diff --git a/usr.sbin/syslogd/syslogd.h b/usr.sbin/syslogd/syslogd.h new file mode 100644 --- /dev/null +++ b/usr.sbin/syslogd/syslogd.h @@ -0,0 +1,269 @@ +/*- + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright (c) 1983, 1988, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2018 Prodrive Technologies, https://prodrive-technologies.com/ + * Author: Ed Schouten + * Copyright (c) 2023 The FreeBSD Foundation + * + * This software was developed by Jake Freeland + * under sponsorship from the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef _SYSLOGD_H_ +#define _SYSLOGD_H_ + +#include +#include +#include + +#define SYSLOG_NAMES +#include + +#include +#include +#include +#include + +#define MAXLINE 8192 /* maximum line length */ +#define MAXSVLINE MAXLINE /* maximum saved line length */ +#define MAXUNAMES 20 /* maximum number of user names */ +#define DEFUPRI (LOG_USER|LOG_NOTICE) +#define DEFSPRI (LOG_KERN|LOG_CRIT) +#define TIMERINTVL 30 /* interval for checking flush, mark */ +#define TTYMSGTIME 1 /* timeout passed to ttymsg */ +#define RCVBUF_MINSIZE (80 * 1024) /* minimum size of dgram rcv buffer */ + +#define sstosa(ss) ((struct sockaddr *)(ss)) +#ifdef INET +#define sstosin(ss) ((struct sockaddr_in *)(void *)(ss)) +#define satosin(sa) ((struct sockaddr_in *)(void *)(sa)) +#endif +#ifdef INET6 +#define sstosin6(ss) ((struct sockaddr_in6 *)(void *)(ss)) +#define satosin6(sa) ((struct sockaddr_in6 *)(void *)(sa)) +#define s6_addr32 __u6_addr.__u6_addr32 +#define IN6_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \ + (((d)->s6_addr32[0] ^ (a)->s6_addr32[0]) & (m)->s6_addr32[0]) == 0 && \ + (((d)->s6_addr32[1] ^ (a)->s6_addr32[1]) & (m)->s6_addr32[1]) == 0 && \ + (((d)->s6_addr32[2] ^ (a)->s6_addr32[2]) & (m)->s6_addr32[2]) == 0 && \ + (((d)->s6_addr32[3] ^ (a)->s6_addr32[3]) & (m)->s6_addr32[3]) == 0 ) +#endif + +/* + * Sockets used for logging; monitored by kevent(). + */ +struct socklist { + struct addrinfo sl_ai; +#define sl_sa sl_ai.ai_addr +#define sl_salen sl_ai.ai_addrlen +#define sl_family sl_ai.ai_family + int sl_socket; + const char *sl_name; + int (*sl_recv)(struct socklist *); + STAILQ_ENTRY(socklist) next; +}; + +/* + * Flags to logmsg(). + */ + +#define IGN_CONS 0x001 /* don't print on console */ +#define SYNC_FILE 0x002 /* do fsync on file after printing */ +#define MARK 0x008 /* this message is a mark */ +#define ISKERNEL 0x010 /* kernel generated message */ + +/* Timestamps of log entries. */ +struct logtime { + struct tm tm; + suseconds_t usec; +}; + +/* Traditional syslog timestamp format. */ +#define RFC3164_DATELEN 15 +#define RFC3164_DATEFMT "%b %e %H:%M:%S" + +enum filt_proptype { + FILT_PROP_NOOP, + FILT_PROP_MSG, + FILT_PROP_HOSTNAME, + FILT_PROP_PROGNAME, +}; + +enum filt_cmptype { + FILT_CMP_CONTAINS, + FILT_CMP_EQUAL, + FILT_CMP_STARTS, + FILT_CMP_REGEX, +}; + +/* + * This structure holds a property-based filter + */ +struct prop_filter { + enum filt_proptype prop_type; + enum filt_cmptype cmp_type; + uint8_t cmp_flags; +#define FILT_FLAG_EXCLUDE (1 << 0) +#define FILT_FLAG_ICASE (1 << 1) + union { + char *p_strval; + regex_t *p_re; + } pflt_uniptr; +#define pflt_strval pflt_uniptr.p_strval +#define pflt_re pflt_uniptr.p_re + size_t pflt_strlen; +}; + +enum f_type { + F_UNUSED, /* unused entry */ + F_FILE, /* regular file */ + F_TTY, /* terminal */ + F_CONSOLE, /* console terminal */ + F_FORW, /* remote machine */ + F_USERS, /* list of users */ + F_WALL, /* everyone logged on */ + F_PIPE, /* pipe to program */ +}; + +/* + * This structure represents the files that will have log + * copies printed. + * We require f_file to be valid if f_type is F_FILE, F_CONSOLE, F_TTY + * or if f_type is F_PIPE and f_pid > 0. + */ +struct filed { + enum f_type f_type; + + /* Used for filtering. */ + char *f_host; /* host from which to recd. */ + char *f_program; /* program this applies to */ + struct prop_filter *f_prop_filter; /* property-based filter */ + u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */ + u_char f_pcmp[LOG_NFACILITIES+1]; /* compare priority */ +#define PRI_LT 0x1 +#define PRI_EQ 0x2 +#define PRI_GT 0x4 + + /* Logging destinations. */ + int f_file; /* file descriptor */ + int f_flags; /* file-specific flags */ +#define FFLAG_SYNC 0x01 +#define FFLAG_NEEDSYNC 0x02 + union { + char f_uname[MAXUNAMES][MAXLOGNAME]; /* F_WALL, F_USERS */ + char f_fname[MAXPATHLEN]; /* F_FILE, F_CONSOLE, F_TTY */ + struct { + char f_hname[MAXHOSTNAMELEN]; + struct addrinfo *f_addr; + } f_forw; /* F_FORW */ + struct { + char f_pname[MAXPATHLEN]; + int f_procdesc; + } f_pipe; /* F_PIPE */ + } f_un; +#define fu_uname f_un.f_uname +#define fu_fname f_un.f_fname +#define fu_forw_hname f_un.f_forw.f_hname +#define fu_forw_addr f_un.f_forw.f_addr +#define fu_pipe_pname f_un.f_pipe.f_pname +#define fu_pipe_pd f_un.f_pipe.f_procdesc + + /* Book-keeping. */ + char f_prevline[MAXSVLINE]; /* last message logged */ + time_t f_time; /* time this was last written */ + struct logtime f_lasttime; /* time of last occurrence */ + int f_prevpri; /* pri of f_prevline */ + size_t f_prevlen; /* length of f_prevline */ + int f_prevcount; /* repetition cnt of prevline */ + u_int f_repeatcount; /* number of "repeated" msgs */ + STAILQ_ENTRY(filed) next; /* next in linked list */ +}; + +/* + * Queue of about-to-be dead processes we should watch out for. + */ +struct deadq_entry { + int dq_procdesc; + int dq_timeout; + TAILQ_ENTRY(deadq_entry) dq_entries; +}; + +/* + * The timeout to apply to processes waiting on the dead queue. Unit + * of measure is `mark intervals', i.e. 20 minutes by default. + * Processes on the dead queue will be terminated after that time. + */ + +#define DQ_TIMO_INIT 2 + +/* + * Network addresses that are allowed to log to us. + */ +struct allowedpeer { + bool isnumeric; + u_short port; + union { + struct { + struct sockaddr_storage addr; + struct sockaddr_storage mask; + } numeric; + char *name; + } u; +#define a_addr u.numeric.addr +#define a_mask u.numeric.mask +#define a_name u.name + STAILQ_ENTRY(allowedpeer) next; +}; + +#endif /* !_SYSLOGD_H_ */ diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -82,12 +82,6 @@ * To kill syslogd, send a signal 15 (terminate). A signal 1 (hup) will * cause it to reread its configuration file. * - * Defined Constants: - * - * MAXLINE -- the maximum line length that can be handled. - * DEFUPRI -- the default priority for user messages - * DEFSPRI -- the default priority for kernel messages - * * Author: Eric Allman * extensive changes by Ralph Campbell * more extensive changes by Eric Allman (again) @@ -97,14 +91,6 @@ * Priority comparison code by Harlan Stenn. */ -#define MAXLINE 8192 /* maximum line length */ -#define MAXSVLINE MAXLINE /* maximum saved line length */ -#define DEFUPRI (LOG_USER|LOG_NOTICE) -#define DEFSPRI (LOG_KERN|LOG_CRIT) -#define TIMERINTVL 30 /* interval for checking flush, mark */ -#define TTYMSGTIME 1 /* timeout passed to ttymsg */ -#define RCVBUF_MINSIZE (80 * 1024) /* minimum size of dgram rcv buffer */ - #include #include #include @@ -148,10 +134,10 @@ #include #include "pathnames.h" +#include "syslogd.h" #include "ttymsg.h" -#define SYSLOG_NAMES -#include +#define dprintf if (Debug) printf static const char *ConfFile = _PATH_LOGCONF; static const char *PidFile = _PATH_LOGPID; @@ -159,199 +145,10 @@ static const char include_str[] = "include"; static const char include_ext[] = ".conf"; -#define dprintf if (Debug) printf - -#define MAXUNAMES 20 /* maximum number of user names */ - -#define sstosa(ss) ((struct sockaddr *)(ss)) -#ifdef INET -#define sstosin(ss) ((struct sockaddr_in *)(void *)(ss)) -#define satosin(sa) ((struct sockaddr_in *)(void *)(sa)) -#endif -#ifdef INET6 -#define sstosin6(ss) ((struct sockaddr_in6 *)(void *)(ss)) -#define satosin6(sa) ((struct sockaddr_in6 *)(void *)(sa)) -#define s6_addr32 __u6_addr.__u6_addr32 -#define IN6_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \ - (((d)->s6_addr32[0] ^ (a)->s6_addr32[0]) & (m)->s6_addr32[0]) == 0 && \ - (((d)->s6_addr32[1] ^ (a)->s6_addr32[1]) & (m)->s6_addr32[1]) == 0 && \ - (((d)->s6_addr32[2] ^ (a)->s6_addr32[2]) & (m)->s6_addr32[2]) == 0 && \ - (((d)->s6_addr32[3] ^ (a)->s6_addr32[3]) & (m)->s6_addr32[3]) == 0 ) -#endif - -/* - * Sockets used for logging; monitored by kevent(). - */ -struct socklist { - struct addrinfo sl_ai; -#define sl_sa sl_ai.ai_addr -#define sl_salen sl_ai.ai_addrlen -#define sl_family sl_ai.ai_family - int sl_socket; - const char *sl_name; - int (*sl_recv)(struct socklist *); - STAILQ_ENTRY(socklist) next; -}; -static STAILQ_HEAD(, socklist) shead = STAILQ_HEAD_INITIALIZER(shead); - -/* - * Flags to logmsg(). - */ - -#define IGN_CONS 0x001 /* don't print on console */ -#define SYNC_FILE 0x002 /* do fsync on file after printing */ -#define MARK 0x008 /* this message is a mark */ -#define ISKERNEL 0x010 /* kernel generated message */ - -/* Timestamps of log entries. */ -struct logtime { - struct tm tm; - suseconds_t usec; -}; - -/* Traditional syslog timestamp format. */ -#define RFC3164_DATELEN 15 -#define RFC3164_DATEFMT "%b %e %H:%M:%S" - -enum filt_proptype { - FILT_PROP_NOOP, - FILT_PROP_MSG, - FILT_PROP_HOSTNAME, - FILT_PROP_PROGNAME, -}; - -enum filt_cmptype { - FILT_CMP_CONTAINS, - FILT_CMP_EQUAL, - FILT_CMP_STARTS, - FILT_CMP_REGEX, -}; - -/* - * This structure holds a property-based filter - */ -struct prop_filter { - enum filt_proptype prop_type; - enum filt_cmptype cmp_type; - uint8_t cmp_flags; -#define FILT_FLAG_EXCLUDE (1 << 0) -#define FILT_FLAG_ICASE (1 << 1) - union { - char *p_strval; - regex_t *p_re; - } pflt_uniptr; -#define pflt_strval pflt_uniptr.p_strval -#define pflt_re pflt_uniptr.p_re - size_t pflt_strlen; -}; - -enum f_type { - F_UNUSED, /* unused entry */ - F_FILE, /* regular file */ - F_TTY, /* terminal */ - F_CONSOLE, /* console terminal */ - F_FORW, /* remote machine */ - F_USERS, /* list of users */ - F_WALL, /* everyone logged on */ - F_PIPE, /* pipe to program */ -}; - -/* - * This structure represents the files