1 /*
2 * General logging functions.
3 *
4 * Copyright 2000-2008 Willy Tarreau <w@1wt.eu>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13 #include <ctype.h>
14 #include <fcntl.h>
15 #include <stdarg.h>
16 #include <stdio.h>
17 #include <stdlib.h>
18 #include <string.h>
19 #include <syslog.h>
20 #include <time.h>
21 #include <unistd.h>
22 #include <errno.h>
23
24 #include <sys/time.h>
25 #include <sys/uio.h>
26
27 #include <common/config.h>
28 #include <common/compat.h>
29 #include <common/standard.h>
30 #include <common/time.h>
31
32 #include <types/global.h>
33 #include <types/log.h>
34
35 #include <proto/frontend.h>
36 #include <proto/proto_http.h>
37 #include <proto/log.h>
38 #include <proto/sample.h>
39 #include <proto/stream.h>
40 #include <proto/stream_interface.h>
41 #ifdef USE_OPENSSL
42 #include <proto/ssl_sock.h>
43 #endif
44
45 struct log_fmt {
46 char *name;
47 struct {
48 struct chunk sep1; /* first pid separator */
49 struct chunk sep2; /* second pid separator */
50 } pid;
51 };
52
53 static const struct log_fmt log_formats[LOG_FORMATS] = {
54 [LOG_FORMAT_RFC3164] = {
55 .name = "rfc3164",
56 .pid = {
57 .sep1 = { .str = "[", .len = 1 },
58 .sep2 = { .str = "]: ", .len = 3 }
59 }
60 },
61 [LOG_FORMAT_RFC5424] = {
62 .name = "rfc5424",
63 .pid = {
64 .sep1 = { .str = " ", .len = 1 },
65 .sep2 = { .str = " - ", .len = 3 }
66 }
67 }
68 };
69
70 #define FD_SETS_ARE_BITFIELDS
71 #ifdef FD_SETS_ARE_BITFIELDS
72 /*
73 * This map is used with all the FD_* macros to check whether a particular bit
74 * is set or not. Each bit represents an ACSII code. FD_SET() sets those bytes
75 * which should be escaped. When FD_ISSET() returns non-zero, it means that the
76 * byte should be escaped. Be careful to always pass bytes from 0 to 255
77 * exclusively to the macros.
78 */
79 fd_set rfc5424_escape_map[(sizeof(fd_set) > (256/8)) ? 1 : ((256/8) / sizeof(fd_set))];
80
81 #else
82 #error "Check if your OS uses bitfields for fd_sets"
83 #endif
84
85 const char *log_facilities[NB_LOG_FACILITIES] = {
86 "kern", "user", "mail", "daemon",
87 "auth", "syslog", "lpr", "news",
88 "uucp", "cron", "auth2", "ftp",
89 "ntp", "audit", "alert", "cron2",
90 "local0", "local1", "local2", "local3",
91 "local4", "local5", "local6", "local7"
92 };
93
94 const char *log_levels[NB_LOG_LEVELS] = {
95 "emerg", "alert", "crit", "err",
96 "warning", "notice", "info", "debug"
97 };
98
99 const char sess_term_cond[16] = "-LcCsSPRIDKUIIII"; /* normal, Local, CliTo, CliErr, SrvTo, SrvErr, PxErr, Resource, Internal, Down, Killed, Up, -- */
100 const char sess_fin_state[8] = "-RCHDLQT"; /* cliRequest, srvConnect, srvHeader, Data, Last, Queue, Tarpit */
101
102
103 /* log_format */
104 struct logformat_type {
105 char *name;
106 int type;
107 int mode;
108 int lw; /* logwait bitsfield */
109 int (*config_callback)(struct logformat_node *node, struct proxy *curproxy);
110 const char *replace_by; /* new option to use instead of old one */
111 };
112
113 int prepare_addrsource(struct logformat_node *node, struct proxy *curproxy);
114
115 /* log_format variable names */
116 static const struct logformat_type logformat_keywords[] = {
117 { "o", LOG_FMT_GLOBAL, PR_MODE_TCP, 0, NULL }, /* global option */
118
119 /* please keep these lines sorted ! */
120 { "B", LOG_FMT_BYTES, PR_MODE_TCP, LW_BYTES, NULL }, /* bytes from server to client */
121 { "CC", LOG_FMT_CCLIENT, PR_MODE_HTTP, LW_REQHDR, NULL }, /* client cookie */
122 { "CS", LOG_FMT_CSERVER, PR_MODE_HTTP, LW_RSPHDR, NULL }, /* server cookie */
123 { "H", LOG_FMT_HOSTNAME, PR_MODE_TCP, LW_INIT, NULL }, /* Hostname */
124 { "ID", LOG_FMT_UNIQUEID, PR_MODE_HTTP, LW_BYTES, NULL }, /* Unique ID */
125 { "ST", LOG_FMT_STATUS, PR_MODE_TCP, LW_RESP, NULL }, /* status code */
126 { "T", LOG_FMT_DATEGMT, PR_MODE_TCP, LW_INIT, NULL }, /* date GMT */
127 { "Ta", LOG_FMT_Ta, PR_MODE_HTTP, LW_BYTES, NULL }, /* Time active (tr to end) */
128 { "Tc", LOG_FMT_TC, PR_MODE_TCP, LW_BYTES, NULL }, /* Tc */
129 { "Th", LOG_FMT_Th, PR_MODE_TCP, LW_BYTES, NULL }, /* Time handshake */
130 { "Ti", LOG_FMT_Ti, PR_MODE_HTTP, LW_BYTES, NULL }, /* Time idle */
131 { "Tl", LOG_FMT_DATELOCAL, PR_MODE_TCP, LW_INIT, NULL }, /* date local timezone */
132 { "Tq", LOG_FMT_TQ, PR_MODE_HTTP, LW_BYTES, NULL }, /* Tq=Th+Ti+TR */
133 { "Tr", LOG_FMT_Tr, PR_MODE_HTTP, LW_BYTES, NULL }, /* Tr */
134 { "TR", LOG_FMT_TR, PR_MODE_HTTP, LW_BYTES, NULL }, /* Time to receive a valid request */
135 { "Td", LOG_FMT_TD, PR_MODE_TCP, LW_BYTES, NULL }, /* Td = Tt - (Tq + Tw + Tc + Tr) */
136 { "Ts", LOG_FMT_TS, PR_MODE_TCP, LW_INIT, NULL }, /* timestamp GMT */
137 { "Tt", LOG_FMT_TT, PR_MODE_TCP, LW_BYTES, NULL }, /* Tt */
138 { "Tw", LOG_FMT_TW, PR_MODE_TCP, LW_BYTES, NULL }, /* Tw */
139 { "U", LOG_FMT_BYTES_UP, PR_MODE_TCP, LW_BYTES, NULL }, /* bytes from client to server */
140 { "ac", LOG_FMT_ACTCONN, PR_MODE_TCP, LW_BYTES, NULL }, /* actconn */
141 { "b", LOG_FMT_BACKEND, PR_MODE_TCP, LW_INIT, NULL }, /* backend */
142 { "bc", LOG_FMT_BECONN, PR_MODE_TCP, LW_BYTES, NULL }, /* beconn */
143 { "bi", LOG_FMT_BACKENDIP, PR_MODE_TCP, LW_BCKIP, prepare_addrsource }, /* backend source ip */
144 { "bp", LOG_FMT_BACKENDPORT, PR_MODE_TCP, LW_BCKIP, prepare_addrsource }, /* backend source port */
145 { "bq", LOG_FMT_BCKQUEUE, PR_MODE_TCP, LW_BYTES, NULL }, /* backend_queue */
146 { "ci", LOG_FMT_CLIENTIP, PR_MODE_TCP, LW_CLIP | LW_XPRT, NULL }, /* client ip */
147 { "cp", LOG_FMT_CLIENTPORT, PR_MODE_TCP, LW_CLIP | LW_XPRT, NULL }, /* client port */
148 { "f", LOG_FMT_FRONTEND, PR_MODE_TCP, LW_INIT, NULL }, /* frontend */
149 { "fc", LOG_FMT_FECONN, PR_MODE_TCP, LW_BYTES, NULL }, /* feconn */
150 { "fi", LOG_FMT_FRONTENDIP, PR_MODE_TCP, LW_FRTIP | LW_XPRT, NULL }, /* frontend ip */
151 { "fp", LOG_FMT_FRONTENDPORT, PR_MODE_TCP, LW_FRTIP | LW_XPRT, NULL }, /* frontend port */
152 { "ft", LOG_FMT_FRONTEND_XPRT, PR_MODE_TCP, LW_INIT, NULL }, /* frontend with transport mode */
153 { "hr", LOG_FMT_HDRREQUEST, PR_MODE_TCP, LW_REQHDR, NULL }, /* header request */
154 { "hrl", LOG_FMT_HDRREQUESTLIST, PR_MODE_TCP, LW_REQHDR, NULL }, /* header request list */
155 { "hs", LOG_FMT_HDRRESPONS, PR_MODE_TCP, LW_RSPHDR, NULL }, /* header response */
156 { "hsl", LOG_FMT_HDRRESPONSLIST, PR_MODE_TCP, LW_RSPHDR, NULL }, /* header response list */
157 { "HM", LOG_FMT_HTTP_METHOD, PR_MODE_HTTP, LW_REQ, NULL }, /* HTTP method */
158 { "HP", LOG_FMT_HTTP_PATH, PR_MODE_HTTP, LW_REQ, NULL }, /* HTTP path */
159 { "HQ", LOG_FMT_HTTP_QUERY, PR_MODE_HTTP, LW_REQ, NULL }, /* HTTP query */
160 { "HU", LOG_FMT_HTTP_URI, PR_MODE_HTTP, LW_REQ, NULL }, /* HTTP full URI */
161 { "HV", LOG_FMT_HTTP_VERSION, PR_MODE_HTTP, LW_REQ, NULL }, /* HTTP version */
162 { "lc", LOG_FMT_LOGCNT, PR_MODE_TCP, LW_INIT, NULL }, /* log counter */
163 { "ms", LOG_FMT_MS, PR_MODE_TCP, LW_INIT, NULL }, /* accept date millisecond */
164 { "pid", LOG_FMT_PID, PR_MODE_TCP, LW_INIT, NULL }, /* log pid */
165 { "r", LOG_FMT_REQ, PR_MODE_HTTP, LW_REQ, NULL }, /* request */
166 { "rc", LOG_FMT_RETRIES, PR_MODE_TCP, LW_BYTES, NULL }, /* retries */
167 { "rt", LOG_FMT_COUNTER, PR_MODE_TCP, LW_REQ, NULL }, /* request counter (HTTP or TCP session) */
168 { "s", LOG_FMT_SERVER, PR_MODE_TCP, LW_SVID, NULL }, /* server */
169 { "sc", LOG_FMT_SRVCONN, PR_MODE_TCP, LW_BYTES, NULL }, /* srv_conn */
170 { "si", LOG_FMT_SERVERIP, PR_MODE_TCP, LW_SVIP, NULL }, /* server destination ip */
171 { "sp", LOG_FMT_SERVERPORT, PR_MODE_TCP, LW_SVIP, NULL }, /* server destination port */
172 { "sq", LOG_FMT_SRVQUEUE, PR_MODE_TCP, LW_BYTES, NULL }, /* srv_queue */
173 { "sslc", LOG_FMT_SSL_CIPHER, PR_MODE_TCP, LW_XPRT, NULL }, /* client-side SSL ciphers */
174 { "sslv", LOG_FMT_SSL_VERSION, PR_MODE_TCP, LW_XPRT, NULL }, /* client-side SSL protocol version */
175 { "t", LOG_FMT_DATE, PR_MODE_TCP, LW_INIT, NULL }, /* date */
176 { "tr", LOG_FMT_tr, PR_MODE_HTTP, LW_INIT, NULL }, /* date of start of request */
177 { "trg",LOG_FMT_trg, PR_MODE_HTTP, LW_INIT, NULL }, /* date of start of request, GMT */
178 { "trl",LOG_FMT_trl, PR_MODE_HTTP, LW_INIT, NULL }, /* date of start of request, local */
179 { "ts", LOG_FMT_TERMSTATE, PR_MODE_TCP, LW_BYTES, NULL },/* termination state */
180 { "tsc", LOG_FMT_TERMSTATE_CK, PR_MODE_TCP, LW_INIT, NULL },/* termination state */
181
182 /* The following tags are deprecated and will be removed soon */
183 { "Bi", LOG_FMT_BACKENDIP, PR_MODE_TCP, LW_BCKIP, prepare_addrsource, "bi" }, /* backend source ip */
184 { "Bp", LOG_FMT_BACKENDPORT, PR_MODE_TCP, LW_BCKIP, prepare_addrsource, "bp" }, /* backend source port */
185 { "Ci", LOG_FMT_CLIENTIP, PR_MODE_TCP, LW_CLIP | LW_XPRT, NULL, "ci" }, /* client ip */
186 { "Cp", LOG_FMT_CLIENTPORT, PR_MODE_TCP, LW_CLIP | LW_XPRT, NULL, "cp" }, /* client port */
187 { "Fi", LOG_FMT_FRONTENDIP, PR_MODE_TCP, LW_FRTIP | LW_XPRT, NULL, "fi" }, /* frontend ip */
188 { "Fp", LOG_FMT_FRONTENDPORT, PR_MODE_TCP, LW_FRTIP | LW_XPRT, NULL, "fp" }, /* frontend port */
189 { "Si", LOG_FMT_SERVERIP, PR_MODE_TCP, LW_SVIP, NULL, "si" }, /* server destination ip */
190 { "Sp", LOG_FMT_SERVERPORT, PR_MODE_TCP, LW_SVIP, NULL, "sp" }, /* server destination port */
191 { "cc", LOG_FMT_CCLIENT, PR_MODE_HTTP, LW_REQHDR, NULL, "CC" }, /* client cookie */
192 { "cs", LOG_FMT_CSERVER, PR_MODE_HTTP, LW_RSPHDR, NULL, "CS" }, /* server cookie */
193 { "st", LOG_FMT_STATUS, PR_MODE_HTTP, LW_RESP, NULL, "ST" }, /* status code */
194 { 0, 0, 0, 0, NULL }
195 };
196
197 char default_http_log_format[] = "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"; // default format
198 char clf_http_log_format[] = "%{+Q}o %{-Q}ci - - [%trg] %r %ST %B \"\" \"\" %cp %ms %ft %b %s %TR %Tw %Tc %Tr %Ta %tsc %ac %fc %bc %sc %rc %sq %bq %CC %CS %hrl %hsl";
199 char default_tcp_log_format[] = "%ci:%cp [%t] %ft %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq";
200 char *log_format = NULL;
201
202 /* Default string used for structured-data part in RFC5424 formatted
203 * syslog messages.
