1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1983, 1988, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/cdefs.h>
33 __SCCSID("@(#)syslog.c 8.5 (Berkeley) 4/29/95");
34 __FBSDID("$FreeBSD$");
35
36 #include "namespace.h"
37 #include <sys/param.h>
38 #include <sys/socket.h>
39 #include <sys/syslog.h>
40 #include <sys/time.h>
41 #include <sys/uio.h>
42 #include <sys/un.h>
43 #include <netdb.h>
44
45 #include <errno.h>
46 #include <fcntl.h>
47 #include <paths.h>
48 #include <pthread.h>
49 #include <stdio.h>
50 #include <stdlib.h>
51 #include <string.h>
52 #include <time.h>
53 #include <unistd.h>
54
55 #include <stdarg.h>
56 #include "un-namespace.h"
57
58 #include "libc_private.h"
59
60 /* Maximum number of characters of syslog message */
61 #define MAXLINE 8192
62
63 static int LogFile = -1; /* fd for log */
64 static int status; /* connection status */
65 static int opened; /* have done openlog() */
66 static int LogStat = 0; /* status bits, set by openlog() */
67 static const char *LogTag = NULL; /* string to tag the entry with */
68 static int LogFacility = LOG_USER; /* default facility code */
69 static int LogMask = 0xff; /* mask of priorities to be logged */
70 static pthread_mutex_t syslog_mutex = PTHREAD_MUTEX_INITIALIZER;
71
72 #define THREAD_LOCK() \
73 do { \
74 if (__isthreaded) _pthread_mutex_lock(&syslog_mutex); \
75 } while(0)
76 #define THREAD_UNLOCK() \
77 do { \
78 if (__isthreaded) _pthread_mutex_unlock(&syslog_mutex); \
79 } while(0)
80
81 /* RFC5424 defined value. */
82 #define NILVALUE "-"
83
84 static void disconnectlog(void); /* disconnect from syslogd */
85 static void connectlog(void); /* (re)connect to syslogd */
86 static void openlog_unlocked(const char *, int, int);
87
88 enum {
89 NOCONN = 0,
90 CONNDEF,
91 CONNPRIV,
92 };
93
94 /*
95 * Format of the magic cookie passed through the stdio hook
96 */
97 struct bufcookie {
98 char *base; /* start of buffer */
99 int left;
100 };
101
102 /*
103 * stdio write hook for writing to a static string buffer
104 * XXX: Maybe one day, dynamically allocate it so that the line length
105 * is `unlimited'.
106 */
107 static int
writehook(void * cookie,const char * buf,int len)108 writehook(void *cookie, const char *buf, int len)
109 {
110 struct bufcookie *h; /* private `handle' */
111
112 h = (struct bufcookie *)cookie;
113 if (len > h->left) {
114 /* clip in case of wraparound */
115 len = h->left;
116 }
117 if (len > 0) {
118 (void)memcpy(h->base, buf, len); /* `write' it. */
119 h->base += len;
120 h->left -= len;
121 }
122 return len;
123 }
124
125 /*
126 * syslog, vsyslog --
127 * print message on log file; output is intended for syslogd(8).
128 */
129 void
syslog(int pri,const char * fmt,...)130 syslog(int pri, const char *fmt, ...)
