From dfc9733135787a4b89dde3950273d3a1b1a26604 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 15 Apr 2008 18:49:05 +0200 Subject: begun re-integrating rfc3195 in rsyslog set up build system and shuffle some files --- Makefile.am | 12 +- configure.ac | 23 +--- plugins/im3195/im3195.c | 289 ++++++++++++++++++++++++++++++++++++++++++++++++ rfc3195d.8 | 84 -------------- rfc3195d.c | 289 ------------------------------------------------ 5 files changed, 298 insertions(+), 399 deletions(-) create mode 100644 plugins/im3195/im3195.c delete mode 100644 rfc3195d.8 delete mode 100644 rfc3195d.c diff --git a/Makefile.am b/Makefile.am index 0e75710c..1fe726cb 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,4 +1,3 @@ -#sbin_PROGRAMS = rfc3195d rsyslogd sbin_PROGRAMS = man_MANS = @@ -103,13 +102,6 @@ endif # if ENABLE_RSYSLOGD # now come the library plugins pkglib_LTLIBRARIES = -if ENABLE_RFC3195 -# this does so far not work - a manual build is needed -sbin_PROGRAMS += rfc3195d -rfc3195d_SOURCES = rfc3195d.c rsyslog.h -man_MANS += rfc3195d.8 -endif - if ENABLE_INET pkglib_LTLIBRARIES += lmnet.la lmtcpsrv.la lmtcpclt.la @@ -222,3 +214,7 @@ endif if ENABLE_MAIL SUBDIRS += plugins/ommail endif + +if ENABLE_RFC3195 +SUBDIRS += plugins/im3195 +endif diff --git a/configure.ac b/configure.ac index 2a5ef16b..732e5a82 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([rsyslog],[3.17.1],[rsyslog@lists.adiscon.com]) +AC_INIT([rsyslog],[3.17.2],[rsyslog@lists.adiscon.com]) AM_INIT_AUTOMAKE AC_CONFIG_SRCDIR([syslogd.c]) AC_CONFIG_HEADERS([config.h]) @@ -553,25 +553,11 @@ AC_ARG_ENABLE(rfc3195, [enable_rfc3195=no] ) if test "x$enable_rfc3195" = "xyes"; then - AC_CHECK_HEADERS( - [librfc3195.h],, - [AC_MSG_FAILURE([RFC3195 library is missing (no headers)])] - ) -# I don't know how to tell that librfc3195 needs -lrt, so I disable -# this check for now - the header check should work well enough... -# rgerhards, 2008-03-25 -# AC_CHECK_LIB( -# [rfc3195], -# [rfc3195EngineGetVersion], -# [rfc3195_cflags="" - rfc3195_libs="-lrfc3195" -# ], -# [AC_MSG_FAILURE([RFC3195 library is missing])] -# ) + PKG_CHECK_MODULES(LIBLOGGING, liblogging >= 0.7.0) fi AM_CONDITIONAL(ENABLE_RFC3195, test x$enable_rfc3195 = xyes) -AC_SUBST(rfc3195_cflags) -AC_SUBST(rfc3195_libs) +AC_SUBST(RFC3195_CFLAGS) +AC_SUBST(RFC3195_LIBS) # settings for the template input module; copy and modify this code @@ -618,6 +604,7 @@ AC_CONFIG_FILES([Makefile \ doc/Makefile \ plugins/imudp/Makefile \ plugins/imtcp/Makefile \ + plugins/im3195/Makefile \ plugins/imgssapi/Makefile \ plugins/imuxsock/Makefile \ plugins/immark/Makefile \ diff --git a/plugins/im3195/im3195.c b/plugins/im3195/im3195.c new file mode 100644 index 00000000..f79ec949 --- /dev/null +++ b/plugins/im3195/im3195.c @@ -0,0 +1,289 @@ +/** + * rfc3195d.c + * This is an RFC 3195 listener. All data received is forwarded to + * local UNIX domain socket, where it can be picked up by a + * syslog daemon (like rsyslogd ;)). + * + * \author Rainer Gerhards + * + * Copyright 2003-2005 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of rsyslog. + * + * Rsyslog is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Rsyslog is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Rsyslog. If not, see . + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + */ +#include "config.h" + +#include +#ifndef FEATURE_RFC3195 +/* this is a trick: if RFC3195 is not to be supported, we just do an + * error message. + */ +int main() +{ + fprintf(stderr, "error: not compiled with FEATURE_RFC3195 - terminating.