204 */
205 char default_rfc5424_sd_log_format[] = "- ";
206
207 /* This is a global syslog header, common to all outgoing messages in
208 * RFC3164 format. It begins with time-based part and is updated by
209 * update_log_hdr().
210 */
211 char *logheader = NULL;
212
213 /* This is a global syslog header for messages in RFC5424 format. It is
214 * updated by update_log_hdr_rfc5424().
215 */
216 char *logheader_rfc5424 = NULL;
217
218 /* This is a global syslog message buffer, common to all outgoing
219 * messages. It contains only the data part.
220 */
221 char *logline = NULL;
222
223 /* A global syslog message buffer, common to all RFC5424 syslog messages.
224 * Currently, it is used for generating the structured-data part.
225 */
226 char *logline_rfc5424 = NULL;
227
228 struct logformat_var_args {
229 char *name;
230 int mask;
231 };
232
233 struct logformat_var_args var_args_list[] = {
234 // global
235 { "M", LOG_OPT_MANDATORY },
236 { "Q", LOG_OPT_QUOTE },
237 { "X", LOG_OPT_HEXA },
238 { "E", LOG_OPT_ESC },
239 { 0, 0 }
240 };
241
242 /* return the name of the directive used in the current proxy for which we're
243 * currently parsing a header, when it is known.
244 */
fmt_directive(const struct proxy * curproxy)245 static inline const char *fmt_directive(const struct proxy *curproxy)
246 {
247 switch (curproxy->conf.args.ctx) {
248 case ARGC_ACL:
249 return "acl";
250 case ARGC_STK:
251 return "stick";
252 case ARGC_TRK:
253 return "track-sc";
254 case ARGC_LOG:
255 return "log-format";
256 case ARGC_LOGSD:
257 return "log-format-sd";
258 case ARGC_HRQ:
259 return "http-request";
260 case ARGC_HRS:
261 return "http-response";
262 case ARGC_UIF:
263 return "unique-id-format";
264 case ARGC_RDR:
265 return "redirect";
266 case ARGC_CAP:
267 return "capture";
268 case ARGC_SRV:
269 return "server";
270 case ARGC_SPOE:
271 return "spoe-message";
272 case ARGC_UBK:
273 return "use_backend";
274 default:
275 return "undefined(please report this bug)"; /* must never happen */
276 }
277 }
278
279 /*
280 * callback used to configure addr source retrieval
281 */
prepare_addrsource(struct logformat_node * node,struct proxy * curproxy)282 int prepare_addrsource(struct logformat_node *node, struct proxy *curproxy)
283 {
284 curproxy->options2 |= PR_O2_SRC_ADDR;
285
286 return 0;
287 }
288
289
290 /*
291 * Parse args in a logformat_var. Returns 0 in error
292 * case, otherwise, it returns 1.
293 */
parse_logformat_var_args(char * args,struct logformat_node * node,char ** err)294 int parse_logformat_var_args(char *args, struct logformat_node *node, char **err)
295 {
296 int i = 0;
297 int end = 0;
298 int flags = 0; // 1 = + 2 = -
299 char *sp = NULL; // start pointer
300
301 if (args == NULL) {
302 memprintf(err, "internal error: parse_logformat_var_args() expects non null 'args'");
303 return 0;
304 }
305
306 while (1) {
307 if (*args == '\0')
308 end = 1;
309
310 if (*args == '+') {
311 // add flag
312 sp = args + 1;
313 flags = 1;
314 }
315 if (*args == '-') {
316 // delete flag
317 sp = args + 1;
318 flags = 2;
319 }
320
321 if (*args == '\0' || *args == ',') {
322 *args = '\0';
323 for (i = 0; sp && var_args_list[i].name; i++) {
324 if (strcmp(sp, var_args_list[i].name) == 0) {
325 if (flags == 1) {
326 node->options |= var_args_list[i].mask;
327 break;
328 } else if (flags == 2) {
329 node->options &= ~var_args_list[i].mask;
330 break;
331 }
332 }
333 }
334 sp = NULL;
335 if (end)
336 break;
337 }
338 args++;
339 }
340 return 1;
341 }
342
343 /*
344 * Parse a variable '%varname' or '%{args}varname' in log-format. The caller
345 * must pass the args part in the <arg> pointer with its length in <arg_len>,
346 * and varname with its length in <var> and <var_len> respectively. <arg> is
347 * ignored when arg_len is 0. Neither <var> nor <var_len> may be null.
348 * Returns false in error case and err is filled, otherwise returns true.
349 */
parse_logformat_var(char * arg,int arg_len,char * var,int var_len,struct proxy * curproxy,struct list * list_format,int * defoptions,char ** err)350 int parse_logformat_var(char *arg, int arg_len, char *var, int var_len, struct proxy *curproxy, struct list *list_format, int *defoptions, char **err)
351 {
352 int j;
353 struct logformat_node *node;
354
355 for (j = 0; logformat_keywords[j].name; j++) { // search a log type
356 if (strlen(logformat_keywords[j].name) == var_len &&
357 strncmp(var, logformat_keywords[j].name, var_len) == 0) {
358 if (logformat_keywords[j].mode != PR_MODE_HTTP || curproxy->mode == PR_MODE_HTTP) {
359 node = calloc(1, sizeof(*node));
360 if (!node) {
361 memprintf(err, "out of memory error");
362 return 0;
363 }
364 node->type = logformat_keywords[j].type;
365 node->options = *defoptions;
366 if (arg_len) {
367 node->arg = my_strndup(arg, arg_len);
368 if (!parse_logformat_var_args(node->arg, node, err))
369 return 0;
370 }
371 if (node->type == LOG_FMT_GLOBAL) {
372 *defoptions = node->options;
373 free(node->arg);
374 free(node);
375 } else {
376 if (logformat_keywords[j].config_callback &&
377 logformat_keywords[j].config_callback(node, curproxy) != 0) {
378 return 0;
379 }
380 curproxy->to_log |= logformat_keywords[j].lw;
381 LIST_ADDQ(list_format, &node->list);
382 }
383 if (logformat_keywords[j].replace_by)
384 Warning("parsing [%s:%d] : deprecated variable '%s' in '%s', please replace it with '%s'.\n",
385 curproxy->conf.args.file, curproxy->conf.args.line,
386 logformat_keywords[j].name, fmt_directive(curproxy), logformat_keywords[j].replace_by);
387 return 1;
388 } else {
389 memprintf(err, "format variable '%s' is reserved for HTTP mode",
390 logformat_keywords[j].name);
391 return 0;
392 }
393 }
394 }
395
396 j = var[var_len];
397 var[var_len] = 0;
398 memprintf(err, "no such format variable '%s'. If you wanted to emit the '%%' character verbatim, you need to use '%%%%'", var);
399 var[var_len] = j;
400 return 0;
401 }
402
403 /*
404 * push to the logformat linked list
405 *
406 * start: start pointer
407 * end: end text pointer
408 * type: string type
409 * list_format: destination list
410 *
411 * LOG_TEXT: copy chars from start to end excluding end.
412 *
413 */
add_to_logformat_list(char * start,char * end,int type,struct list * list_format,char ** err)414 int add_to_logformat_list(char *start, char *end, int type, struct list *list_format, char **err)
415 {
416 char *str;
417
418 if (type == LF_TEXT) { /* type text */
419 struct logformat_node *node = calloc(1, sizeof(*node));
420 if (!node) {
421 memprintf(err, "out of memory error");
422 return 0;
423 }
424 str = calloc(1, end - start + 1);
425 strncpy(str, start, end - start);
426 str[end - start] = '\0';
427 node->arg = str;
428 node->type = LOG_FMT_TEXT; // type string
429 LIST_ADDQ(list_format, &node->list);
430 } else if (type == LF_SEPARATOR) {
431 struct logformat_node *node = calloc(1, sizeof(*node));
432 if (!node) {
433 memprintf(err, "out of memory error");
434 return 0;
435 }
436 node->type = LOG_FMT_SEPARATOR;
437 LIST_ADDQ(list_format, &node->list);
438 }
439 return 1;
440 }
441
442 /*
443 * Parse the sample fetch expression <text> and add a node to <list_format> upon
444 * success. At the moment, sample converters are not yet supported but fetch arguments
445 * should work. The curpx->conf.args.ctx must be set by the caller.
446 *
447 * In error case, the function returns 0, otherwise it returns 1.