that will have log - * copies printed. - * We require f_file to be valid if f_type is F_FILE, F_CONSOLE, F_TTY - * or if f_type is F_PIPE and f_pid > 0. - */ -struct filed { - enum f_type f_type; - - /* Used for filtering. */ - char *f_host; /* host from which to recd. */ - char *f_program; /* program this applies to */ - struct prop_filter *f_prop_filter; /* property-based filter */ - u_char f_pmask[LOG_NFACILITIES+1]; /* priority mask */ - u_char f_pcmp[LOG_NFACILITIES+1]; /* compare priority */ -#define PRI_LT 0x1 -#define PRI_EQ 0x2 -#define PRI_GT 0x4 - - /* Logging destinations. */ - int f_file; /* file descriptor */ - int f_flags; /* file-specific flags */ -#define FFLAG_SYNC 0x01 -#define FFLAG_NEEDSYNC 0x02 - union { - char f_uname[MAXUNAMES][MAXLOGNAME]; /* F_WALL, F_USERS */ - char f_fname[MAXPATHLEN]; /* F_FILE, F_CONSOLE, F_TTY */ - struct { - char f_hname[MAXHOSTNAMELEN]; - struct addrinfo *f_addr; - } f_forw; /* F_FORW */ - struct { - char f_pname[MAXPATHLEN]; - int f_procdesc; - } f_pipe; /* F_PIPE */ - } f_un; -#define fu_uname f_un.f_uname -#define fu_fname f_un.f_fname -#define fu_forw_hname f_un.f_forw.f_hname -#define fu_forw_addr f_un.f_forw.f_addr -#define fu_pipe_pname f_un.f_pipe.f_pname -#define fu_pipe_pd f_un.f_pipe.f_procdesc - - /* Book-keeping. */ - char f_prevline[MAXSVLINE]; /* last message logged */ - time_t f_time; /* time this was last written */ - struct logtime f_lasttime; /* time of last occurrence */ - int f_prevpri; /* pri of f_prevline */ - size_t f_prevlen; /* length of f_prevline */ - int f_prevcount; /* repetition cnt of prevline */ - u_int f_repeatcount; /* number of "repeated" msgs */ - STAILQ_ENTRY(filed) next; /* next in linked list */ -}; -static STAILQ_HEAD(, filed) fhead = - STAILQ_HEAD_INITIALIZER(fhead); /* Log files that we write to */ -static struct filed consfile; /* Console */ - - -/* - * Queue of about-to-be dead processes we should watch out for. - */ -struct deadq_entry { - int dq_procdesc; - int dq_timeout; - TAILQ_ENTRY(deadq_entry) dq_entries; -}; -static TAILQ_HEAD(, deadq_entry) deadq_head = - TAILQ_HEAD_INITIALIZER(deadq_head); - -/* - * The timeout to apply to processes waiting on the dead queue. Unit - * of measure is `mark intervals', i.e. 20 minutes by default. - * Processes on the dead queue will be terminated after that time. - */ - -#define DQ_TIMO_INIT 2 - -/* - * Network addresses that are allowed to log to us. - */ -struct allowedpeer { - bool isnumeric; - u_short port; - union { - struct { - struct sockaddr_storage addr; - struct sockaddr_storage mask; - } numeric; - char *name; - } u; -#define a_addr u.numeric.addr -#define a_mask u.numeric.mask -#define a_name u.name - STAILQ_ENTRY(allowedpeer) next; -}; static STAILQ_HEAD(, allowedpeer) aphead = STAILQ_HEAD_INITIALIZER(aphead); +static TAILQ_HEAD(, deadq_entry) deadq_head = TAILQ_HEAD_INITIALIZER(deadq_head); +static STAILQ_HEAD(, filed) fhead = STAILQ_HEAD_INITIALIZER(fhead); +static STAILQ_HEAD(, socklist) shead = STAILQ_HEAD_INITIALIZER(shead); /* * Intervals at which we flush out "message repeated" messages, @@ -386,6 +183,7 @@ SIGTERM, }; +static struct filed consfile; /* Console */ static bool Debug; /* debug flag */ static bool Foreground = false; /* Run in foreground, instead of daemonizing */ static bool resolve = true; /* resolve hostname */