1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1983, 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __SCCSID("@(#)syslog.c 8.5 (Berkeley) 4/29/95"); 34 __FBSDID("$FreeBSD$"); 35 36 #include "namespace.h" 37 #include <sys/param.h> 38 #include <sys/socket.h> 39 #include <sys/syslog.h> 40 #include <sys/time.h> 41 #include <sys/uio.h> 42 #include <sys/un.h> 43 #include <netdb.h> 44 45 #include <errno.h> 46 #include <fcntl.h> 47 #include <paths.h> 48 #include <pthread.h> 49 #include <stdio.h> 50 #include <stdlib.h> 51 #include <string.h> 52 #include <time.h> 53 #include <unistd.h> 54 55 #include <stdarg.h> 56 #include "un-namespace.h" 57 58 #include "libc_private.h" 59 60 /* Maximum number of characters of syslog message */ 61 #define MAXLINE 8192 62 63 static int LogFile = -1; /* fd for log */ 64 static int status; /* connection status */ 65 static int opened; /* have done openlog() */ 66 static int LogStat = 0; /* status bits, set by openlog() */ 67 static const char *LogTag = NULL; /* string to tag the entry with */ 68 static int LogFacility = LOG_USER; /* default facility code */ 69 static int LogMask = 0xff; /* mask of priorities to be logged */ 70 static pthread_mutex_t syslog_mutex = PTHREAD_MUTEX_INITIALIZER; 71 72 #define THREAD_LOCK() \ 73 do { \ 74 if (__isthreaded) _pthread_mutex_lock(&syslog_mutex); \ 75 } while(0) 76 #define THREAD_UNLOCK() \ 77 do { \ 78 if (__isthreaded) _pthread_mutex_unlock(&syslog_mutex); \ 79 } while(0) 80 81 /* RFC5424 defined value. */ 82 #define NILVALUE "-" 83 84 static void disconnectlog(void); /* disconnect from syslogd */ 85 static void connectlog(void); /* (re)connect to syslogd */ 86 static void openlog_unlocked(const char *, int, int); 87 88 enum { 89 NOCONN = 0, 90 CONNDEF, 91 CONNPRIV, 92 }; 93 94 /* 95 * Format of the magic cookie passed through the stdio hook 96 */ 97 struct bufcookie { 98 char *base; /* start of buffer */ 99 int left; 100 }; 101 102 /* 103 * stdio write hook for writing to a static string buffer 104 * XXX: Maybe one day, dynamically allocate it so that the line length 105 * is `unlimited'. 106 */ 107 static int 108 writehook(void *cookie, const char *buf, int len) 109 { 110 struct bufcookie *h; /* private `handle' */ 111 112 h = (struct bufcookie *)cookie; 113 if (len > h->left) { 114 /* clip in case of wraparound */ 115 len = h->left; 116 } 117 if (len > 0) { 118 (void)memcpy(h->base, buf, len); /* `write' it. */ 119 h->base += len; 120 h->left -= len; 121 } 122 return len; 123 } 124 125 /* 126 * syslog, vsyslog -- 127 * print message on log file; output is intended for syslogd(8). 128 */ 129 void 130 syslog(int pri, const char *fmt, ...) 131 { 132 va_list ap; 133 134 va_start(ap, fmt); 135 vsyslog(pri, fmt, ap); 136 va_end(ap); 137 } 138 139 static void 140 vsyslog1(int pri, const char *fmt, va_list ap) 141 { 142 struct timeval now; 143 struct tm tm; 144 char ch, *p; 145 long tz_offset; 146 int cnt, fd, saved_errno; 147 char hostname[MAXHOSTNAMELEN], *stdp, tbuf[MAXLINE], fmt_cpy[MAXLINE], 148 errstr[64], tz_sign; 149 FILE *fp, *fmt_fp; 150 struct bufcookie tbuf_cookie; 151 struct bufcookie fmt_cookie; 152 153 #define INTERNALLOG LOG_ERR|LOG_CONS|LOG_PERROR|LOG_PID 154 /* Check for invalid bits. */ 155 if (pri & ~(LOG_PRIMASK|LOG_FACMASK)) { 156 syslog(INTERNALLOG, 157 "syslog: unknown facility/priority: %x", pri); 158 pri &= LOG_PRIMASK|LOG_FACMASK; 159 } 160 161 saved_errno = errno; 162 163 /* Check priority against setlogmask values. */ 164 if (!