448 */
add_sample_to_logformat_list(char * text,char * arg,int arg_len,struct proxy * curpx,struct list * list_format,int options,int cap,char ** err)449 int add_sample_to_logformat_list(char *text, char *arg, int arg_len, struct proxy *curpx, struct list *list_format, int options, int cap, char **err)
450 {
451 char *cmd[2];
452 struct sample_expr *expr;
453 struct logformat_node *node;
454 int cmd_arg;
455
456 cmd[0] = text;
457 cmd[1] = "";
458 cmd_arg = 0;
459
460 expr = sample_parse_expr(cmd, &cmd_arg, curpx->conf.args.file, curpx->conf.args.line, err, &curpx->conf.args);
461 if (!expr) {
462 memprintf(err, "failed to parse sample expression <%s> : %s", text, *err);
463 return 0;
464 }
465
466 node = calloc(1, sizeof(*node));
467 if (!node) {
468 memprintf(err, "out of memory error");
469 return 0;
470 }
471 node->type = LOG_FMT_EXPR;
472 node->expr = expr;
473 node->options = options;
474
475 if (arg_len) {
476 node->arg = my_strndup(arg, arg_len);
477 if (!parse_logformat_var_args(node->arg, node, err))
478 return 0;
479 }
480 if (expr->fetch->val & cap & SMP_VAL_REQUEST)
481 node->options |= LOG_OPT_REQ_CAP; /* fetch method is request-compatible */
482
483 if (expr->fetch->val & cap & SMP_VAL_RESPONSE)
484 node->options |= LOG_OPT_RES_CAP; /* fetch method is response-compatible */
485
486 if (!(expr->fetch->val & cap)) {
487 free(node);
488 node = NULL;
489 memprintf(err, "sample fetch <%s> may not be reliably used here because it needs '%s' which is not available here",
490 text, sample_src_names(expr->fetch->use));
491 return 0;
492 }
493
494 /* check if we need to allocate an hdr_idx struct for HTTP parsing */
495 /* Note, we may also need to set curpx->to_log with certain fetches */
496 curpx->http_needed |= !!(expr->fetch->use & SMP_USE_HTTP_ANY);
497
498 /* FIXME: temporary workaround for missing LW_XPRT and LW_REQ flags
499 * needed with some sample fetches (eg: ssl*). We always set it for
500 * now on, but this will leave with sample capabilities soon.
501 */
502 curpx->to_log |= LW_XPRT;
503 curpx->to_log |= LW_REQ;
504 LIST_ADDQ(list_format, &node->list);
505 return 1;
506 }
507
508 /*
509 * Parse the log_format string and fill a linked list.
510 * Variable name are preceded by % and composed by characters [a-zA-Z0-9]* : %varname
511 * You can set arguments using { } : %{many arguments}varname.
512 * The curproxy->conf.args.ctx must be set by the caller.
513 *
514 * str: the string to parse
515 * curproxy: the proxy affected
516 * list_format: the destination list
517 * options: LOG_OPT_* to force on every node
518 * cap: all SMP_VAL_* flags supported by the consumer
519 *
520 * The function returns 1 in success case, otherwise, it returns 0 and err is filled.
521 */
parse_logformat_string(const char * fmt,struct proxy * curproxy,struct list * list_format,int options,int cap,char ** err)522 int parse_logformat_string(const char *fmt, struct proxy *curproxy, struct list *list_format, int options, int cap, char **err)
523 {
524 char *sp, *str, *backfmt; /* start pointer for text parts */
525 char *arg = NULL; /* start pointer for args */
526 char *var = NULL; /* start pointer for vars */
527 int arg_len = 0;
528 int var_len = 0;
529 int cformat; /* current token format */
530 int pformat; /* previous token format */
531 struct logformat_node *tmplf, *back;
532
533 sp = str = backfmt = strdup(fmt);
534 if (!str) {
535 memprintf(err, "out of memory error");
536 return 0;
537 }
538 curproxy->to_log |= LW_INIT;
539
540 /* flush the list first. */
541 list_for_each_entry_safe(tmplf, back, list_format, list) {
542 LIST_DEL(&tmplf->list);
543 free(tmplf);
544 }
545
546 for (cformat = LF_INIT; cformat != LF_END; str++) {
547 pformat = cformat;
548
549 if (!*str)
550 cformat = LF_END; // preset it to save all states from doing this
551
552 /* The prinicple of the two-step state machine below is to first detect a change, and
553 * second have all common paths processed at one place. The common paths are the ones
554 * encountered in text areas (LF_INIT, LF_TEXT, LF_SEPARATOR) and at the end (LF_END).
555 * We use the common LF_INIT state to dispatch to the different final states.
556 */
557 switch (pformat) {
558 case LF_STARTVAR: // text immediately following a '%'
559 arg = NULL; var = NULL;
560 arg_len = var_len = 0;
561 if (*str == '{') { // optional argument
562 cformat = LF_STARG;
563 arg = str + 1;
564 }
565 else if (*str == '[') {
566 cformat = LF_STEXPR;
567 var = str + 1; // store expr in variable name
568 }
569 else if (isalpha((unsigned char)*str)) { // variable name
570 cformat = LF_VAR;
571 var = str;
572 }
573 else if (*str == '%')
574 cformat = LF_TEXT; // convert this character to a litteral (useful for '%')
575 else if (isdigit((unsigned char)*str) || *str == ' ' || *str == '\t') {
576 /* single '%' followed by blank or digit, send them both */
577 cformat = LF_TEXT;
578 pformat = LF_TEXT; /* finally we include the previous char as well */
579 sp = str - 1; /* send both the '%' and the current char */
580 memprintf(err, "unexpected variable name near '%c' at position %d line : '%s'. Maybe you want to write a single '%%', use the syntax '%%%%'",
581 *str, (int)(str - backfmt), fmt);
582 goto fail;
583
584 }
585 else
586 cformat = LF_INIT; // handle other cases of litterals
587 break;
588
589 case LF_STARG: // text immediately following '%{'
590 if (*str == '}') { // end of arg
591 cformat = LF_EDARG;
592 arg_len = str - arg;
593 *str = 0; // used for reporting errors
594 }
595 break;
596
597 case LF_EDARG: // text immediately following '%{arg}'
598 if (*str == '[') {
599 cformat = LF_STEXPR;
600 var = str + 1; // store expr in variable name
601 break;
602 }
603 else if (isalnum((unsigned char)*str)) { // variable name
604 cformat = LF_VAR;
605 var = str;
606 break;
607 }
608 memprintf(err, "parse argument modifier without variable name near '%%{%s}'", arg);
609 goto fail;
610
611 case LF_STEXPR: // text immediately following '%['
612 if (*str == ']') { // end of arg
613 cformat = LF_EDEXPR;
614 var_len = str - var;
615 *str = 0; // needed for parsing the expression
616 }
617 break;
618
619 case LF_VAR: // text part of a variable name
620 var_len = str - var;
621 if (!isalnum((unsigned char)*str))
622 cformat = LF_INIT; // not variable name anymore
623 break;
624
625 default: // LF_INIT, LF_TEXT, LF_SEPARATOR, LF_END, LF_EDEXPR
626 cformat = LF_INIT;
627 }
628
629 if (cformat == LF_INIT) { /* resynchronize state to text/sep/startvar */
630 switch (*str) {
631 case '%': cformat = LF_STARTVAR; break;
632 case ' ': cformat = LF_SEPARATOR; break;
633 case 0 : cformat = LF_END; break;
634 default : cformat = LF_TEXT; break;
635 }
636 }
637
638 if (cformat != pformat || pformat == LF_SEPARATOR) {
639 switch (pformat) {
640 case LF_VAR:
641 if (!parse_logformat_var(arg, arg_len, var, var_len, curproxy, list_format, &options, err))
642 goto fail;
643 break;
644 case LF_STEXPR:
645 if (!add_sample_to_logformat_list(var, arg, arg_len, curproxy, list_format, options, cap, err))
646 goto fail;
647 break;
648 case LF_TEXT:
649 case LF_SEPARATOR:
650 if (!add_to_logformat_list(sp, str, pformat, list_format, err))
651 goto fail;
652 break;
653 }
654 sp = str; /* new start of text at every state switch and at every separator */
655 }
656 }
657
658 if (pformat == LF_STARTVAR || pformat == LF_STARG || pformat == LF_STEXPR) {
659 memprintf(err, "truncated line after '%s'", var ? var : arg ? arg : "%");
660 goto fail;
661 }
662 free(backfmt);
663
664 return 1;
665 fail:
666 free(backfmt);
667 return 0;
668 }
669
670 /*
671 * Displays the message on stderr with the date and pid. Overrides the quiet
672 * mode during startup.
673 */
Alert(const char * fmt,...)674 void Alert(const char *fmt, ...)
675 {
676 va_list argp;
677 struct tm tm;
678
679 if (!(global.mode & MODE_QUIET) || (global.mode & (MODE_VERBOSE | MODE_STARTING))) {
680 va_start(argp, fmt);
681
682 get_localtime(date.tv_sec, &tm);
683 fprintf(stderr, "[ALERT] %03d/%02d%02d%02d (%d) : ",
684 tm.tm_yday, tm.tm_hour, tm.tm_min, tm.tm_sec, (int)getpid());
685 vfprintf(stderr, fmt, argp);
686 fflush(stderr);
687 va_end(argp);
688 }
689 }
690
691
692 /*
693 * Displays the message on stderr with the date and pid.
694 */
Warning(const char * fmt,...)695 void Warning(const char *fmt, ...)
696 {
697 va_list argp;
698 struct tm tm;
699
700 if (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) {
701 va_start(argp, fmt);
702
703 get_localtime(date.tv_sec, &tm);
704 fprintf(stderr, "[WARNING] %03d/%02d%02d%02d (%d) : ",
705 tm.tm_yday, tm.tm_hour, tm.tm_min, tm.tm_sec, (int)getpid());
706 vfprintf(stderr, fmt, argp);
707 fflush(stderr);
708 va_end(argp);
709 }
710 }
711
712 /*
713 * Displays the message on <out> only if quiet mode is not set.
714 */
qfprintf(FILE * out,const char * fmt,...)715 void qfprintf(FILE *out, const char *fmt, ...)
716 {
717 va_list argp;
718
719 if (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) {
720 va_start(argp, fmt);
721 vfprintf(out, fmt, argp);
722 fflush(out);
723 va_end(argp);
724 }
725 }
726
727 /*
728 * returns log format for <fmt> or -1 if not found.
729 */
get_log_format(const char * fmt)730 int get_log_format(const char *fmt)
731 {
732 int format;
733
734 format = LOG_FORMATS - 1;
735 while (format >= 0 && strcmp(log_formats[format].name, fmt))
736 format--;
737
738 return format;
739 }
740
741 /*
742 * returns log level for <lev> or -1 if not found.
743 */
get_log_level(const char * lev)744 int get_log_level(const char *lev)
745 {
746 int level;
747
748 level = NB_LOG_LEVELS - 1;
749 while (level >= 0 && strcmp(log_levels[level], lev))
750 level--;
751
752 return level;
753 }
754
755 /*
756 * returns log facility for <fac> or -1 if not found.
757 */
get_log_facility(const char * fac)758 int get_log_facility(const char *fac)
759 {
760 int facility;
761
762 facility = NB_LOG_FACILITIES - 1;
763 while (facility >= 0 && strcmp(log_facilities[facility], fac))
764 facility--;
765
766 return facility;
767 }
768
769 /*
770 * Encode the string.
771 *
772 * When using the +E log format option, it will try to escape '"\]'
773 * characters with '\' as prefix. The same prefix should not be used as
774 * <escape>.
775 */
lf_encode_string(char * start,char * stop,const char escape,const fd_set * map,const char * string,struct logformat_node * node)776 static char *lf_encode_string(char *start, char *stop,
777 const char escape, const fd_set *map,
778 const char *string,
779 struct logformat_node *node)
780 {
781 if (node->options & LOG_OPT_ESC) {
782 if (start < stop) {
783 stop--; /* reserve one byte for the final '\0' */
784 while (start < stop && *string != '\0') {
785 if (!FD_ISSET((unsigned char)(*string), map)) {
786 if (!FD_ISSET((unsigned char)(*string), rfc5424_escape_map))
787 *start++ = *string;
788 else {
789 if (start + 2 >= stop)
790 break;
791 *start++ = '\\';
792 *start++ = *string;
793 }
794 }
795 else {
796 if (start + 3 >= stop)
797 break;
798 *start++ = escape;
799 *start++ = hextab[(*string >> 4) & 15];
800 *start++ = hextab[*string & 15];
801 }
802 string++;
803 }
804 *start = '\0';
805 }
806 }
807 else {
808 return encode_string(start, stop, escape, map, string);
809 }
810
811 return start;
812 }
813
814 /*
815 * Encode the chunk.
