svn commit: r310528 - head/usr.sbin/syslogd
Hiroki Sato
hrs at FreeBSD.org
Sat Dec 24 23:29:52 UTC 2016
Author: hrs
Date: Sat Dec 24 23:29:50 2016
New Revision: 310528
URL: https://svnweb.freebsd.org/changeset/base/310528
Log:
- Fix -N flag (NoBind) for AF_LOCAL sockets.
- Do setsockopt(SO_RCVBUF) for AF_LOCAL sockets regardless of -s flag.
Modified:
head/usr.sbin/syslogd/syslogd.c
Modified: head/usr.sbin/syslogd/syslogd.c
==============================================================================
--- head/usr.sbin/syslogd/syslogd.c Sat Dec 24 22:51:02 2016 (r310527)
+++ head/usr.sbin/syslogd/syslogd.c Sat Dec 24 23:29:50 2016 (r310528)
@@ -2873,9 +2873,8 @@ socksetup(struct peer *pe)
for (res = res0; res != NULL; res = res->ai_next) {
int s;
- if (res->ai_family == AF_LOCAL)
- unlink(pe->pe_name);
- else if (SecureMode > 1) {
+ if (res->ai_family != AF_LOCAL &&
+ SecureMode > 1) {
/* Only AF_LOCAL in secure mode. */
continue;
}
@@ -2907,26 +2906,36 @@ socksetup(struct peer *pe)
error++;
continue;
}
+
/*
- * RFC 3164 recommends that client side message
- * should come from the privileged syslogd port.
+ * Bind INET and UNIX-domain sockets.
+ *
+ * A UNIX-domain socket is always bound to a pathname
+ * regardless of -N flag.
*
- * If the system administrator choose not to obey
+ * For INET sockets, RFC 3164 recommends that client
+ * side message should come from the privileged syslogd port.
+ *
+ * If the system administrator chooses not to obey
* this, we can skip the bind() step so that the
* system will choose a port for us.
*/
- if (NoBind == 0) {
+ if (res->ai_family == AF_LOCAL)
+ unlink(pe->pe_name);
+ if (res->ai_family == AF_LOCAL ||
+ NoBind == 0 || pe->pe_name != NULL) {
if (bind(s, res->ai_addr, res->ai_addrlen) < 0) {
logerror("bind");
close(s);
error++;
continue;
}
- if (SecureMode == 0)
+ if (res->ai_family == AF_LOCAL ||
+ SecureMode == 0)
increase_rcvbuf(s);
}
if (res->ai_family == AF_LOCAL &&
- chmod(pe->pe_name, pe->pe_mode) < 0) {
+ chmod(pe->pe_name, pe->pe_mode) < 0) {
dprintf("chmod %s: %s\n", pe->pe_name,
strerror(errno));
close(s);
@@ -2936,7 +2945,7 @@ socksetup(struct peer *pe)
dprintf("new socket fd is %d\n", s);
listen(s, 5);
dprintf("shutdown\n");
- if (SecureMode) {
+ if (SecureMode || res->ai_family == AF_LOCAL) {
/* Forbid communication in secure mode. */
if (shutdown(s, SHUT_RD) < 0 &&
errno != ENOTCONN) {
@@ -2944,9 +2953,9 @@ socksetup(struct peer *pe)
if (!Debug)
die(0);
}
- dprintf("listening on inet socket\n");
+ dprintf("listening on socket\n");
} else
- dprintf("sending on inet socket\n");
+ dprintf("sending on socket\n");
addsock(res->ai_addr, res->ai_addrlen,
&(struct socklist){
.sl_socket = s,
More information about the svn-src-all
mailing list