(LOG_MASK(LOG_PRI(pri)) & LogMask)) 165 return; 166 167 /* Set default facility if none specified. */ 168 if ((pri & LOG_FACMASK) == 0) 169 pri |= LogFacility; 170 171 /* Create the primary stdio hook */ 172 tbuf_cookie.base = tbuf; 173 tbuf_cookie.left = sizeof(tbuf); 174 fp = fwopen(&tbuf_cookie, writehook); 175 if (fp == NULL) 176 return; 177 178 /* Build the message according to RFC 5424. Tag and version. */ 179 (void)fprintf(fp, "<%d>1 ", pri); 180 /* Timestamp similar to RFC 3339. */ 181 if (gettimeofday(&now, NULL) == 0 && 182 localtime_r(&now.tv_sec, &tm) != NULL) { 183 if (tm.tm_gmtoff < 0) { 184 tz_sign = '-'; 185 tz_offset = -tm.tm_gmtoff; 186 } else { 187 tz_sign = '+'; 188 tz_offset = tm.tm_gmtoff; 189 } 190 191 (void)fprintf(fp, 192 "%04d-%02d-%02d" /* Date. */ 193 "T%02d:%02d:%02d.%06ld" /* Time. */ 194 "%c%02ld:%02ld ", /* Time zone offset. */ 195 tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, 196 tm.tm_hour, tm.tm_min, tm.tm_sec, now.tv_usec, 197 tz_sign, tz_offset / 3600, (tz_offset % 3600) / 60); 198 } else 199 (void)fputs(NILVALUE " ", fp); 200 /* Hostname. */ 201 (void)gethostname(hostname, sizeof(hostname)); 202 (void)fprintf(fp, "%s ", 203 hostname[0] == '\0' ? NILVALUE : hostname); 204 if (LogStat & LOG_PERROR) { 205 /* Transfer to string buffer */ 206 (void)fflush(fp); 207 stdp = tbuf + (sizeof(tbuf) - tbuf_cookie.left); 208 } 209 /* Application name. */ 210 if (LogTag == NULL) 211 LogTag = _getprogname(); 212 (void)fprintf(fp, "%s ", LogTag == NULL ? NILVALUE : LogTag); 213 /* 214 * Provide the process ID regardless of whether LOG_PID has been 215 * specified, as it provides valuable information. Many 216 * applications tend not to use this, even though they should. 217 */ 218 (void)fprintf(fp, "%d ", getpid()); 219 /* Message ID. */ 220 (void)fputs(NILVALUE " ", fp); 221 /* Structured data. */ 222 (void)fputs(NILVALUE " ", fp); 223 224 /* Check to see if we can skip expanding the %m */ 225 if (strstr(fmt, "%m")) { 226 227 /* Create the second stdio hook */ 228 fmt_cookie.base = fmt_cpy; 229 fmt_cookie.left = sizeof(fmt_cpy) - 1; 230 fmt_fp = fwopen(&fmt_cookie, writehook); 231 if (fmt_fp == NULL) { 232 fclose(fp); 233 return; 234 } 235 236 /* 237 * Substitute error message for %m. Be careful not to 238 * molest an escaped percent "%%m". We want to pass it 239 * on untouched as the format is later parsed by vfprintf. 