816 *
817 * When using the +E log format option, it will try to escape '"\]'
818 * characters with '\' as prefix. The same prefix should not be used as
819 * <escape>.
820 */
lf_encode_chunk(char * start,char * stop,const char escape,const fd_set * map,const struct chunk * chunk,struct logformat_node * node)821 static char *lf_encode_chunk(char *start, char *stop,
822 const char escape, const fd_set *map,
823 const struct chunk *chunk,
824 struct logformat_node *node)
825 {
826 char *str, *end;
827
828 if (node->options & LOG_OPT_ESC) {
829 if (start < stop) {
830 str = chunk->str;
831 end = chunk->str + chunk->len;
832
833 stop--; /* reserve one byte for the final '\0' */
834 while (start < stop && str < end) {
835 if (!FD_ISSET((unsigned char)(*str), map)) {
836 if (!FD_ISSET((unsigned char)(*str), rfc5424_escape_map))
837 *start++ = *str;
838 else {
839 if (start + 2 >= stop)
840 break;
841 *start++ = '\\';
842 *start++ = *str;
843 }
844 }
845 else {
846 if (start + 3 >= stop)
847 break;
848 *start++ = escape;
849 *start++ = hextab[(*str >> 4) & 15];
850 *start++ = hextab[*str & 15];
851 }
852 str++;
853 }
854 *start = '\0';
855 }
856 }
857 else {
858 return encode_chunk(start, stop, escape, map, chunk);
859 }
860
861 return start;
862 }
863
864 /*
865 * Write a string in the log string
866 * Take cares of quote and escape options
867 *
868 * Return the adress of the \0 character, or NULL on error
869 */
lf_text_len(char * dst,const char * src,size_t len,size_t size,struct logformat_node * node)870 char *lf_text_len(char *dst, const char *src, size_t len, size_t size, struct logformat_node *node)
871 {
872 if (size < 2)
873 return NULL;
874
875 if (node->options & LOG_OPT_QUOTE) {
876 *(dst++) = '"';
877 size--;
878 }
879
880 if (src && len) {
881 if (++len > size)
882 len = size;
883 if (node->options & LOG_OPT_ESC) {
884 char *ret;
885
886 ret = escape_string(dst, dst + len, '\\', rfc5424_escape_map, src);
887 if (ret == NULL || *ret != '\0')
888 return NULL;
889 len = ret - dst;
890 }
891 else {
892 len = strlcpy2(dst, src, len);
893 }
894
895 size -= len;
896 dst += len;
897 }
898 else if ((node->options & (LOG_OPT_QUOTE|LOG_OPT_MANDATORY)) == LOG_OPT_MANDATORY) {
899 if (size < 2)
900 return NULL;
901 *(dst++) = '-';
902 }
903
904 if (node->options & LOG_OPT_QUOTE) {
905 if (size < 2)
906 return NULL;
907 *(dst++) = '"';
908 }
909
910 *dst = '\0';
911 return dst;
912 }
913
lf_text(char * dst,const char * src,size_t size,struct logformat_node * node)914 static inline char *lf_text(char *dst, const char *src, size_t size, struct logformat_node *node)
915 {
916 return lf_text_len(dst, src, size, size, node);
917 }
918
919 /*
920 * Write a IP adress to the log string
921 * +X option write in hexadecimal notation, most signifant byte on the left
922 */
lf_ip(char * dst,struct sockaddr * sockaddr,size_t size,struct logformat_node * node)923 char *lf_ip(char *dst, struct sockaddr *sockaddr, size_t size, struct logformat_node *node)
924 {
925 char *ret = dst;
926 int iret;
927 char pn[INET6_ADDRSTRLEN];
928
929 if (node->options & LOG_OPT_HEXA) {
930 const unsigned char *addr = (const unsigned char *)&((struct sockaddr_in *)sockaddr)->sin_addr.s_addr;
931 iret = snprintf(dst, size, "%02X%02X%02X%02X", addr[0], addr[1], addr[2], addr[3]);
932 if (iret < 0 || iret > size)
933 return NULL;
934 ret += iret;
935 } else {
936 addr_to_str((struct sockaddr_storage *)sockaddr, pn, sizeof(pn));
937 ret = lf_text(dst, pn, size, node);
938 if (ret == NULL)
939 return NULL;
940 }
941 return ret;
942 }
943
944 /*
945 * Write a port to the log
946 * +X option write in hexadecimal notation, most signifant byte on the left
947 */
lf_port(char * dst,struct sockaddr * sockaddr,size_t size,struct logformat_node * node)948 char *lf_port(char *dst, struct sockaddr *sockaddr, size_t size, struct logformat_node *node)
949 {
950 char *ret = dst;
951 int iret;
952
953 if (node->options & LOG_OPT_HEXA) {
954 const unsigned char *port = (const unsigned char *)&((struct sockaddr_in *)sockaddr)->sin_port;
955 iret = snprintf(dst, size, "%02X%02X", port[0], port[1]);
956 if (iret < 0 || iret > size)
957 return NULL;
958 ret += iret;
959 } else {
960 ret = ltoa_o(get_host_port((struct sockaddr_storage *)sockaddr), dst, size);
961 if (ret == NULL)
962 return NULL;
963 }
964 return ret;
965 }
966
967 /* Re-generate time-based part of the syslog header in RFC3164 format at
968 * the beginning of logheader once a second and return the pointer to the
969 * first character after it.
970 */
update_log_hdr(const time_t time)971 static char *update_log_hdr(const time_t time)
972 {
973 static long tvsec;
974 static char *dataptr = NULL; /* backup of last end of header, NULL first time */
975 static struct chunk host = { NULL, 0, 0 };
976 static int sep = 0;
977
978 if (unlikely(time != tvsec || dataptr == NULL)) {
979 /* this string is rebuild only once a second */
980 struct tm tm;
981 int hdr_len;
982
983 tvsec = time;
984 get_localtime(tvsec, &tm);
985
986 if (unlikely(global.log_send_hostname != host.str)) {
987 host.str = global.log_send_hostname;
988 host.len = host.str ? strlen(host.str) : 0;
989 sep = host.len ? 1 : 0;
990 }
991
992 hdr_len = snprintf(logheader, global.max_syslog_len,
993 "<<<<>%s %2d %02d:%02d:%02d %.*s%*s",
994 monthname[tm.tm_mon],
995 tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec,
996 host.len, host.str, sep, "");
997 /* WARNING: depending upon implementations, snprintf may return
998 * either -1 or the number of bytes that would be needed to store
999 * the total message. In both cases, we must adjust it.
1000 */
1001 if (hdr_len < 0 || hdr_len > global.max_syslog_len)
1002 hdr_len = global.max_syslog_len;
1003
1004 dataptr = logheader + hdr_len;
1005 }
1006
1007 dataptr[0] = 0; // ensure we get rid of any previous attempt
1008
1009 return dataptr;
1010 }
1011
1012 /* Re-generate time-based part of the syslog header in RFC5424 format at
1013 * the beginning of logheader_rfc5424 once a second and return the pointer
1014 * to the first character after it.
1015 */
update_log_hdr_rfc5424(const time_t time)1016 static char *update_log_hdr_rfc5424(const time_t time)
1017 {
1018 static long tvsec;
1019 static char *dataptr = NULL; /* backup of last end of header, NULL first time */
1020 const char *gmt_offset;
1021
1022 if (unlikely(time != tvsec || dataptr == NULL)) {
1023 /* this string is rebuild only once a second */
1024 struct tm tm;
1025 int hdr_len;
1026
1027 tvsec = time;
1028 get_localtime(tvsec, &tm);
1029 gmt_offset = get_gmt_offset(time, &tm);
1030
1031 hdr_len = snprintf(logheader_rfc5424, global.max_syslog_len,
1032 "<<<<>1 %4d-%02d-%02dT%02d:%02d:%02d%.3s:%.2s %s ",
1033 tm.tm_year+1900, tm.tm_mon+1, tm.tm_mday,
1034 tm.tm_hour, tm.tm_min, tm.tm_sec,
1035 gmt_offset, gmt_offset+3,
1036 global.log_send_hostname ? global.log_send_hostname : hostname);
1037 /* WARNING: depending upon implementations, snprintf may return
1038 * either -1 or the number of bytes that would be needed to store
1039 * the total message. In both cases, we must adjust it.
1040 */
1041 if (hdr_len < 0 || hdr_len > global.max_syslog_len)
1042 hdr_len = global.max_syslog_len;
1043
1044 dataptr = logheader_rfc5424 + hdr_len;
1045 }
1046
1047 dataptr[0] = 0; // ensure we get rid of any previous attempt
1048
1049 return dataptr;
1050 }
1051
1052 /*
1053 * This function sends the syslog message using a printf format string. It
1054 * expects an LF-terminated message.
1055 */
send_log(struct proxy * p,int level,const char * format,...)1056 void send_log(struct proxy *p, int level, const char *format, ...)
1057 {
1058 va_list argp;
1059 int data_len;
1060
1061 if (level < 0 || format == NULL || logline == NULL)
1062 return;
1063
1064 va_start(argp, format);
1065 data_len = vsnprintf(logline, global.max_syslog_len, format, argp);
1066 if (data_len < 0 || data_len > global.max_syslog_len)
1067 data_len = global.max_syslog_len;
1068 va_end(argp);
1069
1070 __send_log(p, level, logline, data_len, default_rfc5424_sd_log_format, 2);
1071 }
1072
1073 /*
1074 * This function sends a syslog message.
1075 * It doesn't care about errors nor does it report them.
1076 * It overrides the last byte of the message vector with an LF character.
1077 * The arguments <sd> and <sd_size> are used for the structured-data part
1078 * in RFC5424 formatted syslog messages.
1079 */
__send_log(struct proxy * p,int level,char * message,size_t size,char * sd,size_t sd_size)1080 void __send_log(struct proxy *p, int level, char *message, size_t size, char *sd, size_t sd_size)
1081 {
1082 static struct iovec iovec[NB_MSG_IOVEC_ELEMENTS] = { };
1083 static struct msghdr msghdr = {
1084 .msg_iov = iovec,
1085 .msg_iovlen = NB_MSG_IOVEC_ELEMENTS
1086 };
1087 static int logfdunix = -1; /* syslog to AF_UNIX socket */
1088 static int logfdinet = -1; /* syslog to AF_INET socket */
1089 static char *dataptr = NULL;
1090 int fac_level;
1091 struct list *logsrvs = NULL;
1092 struct logsrv *tmp = NULL;
1093 int nblogger;
1094 char *hdr, *hdr_ptr;
1095 size_t hdr_size;
1096 time_t time = date.tv_sec;
1097 struct chunk *tag = &global.log_tag;
1098 static int curr_pid;
1099 static char pidstr[100];
1100 static struct chunk pid;
1101
1102 dataptr = message;
1103
1104 if (p == NULL) {
1105 if (!LIST_ISEMPTY(&global.logsrvs)) {
1106 logsrvs = &global.logsrvs;
1107 }
1108 } else {
1109 if (!LIST_ISEMPTY(&p->logsrvs)) {
1110 logsrvs = &p->logsrvs;
1111 }
1112 if (p->log_tag.str) {
1113 tag = &p->log_tag;
1114 }
1115 }
1116
1117 if (!logsrvs)
1118 return;
1119
1120 if (unlikely(curr_pid != getpid())) {
1121 curr_pid = getpid();
1122 ltoa_o(curr_pid, pidstr, sizeof(pidstr));
1123 chunk_initstr(&pid, pidstr);
1124 }
1125
1126 /* Send log messages to syslog server. */
1127 nblogger = 0;
1128 list_for_each_entry(tmp, logsrvs, list) {
1129 const struct logsrv *logsrv = tmp;
1130 int *plogfd = logsrv->addr.ss_family == AF_UNIX ?
