Age | Commit message (Collapse) | Author |
|
child tried to load the default CA file when it was connecting to
a TLS server. The latter has never worked as the child is chrooted
to /var/empty. Set the CA storage to an empty string to avoid this
behavior. As a benefit pledge "rpath" can be removed.
OK benno@
|
|
in a background process. A potential fork(2) at every message is
bad, so replace this with an event. As a bonus the syslogd child
process does not need to pledge "proc" anymore. Also limit the
number of delayed write events.
OK deraadt@
|
|
syslogd child calls fork(2) to delay blocked output.
OK benno@
|
|
has been added to it, the syslogd privsep parent does not need
pledge "inet" anymore.
discussed with deraadt@
|
|
OK deraadt@
|
|
inet dns getpw sendfd proc exec".
OK deraadt@
|
|
as dprintf(3) is in libc now and does something different.
OK guenther@
|
|
From Michael McConville; OK guenther@
|
|
sizeof(struct sockaddr_un), so do the simple, portable thing.
Also convert some strncpy() to strlcpy()
ok deraadt@
|
|
|
|
encrypted messages. The server certificates are taken from /etc/ssl
like relayd does.
OK benno@ beck@ deraadt@
|
|
encrypted messages. The server certificates are taken from /etc/ssl
like relayd does.
OK benno@ beck@ deraadt@
|
|
blocks. Fix the potential syslogd's death, add "proc" to pledge.
OK deraadt@
|
|
|
|
With and OK deraadt@
|
|
ok millert@
|
|
event loss in syslogd. The ev_read and ev_write event structures
were used for both EV_READ and EV_WRITE events intermixedly. The
correct way is to use each event for its read and write purpose and
instead switch the handler. Then libevent is no longer confused.
When doing TLS read and a TLS_WANT_POLLOUT occures, call event_set()
for the write event to change the callback to read. As there might
be an event scheduled on the event, call event_del() before
event_set(). After a successful TLS read, change back the write
event. Add analog code for TLS write and handshake.
OK beck@
|
|
Spotted by jung@
|
|
to syslogd that does not do that. Use it for anything that does
not look like a system call or library call around it.
Also add logerrorctx() that prints the TLS error instead.
Reduce the maximum CAfile limit to 50MB, requested by Bob.
OK beck@
|
|
everything.
OK benno@
|
|
allocate them with malloc. This makes the address space layout
more random.
OK deraadt@ benno@
|
|
can go away as the callback does not need the hostname anymore.
Call tls_handshake() until successful. Remove the function
tls_socket() as it has a bad prefix. Just call tls_client(),
tls_configure() and tls_connect_socket() after the TCP socket has
been created. There is no need to wait until TCP connect has
finished.
OK beck@ jsing@
|
|
|
|
new tls_read() and tls_write() calling semantics, adapt to
TLS_WANT_POLLIN and TLS_WANT_POLLOUT renaming.
OK beck@
|
|
checks the send buffer size. So double both buffer sizes.
Moreover the default for sending is 2048 and for receiving is 4096.
This makes the existing double buffer algorithm inconsistent. It
is better to make the buffers large enough to hold 8 full length
messages. Just make sure that it does not shrink.
Keep the approach that doubles the buffer sizes. When we are low
on buffers and cannot reach the full size, increase it as much as
possible.
While there, add consistent error messages.
OK benno@
|
|
of syslogd(8) should be alike. syslogd: dropped 1 message
OK lteo@ millert@
|
|
use the global linebuf like the other libevent read callbacks.
OK jung@
|
|
conflicts with other processes bound to a specific address with the
same port. Syslogd uses this socket basically for outgoing traffic
to remote UDP log servers, so increase the chance that it works.
OK jung@ benno@
|
|
specific programm or host. It does not make sense to truncate the
string from the config at some character from a list. Just take
whatever the user specified as progname or hostname. If it contains
funky charactes it will not match and the action is not taken. This
fixes matching with IP addresses if syslogd is started with -n.
OK semarie@
|
|
itself. For this it uses the original arguments of main(). The
function loghost_parse() modifies the optarg memory it is operating
on. To prevent that the exec arguments have been tampered, pass a
copy of optarg to loghost_parse().
OK deraadt@
|
|
it is behind the size limit. As msg is not NUL-terminated in this
case, it depended on memory content wether syslogd will crash. So
using memcpy() and setting the NUL explicitly is the correct way.
OK deraadt@
|
|
case the receiver closes the connection, wait for a second to give
him a chance to recover.
OK benno@
|
|
limit. Instead disable the listen event and wait for a second.
Keep a reserve of 5 file descriptors.
OK benno@
|
|
octet counting or non transparent framing.
OK benno@
|
|
syslogd had to drop messages after tls_write() returned
TLS_{READ,WRITE}_AGAIN. Now after libtls has been fixed, remove
the workaround. Messages are stored in the libevent write buffer
as we can safely do a realloc(3) now.
OK reyk@
|
|
could be written into the log file.
OK benno@
|
|
the file descriptor. If the fd limit is exhausted, recvmsg(2)
fails. The kernel discards the fd, but the result value stays in
the socket. It has to be read on its own to keep the privsep parent
and syslogd child in sync.
OK benno@
|
|
both !host and memory buffer are used.
OK jung@
|
|
addresses in syslogd(8). Using brackets to separate an IPv6 address
from the port number is common practice and we keep the text in
syslog.conf(5).
OK jmc@
|
|
socket and accepts incomming messages. At the moment, only RFC
6587 3.4.2. Non-Transparent-Framing format with new-line separator
is supprted for incomming messsages. Outgoing messages are encoded
as 3.4.1. Octet Counting. Autodetection of incomming format will
be implemented later.
OK deraadt@ jmc@ millert@
|
|
|
|
fcntl(O_NONBLOCK) with the simpler SOCK_NONBLOCK and add this flag
to the UDP sockets. React to EWOULDBLOCK although it should not
happen.
OK benno@
|
|
again, move it to the common function socket_bind().
OK millert@
|
|
man page. This makes it easier to check wether both are consistent.
OK jung@
|
|
address to receive UDP packets. One advantge over -u and the *
sockets is that you can bind to localhost and divert the packets
with pf. It is also possible to use a non standard port.
OK jung@ jmc@
|
|
specific host into a single log file. For programs this is already
implemented for !prog blocks. So do the same with +host for
hostnames.
Based on a diff from Gregory Edigarov; OK jung@ sthen@
|
|
|
|
OK benno@; input millert@; no objections deraadt@
|
|
This works even if the file descriptor is 0 or 1 or 2.
input and OK millert@
|
|
OK doug@ djm@
|