\n"); + return(1); +} +#else +#include +#include +#include +#include +#include "rsyslog.h" +#include "liblogging.h" +#include "srAPI.h" +#include "syslogmessage.h" + +/* configurable params! */ +static char* pPathLogname = "/dev/log3195"; +static char *PidFile; +static int NoFork = 0; +static int Debug = 0; +static int listenPort = 601; + +/* we use a global API object below, because this listener is + * not very complex. As such, this hack should not harm anything. + * rgerhards, 2005-10-12 + */ +static srAPIObj* pAPI; + +static int LogFile = -1; /* fd for log */ +static int connected; /* have done connect */ +static struct sockaddr SyslogAddr; /* AF_UNIX address of local logger */ + +/* small usage info */ +static int usage() +{ + /* The following usage line is what we intend to have - it + * is commented out as a reminder. The one below is what we + * currently actually do... + fprintf(stderr, "usage: rfc3195d [-dv] [-i pidfile] [-n] [-p path]\n"); + */ + fprintf(stderr, "usage: rfc3195d [-dv] [-r port] [-p path]\n"); + exit(1); +} + +/* CLOSELOG -- close the system log + */ +static void closelog(void) +{ + close(LogFile); + LogFile = -1; + connected = 0; +} + +/* OPENLOG -- open system log + */ +static void openlog() +{ + if (LogFile == -1) { + SyslogAddr.sa_family = AF_UNIX; + strncpy(SyslogAddr.sa_data, pPathLogname, + sizeof(SyslogAddr.sa_data)); + LogFile = socket(AF_UNIX, SOCK_DGRAM, 0); + if(LogFile < 0) { + char errStr[1024]; + printf("error opening '%s': %s\n", + pPathLogname, rs_strerror_r(errno, errStr, sizeof(errStr))); + } + } + if (LogFile != -1 && !connected && + connect(LogFile, &SyslogAddr, sizeof(SyslogAddr.sa_family)+ + strlen(SyslogAddr.sa_data)) != -1) + connected = 1; + else { + char errStr[1024]; + printf("error connecting '%s': %s\n", + pPathLogname, rs_strerror_r(errno, errStr, sizeof(errStr))); + } +} + + +/* This method is called when a message has been fully received. + * It passes the received message to the specified unix domain + * socket. Please note that this callback is synchronous, thus + * liblogging will be on hold until it returns. This is important + * to note because in an error case we might stay in this code + * for an extended amount of time. So far, we think this is the + * best solution, but real-world experience might tell us a + * different truth ;) + * rgerhards 2005-10-12 + */ +void OnReceive(srAPIObj* pAPI, srSLMGObj* pSLMG) +{ + unsigned char *pszRawMsg; + int iRetries; /* number of retries connecting to log socket */ + int iSleep; + int iWriteOffset; + ssize_t nToWrite; + ssize_t nWritten; + + srSLMGGetRawMSG(pSLMG, &pszRawMsg); + + /* we need to loop writing the message. At least in + * theory, a single write might not send all data to the + * syslogd. So we need to continue until everything is written. + * Also, we need to check if there are any socket erros, in + * which case we reconect. We will re-try indefinitely, if this + * is not acceptable, you need to change the code. + * rgerhards 2005-10-12 + */ + iRetries = 0; + nToWrite = strlen(pszRawMsg); + iWriteOffset = 0; + while(nToWrite != 0) { + if(LogFile < 0 || !connected) + openlog(); + if(LogFile < 0 || !connected) { + /* still not connected, retry */ + if(iRetries > 0) { + iSleep = (iRetries < 30) ? iRetries : 30; + /* we sleep a little to prevent a thight loop */ + if(Debug) + printf("multiple retries connecting to log socket" + " - doing sleep(%d)\n", iSleep); + sleep(iSleep); + } + ++iRetries; + } else { + nWritten = write(LogFile, pszRawMsg, strlen(pszRawMsg)); + if(nWritten < 0) { + /* error, recover! */ + char errStr[1024]; + printf("error writing to domain socket: %s\r\n", rs_strerror_r(errno, errStr, sizeof(errStr))); + closelog(); + } else { + /* prepare for (potential) next write */ + nToWrite -= nWritten; + iWriteOffset += nWritten; + } + } + } + + if(Debug) { + static int largest = 0; + int sz = strlen(pszRawMsg); + if(sz > largest) + largest = sz; + printf("Msg(%d/%d):%s\n\n", largest, sz, pszRawMsg); + } +} + + +/* As we are single-threaded in this example, we need + * one way to shut down the listener running on this + * single thread. We use SIG_INT to do so - it effectively + * provides a short-lived second thread ;-) + */ +void doShutdown(int i) +{ + printf("Shutting down rfc3195d. Be patient, this can take up to 30 seconds...\n"); + srAPIShutdownListener(pAPI); +} + + +/* on the the real program ;) */ +int main(int argc, char* argv[]) +{ + srRetVal iRet; + int ch; + struct sigaction sigAct; + + while ((ch = getopt(argc, argv, "di:np:r:v")) != EOF) + switch((char)ch) { + case 'd': /* debug */ + Debug = 1; + break; + case 'i': /* pid file name */ + PidFile = optarg; + break; + case 'n': /* don't fork */ + NoFork = 1; + break; + case 'p': /* path to regular log socket */ + pPathLogname = optarg; + break; + case 'r': /* listen port */ + listenPort = atoi(optarg); + if(listenPort < 1 || listenPort > 65535) { + printf("Error: invalid listen port '%s', using 601 instead\n", + optarg); + listenPort = 601; + } + break; + case 'v': + printf("rfc3195d %s.%s (using liblogging version %d.%d.%d).\n", + VERSION, PATCHLEVEL, + LIBLOGGING_VERSION_MAJOR, LIBLOGGING_VERSION_MINOR, + LIBLOGGING_VERSION_SUBMINOR); + printf("See http://www.rsyslog.com for more information.\n"); + exit(0); + case '?': + default: + usage(); + } + if ((argc -= optind)) + usage(); + + memset(&sigAct, 0, sizeof(sigAct)); + sigemptyset(&sigAct.sa_mask); + sigAct.sa_handler = doShutdown; + sigaction(SIGUSR1, &sigAct, NULL); + sigaction(SIGTERM, &sigAct, NULL); + + if(!Debug) + { + sigAct.sa_handler = SIG_IGN; + sigaction(SIGINT, &sigAct, NULL); + } + + if((pAPI = srAPIInitLib()) == NULL) + { + printf("Error initializing liblogging - aborting!\n"); + exit(1); + } + + if((iRet = srAPISetOption(pAPI, srOPTION_BEEP_LISTENPORT, listenPort)) != SR_RET_OK) + { + printf("Error %d setting listen port - aborting\n", iRet); + exit(100); + } + + if((iRet = srAPISetupListener(pAPI, OnReceive)) != SR_RET_OK) + { + printf("Error %d setting up listener - aborting\n", iRet); + exit(101); + } + + /* now move the listener to running state. Control will only + * return after SIGUSR1. + */ + if((iRet = srAPIRunListener(pAPI)) != SR_RET_OK) + { + printf("Error %d running the listener - aborting\n", iRet); + exit(102); + } + + /** control will reach this point after shutdown */ + + srAPIExitLib(pAPI); + return 0; +} +#endif /* #ifndef FEATURE_RFC3195 - main wrapper */ + +/* + * vi:set ai: + */ diff --git a/rfc3195d.8 b/rfc3195d.8 deleted file mode 100644 index ae191df6..00000000 --- a/rfc3195d.8 +++ /dev/null @@ -1,84 +0,0 @@ -.