1131 &logfdunix : &logfdinet;
1132 char *pid_sep1 = NULL, *pid_sep2 = NULL;
1133 int sent;
1134 int maxlen;
1135 int hdr_max = 0;
1136 int tag_max = 0;
1137 int pid_sep1_max = 0;
1138 int pid_max = 0;
1139 int pid_sep2_max = 0;
1140 int sd_max = 0;
1141 int max = 0;
1142
1143 nblogger++;
1144
1145 /* we can filter the level of the messages that are sent to each logger */
1146 if (level > logsrv->level)
1147 continue;
1148
1149 if (unlikely(*plogfd < 0)) {
1150 /* socket not successfully initialized yet */
1151 int proto = logsrv->addr.ss_family == AF_UNIX ? 0 : IPPROTO_UDP;
1152
1153 if ((*plogfd = socket(logsrv->addr.ss_family, SOCK_DGRAM, proto)) < 0) {
1154 static char once;
1155
1156 if (!once) {
1157 once = 1; /* note: no need for atomic ops here */
1158 Alert("socket for logger #%d failed: %s (errno=%d)\n",
1159 nblogger, strerror(errno), errno);
1160 }
1161 continue;
1162 }
1163 /* we don't want to receive anything on this socket */
1164 setsockopt(*plogfd, SOL_SOCKET, SO_RCVBUF, &zero, sizeof(zero));
1165 /* does nothing under Linux, maybe needed for others */
1166 shutdown(*plogfd, SHUT_RD);
1167 }
1168
1169 switch (logsrv->format) {
1170 case LOG_FORMAT_RFC3164:
1171 hdr = logheader;
1172 hdr_ptr = update_log_hdr(time);
1173 break;
1174
1175 case LOG_FORMAT_RFC5424:
1176 hdr = logheader_rfc5424;
1177 hdr_ptr = update_log_hdr_rfc5424(time);
1178 sd_max = sd_size; /* the SD part allowed only in RFC5424 */
1179 break;
1180
1181 default:
1182 continue; /* must never happen */
1183 }
1184
1185 hdr_size = hdr_ptr - hdr;
1186
1187 /* For each target, we may have a different facility.
1188 * We can also have a different log level for each message.
1189 * This induces variations in the message header length.
1190 * Since we don't want to recompute it each time, nor copy it every
1191 * time, we only change the facility in the pre-computed header,
1192 * and we change the pointer to the header accordingly.
1193 */
1194 fac_level = (logsrv->facility << 3) + MAX(level, logsrv->minlvl);
1195 hdr_ptr = hdr + 3; /* last digit of the log level */
1196 do {
1197 *hdr_ptr = '0' + fac_level % 10;
1198 fac_level /= 10;
1199 hdr_ptr--;
1200 } while (fac_level && hdr_ptr > hdr);
1201 *hdr_ptr = '<';
1202
1203 hdr_max = hdr_size - (hdr_ptr - hdr);
1204
1205 /* time-based header */
1206 if (unlikely(hdr_size >= logsrv->maxlen)) {
1207 hdr_max = MIN(hdr_max, logsrv->maxlen) - 1;
1208 sd_max = 0;
1209 goto send;
1210 }
1211
1212 maxlen = logsrv->maxlen - hdr_max;
1213
1214 /* tag */
1215 tag_max = tag->len;
1216 if (unlikely(tag_max >= maxlen)) {
1217 tag_max = maxlen - 1;
1218 sd_max = 0;
1219 goto send;
1220 }
1221
1222 maxlen -= tag_max;
1223
1224 /* first pid separator */
1225 pid_sep1_max = log_formats[logsrv->format].pid.sep1.len;
1226 if (unlikely(pid_sep1_max >= maxlen)) {
1227 pid_sep1_max = maxlen - 1;
1228 sd_max = 0;
1229 goto send;
1230 }
1231
1232 pid_sep1 = log_formats[logsrv->format].pid.sep1.str;
1233 maxlen -= pid_sep1_max;
1234
1235 /* pid */
1236 pid_max = pid.len;
1237 if (unlikely(pid_max >= maxlen)) {
1238 pid_max = maxlen - 1;
1239 sd_max = 0;
1240 goto send;
1241 }
1242
1243 maxlen -= pid_max;
1244
1245 /* second pid separator */
1246 pid_sep2_max = log_formats[logsrv->format].pid.sep2.len;
1247 if (unlikely(pid_sep2_max >= maxlen)) {
1248 pid_sep2_max = maxlen - 1;
1249 sd_max = 0;
1250 goto send;
1251 }
1252
1253 pid_sep2 = log_formats[logsrv->format].pid.sep2.str;
1254 maxlen -= pid_sep2_max;
1255
1256 /* structured-data */
1257 if (sd_max >= maxlen) {
1258 sd_max = maxlen - 1;
1259 goto send;
1260 }
1261
1262 max = MIN(size, maxlen - sd_max) - 1;
1263 send:
1264 iovec[0].iov_base = hdr_ptr;
1265 iovec[0].iov_len = hdr_max;
1266 iovec[1].iov_base = tag->str;
1267 iovec[1].iov_len = tag_max;
1268 iovec[2].iov_base = pid_sep1;
1269 iovec[2].iov_len = pid_sep1_max;
1270 iovec[3].iov_base = pid.str;
1271 iovec[3].iov_len = pid_max;
1272 iovec[4].iov_base = pid_sep2;
1273 iovec[4].iov_len = pid_sep2_max;
1274 iovec[5].iov_base = sd;
1275 iovec[5].iov_len = sd_max;
1276 iovec[6].iov_base = dataptr;
1277 iovec[6].iov_len = max;
1278 iovec[7].iov_base = "\n"; /* insert a \n at the end of the message */
1279 iovec[7].iov_len = 1;
1280
1281 msghdr.msg_name = (struct sockaddr *)&logsrv->addr;
1282 msghdr.msg_namelen = get_addr_len(&logsrv->addr);
1283
1284 sent = sendmsg(*plogfd, &msghdr, MSG_DONTWAIT | MSG_NOSIGNAL);
1285
1286 if (sent < 0) {
1287 static char once;
1288
1289 if (!once) {
1290 once = 1; /* note: no need for atomic ops here */
1291 Alert("sendmsg logger #%d failed: %s (errno=%d)\n",
1292 nblogger, strerror(errno), errno);
1293 }
1294 }
1295 }
1296 }
1297
1298 extern fd_set hdr_encode_map[];
1299 extern fd_set url_encode_map[];
1300 extern fd_set http_encode_map[];
1301
1302
1303 const char sess_cookie[8] = "NIDVEOU7"; /* No cookie, Invalid cookie, cookie for a Down server, Valid cookie, Expired cookie, Old cookie, Unused, unknown */
1304 const char sess_set_cookie[8] = "NPDIRU67"; /* No set-cookie, Set-cookie found and left unchanged (passive),
1305 Set-cookie Deleted, Set-Cookie Inserted, Set-cookie Rewritten,
1306 Set-cookie Updated, unknown, unknown */
1307
1308 /*
1309 * try to write a character if there is enough space, or goto out
1310 */
1311 #define LOGCHAR(x) do { \
1312 if (tmplog < dst + maxsize - 1) { \
1313 *(tmplog++) = (x); \
1314 } else { \
1315 goto out; \
1316 } \
1317 } while(0)
1318
1319
1320 /* Initializes some log data.
1321 */
init_log()1322 void init_log()
1323 {
1324 char *tmp;
1325
1326 /* Initialize the escape map for the RFC5424 structured-data : '"\]'
1327 * inside PARAM-VALUE should be escaped with '\' as prefix.
1328 * See https://tools.ietf.org/html/rfc5424#section-6.3.3 for more
1329 * details.
1330 */
1331 memset(rfc5424_escape_map, 0, sizeof(rfc5424_escape_map));
1332
1333 tmp = "\"\\]";
1334 while (*tmp) {
1335 FD_SET(*tmp, rfc5424_escape_map);
1336 tmp++;
1337 }
1338 }
1339
1340 /* Builds a log line in <dst> based on <list_format>, and stops before reaching
1341 * <maxsize> characters. Returns the size of the output string in characters,
1342 * not counting the trailing zero which is always added if the resulting size
1343 * is not zero.
1344 */
build_logline(struct stream * s,char * dst,size_t maxsize,struct list * list_format)1345 int build_logline(struct stream *s, char *dst, size_t maxsize, struct list *list_format)
1346 {
1347 struct session *sess = strm_sess(s);
1348 struct proxy *fe = sess->fe;
1349 struct proxy *be = s->be;
1350 struct http_txn *txn = s->txn;
1351 struct chunk chunk;
1352 char *uri;
1353 char *spc;
1354 char *qmark;
1355 char *end;
1356 struct tm tm;
1357 int t_request;
1358 int hdr;
1359 int last_isspace = 1;
1360 int nspaces = 0;
1361 char *tmplog;
1362 char *ret;
1363 int iret;
1364 struct logformat_node *tmp;
1365 struct timeval tv;
1366
1367 /* FIXME: let's limit ourselves to frontend logging for now. */
1368
1369 t_request = -1;
1370 if (tv_isge(&s->logs.tv_request, &s->logs.tv_accept))
1371 t_request = tv_ms_elapsed(&s->logs.tv_accept, &s->logs.tv_request);
1372
1373 tmplog = dst;
1374
1375 /* fill logbuffer */
1376 if (LIST_ISEMPTY(list_format))
1377 return 0;
1378
1379 list_for_each_entry(tmp, list_format, list) {
1380 struct connection *conn;
1381 const char *src = NULL;
1382 struct sample *key;
1383 const struct chunk empty = { NULL, 0, 0 };
1384
1385 switch (tmp->type) {
1386 case LOG_FMT_SEPARATOR:
1387 if (!last_isspace) {
1388 LOGCHAR(' ');
1389 last_isspace = 1;
1390 }
1391 break;
1392
1393 case LOG_FMT_TEXT: // text
1394 src = tmp->arg;
1395 iret = strlcpy2(tmplog, src, dst + maxsize - tmplog);
1396 if (iret == 0)
1397 goto out;
1398 tmplog += iret;
1399 last_isspace = 0;
1400 break;
1401
1402 case LOG_FMT_EXPR: // sample expression, may be request or response
1403 key = NULL;
1404 if (tmp->options & LOG_OPT_REQ_CAP)
1405 key = sample_fetch_as_type(be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, tmp->expr, SMP_T_STR);
1406 if (!key && (tmp->options & LOG_OPT_RES_CAP))
1407 key = sample_fetch_as_type(be, sess, s, SMP_OPT_DIR_RES|SMP_OPT_FINAL, tmp->expr, SMP_T_STR);
1408 if (tmp->options & LOG_OPT_HTTP)
1409 ret = lf_encode_chunk(tmplog, dst + maxsize,
1410 '%', http_encode_map, key ? &key->data.u.str : &empty, tmp);
1411 else
1412 ret = lf_text_len(tmplog, key ? key->data.u.str.str : NULL, key ? key->data.u.str.len : 0, dst + maxsize - tmplog, tmp);
1413 if (ret == 0)
1414 goto out;
1415 tmplog = ret;
1416 last_isspace = 0;
1417 break;
1418
1419 case LOG_FMT_CLIENTIP: // %ci
1420 conn = objt_conn(sess->origin);
1421 if (conn)
1422 ret = lf_ip(tmplog, (struct sockaddr *)&conn->addr.from, dst + maxsize - tmplog, tmp);
1423 else
1424 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1425 if (ret == NULL)
1426 goto out;
1427 tmplog = ret;
1428 last_isspace = 0;
1429 break;
1430
1431 case LOG_FMT_CLIENTPORT: // %cp
1432 conn = objt_conn(sess->origin);
1433 if (conn) {
1434 if (conn->addr.from.ss_family == AF_UNIX) {
1435 ret = ltoa_o(sess->listener->luid, tmplog, dst + maxsize - tmplog);
