diff options
| author | Michael Biebl <biebl@debian.org> | 2013-04-25 15:08:26 +0200 |
|---|---|---|
| committer | Michael Biebl <biebl@debian.org> | 2013-04-25 15:08:26 +0200 |
| commit | af4b19f57c2fb22719faa1b4ece7713c220ad593 (patch) | |
| tree | 6438983a5ceaabd5a5ccedfa9ab0d9f640453432 | |
| parent | 43371cc133b3c9489b7b39f33d60560421e2cc26 (diff) | |
| parent | 4b0c6b727da98c61470fa2de20396ba6f284c417 (diff) | |
| download | rsyslog-af4b19f57c2fb22719faa1b4ece7713c220ad593.tar.gz | |
Merge tag 'upstream/7.3.12' into experimental
Upstream version 7.3.12
| -rw-r--r-- | ChangeLog | 23 | ||||
| -rw-r--r-- | Makefile.am | 2 | ||||
| -rw-r--r-- | Makefile.in | 4 | ||||
| -rw-r--r-- | action.c | 1 | ||||
| -rw-r--r-- | compat/Makefile.am | 2 | ||||
| -rw-r--r-- | compat/Makefile.in | 2 | ||||
| -rwxr-xr-x | compat/getifaddrs.c | 10 | ||||
| -rwxr-xr-x | compat/ifaddrs.h | 89 | ||||
| -rwxr-xr-x | configure | 30 | ||||
| -rw-r--r-- | configure.ac | 10 | ||||
| -rw-r--r-- | doc/manual.html | 2 | ||||
| -rw-r--r-- | doc/omfwd.html | 2 | ||||
| -rw-r--r-- | doc/rsyslog_conf_basic_structure.html | 2 | ||||
| -rw-r--r-- | doc/rsyslog_conf_modules.html | 1 | ||||
| -rw-r--r-- | plugins/omelasticsearch/omelasticsearch.c | 122 | ||||
| -rw-r--r-- | plugins/omudpspoof/omudpspoof.c | 3 | ||||
| -rw-r--r-- | runtime/Makefile.am | 2 | ||||
| -rw-r--r-- | runtime/Makefile.in | 2 | ||||
| -rw-r--r-- | runtime/libgcry.c | 2 | ||||
| -rw-r--r-- | runtime/libgcry.h | 4 | ||||
| -rw-r--r-- | runtime/librsgt.c | 3 | ||||
| -rw-r--r-- | runtime/lmcry_gcry.c | 5 | ||||
| -rw-r--r-- | runtime/lmsig_gt.c | 8 | ||||
| -rw-r--r-- | runtime/queue.c | 2 | ||||
| -rw-r--r-- | runtime/rsyslog.h | 16 | ||||
| -rw-r--r-- | runtime/stream.c | 3 | ||||
| -rw-r--r-- | tools/Makefile.am | 1 | ||||
| -rw-r--r-- | tools/Makefile.in | 4 | ||||
| -rw-r--r-- | tools/rscryutil.rst | 199 | ||||
| -rw-r--r-- | tools/syslogd.c | 3 |
30 files changed, 478 insertions, 81 deletions
@@ -1,4 +1,27 @@ --------------------------------------------------------------------------- +Version 7.3.12 [devel] 2013-04-25 +- added doc for omelasticsearch + Thanks to Radu Gheorghe for the doc contribution. +- omelasticsearch: _id field support for bulk operations + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=392 + Thanks to Jérôme Renard for the idea and patches. +- max number of templates for plugin use has been increased to five +- platform compatibility enhancement: solve compile issue with libgcrypt + do not use GCRY_CIPHER_MODE_AESWRAP where not available +- fix compile on Solaris + Thanks to Martin Carpenter for the patch. +- bugfix: off-by-one error in handling local FQDN name (regression) + A remporary buffer was allocated one byte too small. Did only + affect startup, not actual operations. Came up during routine tests, + and can have no effect once the engine runs. Bug was introduced in + 7.3.11. +- bugfix: build problems on Solaris + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=436 +- bugfix: block size limit was not properly honored +- bugfix: potential segfault in guardtime signature provider + it could segfault if an error was reported by the GuardTime API, because + an invalid free could happen then +--------------------------------------------------------------------------- Version 7.3.11 [devel] 2013-04-23 - added support for encrypting log files - omhiredis: added support for redis pipeline support diff --git a/Makefile.am b/Makefile.am index 663e15d..b39b495 100644 --- a/Makefile.am +++ b/Makefile.am @@ -71,7 +71,7 @@ EXTRA_DIST = \ contrib/gnutls/key.pem \ rsyslog.service.in -SUBDIRS = doc runtime grammar compat . plugins/immark plugins/imuxsock plugins/imtcp plugins/imudp plugins/omtesting +SUBDIRS = doc compat runtime grammar . plugins/immark plugins/imuxsock plugins/imtcp plugins/imudp plugins/omtesting if ENABLE_RSYSLOGD SUBDIRS += tools diff --git a/Makefile.in b/Makefile.in index c085957..6859049 100644 --- a/Makefile.in +++ b/Makefile.in @@ -245,7 +245,7 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ ETAGS = etags CTAGS = ctags CSCOPE = cscope -DIST_SUBDIRS = doc runtime grammar compat . plugins/immark \ +DIST_SUBDIRS = doc compat runtime grammar . plugins/immark \ plugins/imuxsock plugins/imtcp plugins/imudp plugins/omtesting \ tools plugins/imklog plugins/imkmsg plugins/impstats \ plugins/imsolaris plugins/omgssapi plugins/imgssapi \ @@ -543,7 +543,7 @@ EXTRA_DIST = \ # tests are added as last element, because tests may need different # modules that need to be generated first -SUBDIRS = doc runtime grammar compat . plugins/immark plugins/imuxsock \ +SUBDIRS = doc compat runtime grammar . plugins/immark plugins/imuxsock \ plugins/imtcp plugins/imudp plugins/omtesting $(am__append_3) \ $(am__append_4) $(am__append_5) $(am__append_6) \ $(am__append_7) $(am__append_8) $(am__append_9) \ @@ -1277,7 +1277,6 @@ processBatchMain(action_t *pAction, batch_t *pBatch, int *pbShutdownImmediate) if(pbShutdownImmediate != NULL) { pbShutdownImmdtSave = pBatch->pbShutdownImmediate; pBatch->pbShutdownImmediate = pbShutdownImmediate; -dbgprintf("DDDD: processBatchMain ShutdownImmediate is %p, was %p\n", pBatch->pbShutdownImmediate, pbShutdownImmdtSave); } CHKiRet(prepareBatch(pAction, pBatch, &activeSave, &bMustRestoreActivePtr)); diff --git a/compat/Makefile.am b/compat/Makefile.am index 78c298e..f580a38 100644 --- a/compat/Makefile.am +++ b/compat/Makefile.am @@ -1,6 +1,6 @@ noinst_LTLIBRARIES = compat.la -compat_la_SOURCES = getifaddrs.c +compat_la_SOURCES = getifaddrs.c ifaddrs.h compat_la_CPPFLAGS = -I$(top_srcdir) $(PTHREADS_CFLAGS) $(RSRT_CFLAGS) compat_la_LDFLAGS = -module -avoid-version compat_la_LIBADD = $(IMUDP_LIBS) diff --git a/compat/Makefile.in b/compat/Makefile.in index 8fa73e6..99bcb9a 100644 --- a/compat/Makefile.in +++ b/compat/Makefile.in @@ -305,7 +305,7 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ noinst_LTLIBRARIES = compat.la -compat_la_SOURCES = getifaddrs.c +compat_la_SOURCES = getifaddrs.c ifaddrs.h compat_la_CPPFLAGS = -I$(top_srcdir) $(PTHREADS_CFLAGS) $(RSRT_CFLAGS) compat_la_LDFLAGS = -module -avoid-version compat_la_LIBADD = $(IMUDP_LIBS) diff --git a/compat/getifaddrs.c b/compat/getifaddrs.c index 8acd484..25d04d4 100755 --- a/compat/getifaddrs.c +++ b/compat/getifaddrs.c @@ -36,7 +36,15 @@ #include <stdlib.h> #include <net/if.h> #include <ifaddrs.h> -#include <libsocket_priv.h> + +/* Normally this is defined in <net/if.h> but was new for Solaris 11 */ +#ifndef LIFC_ENABLED +#define LIFC_ENABLED 0x20 +#endif + +int getallifaddrs(sa_family_t af, struct ifaddrs **ifap, int64_t flags); +int getallifs(int s, sa_family_t af, struct lifreq **lifr, int *numifs, + int64_t lifc_flags); /* * Create a linked list of `struct ifaddrs' structures, one