\" Copyright 2005 Rainer Gerhards and Adiscon for the rsyslog modifications -.\" Distributed under the GNU General Public License. -.\" -.TH RFC3195D 8 "02 April 2008" "Version 3.14.0" "Linux System Administration" -.SH NAME -rfc3195d \- RFC 3195 listener -.SH SYNOPSIS -.B rfc3195d -.RB [ " \-d " ] -.RB [ " \-p" -.IB socket -] -.RB [ " \-r" -.IB port -] -.RB [ " \-v " ] -.LP -.SH DESCRIPTION -.B Rfc3195d -is a utility for receiving syslog messages via RFC 3195. Both -RAW and COOKED profiles are supported (but COOKED only without -relay-specific PATH elements). -rfc3195d accepts messages via RFC 3195 and forwards them to -the local domain socket specified in the -p option -(/dev/log3195 by default). There, the messages can be picked up -by the system syslogd. While rfc3195d can work with any syslogd, -we highly recommend using -.B rsyslogd, -because it has special handling -for the messages forwarded by rfc3195d. To enable message -reception in -.B rsyslogd, -use the "-a :/dev/log3195" command line -option (the colon in front of the socket name tells -.B rsyslogd -that the messages contain hostnames - this is vital to get the -right sender name into your logs). - -.B Rfc3195d -currently has very limited functionality. Most importantly, -it does not allow to limit the senders it receives messages from. -Documentation is also very sparse. The situation should improve over -time as the rsyslog project is continously being enhanced. -.LP -.SH OPTIONS -.TP -.BI "\-p " "socket" -The socket the received messages are to be sent to. If not specified, -/dev/log3195 is used. -.TP -.BI "\-r " "port" -The listen port to use. If not specified, IANA-assigned port 601 is used. -.TP -.B "\-d" -Turns on debug mode. In it, rfc3195d spits out diagnostic information -to stdout. -.TP -.B "\-v" -Print version and exit. -.SH SIGNALS -.B Rfc3195d -reacts to a set of signals. -.TP -.B SIGTERM -.B Rfc3195d -terminates. -.TP -.B SIGUSR1 -.B Rfc3195d -terminates. -.LP -.SH SEE ALSO -.BR rsyslog.conf (5), -.BR rsyslogd (8) -.LP -.SH MORE INFORMATION -Is available on the project home page at http://www.rsyslog.com -.LP -.SH COLLABORATORS -Rfc3195d uses liblogging (http://www.liblogging.org) for RFC 3195 -protocol handling. -.PD 0 -.TP -Rainer Gerhards diff --git a/rfc3195d.c b/rfc3195d.c deleted file mode 100644 index f79ec949..00000000 --- a/rfc3195d.c +++ /dev/null @@ -1,289 +0,0 @@ -/** - * rfc3195d.c - * This is an RFC 3195 listener. All data received is forwarded to - * local UNIX domain socket, where it can be picked up by a - * syslog daemon (like rsyslogd ;)). - * - * \author Rainer Gerhards - * - * Copyright 2003-2005 Rainer Gerhards and Adiscon GmbH. - * - * This file is part of rsyslog. - * - * Rsyslog is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Rsyslog is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Rsyslog. If not, see . - * - * A copy of the GPL can be found in the file "COPYING" in this distribution. - */ -#include "config.h" - -#include -#ifndef FEATURE_RFC3195 -/* this is a trick: if RFC3195 is not to be supported, we just do an - * error message. - */ -int main() -{ - fprintf(stderr, "error: not compiled with FEATURE_RFC3195 - terminating.