1436 } else {
1437 ret = lf_port(tmplog, (struct sockaddr *)&conn->addr.from,
1438 dst + maxsize - tmplog, tmp);
1439 }
1440 }
1441 else
1442 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1443
1444 if (ret == NULL)
1445 goto out;
1446 tmplog = ret;
1447 last_isspace = 0;
1448 break;
1449
1450 case LOG_FMT_FRONTENDIP: // %fi
1451 conn = objt_conn(sess->origin);
1452 if (conn) {
1453 conn_get_to_addr(conn);
1454 ret = lf_ip(tmplog, (struct sockaddr *)&conn->addr.to, dst + maxsize - tmplog, tmp);
1455 }
1456 else
1457 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1458
1459 if (ret == NULL)
1460 goto out;
1461 tmplog = ret;
1462 last_isspace = 0;
1463 break;
1464
1465 case LOG_FMT_FRONTENDPORT: // %fp
1466 conn = objt_conn(sess->origin);
1467 if (conn) {
1468 conn_get_to_addr(conn);
1469 if (conn->addr.to.ss_family == AF_UNIX)
1470 ret = ltoa_o(sess->listener->luid, tmplog, dst + maxsize - tmplog);
1471 else
1472 ret = lf_port(tmplog, (struct sockaddr *)&conn->addr.to, dst + maxsize - tmplog, tmp);
1473 }
1474 else
1475 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1476
1477 if (ret == NULL)
1478 goto out;
1479 tmplog = ret;
1480 last_isspace = 0;
1481 break;
1482
1483 case LOG_FMT_BACKENDIP: // %bi
1484 conn = objt_conn(s->si[1].end);
1485 if (conn)
1486 ret = lf_ip(tmplog, (struct sockaddr *)&conn->addr.from, dst + maxsize - tmplog, tmp);
1487 else
1488 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1489
1490 if (ret == NULL)
1491 goto out;
1492 tmplog = ret;
1493 last_isspace = 0;
1494 break;
1495
1496 case LOG_FMT_BACKENDPORT: // %bp
1497 conn = objt_conn(s->si[1].end);
1498 if (conn)
1499 ret = lf_port(tmplog, (struct sockaddr *)&conn->addr.from, dst + maxsize - tmplog, tmp);
1500 else
1501 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1502
1503 if (ret == NULL)
1504 goto out;
1505 tmplog = ret;
1506 last_isspace = 0;
1507 break;
1508
1509 case LOG_FMT_SERVERIP: // %si
1510 conn = objt_conn(s->si[1].end);
1511 if (conn)
1512 ret = lf_ip(tmplog, (struct sockaddr *)&conn->addr.to, dst + maxsize - tmplog, tmp);
1513 else
1514 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1515
1516 if (ret == NULL)
1517 goto out;
1518 tmplog = ret;
1519 last_isspace = 0;
1520 break;
1521
1522 case LOG_FMT_SERVERPORT: // %sp
1523 conn = objt_conn(s->si[1].end);
1524 if (conn)
1525 ret = lf_port(tmplog, (struct sockaddr *)&conn->addr.to, dst + maxsize - tmplog, tmp);
1526 else
1527 ret = lf_text_len(tmplog, NULL, 0, dst + maxsize - tmplog, tmp);
1528
1529 if (ret == NULL)
1530 goto out;
1531 tmplog = ret;
1532 last_isspace = 0;
1533 break;
1534
1535 case LOG_FMT_DATE: // %t = accept date
1536 get_localtime(s->logs.accept_date.tv_sec, &tm);
1537 ret = date2str_log(tmplog, &tm, &(s->logs.accept_date),
1538 dst + maxsize - tmplog);
1539 if (ret == NULL)
1540 goto out;
1541 tmplog = ret;
1542 last_isspace = 0;
1543 break;
1544
1545 case LOG_FMT_tr: // %tr = start of request date
1546 /* Note that the timers are valid if we get here */
1547 tv_ms_add(&tv, &s->logs.accept_date, s->logs.t_idle >= 0 ? s->logs.t_idle + s->logs.t_handshake : 0);
1548 get_localtime(tv.tv_sec, &tm);
1549 ret = date2str_log(tmplog, &tm, &tv, dst + maxsize - tmplog);
1550 if (ret == NULL)
1551 goto out;
1552 tmplog = ret;
1553 last_isspace = 0;
1554 break;
1555
1556 case LOG_FMT_DATEGMT: // %T = accept date, GMT
1557 get_gmtime(s->logs.accept_date.tv_sec, &tm);
1558 ret = gmt2str_log(tmplog, &tm, dst + maxsize - tmplog);
1559 if (ret == NULL)
1560 goto out;
1561 tmplog = ret;
1562 last_isspace = 0;
1563 break;
1564
1565 case LOG_FMT_trg: // %trg = start of request date, GMT
1566 tv_ms_add(&tv, &s->logs.accept_date, s->logs.t_idle >= 0 ? s->logs.t_idle + s->logs.t_handshake : 0);
1567 get_gmtime(tv.tv_sec, &tm);
1568 ret = gmt2str_log(tmplog, &tm, dst + maxsize - tmplog);
1569 if (ret == NULL)
1570 goto out;
1571 tmplog = ret;
1572 last_isspace = 0;
1573 break;
1574
1575 case LOG_FMT_DATELOCAL: // %Tl = accept date, local
1576 get_localtime(s->logs.accept_date.tv_sec, &tm);
1577 ret = localdate2str_log(tmplog, s->logs.accept_date.tv_sec, &tm, dst + maxsize - tmplog);
1578 if (ret == NULL)
1579 goto out;
1580 tmplog = ret;
1581 last_isspace = 0;
1582 break;
1583
1584 case LOG_FMT_trl: // %trl = start of request date, local
1585 tv_ms_add(&tv, &s->logs.accept_date, s->logs.t_idle >= 0 ? s->logs.t_idle + s->logs.t_handshake : 0);
1586 get_localtime(tv.tv_sec, &tm);
1587 ret = localdate2str_log(tmplog, tv.tv_sec, &tm, dst + maxsize - tmplog);
1588 if (ret == NULL)
1589 goto out;
1590 tmplog = ret;
1591 last_isspace = 0;
1592 break;
1593
1594 case LOG_FMT_TS: // %Ts
1595 get_gmtime(s->logs.accept_date.tv_sec, &tm);
1596 if (tmp->options & LOG_OPT_HEXA) {
1597 iret = snprintf(tmplog, dst + maxsize - tmplog, "%04X", (unsigned int)s->logs.accept_date.tv_sec);
1598 if (iret < 0 || iret > dst + maxsize - tmplog)
1599 goto out;
1600 last_isspace = 0;
1601 tmplog += iret;
1602 } else {
1603 ret = ltoa_o(s->logs.accept_date.tv_sec, tmplog, dst + maxsize - tmplog);
1604 if (ret == NULL)
1605 goto out;
1606 tmplog = ret;
1607 last_isspace = 0;
1608 }
1609 break;
1610
1611 case LOG_FMT_MS: // %ms
1612 if (tmp->options & LOG_OPT_HEXA) {
1613 iret = snprintf(tmplog, dst + maxsize - tmplog, "%02X",(unsigned int)s->logs.accept_date.tv_usec/1000);
1614 if (iret < 0 || iret > dst + maxsize - tmplog)
1615 goto out;
1616 last_isspace = 0;
1617 tmplog += iret;
1618 } else {
1619 if ((dst + maxsize - tmplog) < 4)
1620 goto out;
1621 ret = utoa_pad((unsigned int)s->logs.accept_date.tv_usec/1000,
1622 tmplog, 4);
1623 if (ret == NULL)
1624 goto out;
1625 tmplog = ret;
1626 last_isspace = 0;
1627 }
1628 break;
1629
1630 case LOG_FMT_FRONTEND: // %f
1631 src = fe->id;
1632 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1633 if (ret == NULL)
1634 goto out;
1635 tmplog = ret;
1636 last_isspace = 0;
1637 break;
1638
1639 case LOG_FMT_FRONTEND_XPRT: // %ft
1640 src = fe->id;
1641 if (tmp->options & LOG_OPT_QUOTE)
1642 LOGCHAR('"');
1643 iret = strlcpy2(tmplog, src, dst + maxsize - tmplog);
1644 if (iret == 0)
1645 goto out;
1646 tmplog += iret;
1647 #ifdef USE_OPENSSL
1648 if (sess->listener->xprt == &ssl_sock)
1649 LOGCHAR('~');
1650 #endif
1651 if (tmp->options & LOG_OPT_QUOTE)
1652 LOGCHAR('"');
1653 last_isspace = 0;
1654 break;
1655 #ifdef USE_OPENSSL
1656 case LOG_FMT_SSL_CIPHER: // %sslc
1657 src = NULL;
1658 conn = objt_conn(sess->origin);
1659 if (conn) {
1660 if (sess->listener->xprt == &ssl_sock)
1661 src = ssl_sock_get_cipher_name(conn);
1662 }
1663 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1664 if (ret == NULL)
1665 goto out;
1666 tmplog = ret;
1667 last_isspace = 0;
1668 break;
1669
1670 case LOG_FMT_SSL_VERSION: // %sslv
1671 src = NULL;
1672 conn = objt_conn(sess->origin);
1673 if (conn) {
1674 if (sess->listener->xprt == &ssl_sock)
1675 src = ssl_sock_get_proto_version(conn);
1676 }
1677 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1678 if (ret == NULL)
1679 goto out;
1680 tmplog = ret;
1681 last_isspace = 0;
1682 break;
1683 #endif
1684 case LOG_FMT_BACKEND: // %b
1685 src = be->id;
1686 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1687 if (ret == NULL)
1688 goto out;
1689 tmplog = ret;
1690 last_isspace = 0;
1691 break;
1692
1693 case LOG_FMT_SERVER: // %s
1694 switch (obj_type(s->target)) {
1695 case OBJ_TYPE_SERVER:
1696 src = objt_server(s->target)->id;
1697 break;
1698 case OBJ_TYPE_APPLET:
1699 src = objt_applet(s->target)->name;
1700 break;
1701 default:
1702 src = "<NOSRV>";
1703 break;
1704 }
1705 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1706 if (ret == NULL)
1707 goto out;
1708 tmplog = ret;
1709 last_isspace = 0;
1710 break;
1711
1712 case LOG_FMT_Th: // %Th = handshake time
1713 ret = ltoa_o(s->logs.t_handshake, tmplog, dst + maxsize - tmplog);
1714 if (ret == NULL)
1715 goto out;
1716 tmplog = ret;
1717 last_isspace = 0;
1718 break;
1719
1720 case LOG_FMT_Ti: // %Ti = HTTP idle time
1721 ret = ltoa_o(s->logs.t_idle, tmplog, dst + maxsize - tmplog);
1722 if (ret == NULL)
1723 goto out;
1724 tmplog = ret;
1725 last_isspace = 0;
1726 break;
1727
1728 case LOG_FMT_TR: // %TR = HTTP request time
1729 ret = ltoa_o((t_request >= 0) ? t_request - s->logs.t_idle - s->logs.t_handshake : -1,
1730 tmplog, dst + maxsize - tmplog);
1731 if (ret == NULL)
1732 goto out;
1733 tmplog = ret;
1734 last_isspace = 0;
1735 break;
1736
1737 case LOG_FMT_TQ: // %Tq = Th + Ti + TR
1738 ret = ltoa_o(t_request, tmplog, dst + maxsize - tmplog);
1739 if (ret == NULL)
1740 goto out;
1741 tmplog = ret;
1742 last_isspace = 0;
1743 break;
1744
1745 case LOG_FMT_TW: // %Tw
1746 ret = ltoa_o((s->logs.t_queue >= 0) ? s->logs.t_queue - t_request : -1,
1747 tmplog, dst + maxsize - tmplog);
1748 if (ret == NULL)
1749 goto out;
1750 tmplog = ret;
1751 last_isspace = 0;
1752 break;
1753
1754 case LOG_FMT_TC: // %Tc
1755 ret = ltoa_o((s->logs.t_connect >= 0) ? s->logs.t_connect - s->logs.t_queue : -1,
1756 tmplog, dst + maxsize - tmplog);
1757 if (ret == NULL)
1758 goto out;
1759 tmplog = ret;