131 {
132 va_list ap;
133
134 va_start(ap, fmt);
135 vsyslog(pri, fmt, ap);
136 va_end(ap);
137 }
138
139 static void
vsyslog1(int pri,const char * fmt,va_list ap)140 vsyslog1(int pri, const char *fmt, va_list ap)
141 {
142 struct timeval now;
143 struct tm tm;
144 char ch, *p;
145 long tz_offset;
146 int cnt, fd, saved_errno;
147 char hostname[MAXHOSTNAMELEN], *stdp, tbuf[MAXLINE], fmt_cpy[MAXLINE],
148 errstr[64], tz_sign;
149 FILE *fp, *fmt_fp;
150 struct bufcookie tbuf_cookie;
151 struct bufcookie fmt_cookie;
152
153 #define INTERNALLOG LOG_ERR|LOG_CONS|LOG_PERROR|LOG_PID
154 /* Check for invalid bits. */
155 if (pri & ~(LOG_PRIMASK|LOG_FACMASK)) {
156 syslog(INTERNALLOG,
157 "syslog: unknown facility/priority: %x", pri);
158 pri &= LOG_PRIMASK|LOG_FACMASK;
159 }
160
161 saved_errno = errno;
162
163 /* Check priority against setlogmask values. */
164 if (!(LOG_MASK(LOG_PRI(pri)) & LogMask))
165 return;
166
167 /* Set default facility if none specified. */
168 if ((pri & LOG_FACMASK) == 0)
169 pri |= LogFacility;
170
171 /* Create the primary stdio hook */
172 tbuf_cookie.base = tbuf;
173 tbuf_cookie.left = sizeof(tbuf);
174 fp = fwopen(&tbuf_cookie, writehook);
175 if (fp == NULL)
176 return;
177
178 /* Build the message according to RFC 5424. Tag and version. */
179 (void)fprintf(fp, "<%d>1 ", pri);
180 /* Timestamp similar to RFC 3339. */
181 if (gettimeofday(&now, NULL) == 0 &&
182 localtime_r(&now.tv_sec, &tm) != NULL) {
183 if (tm.tm_gmtoff < 0) {
184 tz_sign = '-';
185 tz_offset = -tm.tm_gmtoff;
186 } else {
187 tz_sign = '+';
188 tz_offset = tm.tm_gmtoff;
189 }
190
191 (void)fprintf(fp,
192 "%04d-%02d-%02d" /* Date. */
193 "T%02d:%02d:%02d.%06ld" /* Time. */
194 "%c%02ld:%02ld ", /* Time zone offset. */
195 tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday,
196 tm.tm_hour, tm.tm_min, tm.tm_sec, now.tv_usec,
197 tz_sign, tz_offset / 3600, (tz_offset % 3600) / 60);
198 } else
199 (void)fputs(NILVALUE " ", fp);
200 /* Hostname. */
201 (void)gethostname(hostname, sizeof(hostname));
202 (void)fprintf(fp, "%s ",
203 hostname[0] == '\0' ? NILVALUE : hostname);
204 if (LogStat & LOG_PERROR) {
205 /* Transfer to string buffer */
206 (void)fflush(fp);
207 stdp = tbuf + (sizeof(tbuf) - tbuf_cookie.left);
208 }
209 /* Application name. */
210 if (LogTag == NULL)
211 LogTag = _getprogname();
212 (void)fprintf(fp, "%s ", LogTag == NULL ? NILVALUE : LogTag);
213 /*
214 * Provide the process ID regardless of whether LOG_PID has been
215 * specified, as it provides valuable information. Many
216 * applications tend not to use this, even though they should.
217 */
218 (void)fprintf(fp, "%d ", getpid());
219 /* Message ID. */
220 (void)fputs(NILVALUE " ", fp);
221 /* Structured data. */
222 (void)fputs(NILVALUE " ", fp);
223
224 /* Check to see if we can skip expanding the %m */
225 if (strstr(fmt, "%m")) {
226
227 /* Create the second stdio hook */
228 fmt_cookie.base = fmt_cpy;
229 fmt_cookie.left = sizeof(fmt_cpy) - 1;
230 fmt_fp = fwopen(&fmt_cookie, writehook);
231 if (fmt_fp == NULL) {
232 fclose(fp);
233 return;
234 }
235
236 /*
237 * Substitute error message for %m. Be careful not to
238 * molest an escaped percent "%%m". We want to pass it
239 * on untouched as the format is later parsed by vfprintf.