\n"); - return(1); -} -#else -#include -#include -#include -#include -#include "rsyslog.h" -#include "liblogging.h" -#include "srAPI.h" -#include "syslogmessage.h" - -/* configurable params! */ -static char* pPathLogname = "/dev/log3195"; -static char *PidFile; -static int NoFork = 0; -static int Debug = 0; -static int listenPort = 601; - -/* we use a global API object below, because this listener is - * not very complex. As such, this hack should not harm anything. - * rgerhards, 2005-10-12 - */ -static srAPIObj* pAPI; - -static int LogFile = -1; /* fd for log */ -static int connected; /* have done connect */ -static struct sockaddr SyslogAddr; /* AF_UNIX address of local logger */ - -/* small usage info */ -static int usage() -{ - /* The following usage line is what we intend to have - it - * is commented out as a reminder. The one below is what we - * currently actually do... - fprintf(stderr, "usage: rfc3195d [-dv] [-i pidfile] [-n] [-p path]\n"); - */ - fprintf(stderr, "usage: rfc3195d [-dv] [-r port] [-p path]\n"); - exit(1); -} - -/* CLOSELOG -- close the system log - */ -static void closelog(void) -{ - close(LogFile); - LogFile = -1; - connected = 0; -} - -/* OPENLOG -- open system log - */ -static void openlog() -{ - if (LogFile == -1) { - SyslogAddr.sa_family = AF_UNIX; - strncpy(SyslogAddr.sa_data, pPathLogname, - sizeof(SyslogAddr.sa_data)); - LogFile = socket(AF_UNIX, SOCK_DGRAM, 0); - if(LogFile < 0) { - char errStr[1024]; - printf("error opening '%s': %s\n", - pPathLogname, rs_strerror_r(errno, errStr, sizeof(errStr))); - } - } - if (LogFile != -1 && !connected && - connect(LogFile, &SyslogAddr, sizeof(SyslogAddr.sa_family)+ - strlen(SyslogAddr.sa_data)) != -1) - connected = 1; - else { - char errStr[1024]; - printf("error connecting '%s': %s\n", - pPathLogname, rs_strerror_r(errno, errStr, sizeof(errStr))); - } -} - - -/* This method is called when a message has been fully received. - * It passes the received message to the specified unix domain - * socket. Please note that this callback is synchronous, thus - * liblogging will be on hold until it returns. This is important - * to note because in an error case we might stay in this code - * for an extended amount of time. So far, we think this is the - * best solution, but real-world experience might tell us a - * different truth ;) - * rgerhards 2005-10-12 - */ -void OnReceive(srAPIObj* pAPI, srSLMGObj* pSLMG) -{ - unsigned char *pszRawMsg; - int iRetries; /* number of retries connecting to log socket */ - int iSleep; - int iWriteOffset; - ssize_t nToWrite; - ssize_t nWritten; - - srSLMGGetRawMSG(pSLMG, &pszRawMsg); - - /* we need to loop writing the message. At least in - * theory, a single write might not send all data to the - * syslogd. So we need to continue until everything is written. - * Also, we need to check if there are any socket erros, in - * which case we reconect. We will re-try indefinitely, if this - * is not acceptable, you need to change the code. - * rgerhards 2005-10-12 - */ - iRetries = 0; - nToWrite = strlen(pszRawMsg); - iWriteOffset = 0; - while(nToWrite != 0) { - if(LogFile < 0 || !connected) - openlog(); - if(LogFile < 0 || !connected) { - /* still not connected, retry */ - if(iRetries > 0) { - iSleep = (iRetries < 30) ? iRetries : 30; - /* we sleep a little to prevent a thight loop */ - if(Debug) - printf("multiple retries connecting to log socket" - " - doing sleep(%d)\n", iSleep); - sleep(iSleep); - } - ++iRetries; - } else { - nWritten = write(LogFile, pszRawMsg, strlen(pszRawMsg)); - if(nWritten < 0) { - /* error, recover! */ - char errStr[1024]; - printf("error writing to domain socket: %s\r\n", rs_strerror_r(errno, errStr, sizeof(errStr))); - closelog(); - } else { - /* prepare for (potential) next write */ - nToWrite -= nWritten; - iWriteOffset += nWritten; - } - } - } - - if(Debug) { - static int largest = 0; - int sz = strlen(pszRawMsg); - if(sz > largest) - largest = sz; - printf("Msg(%d/%d):%s\n\n", largest, sz, pszRawMsg); - } -} - - -/* As we are single-threaded in this example, we need - * one way to shut down the listener running on this - * single thread. We use SIG_INT to do so - it effectively - * provides a short-lived second thread ;-) - */ -void doShutdown(int i) -{ - printf("Shutting down rfc3195d. Be patient, this can take up to 30 seconds...\n"); - srAPIShutdownListener(pAPI); -} - - -/* on the the real program ;) */ -int main(int argc, char* argv[]) -{ - srRetVal iRet; - int ch; - struct sigaction sigAct; - - while ((ch = getopt(argc, argv, "di:np:r:v")) != EOF) - switch((char)ch) { - case 'd': /* debug */ - Debug = 1; - break; - case 'i': /* pid file name */ - PidFile = optarg; - break; - case 'n': /* don't fork */ - NoFork = 1; - break; - case 'p': /* path to regular log socket */ - pPathLogname = optarg; - break; - case 'r': /* listen port */ - listenPort = atoi(optarg); - if(listenPort < 1 || listenPort > 65535) { - printf("Error: invalid listen port '%s', using 601 instead\n", - optarg); - listenPort = 601; - } - break; - case 'v': - printf("rfc3195d %s.%s (using liblogging version %d.%d.%d).\n", - VERSION, PATCHLEVEL, - LIBLOGGING_VERSION_MAJOR, LIBLOGGING_VERSION_MINOR, - LIBLOGGING_VERSION_SUBMINOR); - printf("See http://www.rsyslog.com for more information.\n"); - exit(0); - case '?': - default: - usage(); - } - if ((argc -= optind)) - usage(); - - memset(&sigAct, 0, sizeof(sigAct)); - sigemptyset(&sigAct.sa_mask); - sigAct.sa_handler = doShutdown; - sigaction(SIGUSR1, &sigAct, NULL); - sigaction(SIGTERM, &sigAct, NULL); - - if(!Debug) - { - sigAct.sa_handler = SIG_IGN; - sigaction(SIGINT, &sigAct, NULL); - } - - if((pAPI = srAPIInitLib()) == NULL) - { - printf("Error initializing liblogging - aborting!\n"); - exit(1); - } - - if((iRet = srAPISetOption(pAPI, srOPTION_BEEP_LISTENPORT, listenPort)) != SR_RET_OK) - { - printf("Error %d setting listen port - aborting\n", iRet); - exit(100); - } - - if((iRet = srAPISetupListener(pAPI, OnReceive)) != SR_RET_OK) - { - printf("Error %d setting up listener - aborting\n", iRet); - exit(101); - } - - /* now move the listener to running state. Control will only - * return after SIGUSR1. - */ - if((iRet = srAPIRunListener(pAPI)) != SR_RET_OK) - { - printf("Error %d running the listener - aborting\n", iRet); - exit(102); - } - - /** control will reach this point after shutdown */ - - srAPIExitLib(pAPI); - return 0; -} -#endif /* #ifndef FEATURE_RFC3195 - main wrapper */ - -/* - * vi:set ai: - */ -- cgit