1760 last_isspace = 0;
1761 break;
1762
1763 case LOG_FMT_Tr: // %Tr
1764 ret = ltoa_o((s->logs.t_data >= 0) ? s->logs.t_data - s->logs.t_connect : -1,
1765 tmplog, dst + maxsize - tmplog);
1766 if (ret == NULL)
1767 goto out;
1768 tmplog = ret;
1769 last_isspace = 0;
1770 break;
1771
1772 case LOG_FMT_TD: // %Td
1773 if (s->be->mode == PR_MODE_HTTP)
1774 ret = ltoa_o((s->logs.t_data >= 0) ? s->logs.t_close - s->logs.t_data : -1,
1775 tmplog, dst + maxsize - tmplog);
1776 else
1777 ret = ltoa_o((s->logs.t_connect >= 0) ? s->logs.t_close - s->logs.t_connect : -1,
1778 tmplog, dst + maxsize - tmplog);
1779 if (ret == NULL)
1780 goto out;
1781 tmplog = ret;
1782 last_isspace = 0;
1783 break;
1784
1785 case LOG_FMT_Ta: // %Ta = active time = Tt - Th - Ti
1786 if (!(fe->to_log & LW_BYTES))
1787 LOGCHAR('+');
1788 ret = ltoa_o(s->logs.t_close - (s->logs.t_idle >= 0 ? s->logs.t_idle + s->logs.t_handshake : 0),
1789 tmplog, dst + maxsize - tmplog);
1790 if (ret == NULL)
1791 goto out;
1792 tmplog = ret;
1793 last_isspace = 0;
1794 break;
1795
1796 case LOG_FMT_TT: // %Tt = total time
1797 if (!(fe->to_log & LW_BYTES))
1798 LOGCHAR('+');
1799 ret = ltoa_o(s->logs.t_close, tmplog, dst + maxsize - tmplog);
1800 if (ret == NULL)
1801 goto out;
1802 tmplog = ret;
1803 last_isspace = 0;
1804 break;
1805
1806 case LOG_FMT_STATUS: // %ST
1807 ret = ltoa_o(txn ? txn->status : 0, tmplog, dst + maxsize - tmplog);
1808 if (ret == NULL)
1809 goto out;
1810 tmplog = ret;
1811 last_isspace = 0;
1812 break;
1813
1814 case LOG_FMT_BYTES: // %B
1815 if (!(fe->to_log & LW_BYTES))
1816 LOGCHAR('+');
1817 ret = lltoa(s->logs.bytes_out, tmplog, dst + maxsize - tmplog);
1818 if (ret == NULL)
1819 goto out;
1820 tmplog = ret;
1821 last_isspace = 0;
1822 break;
1823
1824 case LOG_FMT_BYTES_UP: // %U
1825 ret = lltoa(s->logs.bytes_in, tmplog, dst + maxsize - tmplog);
1826 if (ret == NULL)
1827 goto out;
1828 tmplog = ret;
1829 last_isspace = 0;
1830 break;
1831
1832 case LOG_FMT_CCLIENT: // %CC
1833 src = txn ? txn->cli_cookie : NULL;
1834 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1835 if (ret == NULL)
1836 goto out;
1837 tmplog = ret;
1838 last_isspace = 0;
1839 break;
1840
1841 case LOG_FMT_CSERVER: // %CS
1842 src = txn ? txn->srv_cookie : NULL;
1843 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
1844 if (ret == NULL)
1845 goto out;
1846 tmplog = ret;
1847 last_isspace = 0;
1848 break;
1849
1850 case LOG_FMT_TERMSTATE: // %ts
1851 LOGCHAR(sess_term_cond[(s->flags & SF_ERR_MASK) >> SF_ERR_SHIFT]);
1852 LOGCHAR(sess_fin_state[(s->flags & SF_FINST_MASK) >> SF_FINST_SHIFT]);
1853 *tmplog = '\0';
1854 last_isspace = 0;
1855 break;
1856
1857 case LOG_FMT_TERMSTATE_CK: // %tsc, same as TS with cookie state (for mode HTTP)
1858 LOGCHAR(sess_term_cond[(s->flags & SF_ERR_MASK) >> SF_ERR_SHIFT]);
1859 LOGCHAR(sess_fin_state[(s->flags & SF_FINST_MASK) >> SF_FINST_SHIFT]);
1860 LOGCHAR((txn && (be->ck_opts & PR_CK_ANY)) ? sess_cookie[(txn->flags & TX_CK_MASK) >> TX_CK_SHIFT] : '-');
1861 LOGCHAR((txn && (be->ck_opts & PR_CK_ANY)) ? sess_set_cookie[(txn->flags & TX_SCK_MASK) >> TX_SCK_SHIFT] : '-');
1862 last_isspace = 0;
1863 break;
1864
1865 case LOG_FMT_ACTCONN: // %ac
1866 ret = ltoa_o(actconn, tmplog, dst + maxsize - tmplog);
1867 if (ret == NULL)
1868 goto out;
1869 tmplog = ret;
1870 last_isspace = 0;
1871 break;
1872
1873 case LOG_FMT_FECONN: // %fc
1874 ret = ltoa_o(fe->feconn, tmplog, dst + maxsize - tmplog);
1875 if (ret == NULL)
1876 goto out;
1877 tmplog = ret;
1878 last_isspace = 0;
1879 break;
1880
1881 case LOG_FMT_BECONN: // %bc
1882 ret = ltoa_o(be->beconn, tmplog, dst + maxsize - tmplog);
1883 if (ret == NULL)
1884 goto out;
1885 tmplog = ret;
1886 last_isspace = 0;
1887 break;
1888
1889 case LOG_FMT_SRVCONN: // %sc
1890 ret = ultoa_o(objt_server(s->target) ?
1891 objt_server(s->target)->cur_sess :
1892 0, tmplog, dst + maxsize - tmplog);
1893 if (ret == NULL)
1894 goto out;
1895 tmplog = ret;
1896 last_isspace = 0;
1897 break;
1898
1899 case LOG_FMT_RETRIES: // %rq
1900 if (s->flags & SF_REDISP)
1901 LOGCHAR('+');
1902 ret = ltoa_o((s->si[1].conn_retries>0) ?
1903 (be->conn_retries - s->si[1].conn_retries) :
1904 be->conn_retries, tmplog, dst + maxsize - tmplog);
1905 if (ret == NULL)
1906 goto out;
1907 tmplog = ret;
1908 last_isspace = 0;
1909 break;
1910
1911 case LOG_FMT_SRVQUEUE: // %sq
1912 ret = ltoa_o(s->logs.srv_queue_size, tmplog, dst + maxsize - tmplog);
1913 if (ret == NULL)
1914 goto out;
1915 tmplog = ret;
1916 last_isspace = 0;
1917 break;
1918
1919 case LOG_FMT_BCKQUEUE: // %bq
1920 ret = ltoa_o(s->logs.prx_queue_size, tmplog, dst + maxsize - tmplog);
1921 if (ret == NULL)
1922 goto out;
1923 tmplog = ret;
1924 last_isspace = 0;
1925 break;
1926
1927 case LOG_FMT_HDRREQUEST: // %hr
1928 /* request header */
1929 if (fe->nb_req_cap && s->req_cap) {
1930 if (tmp->options & LOG_OPT_QUOTE)
1931 LOGCHAR('"');
1932 LOGCHAR('{');
1933 for (hdr = 0; hdr < fe->nb_req_cap; hdr++) {
1934 if (hdr)
1935 LOGCHAR('|');
1936 if (s->req_cap[hdr] != NULL) {
1937 ret = lf_encode_string(tmplog, dst + maxsize,
1938 '#', hdr_encode_map, s->req_cap[hdr], tmp);
1939 if (ret == NULL || *ret != '\0')
1940 goto out;
1941 tmplog = ret;
1942 }
1943 }
1944 LOGCHAR('}');
1945 if (tmp->options & LOG_OPT_QUOTE)
1946 LOGCHAR('"');
1947 last_isspace = 0;
1948 }
1949 break;
1950
1951 case LOG_FMT_HDRREQUESTLIST: // %hrl
1952 /* request header list */
1953 if (fe->nb_req_cap && s->req_cap) {
1954 for (hdr = 0; hdr < fe->nb_req_cap; hdr++) {
1955 if (hdr > 0)
1956 LOGCHAR(' ');
1957 if (tmp->options & LOG_OPT_QUOTE)
1958 LOGCHAR('"');
1959 if (s->req_cap[hdr] != NULL) {
1960 ret = lf_encode_string(tmplog, dst + maxsize,
1961 '#', hdr_encode_map, s->req_cap[hdr], tmp);
1962 if (ret == NULL || *ret != '\0')
1963 goto out;
1964 tmplog = ret;
1965 } else if (!(tmp->options & LOG_OPT_QUOTE))
1966 LOGCHAR('-');
1967 if (tmp->options & LOG_OPT_QUOTE)
1968 LOGCHAR('"');
1969 last_isspace = 0;
1970 }
1971 }
1972 break;
1973
1974
1975 case LOG_FMT_HDRRESPONS: // %hs
1976 /* response header */
1977 if (fe->nb_rsp_cap && s->res_cap) {
1978 if (tmp->options & LOG_OPT_QUOTE)
1979 LOGCHAR('"');
1980 LOGCHAR('{');
1981 for (hdr = 0; hdr < fe->nb_rsp_cap; hdr++) {
1982 if (hdr)
1983 LOGCHAR('|');
1984 if (s->res_cap[hdr] != NULL) {
1985 ret = lf_encode_string(tmplog, dst + maxsize,
1986 '#', hdr_encode_map, s->res_cap[hdr], tmp);
1987 if (ret == NULL || *ret != '\0')
1988 goto out;
1989 tmplog = ret;
1990 }
1991 }
1992 LOGCHAR('}');
1993 last_isspace = 0;
1994 if (tmp->options & LOG_OPT_QUOTE)
1995 LOGCHAR('"');
1996 }
1997 break;
1998
1999 case LOG_FMT_HDRRESPONSLIST: // %hsl
2000 /* response header list */
2001 if (fe->nb_rsp_cap && s->res_cap) {
2002 for (hdr = 0; hdr < fe->nb_rsp_cap; hdr++) {
2003 if (hdr > 0)
2004 LOGCHAR(' ');
2005 if (tmp->options & LOG_OPT_QUOTE)
2006 LOGCHAR('"');
2007 if (s->res_cap[hdr] != NULL) {
2008 ret = lf_encode_string(tmplog, dst + maxsize,
2009 '#', hdr_encode_map, s->res_cap[hdr], tmp);
2010 if (ret == NULL || *ret != '\0')
2011 goto out;
2012 tmplog = ret;
2013 } else if (!(tmp->options & LOG_OPT_QUOTE))
2014 LOGCHAR('-');
2015 if (tmp->options & LOG_OPT_QUOTE)
2016 LOGCHAR('"');
2017 last_isspace = 0;
2018 }
2019 }
2020 break;
2021
2022 case LOG_FMT_REQ: // %r
2023 /* Request */
2024 if (tmp->options & LOG_OPT_QUOTE)
2025 LOGCHAR('"');
2026 uri = txn && txn->uri ? txn->uri : "<BADREQ>";
2027 ret = lf_encode_string(tmplog, dst + maxsize,
2028 '#', url_encode_map, uri, tmp);
2029 if (ret == NULL || *ret != '\0')
2030 goto out;
2031 tmplog = ret;
2032 if (tmp->options & LOG_OPT_QUOTE)
2033 LOGCHAR('"');
2034 last_isspace = 0;
2035 break;
2036
2037 case LOG_FMT_HTTP_PATH: // %HP
2038 uri = txn && txn->uri ? txn->uri : "<BADREQ>";
2039
2040 if (tmp->options & LOG_OPT_QUOTE)
2041 LOGCHAR('"');
2042
2043 end = uri + strlen(uri);
2044 // look for the first whitespace character
2045 while (uri < end && !HTTP_IS_SPHT(*uri))
2046 uri++;
2047
2048 // keep advancing past multiple spaces
2049 while (uri < end && HTTP_IS_SPHT(*uri)) {
2050 uri++; nspaces++;
2051 }
2052
2053 // look for first space or question mark after url
2054 spc = uri;
2055 while (spc < end && *spc != '?' && !HTTP_IS_SPHT(*spc))
2056 spc++;
2057
2058 if (!txn || !txn->uri || nspaces == 0) {
2059 chunk.str = "<BADREQ>";
2060 chunk.len = strlen("<BADREQ>");
2061 } else {
2062 chunk.str = uri;
2063 chunk.len = spc - uri;
2064 }
2065
2066 ret = lf_encode_chunk(tmplog, dst + maxsize, '#', url_encode_map, &chunk, tmp);
2067 if (ret == NULL || *ret != '\0')
2068 goto out;
2069
2070 tmplog = ret;
2071 if (tmp->options & LOG_OPT_QUOTE)
2072 LOGCHAR('"');
2073
2074 last_isspace = 0;
2075 break;
2076
2077 case LOG_FMT_HTTP_QUERY: // %HQ
2078 if (tmp->options & LOG_OPT_QUOTE)
2079 LOGCHAR('"');
2080
2081 if (!txn || !txn->uri) {
2082 chunk.str = "<BADREQ>";
2083 chunk.len = strlen("<BADREQ>");
2084 } else {
2085 uri = txn->uri;
2086 end = uri + strlen(uri);
2087 // look for the first question mark
2088 while (uri < end && *uri != '?')