for each diff --git a/compat/ifaddrs.h b/compat/ifaddrs.h new file mode 100755 index 0000000..ec359c1 --- /dev/null +++ b/compat/ifaddrs.h @@ -0,0 +1,89 @@ +#include "config.h" +#ifndef HAVE_GETIFADDRS +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + */ +#ifndef _IFADDRS_H +#define _IFADDRS_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include <sys/types.h> + +/* + * The `getifaddrs' function generates a linked list of these structures. + * Each element of the list describes one network interface. + */ +#if defined(_INT64_TYPE) +struct ifaddrs { + struct ifaddrs *ifa_next; /* Pointer to the next structure. */ + char *ifa_name; /* Name of this network interface. */ + uint64_t ifa_flags; /* Flags as from SIOCGLIFFLAGS ioctl. */ + struct sockaddr *ifa_addr; /* Network address of this interface. */ + struct sockaddr *ifa_netmask; /* Netmask of this interface. */ + union { + /* + * At most one of the following two is valid. If the + * IFF_BROADCAST bit is set in `ifa_flags', then + * `ifa_broadaddr' is valid. If the IFF_POINTOPOINT bit is + * set, then `ifa_dstaddr' is valid. It is never the case that + * both these bits are set at once. + */ + struct sockaddr *ifu_broadaddr; + struct sockaddr *ifu_dstaddr; + } ifa_ifu; + void *ifa_data; /* Address-specific data (may be unused). */ +/* + * This may have been defined in <net/if.h>. + */ +#ifndef ifa_broadaddr +#define ifa_broadaddr ifa_ifu.ifu_broadaddr /* broadcast address */ +#endif +#ifndef ifa_dstaddr +#define ifa_dstaddr ifa_ifu.ifu_dstaddr /* other end of p-to-p link */ +#endif +}; +#endif + +/* + * Create a linked list of `struct ifaddrs' structures, one for each + * network interface on the host machine. If successful, store the + * list in *ifap and return 0. On errors, return -1 and set `errno'. + * + * The storage returned in *ifap is allocated dynamically and can + * only be properly freed by passing it to `freeifaddrs'. + */ +extern int getifaddrs(struct ifaddrs **); + +/* Reclaim the storage allocated by a previous `getifaddrs' call. */ +extern void freeifaddrs(struct ifaddrs *); + + +#ifdef __cplusplus +} +#endif + +#endif /* _IFADDRS_H */ +#endif /* HAVE_GETIFADDRS */ @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for rsyslog 7.3.11. +# Generated by GNU Autoconf 2.69 for rsyslog 7.3.12. # # Report bugs to <rsyslog@lists.adiscon.com>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='rsyslog' PACKAGE_TARNAME='rsyslog' -PACKAGE_VERSION='7.3.11' -PACKAGE_STRING='rsyslog 7.3.11' +PACKAGE_VERSION='7.3.12' +PACKAGE_STRING='rsyslog 7.3.12' PACKAGE_BUGREPORT='rsyslog@lists.adiscon.com' PACKAGE_URL='' @@ -1602,7 +1602,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures rsyslog 7.3.11 to adapt to many kinds of systems. +\`configure' configures rsyslog 7.3.12 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1672,7 +1672,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of rsyslog 7.3.11:";; + short | recursive ) echo "Configuration of rsyslog 7.3.12:";; esac cat <<\_ACEOF @@ -1719,7 +1719,8 @@ Optional Features: --enable-uuid Enable support for uuid generation [default=yes] --enable-elasticsearch Enable elasticsearch output module [default=no] --enable-gnutls Enable GNU TLS support [default=no] - --enable-libgcrypt Enable libgcrypt support [default=yes] + --enable-libgcrypt Enable log file encryption support (libgcrypt) + [default=yes] --enable-rsyslogrt