summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRainer Gerhards <rgerhards@adiscon.com>2005-09-27 12:25:11 +0000
committerRainer Gerhards <rgerhards@adiscon.com>2005-09-27 12:25:11 +0000
commit4095554465fb330ae35a66d2fd108a83afecbee8 (patch)
tree98f26f394a4c33f36db169278eaeeda0591a152d
parent21cbbd071a3696695490dc94b11238ae6038ff63 (diff)
downloadrsyslog-4095554465fb330ae35a66d2fd108a83afecbee8.tar.gz
rsyslog-4095554465fb330ae35a66d2fd108a83afecbee8.tar.xz
rsyslog-4095554465fb330ae35a66d2fd108a83afecbee8.zip
added allowedSender support for TCP
-rw-r--r--NEWS13
-rw-r--r--README.linux4
-rw-r--r--parse.c14
-rw-r--r--parse.h1
-rw-r--r--syslogd.c63
5 files changed, 71 insertions, 24 deletions
diff --git a/NEWS b/NEWS
index a2efa1a6..075fc7c2 100644
--- a/NEWS
+++ b/NEWS
@@ -3,9 +3,9 @@ Version 1.10.2 (RGer), 2005-09-2?
- added comparison operations in property-based filters:
* isequal
* startswith
-- added ability to negate all property-based filter comparison oprations
+- added ability to negate all property-based filter comparison operations
by adding a !-sign right in front of the operation name
-- added the ability to specify remote senders for UDP
+- added the ability to specify remote senders for UDP and TCP
received messages. Allows to block all but well-known hosts
- changed the $-config line directives to be case-INsensitive
- new command line option -w added: "do not display warnings if messages
@@ -16,6 +16,11 @@ Version 1.10.2 (RGer), 2005-09-2?
results (fortunately, this function was not yet used widely)
- added better support for "debugging" rsyslog.conf property filters
(only if -d switch is given)
+- changed some function definitions to static, which eventually enables
+ some compiler optimizations
+- fixed a bug in MySQL code; when a SQL error occured, rsyslogd could
+ run in a tight loop. This was due to invalid sequence of error reporting
+ and is now fixed.
---------------------------------------------------------------------------
Version 1.10.1 (RGer), 2005-09-23
- added the ability to execute a shell script as an action.
@@ -45,6 +50,10 @@ Version 1.10.0 (RGer), 2005-09-20
- fixed a problem with compiling on SUSE and - while doing so - removed
the socket call to set SO_BSDCOMPAT in cases where it is obsolete.
---------------------------------------------------------------------------
+Version 1.0.1 (RGer), 2005-09-23
+- fixed a security issue with SQL-escaping in conjunction with
+ non-(SQL-)standard MySQL features.
+---------------------------------------------------------------------------
Version 1.0.0 (RGer), 2005-09-12
- changed install doc to cover daily cron scripts - a trouble source
- added rc script for slackware (provided by Chris Elvidge - thanks!)
diff --git a/README.linux b/README.linux
index d4cf24e1..e8cc42f8 100644
--- a/README.linux
+++ b/README.linux
@@ -1,3 +1,5 @@
This file has been superseeded by the fils in the doc folder.
Please see doc/manual.html for futher details. If you are
-looking for install informaton doc/install.html is for you!
+looking for install information doc/install.html is for you!
+If you do not have the doc set, see
+ http://www.rsyslog.com/doc
diff --git a/parse.c b/parse.c
index a2eb9ce3..4631be84 100644
--- a/parse.c
+++ b/parse.c
@@ -453,6 +453,20 @@ int rsParsGetParsePointer(rsParsObj *pThis)
return rsCStrLen(pThis->pCStr) - 1;
}
+/* peek at the character at the parse pointer
+ * the caller must ensure that the parse pointer is not
+ * at the end of the parse buffer (e.g. by first calling
+ * parsIsAtEndOfParseString).