2089 uri++;
2090
2091 qmark = uri;
2092 // look for first space or question mark after url
2093 while (uri < end && !HTTP_IS_SPHT(*uri))
2094 uri++;
2095
2096 chunk.str = qmark;
2097 chunk.len = uri - qmark;
2098 }
2099
2100 ret = lf_encode_chunk(tmplog, dst + maxsize, '#', url_encode_map, &chunk, tmp);
2101 if (ret == NULL || *ret != '\0')
2102 goto out;
2103
2104 tmplog = ret;
2105 if (tmp->options & LOG_OPT_QUOTE)
2106 LOGCHAR('"');
2107
2108 last_isspace = 0;
2109 break;
2110
2111 case LOG_FMT_HTTP_URI: // %HU
2112 uri = txn && txn->uri ? txn->uri : "<BADREQ>";
2113
2114 if (tmp->options & LOG_OPT_QUOTE)
2115 LOGCHAR('"');
2116
2117 end = uri + strlen(uri);
2118 // look for the first whitespace character
2119 while (uri < end && !HTTP_IS_SPHT(*uri))
2120 uri++;
2121
2122 // keep advancing past multiple spaces
2123 while (uri < end && HTTP_IS_SPHT(*uri)) {
2124 uri++; nspaces++;
2125 }
2126
2127 // look for first space after url
2128 spc = uri;
2129 while (spc < end && !HTTP_IS_SPHT(*spc))
2130 spc++;
2131
2132 if (!txn || !txn->uri || nspaces == 0) {
2133 chunk.str = "<BADREQ>";
2134 chunk.len = strlen("<BADREQ>");
2135 } else {
2136 chunk.str = uri;
2137 chunk.len = spc - uri;
2138 }
2139
2140 ret = lf_encode_chunk(tmplog, dst + maxsize, '#', url_encode_map, &chunk, tmp);
2141 if (ret == NULL || *ret != '\0')
2142 goto out;
2143
2144 tmplog = ret;
2145 if (tmp->options & LOG_OPT_QUOTE)
2146 LOGCHAR('"');
2147
2148 last_isspace = 0;
2149 break;
2150
2151 case LOG_FMT_HTTP_METHOD: // %HM
2152 uri = txn && txn->uri ? txn->uri : "<BADREQ>";
2153 if (tmp->options & LOG_OPT_QUOTE)
2154 LOGCHAR('"');
2155
2156 end = uri + strlen(uri);
2157 // look for the first whitespace character
2158 spc = uri;
2159 while (spc < end && !HTTP_IS_SPHT(*spc))
2160 spc++;
2161
2162 if (spc == end) { // odd case, we have txn->uri, but we only got a verb
2163 chunk.str = "<BADREQ>";
2164 chunk.len = strlen("<BADREQ>");
2165 } else {
2166 chunk.str = uri;
2167 chunk.len = spc - uri;
2168 }
2169
2170 ret = lf_encode_chunk(tmplog, dst + maxsize, '#', url_encode_map, &chunk, tmp);
2171 if (ret == NULL || *ret != '\0')
2172 goto out;
2173
2174 tmplog = ret;
2175 if (tmp->options & LOG_OPT_QUOTE)
2176 LOGCHAR('"');
2177
2178 last_isspace = 0;
2179 break;
2180
2181 case LOG_FMT_HTTP_VERSION: // %HV
2182 uri = txn && txn->uri ? txn->uri : "<BADREQ>";
2183 if (tmp->options & LOG_OPT_QUOTE)
2184 LOGCHAR('"');
2185
2186 end = uri + strlen(uri);
2187 // look for the first whitespace character
2188 while (uri < end && !HTTP_IS_SPHT(*uri))
2189 uri++;
2190
2191 // keep advancing past multiple spaces
2192 while (uri < end && HTTP_IS_SPHT(*uri)) {
2193 uri++; nspaces++;
2194 }
2195
2196 // look for the next whitespace character
2197 while (uri < end && !HTTP_IS_SPHT(*uri))
2198 uri++;
2199
2200 // keep advancing past multiple spaces
2201 while (uri < end && HTTP_IS_SPHT(*uri))
2202 uri++;
2203
2204 if (!txn || !txn->uri || nspaces == 0) {
2205 chunk.str = "<BADREQ>";
2206 chunk.len = strlen("<BADREQ>");
2207 } else if (uri == end) {
2208 chunk.str = "HTTP/0.9";
2209 chunk.len = strlen("HTTP/0.9");
2210 } else {
2211 chunk.str = uri;
2212 chunk.len = end - uri;
2213 }
2214
2215 ret = lf_encode_chunk(tmplog, dst + maxsize, '#', url_encode_map, &chunk, tmp);
2216 if (ret == NULL || *ret != '\0')
2217 goto out;
2218
2219 tmplog = ret;
2220 if (tmp->options & LOG_OPT_QUOTE)
2221 LOGCHAR('"');
2222
2223 last_isspace = 0;
2224 break;
2225
2226 case LOG_FMT_COUNTER: // %rt
2227 if (tmp->options & LOG_OPT_HEXA) {
2228 iret = snprintf(tmplog, dst + maxsize - tmplog, "%04X", s->uniq_id);
2229 if (iret < 0 || iret > dst + maxsize - tmplog)
2230 goto out;
2231 last_isspace = 0;
2232 tmplog += iret;
2233 } else {
2234 ret = ltoa_o(s->uniq_id, tmplog, dst + maxsize - tmplog);
2235 if (ret == NULL)
2236 goto out;
2237 tmplog = ret;
2238 last_isspace = 0;
2239 }
2240 break;
2241
2242 case LOG_FMT_LOGCNT: // %lc
2243 if (tmp->options & LOG_OPT_HEXA) {
2244 iret = snprintf(tmplog, dst + maxsize - tmplog, "%04X", fe->log_count);
2245 if (iret < 0 || iret > dst + maxsize - tmplog)
2246 goto out;
2247 last_isspace = 0;
2248 tmplog += iret;
2249 } else {
2250 ret = ultoa_o(fe->log_count, tmplog, dst + maxsize - tmplog);
2251 if (ret == NULL)
2252 goto out;
2253 tmplog = ret;
2254 last_isspace = 0;
2255 }
2256 break;
2257
2258 case LOG_FMT_HOSTNAME: // %H
2259 src = hostname;
2260 ret = lf_text(tmplog, src, dst + maxsize - tmplog, tmp);
2261 if (ret == NULL)
2262 goto out;
2263 tmplog = ret;
2264 last_isspace = 0;
2265 break;
2266
2267 case LOG_FMT_PID: // %pid
2268 if (tmp->options & LOG_OPT_HEXA) {
2269 iret = snprintf(tmplog, dst + maxsize - tmplog, "%04X", pid);
2270 if (iret < 0 || iret > dst + maxsize - tmplog)
2271 goto out;
2272 last_isspace = 0;
2273 tmplog += iret;
2274 } else {
2275 ret = ltoa_o(pid, tmplog, dst + maxsize - tmplog);
2276 if (ret == NULL)
2277 goto out;
2278 tmplog = ret;
2279 last_isspace = 0;
2280 }
2281 break;
2282
2283 case LOG_FMT_UNIQUEID: // %ID
2284 ret = NULL;
2285 src = s->unique_id;
2286 ret = lf_text(tmplog, src, maxsize - (tmplog - dst), tmp);
2287 if (ret == NULL)
2288 goto out;
2289 tmplog = ret;
2290 last_isspace = 0;
2291 break;
2292
2293 }
2294 }
2295
2296 out:
2297 /* *tmplog is a unused character */
2298 *tmplog = '\0';
2299 return tmplog - dst;
2300
2301 }
2302
2303 /*
2304 * send a log for the stream when we have enough info about it.
2305 * Will not log if the frontend has no log defined.
2306 */
strm_log(struct stream * s)2307 void strm_log(struct stream *s)
2308 {
2309 struct session *sess = s->sess;
2310 int size, err, level;
2311 int sd_size = 0;
2312
2313 /* if we don't want to log normal traffic, return now */
2314 err = (s->flags & SF_REDISP) ||
2315 ((s->flags & SF_ERR_MASK) > SF_ERR_LOCAL) ||
2316 (((s->flags & SF_ERR_MASK) == SF_ERR_NONE) &&
2317 (s->si[1].conn_retries != s->be->conn_retries)) ||
2318 ((sess->fe->mode == PR_MODE_HTTP) && s->txn && s->txn->status >= 500);
2319
2320 if (!err && (sess->fe->options2 & PR_O2_NOLOGNORM))
2321 return;
2322
2323 if (LIST_ISEMPTY(&sess->fe->logsrvs))
2324 return;
2325
2326 if (s->logs.level) { /* loglevel was overridden */
2327 if (s->logs.level == -1) {
2328 s->logs.logwait = 0; /* logs disabled */
2329 return;
2330 }
2331 level = s->logs.level - 1;
2332 }
2333 else {
2334 level = LOG_INFO;
2335 if (err && (sess->fe->options2 & PR_O2_LOGERRORS))
2336 level = LOG_ERR;
2337 }
2338
2339 /* if unique-id was not generated */
2340 if (!s->unique_id && !LIST_ISEMPTY(&sess->fe->format_unique_id)) {
2341 if ((s->unique_id = pool_alloc2(pool2_uniqueid)) != NULL)
2342 build_logline(s, s->unique_id, UNIQUEID_LEN, &sess->fe->format_unique_id);
2343 }
2344
2345 if (!LIST_ISEMPTY(&sess->fe->logformat_sd)) {
2346 sd_size = build_logline(s, logline_rfc5424, global.max_syslog_len,
2347 &sess->fe->logformat_sd);
2348 }
2349
2350 size = build_logline(s, logline, global.max_syslog_len, &sess->fe->logformat);
2351 if (size > 0) {
2352 sess->fe->log_count++;
2353 __send_log(sess->fe, level, logline, size + 1, logline_rfc5424, sd_size);
2354 s->logs.logwait = 0;
2355 }
2356 }
2357
2358 /*
2359 * Local variables:
2360 * c-indent-level: 8
2361 * c-basic-offset: 8
2362 * End:
2363 */
2364