240 */ 241 for ( ; (ch = *fmt); ++fmt) { 242 if (ch == '%' && fmt[1] == 'm') { 243 ++fmt; 244 strerror_r(saved_errno, errstr, sizeof(errstr)); 245 fputs(errstr, fmt_fp); 246 } else if (ch == '%' && fmt[1] == '%') { 247 ++fmt; 248 fputc(ch, fmt_fp); 249 fputc(ch, fmt_fp); 250 } else { 251 fputc(ch, fmt_fp); 252 } 253 } 254 255 /* Null terminate if room */ 256 fputc(0, fmt_fp); 257 fclose(fmt_fp); 258 259 /* Guarantee null termination */ 260 fmt_cpy[sizeof(fmt_cpy) - 1] = '\0'; 261 262 fmt = fmt_cpy; 263 } 264 265 /* Message. */ 266 (void)vfprintf(fp, fmt, ap); 267 (void)fclose(fp); 268 269 cnt = sizeof(tbuf) - tbuf_cookie.left; 270 271 /* Remove a trailing newline */ 272 if (tbuf[cnt - 1] == '\n') 273 cnt--; 274 275 /* Output to stderr if requested. */ 276 if (LogStat & LOG_PERROR) { 277 struct iovec iov[2]; 278 struct iovec *v = iov; 279 280 v->iov_base = stdp; 281 v->iov_len = cnt - (stdp - tbuf); 282 ++v; 283 v->iov_base = "\n"; 284 v->iov_len = 1; 285 (void)_writev(STDERR_FILENO, iov, 2); 286 } 287 288 /* Get connected, output the message to the local logger. */ 289 if (!opened) 290 openlog_unlocked(LogTag, LogStat | LOG_NDELAY, 0); 291 connectlog(); 292 293 /* 294 * If the send() fails, there are two likely scenarios: 295 * 1) syslogd was restarted 296 * 2) /var/run/log is out of socket buffer space, which 297 * in most cases means local DoS. 298 * If the error does not indicate a full buffer, we address 299 * case #1 by attempting to reconnect to /var/run/log[priv] 300 * and resending the message once. 301 * 302 * If we are working with a privileged socket, the retry 303 * attempts end there, because we don't want to freeze a 304 * critical application like su(1) or sshd(8). 305 * 306 * Otherwise, we address case #2 by repeatedly retrying the 307 * send() to give syslogd a chance to empty its socket buffer. 308 */ 309 310 if (send(LogFile, tbuf, cnt, 0) < 0) { 311 if (errno != ENOBUFS) { 312 /* 313 * Scenario 1: syslogd was restarted 314 * reconnect and resend once 315 */ 316 disconnectlog(); 317 connectlog(); 318 if (send(LogFile, tbuf, cnt, 0) >= 0) 319 return; 320 /* 321 * if the resend failed, fall through to 322 * possible scenario 2 323 */ 324 } 325 while (errno == ENOBUFS) { 326 /* 327 * Scenario 2: out of socket buffer space 328 * possible DoS, fail fast on a privileged 329 * socket 330 */ 331 if (status == CONNPRIV) 332 break; 333 _usleep(1); 334 if (send(LogFile, tbuf, cnt, 0) >= 0) 335 return; 336 } 337 } else 338 return; 339 340 /* 341 * Output the message to the console; try not to block 342 * as a blocking console should not stop other processes. 343 * Make sure the error reported is the one from the syslogd failure. 344 */ 345 if (LogStat & LOG_CONS && 346 (fd = _open(_PATH_CONSOLE, O_WRONLY|O_NONBLOCK|O_CLOEXEC, 0)) >= 347 0) { 348 struct iovec iov[2]; 349 struct iovec *v = iov; 350 351 p = strchr(tbuf, '>') + 3; 352 v->iov_base = p; 353 v->iov_len = cnt - (p - tbuf); 354 ++v; 355 v->iov_base = "\r\n"; 356 v->iov_len = 2; 357 (void)_writev(fd, iov, 2); 358 (void)_close(fd); 359 } 360 } 361 362 static void 363 syslog_cancel_cleanup(void *arg __unused) 364 { 365 366 THREAD_UNLOCK(); 367 } 368 369 void 370 vsyslog(int pri, const char *fmt, va_list ap) 371 { 372 373 THREAD_LOCK(); 374 pthread_cleanup_push(syslog_cancel_cleanup, NULL); 375 vsyslog1(pri, fmt, ap); 376 pthread_cleanup_pop(1); 377 } 378 379 /* Should be called with mutex acquired */ 380 static void 381 disconnectlog(void) 382 { 383 /* 384 * If the user closed the FD and opened another in the same slot, 385 * that's their problem. They should close it before calling on 386 * system services. 