+ * rgerhards, 2005-09-27
+ */
+char parsPeekAtCharAtParsPtr(rsParsObj *pThis)
+{
+ rsCHECKVALIDOBJECT(pThis, OIDrsPars);
+ assert(pThis->iCurrPos < rsCStrLen(pThis->pCStr));
+
+ return(*(pThis->pCStr->pBuf + pThis->iCurrPos));
+}
+
/*
* Local variables:
diff --git a/parse.h b/parse.h
index c3e2733f..e6852ef1 100644
--- a/parse.h
+++ b/parse.h
@@ -80,6 +80,7 @@ rsRetVal rsParsConstructFromSz(rsParsObj **ppThis, char *psz);
rsRetVal rsParsDestruct(rsParsObj *pThis);
rsRetVal parsIPv4WithBits(rsParsObj *pThis, unsigned long *pIP, int *pBits);
int parsIsAtEndOfParseString(rsParsObj *pThis);
+char parsPeekAtCharAtParsPtr(rsParsObj *pThis);
#if 0 /* later! - but leave it in in case we need it some day... */
/* Parse a property
diff --git a/syslogd.c b/syslogd.c
index 8cc8aab6..23e0990d 100644
--- a/syslogd.c
+++ b/syslogd.c
@@ -729,9 +729,9 @@ void printline(char *hname, char *msg, int iSource);
void printsys(char *msg);
void logmsg(int pri, struct msg*, int flags);
void fprintlog(register struct filed *f, int flags);
-void endtty();
-void wallmsg(register struct filed *f);
-void reapchild();
+static void endtty();
+static void wallmsg(register struct filed *f);
+static void reapchild();
static const char *cvthname(struct sockaddr_in *f);
void domark();
void debug_switch();
@@ -876,7 +876,7 @@ static int isAllowedSender(struct AllowedSenders *pAllowRoot, struct sockaddr_in
== pAllow->allowedSender)
return 1;
}
-
+ dprintf("%x is not an allowed sender\n", (unsigned) ulAddrInLocalByteOrder);
return 0;
}
#endif /* #ifdef SYSLOG_INET */
@@ -1062,6 +1062,26 @@ void TCPSessAccept(void)
/* OK, we have a "good" index... */
/* get the host name */
fromHost = (char *)cvthname(&addr);
+
+ /* Here we check if a host is permitted to send us
+ * syslog messages. If it isn't, we do not further
+ * process the message but log a warning (if we are
+ * configured to do this).
+ * rgerhards, 2005-09-26
+ */
+printf("pre check allowed\n");
+ if(!isAllowedSender(pAllowedSenders_TCP, &addr)) {
+ if(option_DisallowWarning) {
+ errno = 0;
+ logerrorSz("TCP message from disallowed sender %s discarded",
+ fromHost);
+ }
+ close(newConn);
+ return;
+ }
+printf("post check allowed\n");
+
+ /* OK, we have an allowed sender, so let's continue */
lenHostName = strlen(fromHost) + 1; /* for \0 byte */
if((pBuf = (char*) malloc(sizeof(char) * lenHostName)) == NULL) {
logerror("couldn't allocate buffer for hostname - ignored");
@@ -2926,20 +2946,20 @@ int main(int argc, char **argv)
#endif /* #ifdef SYSLOG_INET */
#ifdef SYSLOG_UNIXAF
for (i = 0; i < nfunix; i++) {
- if ((fd = funix[i]) != -1 && FD_ISSET(fd, &readfds)) {
- memset(line, '\0', sizeof(line));
- i = recv(fd, line, MAXLINE - 2, 0);
- dprintf("Message from UNIX socket: #%d\n", fd);
- if (i > 0) {
- line[i] = line[i+1] = '\0';
- printchopped(LocalHostName, line, i + 2, fd, SOURCE_UNIXAF);
- } else if (i < 0 && errno != EINTR) {
- dprintf("UNIX socket error: %d = %s.\n", \
- errno, strerror(errno));
- logerror("recvfrom UNIX");
- }
+ if ((fd = funix[i]) != -1 && FD_ISSET(fd, &readfds)) {
+ memset(line, '\0', sizeof(line));
+ i = recv(fd, line, MAXLINE - 2, 0);
+ dprintf("Message from UNIX socket: #%d\n", fd);
+ if (i > 0) {
+ line[i] = line[i+1] = '\0';
+ printchopped(LocalHostName, line, i + 2, fd, SOURCE_UNIXAF);
+ } else if (i < 0 && errno != EINTR) {
+ dprintf("UNIX socket error: %d = %s.\n", \
+ errno, strerror(errno));
+ logerror("recvfrom UNIX");
}
}
+ }
#endif
#ifdef SYSLOG_INET
@@ -2963,7 +2983,7 @@ int main(int argc, char **argv)
printchopped(from, line, i + 2, finet, SOURCE_INET);
} else {
if(option_DisallowWarning) {
- logerrorSz("message from disallowed sender %s discarded",
+ logerrorSz("UDP message from disallowed sender %s discarded",
from);
}
}
@@ -4426,7 +4446,7 @@ void fprintlog(register struct filed *f, int flags)
jmp_buf ttybuf;
-void endtty()
+static void endtty()
{
longjmp(ttybuf, 1);
}
@@ -4473,8 +4493,7 @@ void endutent(void)
* world, or a list of approved users.
*/
-void wallmsg(f)
- register struct filed *f;
+static void wallmsg(register struct filed *f)
{
char p[6 + UNAMESZ];
register int i;
@@ -4564,7 +4583,7 @@ void wallmsg(f)
reenter = 0;
}
-void reapchild()
+static void reapchild()
{
int saved_errno = errno;
#if defined(SYSV) && !defined(linux)
@@ -4893,6 +4912,8 @@ printf("addAllow..., name '%s', line: '%s'\n", pName, *ppRestOfConfLine);
}
while(!parsIsAtEndOfParseString(pPars)) {
+ if(parsPeekAtCharAtParsPtr(pPars) == '#')
+ break; /* a comment-sign stops processing of line */
/* now parse a single IP address */
if((iRet = parsIPv4WithBits(pPars, &uIP, &iBits)) != RS_RET_OK) {
logerrorInt("Error %d parsing IP address in allowed sender"