mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-22 18:56:38 +00:00
libc/syslog: deprecate use of "/var/run/logpriv"
This additional socket was created in2e89951b6f
and240d5a9b1c
to try workaround problems with classic PF_UNIX/SOCK_DGRAM sockets. With recent changes in kernel this trick is no longer needed, so the trick can be reverted. In syslogd(8) we would still create the socket for the next several major releases for compatibility. Differential revision: https://reviews.freebsd.org/D35305
This commit is contained in:
parent
f9e62cbacc
commit
ddc6890519
|
@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
|
|||
#include <fcntl.h>
|
||||
#include <paths.h>
|
||||
#include <pthread.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
@ -61,7 +62,7 @@ __FBSDID("$FreeBSD$");
|
|||
#define MAXLINE 8192
|
||||
|
||||
static int LogFile = -1; /* fd for log */
|
||||
static int status; /* connection status */
|
||||
static bool connected; /* have done connect */
|
||||
static int opened; /* have done openlog() */
|
||||
static int LogStat = 0; /* status bits, set by openlog() */
|
||||
static const char *LogTag = NULL; /* string to tag the entry with */
|
||||
|
@ -85,12 +86,6 @@ static void disconnectlog(void); /* disconnect from syslogd */
|
|||
static void connectlog(void); /* (re)connect to syslogd */
|
||||
static void openlog_unlocked(const char *, int, int);
|
||||
|
||||
enum {
|
||||
NOCONN = 0,
|
||||
CONNDEF,
|
||||
CONNPRIV,
|
||||
};
|
||||
|
||||
/*
|
||||
* Format of the magic cookie passed through the stdio hook
|
||||
*/
|
||||
|
@ -291,48 +286,19 @@ vsyslog1(int pri, const char *fmt, va_list ap)
|
|||
connectlog();
|
||||
|
||||
/*
|
||||
* If the send() fails, there are two likely scenarios:
|
||||
* 1) syslogd was restarted
|
||||
* 2) /var/run/log is out of socket buffer space, which
|
||||
* in most cases means local DoS.
|
||||
* If the error does not indicate a full buffer, we address
|
||||
* case #1 by attempting to reconnect to /var/run/log[priv]
|
||||
* and resending the message once.
|
||||
*
|
||||
* If we are working with a privileged socket, the retry
|
||||
* attempts end there, because we don't want to freeze a
|
||||
* critical application like su(1) or sshd(8).
|
||||
*
|
||||
* Otherwise, we address case #2 by repeatedly retrying the
|
||||
* send() to give syslogd a chance to empty its socket buffer.
|
||||
* If the send() failed, there are two likely scenarios:
|
||||
* 1) syslogd was restarted. In this case make one (only) attempt
|
||||
* to reconnect.
|
||||
* 2) We filled our buffer due to syslogd not being able to read
|
||||
* as fast as we write. In this case prefer to lose the current
|
||||
* message rather than whole buffer of previously logged data.
|
||||
*/
|
||||
|
||||
if (send(LogFile, tbuf, cnt, 0) < 0) {
|
||||
if (errno != ENOBUFS) {
|
||||
/*
|
||||
* Scenario 1: syslogd was restarted
|
||||
* reconnect and resend once
|
||||
*/
|
||||
disconnectlog();
|
||||
connectlog();
|
||||
if (send(LogFile, tbuf, cnt, 0) >= 0)
|
||||
return;
|
||||
/*
|
||||
* if the resend failed, fall through to
|
||||
* possible scenario 2
|
||||
*/
|
||||
}
|
||||
while (errno == ENOBUFS) {
|
||||
/*
|
||||
* Scenario 2: out of socket buffer space
|
||||
* possible DoS, fail fast on a privileged
|
||||
* socket
|
||||
*/
|
||||
if (status == CONNPRIV)
|
||||
break;
|
||||
_usleep(1);
|
||||
if (send(LogFile, tbuf, cnt, 0) >= 0)
|
||||
return;
|
||||
}
|
||||
} else
|
||||
return;
|
||||
|
@ -389,7 +355,7 @@ disconnectlog(void)
|
|||
_close(LogFile);
|
||||
LogFile = -1;
|
||||
}
|
||||
status = NOCONN; /* retry connect */
|
||||
connected = false; /* retry connect */
|
||||
}
|
||||
|
||||
/* Should be called with mutex acquired */
|
||||
|
@ -413,29 +379,16 @@ connectlog(void)
|
|||
}
|
||||
}
|
||||
}
|
||||
if (LogFile != -1 && status == NOCONN) {
|
||||
if (!connected) {
|
||||
SyslogAddr.sun_len = sizeof(SyslogAddr);
|
||||
SyslogAddr.sun_family = AF_UNIX;
|
||||
|
||||
/*
|
||||
* First try privileged socket. If no success,
|
||||
* then try default socket.
|
||||
*/
|
||||
(void)strncpy(SyslogAddr.sun_path, _PATH_LOG_PRIV,
|
||||
(void)strncpy(SyslogAddr.sun_path, _PATH_LOG,
|
||||
sizeof SyslogAddr.sun_path);
|
||||
if (_connect(LogFile, (struct sockaddr *)&SyslogAddr,
|
||||
sizeof(SyslogAddr)) != -1)
|
||||
status = CONNPRIV;
|
||||
|
||||
if (status == NOCONN) {
|
||||
(void)strncpy(SyslogAddr.sun_path, _PATH_LOG,
|
||||
sizeof SyslogAddr.sun_path);
|
||||
if (_connect(LogFile, (struct sockaddr *)&SyslogAddr,
|
||||
sizeof(SyslogAddr)) != -1)
|
||||
status = CONNDEF;
|
||||
}
|
||||
|
||||
if (status == NOCONN) {
|
||||
connected = true;
|
||||
else {
|
||||
(void)_close(LogFile);
|
||||
LogFile = -1;
|
||||
}
|
||||
|
@ -477,7 +430,7 @@ closelog(void)
|
|||
LogFile = -1;
|
||||
}
|
||||
LogTag = NULL;
|
||||
status = NOCONN;
|
||||
connected = false;
|
||||
THREAD_UNLOCK();
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue