diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2010-10-06 12:37:24 +0200 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2010-10-06 12:37:24 +0200 |
| commit | c0de8c6dc4ec4ac270b0c313ea5a1d2689b44db3 (patch) | |
| tree | 9fd4350fe04646c002ac9208ebc1c92a8d4f2fbf /plugins/imuxsock/imuxsock.c | |
| parent | b5afa1a5be2909ed13f77ef0e0804bab75325198 (diff) | |
| download | rsyslog-c0de8c6dc4ec4ac270b0c313ea5a1d2689b44db3.tar.gz rsyslog-c0de8c6dc4ec4ac270b0c313ea5a1d2689b44db3.tar.xz rsyslog-c0de8c6dc4ec4ac270b0c313ea5a1d2689b44db3.zip | |
bugfix/imuxsock: did not compile on platforms without SCM_CREDENTIALS
Note: we do rate-limiting by the pid and we obtain the pid via SCM_CREDENTIALS
socket options. So this patch effectively disables the (new) ratelimiting
capability. In a later patch, I'll see that I can provide a global ratelimiting
capability, which could always be used (an alternative may be using the tag, will
check this out as well).
Diffstat (limited to 'plugins/imuxsock/imuxsock.c')
| -rw-r--r-- | plugins/imuxsock/imuxsock.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c index 41bff4f9..5b548602 100644 --- a/plugins/imuxsock/imuxsock.c +++ b/plugins/imuxsock/imuxsock.c @@ -406,6 +406,7 @@ openLogSocket(lstn_t *pLstn) CHKiRet(createLogSocket(pLstn)); } +# if HAVE_SCM_CREDENTIALS if(pLstn->bUseCreds) { one = 1; if(setsockopt(pLstn->fd, SOL_SOCKET, SO_PASSCRED, &one, (socklen_t) sizeof(one)) != 0) { @@ -417,6 +418,9 @@ openLogSocket(lstn_t *pLstn) pLstn->bUseCreds = 0; } } +# else /* HAVE_SCM_CREDENTIALS */ + pLstn->bUseCreds = 0; +# endif /* HAVE_SCM_CREDENTIALS */ finalize_it: if(iRet != RS_RET_OK) { @@ -513,7 +517,7 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred) rs_ratelimit_state_t *ratelimiter = NULL; DEFiRet; -// TODO: handle format errors?? + /* TODO: handle format errors?? */ /* we need to parse the pri first, because we need the severity for * rate-limiting as well. */ @@ -530,8 +534,10 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred) facil = LOG_FAC(pri); sever = LOG_PRI(pri); - if(sever >= pLstn->ratelimitSev) + if(sever >= pLstn->ratelimitSev) { + /* note: if cred == NULL, then ratelimiter == NULL as well! */ findRatelimiter(pLstn, cred, &ratelimiter); /* ignore error, better so than others... */ + } datetime.getCurrTime(&st, &tt); if(ratelimiter != NULL && !withinRatelimit(ratelimiter, tt, cred->pid)) { @@ -637,6 +643,7 @@ static rsRetVal readSocket(lstn_t *pLstn) dbgprintf("Message from UNIX socket: #%d\n", pLstn->fd); if(iRcvd > 0) { cred = NULL; +# if HAVE_SCM_CREDENTIALS if(pLstn->bUseCreds) { dbgprintf("XXX: pre CM loop, length of control message %d\n", (int) msgh.msg_controllen); for (cm = CMSG_FIRSTHDR(&msgh); cm; cm = CMSG_NXTHDR(&msgh, cm)) { @@ -644,11 +651,12 @@ static rsRetVal readSocket(lstn_t *pLstn) if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_CREDENTIALS) { cred = (struct ucred*) CMSG_DATA(cm); dbgprintf("XXX: got credentials pid %d\n", (int) cred->pid); - //break; + break; } } dbgprintf("XXX: post CM loop\n"); } +# endif /* HAVE_SCM_CREDENTIALS */ CHKiRet(SubmitMsg(pRcv, iRcvd, pLstn, cred)); } else if(iRcvd < 0 && errno != EINTR) { char errStr[1024]; |