240 */
241 for ( ; (ch = *fmt); ++fmt) {
242 if (ch == '%' && fmt[1] == 'm') {
243 ++fmt;
244 strerror_r(saved_errno, errstr, sizeof(errstr));
245 fputs(errstr, fmt_fp);
246 } else if (ch == '%' && fmt[1] == '%') {
247 ++fmt;
248 fputc(ch, fmt_fp);
249 fputc(ch, fmt_fp);
250 } else {
251 fputc(ch, fmt_fp);
252 }
253 }
254
255 /* Null terminate if room */
256 fputc(0, fmt_fp);
257 fclose(fmt_fp);
258
259 /* Guarantee null termination */
260 fmt_cpy[sizeof(fmt_cpy) - 1] = '\0';
261
262 fmt = fmt_cpy;
263 }
264
265 /* Message. */
266 (void)vfprintf(fp, fmt, ap);
267 (void)fclose(fp);
268
269 cnt = sizeof(tbuf) - tbuf_cookie.left;
270
271 /* Remove a trailing newline */
272 if (tbuf[cnt - 1] == '\n')
273 cnt--;
274
275 /* Output to stderr if requested. */
276 if (LogStat & LOG_PERROR) {
277 struct iovec iov[2];
278 struct iovec *v = iov;
279
280 v->iov_base = stdp;
281 v->iov_len = cnt - (stdp - tbuf);
282 ++v;
283 v->iov_base = "\n";
284 v->iov_len = 1;
285 (void)_writev(STDERR_FILENO, iov, 2);
286 }
287
288 /* Get connected, output the message to the local logger. */
289 if (!opened)
290 openlog_unlocked(LogTag, LogStat | LOG_NDELAY, 0);
291 connectlog();
292
293 /*
294 * If the send() fails, there are two likely scenarios:
295 * 1) syslogd was restarted
296 * 2) /var/run/log is out of socket buffer space, which
297 * in most cases means local DoS.
298 * If the error does not indicate a full buffer, we address
299 * case #1 by attempting to reconnect to /var/run/log[priv]
300 * and resending the message once.
301 *
302 * If we are working with a privileged socket, the retry
303 * attempts end there, because we don't want to freeze a
304 * critical application like su(1) or sshd(8).
305 *
306 * Otherwise, we address case #2 by repeatedly retrying the
307 * send() to give syslogd a chance to empty its socket buffer.
308 */
309
310 if (send(LogFile, tbuf, cnt, 0) < 0) {
311 if (errno != ENOBUFS) {
312 /*
313 * Scenario 1: syslogd was restarted
314 * reconnect and resend once
315 */
316 disconnectlog();
317 connectlog();
318 if (send(LogFile, tbuf, cnt, 0) >= 0)
319 return;
320 /*
321 * if the resend failed, fall through to
322 * possible scenario 2
323 */
324 }
325 while (errno == ENOBUFS) {
326 /*
327 * Scenario 2: out of socket buffer space
328 * possible DoS, fail fast on a privileged
329 * socket
330 */
331 if (status == CONNPRIV)
332 break;
333 _usleep(1);
334 if (send(LogFile, tbuf, cnt, 0) >= 0)
335 return;
336 }
337 } else
338 return;
339
340 /*
341 * Output the message to the console; try not to block
342 * as a blocking console should not stop other processes.
343 * Make sure the error reported is the one from the syslogd failure.
344 */
345 if (LogStat & LOG_CONS &&
346 (fd = _open(_PATH_CONSOLE, O_WRONLY|O_NONBLOCK|O_CLOEXEC, 0)) >=
347 0) {
348 struct iovec iov[2];
349 struct iovec *v = iov;
350
351 p = strchr(tbuf, '>') + 3;
352 v->iov_base = p;
353 v->iov_len = cnt - (p - tbuf);
354 ++v;
355 v->iov_base = "\r\n";
356 v->iov_len = 2;
357 (void)_writev(fd, iov, 2);
358 (void)_close(fd);
359 }
360 }
361
362 static void
syslog_cancel_cleanup(void * arg __unused)363 syslog_cancel_cleanup(void *arg __unused)
364 {
365
366 THREAD_UNLOCK();
367 }
368
369 void
vsyslog(int pri,const char * fmt,va_list ap)370 vsyslog(int pri, const char *fmt, va_list ap)
371 {
372
373 THREAD_LOCK();
374 pthread_cleanup_push(syslog_cancel_cleanup, NULL);
375 vsyslog1(pri, fmt, ap);
376 pthread_cleanup_pop(1);
377 }
378
379 /* Should be called with mutex acquired */
380 static void
disconnectlog(void)381 disconnectlog(void)
382 {
383 /*
384 * If the user closed the FD and opened another in the same slot,
385 * that's their problem. They should close it before calling on
386 * system services.
