
2550 hints.ai_flags = AI_PASSIVE;
2551 hints.ai_family = af;
2552 hints.ai_socktype = SOCK_DGRAM;
2553 error = getaddrinfo(bindhostname, "syslog", &hints, &res);
2554 if (error) {
2555 logerror(gai_strerror(error));
2556 errno = 0;
2557 die(0);
2558 }
2559
2560 /* Count max number of sockets we may open */
2561 for (maxs = 0, r = res; r; r = r->ai_next, maxs++);
2562 socks = malloc((maxs+1) * sizeof(int));
2563 if (socks == NULL) {
2564 logerror("couldn't allocate memory for sockets");
2565 die(0);
2566 }
2567
2568 *socks = 0; /* num of sockets counter at start of array */
2569 s = socks + 1;
2570 for (r = res; r; r = r->ai_next) {
2571 *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol);
2572 if (*s < 0) {
2573 logerror("socket");
2574 continue;
2575 }
2576 if (r->ai_family == AF_INET6) {
2577 int on = 1;
2578 if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY,
2579 (char *)&on, sizeof (on)) < 0) {
2580 logerror("setsockopt");
2581 close(*s);
2582 continue;
2583 }
2584 }
2585 if (bind(*s, r->ai_addr, r->ai_addrlen) < 0) {
2586 close(*s);
2587 logerror("bind");
2588 continue;
2589 }
2590
2591 (*socks)++;
2592 s++;
2593 }
2594
2595 if (*socks == 0) {
2596 free(socks);
2597 if (Debug)
2598 return (NULL);
2599 else
2600 die(0);
2601 }
2602 if (res)
2603 freeaddrinfo(res);
2604
2605 return (socks);
2606 }
2607
2608 ssize_t
2609 rbwritev(struct filed *f, struct iovec *iov, int iovcnt)
2610 {
2611 int i;
2612 ssize_t out = 0;
2613 ssize_t error;
2614
2615 for (i = 0; i < iovcnt; i++) {
2616 error = rbwrite(f, iov[i].iov_base, iov[i].iov_len);
2617 if (error == -1)
2618 return (-1);
2619 out += error;
2620 }
2621 return (out);
2622 }
2623
2624
2625 ssize_t
2626 rbwrite(struct filed *f, char *buf, size_t nbytes)
2627 {
2628 size_t maxwrite;
2629 ssize_t error;
2630 ssize_t out;
2631
2632 maxwrite = f->f_un.f_ring.f_footer->cf_max -
2633 f->f_un.f_ring.f_footer->cf_next;
2634 out = 0;
2635
2636 f->f_un.f_ring.f_footer->cf_lock = 1;
2637 while (nbytes > 0) {
2638 maxwrite = f->f_un.f_ring.f_footer->cf_max -
2639 f->f_un.f_ring.f_footer->cf_next;
2640 if (maxwrite > nbytes)
2641 maxwrite = nbytes;
2642 error = pwrite(f->f_file, buf, maxwrite,
2643 f->f_un.f_ring.f_footer->cf_next);
2644 if (error == -1) {
2645 f->f_un.f_ring.f_footer->cf_lock = 0;
2646 return (-1);
2647 }
2648 nbytes -= error;
2649 out += error;
2650 buf += error;
2651 f->f_un.f_ring.f_footer->cf_next += error;
2652 if (f->f_un.f_ring.f_footer->cf_next ==
2653 f->f_un.f_ring.f_footer->cf_max) {
2654 f->f_un.f_ring.f_footer->cf_next = 0;
2655 f->f_un.f_ring.f_footer->cf_wrap = 1;
2656 }
2657
2658 }
2659
2660 f->f_un.f_ring.f_footer->cf_lock = 0;
2661 return (out);
2662 }
DragonFly vkernel multiprocessor port