prevent one byte overrun in printline()

Fix minor thinko in previous. Make sure we close and keep closed all
sockets in the situation where all of the following are true:

* /etc/syslogd.conf contained forwarding actions when we were

Fix minor thinko in previous. Make sure we close and keep closed all
sockets in the situation where all of the following are true:

* /etc/syslogd.conf contained forwarding actions when we were
started up or when we last received a HUP

* /etc/syslogd.conf has had all forwarding actions removed

* we are running with -s

and we receive a HUP.

show more ...

Fix opening/closing of sockets when receiving a HUP, and /etc/syslog.conf
has been changed from having forwarding actions to having none, or vice versa.

Improve behavior of `syslogd -s'.

Even if we are forwarding, don't bind to udp/514 if running with `-s'.

Back out and redo previous at Bill Sommerfeld's <sommerfeld@netbsd.org>
request:

instead of the -S flag, fix the -s flag to not open a socket
if there are no forwarding rules in /etc/syslog.conf

Back out and redo previous at Bill Sommerfeld's <sommerfeld@netbsd.org>
request:

instead of the -S flag, fix the -s flag to not open a socket
if there are no forwarding rules in /etc/syslog.conf

The behavior of syslogd when -s is specified and there are forwarding rules
should still be made cleaner.

show more ...

1.) bring usage text up to date, and clarify description of `-s' option
in man page and comments -- for some time it has no longer prevents
an inet socket from being opened, just caused it to

1.) bring usage text up to date, and clarify description of `-s' option
in man page and comments -- for some time it has no longer prevents
an inet socket from being opened, just caused it to be ignored

2.) Fix this problem with `-s' -- syslogd always opens an inet socket, even if
-s is specified and it has nowhere to send to. This socket is then
shutdown(), but there is no way to not have this socket open.

Users setting up paranoid installations can now specify `-S' which
prevents any non-unix-domain sockets from being opened, even if
forwarding is specified in /etc/syslogd.conf.

As per the previous fix, this is not made the default for `-s', as it
also prevents syslogd from forwarding log messages.

3.) document the above in the man page and usage.

Justification: in light of the possibility of future DoS attacks, or the
desire to set up a machine which is relatively uninformative in the face
of port scans, users may quite legitimately want to control what sockets
are open on their machine. Telling such users that they cannot run
syslogd is non-ideal.

show more ...

* in secure mode (-s), still open the inet sockets but do a shutdown(,SHUT_RD)
on each of them, and don't bother listening on them. this allows messages
to be forwarded even with -s enabled.

X

* in secure mode (-s), still open the inet sockets but do a shutdown(,SHUT_RD)
on each of them, and don't bother listening on them. this allows messages
to be forwarded even with -s enabled.

XXX: not 100% sure if this is susceptable to a DoS, e.g someone filling
up kernel buffers with a backlog of packets not being read, but shutdown(2)
should prevent that even if it possibly doesn't at this time.

* minor KNF

show more ...

use sizeof(foo) instead of hardcoded value, to help synchronizing
variable def and function parameter.

RCSID police.

be more friendly with non-IPv6 kernel.

IPv6 support in syslogd. actually we need library update as well.
NetBSD PR #8934 from Feico Dillema <dillema@acm.org> (with memory leak fix).

add some debug messages.

save/restore errno as necessary (printf() et al might have modified it...)

Use pidfile(3).

Because the old bound check is used at several places we need to make
sure that the array is really NULL terminated. Fixes PR bin/7062.

Correct precedence in calculation of storage for pollfds.

- Don't use static array hack if neither "-p" nor "-P" are used.
- Because the logsocket array is not NULL terminated use the entry number
for bound checks.

Use correct expression "sizeof(char *)" instead of "sizeof(char **)"
to calculate memory size.

- allow -p /log/socket to appear more than once (and work as expected
if given this). this is extremely useful for chrooted daemons that
still want to create log entries via a local mechanism.

- allow -p /log/socket to appear more than once (and work as expected
if given this). this is extremely useful for chrooted daemons that
still want to create log entries via a local mechanism.

- create a new -P option that takes a filename of log sockets (equiv.
of calling syslogd which -p <each line of file>. this is useful
for the case of many chroot areas and keeping this information in
one place rather than having to remember it all.

if no -p options are given, the default (_PATH_LOG) is used as normal.

show more ...

Use "[host]: " as prefix for forwarded messages to distinguish them
from message originated by the forwarding host, fixes PR bin/5860 by
Greg A. Woods.

use AF_LOCAL instead of AF_UNIX

- use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe

- use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames

show more ...

Fix arithmetics lossage on typeless pointers.

prefer snprintf() to sprintf()

getopt returns -1 not EOF