387 */
388 if (LogFile != -1) {
389 _close(LogFile);
390 LogFile = -1;
391 }
392 status = NOCONN; /* retry connect */
393 }
394
395 /* Should be called with mutex acquired */
396 static void
connectlog(void)397 connectlog(void)
398 {
399 struct sockaddr_un SyslogAddr; /* AF_UNIX address of local logger */
400
401 if (LogFile == -1) {
402 socklen_t len;
403
404 if ((LogFile = _socket(AF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC,
405 0)) == -1)
406 return;
407 if (_getsockopt(LogFile, SOL_SOCKET, SO_SNDBUF, &len,
408 &(socklen_t){sizeof(len)}) == 0) {
409 if (len < MAXLINE) {
410 len = MAXLINE;
411 (void)_setsockopt(LogFile, SOL_SOCKET, SO_SNDBUF,
412 &len, sizeof(len));
413 }
414 }
415 }
416 if (LogFile != -1 && status == NOCONN) {
417 SyslogAddr.sun_len = sizeof(SyslogAddr);
418 SyslogAddr.sun_family = AF_UNIX;
419
420 /*
421 * First try privileged socket. If no success,
422 * then try default socket.
423 */
424 (void)strncpy(SyslogAddr.sun_path, _PATH_LOG_PRIV,
425 sizeof SyslogAddr.sun_path);
426 if (_connect(LogFile, (struct sockaddr *)&SyslogAddr,
427 sizeof(SyslogAddr)) != -1)
428 status = CONNPRIV;
429
430 if (status == NOCONN) {
431 (void)strncpy(SyslogAddr.sun_path, _PATH_LOG,
432 sizeof SyslogAddr.sun_path);
433 if (_connect(LogFile, (struct sockaddr *)&SyslogAddr,
434 sizeof(SyslogAddr)) != -1)
435 status = CONNDEF;
436 }
437
438 if (status == NOCONN) {
439 /*
440 * Try the old "/dev/log" path, for backward
441 * compatibility.
442 */
443 (void)strncpy(SyslogAddr.sun_path, _PATH_OLDLOG,
444 sizeof SyslogAddr.sun_path);
445 if (_connect(LogFile, (struct sockaddr *)&SyslogAddr,
446 sizeof(SyslogAddr)) != -1)
447 status = CONNDEF;
448 }
449
450 if (status == NOCONN) {
451 (void)_close(LogFile);
452 LogFile = -1;
453 }
454 }
455 }
456
457 static void
openlog_unlocked(const char * ident,int logstat,int logfac)458 openlog_unlocked(const char *ident, int logstat, int logfac)
459 {
460 if (ident != NULL)
461 LogTag = ident;
462 LogStat = logstat;
463 if (logfac != 0 && (logfac &~ LOG_FACMASK) == 0)
464 LogFacility = logfac;
465
466 if (LogStat & LOG_NDELAY) /* open immediately */
467 connectlog();
468
469 opened = 1; /* ident and facility has been set */
470 }
471
472 void
openlog(const char * ident,int logstat,int logfac)473 openlog(const char *ident, int logstat, int logfac)
474 {
475
476 THREAD_LOCK();
477 pthread_cleanup_push(syslog_cancel_cleanup, NULL);
478 openlog_unlocked(ident, logstat, logfac);
479 pthread_cleanup_pop(1);
480 }
481
482
483 void
closelog(void)484 closelog(void)
485 {
486 THREAD_LOCK();
487 if (LogFile != -1) {
488 (void)_close(LogFile);
489 LogFile = -1;
490 }
491 LogTag = NULL;
492 status = NOCONN;
493 THREAD_UNLOCK();
494 }
495
496 /* setlogmask -- set the log mask level */
497 int
setlogmask(int pmask)498 setlogmask(int pmask)
499 {
500 int omask;
501
502 THREAD_LOCK();
503 omask = LogMask;
504 if (pmask != 0)
505 LogMask = pmask;
506 THREAD_UNLOCK();
507 return (omask);
508 }
509