387 */ 388 if (LogFile != -1) { 389 _close(LogFile); 390 LogFile = -1; 391 } 392 status = NOCONN; /* retry connect */ 393 } 394 395 /* Should be called with mutex acquired */ 396 static void 397 connectlog(void) 398 { 399 struct sockaddr_un SyslogAddr; /* AF_UNIX address of local logger */ 400 401 if (LogFile == -1) { 402 socklen_t len; 403 404 if ((LogFile = _socket(AF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 405 0)) == -1) 406 return; 407 if (_getsockopt(LogFile, SOL_SOCKET, SO_SNDBUF, &len, 408 &(socklen_t){sizeof(len)}) == 0) { 409 if (len < MAXLINE) { 410 len = MAXLINE; 411 (void)_setsockopt(LogFile, SOL_SOCKET, SO_SNDBUF, 412 &len, sizeof(len)); 413 } 414 } 415 } 416 if (LogFile != -1 && status == NOCONN) { 417 SyslogAddr.sun_len = sizeof(SyslogAddr); 418 SyslogAddr.sun_family = AF_UNIX; 419 420 /* 421 * First try privileged socket. If no success, 422 * then try default socket. 423 */ 424 (void)strncpy(SyslogAddr.sun_path, _PATH_LOG_PRIV, 425 sizeof SyslogAddr.sun_path); 426 if (_connect(LogFile, (struct sockaddr *)&SyslogAddr, 427 sizeof(SyslogAddr)) != -1) 428 status = CONNPRIV; 429 430 if (status == NOCONN) { 431 (void)strncpy(SyslogAddr.sun_path, _PATH_LOG, 432 sizeof SyslogAddr.sun_path); 433 if (_connect(LogFile, (struct sockaddr *)&SyslogAddr, 434 sizeof(SyslogAddr)) != -1) 435 status = CONNDEF; 436 } 437 438 if (status == NOCONN) { 439 /* 440 * Try the old "/dev/log" path, for backward 441 * compatibility. 442 */ 443 (void)strncpy(SyslogAddr.sun_path, _PATH_OLDLOG, 444 sizeof SyslogAddr.sun_path); 445 if (_connect(LogFile, (struct sockaddr *)&SyslogAddr, 446 sizeof(SyslogAddr)) != -1) 447 status = CONNDEF; 448 } 449 450 if (status == NOCONN) { 451 (void)_close(LogFile); 452 LogFile = -1; 453 } 454 } 455 } 456 457 static void 458 openlog_unlocked(const char *ident, int logstat, int logfac) 459 { 460 if (ident != NULL) 461 LogTag = ident; 462 LogStat = logstat; 463 if (logfac != 0 && (logfac &~ LOG_FACMASK) == 0) 464 LogFacility = logfac; 465 466 if (LogStat & LOG_NDELAY) /* open immediately */ 467 connectlog(); 468 469 opened = 1; /* ident and facility has been set */ 470 } 471 472 void 473 openlog(const char *ident, int logstat, int logfac) 474 { 475 476 THREAD_LOCK(); 477 pthread_cleanup_push(syslog_cancel_cleanup, NULL); 478 openlog_unlocked(ident, logstat, logfac); 479 pthread_cleanup_pop(1); 480 } 481 482 483 void 484 closelog(void) 485 { 486 THREAD_LOCK(); 487 if (LogFile != -1) { 488 (void)_close(LogFile); 489 LogFile = -1; 490 } 491 LogTag = NULL; 492 status = NOCONN; 493 THREAD_UNLOCK(); 494 } 495 496 /* setlogmask -- set the log mask level */ 497 int 498 setlogmask(int pmask) 499 { 500 int omask; 501 502 THREAD_LOCK(); 503 omask = LogMask; 504 if (pmask != 0) 505 LogMask = pmask; 506 THREAD_UNLOCK(); 507 return (omask); 508 } 509