Build rsyslogrt [default=yes] --enable-rsyslogd Build rsyslogd [default=yes] --enable-extended-tests extended testbench [default=no] @@ -1732,7 +1733,8 @@ Optional Features: --enable-mmaudit Enable building mmaudit support [default=no] --enable-mmanon Enable building mmanon support [default=no] --enable-relp Enable RELP support [default=no] - --enable-guardtime Enable GuardTime support [default=no] + --enable-guardtime Enable log file signing support (via GuardTime) + [default=no] --enable-rfc3195 Enable RFC3195 support [default=no] --enable-testbench testbench enabled [default=yes] --enable-imfile file input module enabled [default=no] @@ -1909,7 +1911,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -rsyslog configure 7.3.11 +rsyslog configure 7.3.12 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2489,7 +2491,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by rsyslog $as_me 7.3.11, which was +It was created by rsyslog $as_me 7.3.12, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3313,7 +3315,7 @@ fi # Define the identity of the package. PACKAGE='rsyslog' - VERSION='7.3.11' + VERSION='7.3.12' cat >>confdefs.h <<_ACEOF @@ -20634,7 +20636,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by rsyslog $as_me 7.3.11, which was +This file was extended by rsyslog $as_me 7.3.12, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20700,7 +20702,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -rsyslog config.status 7.3.11 +rsyslog config.status 7.3.12 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -22534,8 +22536,8 @@ echo " rsyslogd will be built: $enable_rsyslogd" echo " GUI components will be built: $enable_gui" echo " Unlimited select() support enabled: $enable_unlimited_select" echo " uuid support enabled: $enable_uuid" -echo " GuardTime signature support enabled: $enable_guardtime" -echo " libgcrypt support enabled: $enable_libgcrypt" +echo " Log file signing support: $enable_guardtime" +echo " Log file encryption support: $enable_libgcrypt" echo " anonymization support enabled: $enable_mmanon" echo echo "---{ input plugins }---" diff --git a/configure.ac b/configure.ac index 352404d..87b65e8 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([rsyslog],[7.3.11],[rsyslog@lists.adiscon.com]) +AC_INIT([rsyslog],[7.3.12],[rsyslog@lists.adiscon.com]) AM_INIT_AUTOMAKE m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) @@ -775,7 +775,7 @@ AM_CONDITIONAL(ENABLE_GNUTLS, test x$enable_gnutls = xyes) # libgcrypt support AC_ARG_ENABLE(libgcrypt, - [AS_HELP_STRING([--enable-libgcrypt],[Enable libgcrypt support @<:@default=yes@:>@])], + [AS_HELP_STRING([--enable-libgcrypt],[Enable log file encryption support (libgcrypt) @<:@default=yes@:>@])], [case "${enableval}" in yes) enable_libgcrypt="yes" ;; no) enable_libgcrypt="no" ;; @@ -985,7 +985,7 @@ AM_CONDITIONAL(ENABLE_RELP, test x$enable_relp = xyes) # GuardTime support AC_ARG_ENABLE(guardtime, - [AS_HELP_STRING([--enable-guardtime],[Enable GuardTime support @<:@default=no@:>@])], + [AS_HELP_STRING([--enable-guardtime],[Enable log file signing support (via GuardTime) @<:@default=no@:>@])], [case "${enableval}" in yes) enable_guardtime="yes" ;; no) enable_guardtime="no" ;; @@ -1456,8 +1456,8 @@ echo " rsyslogd will be built: $enable_rsyslogd" echo " GUI components will be built: $enable_gui" echo " Unlimited select() support enabled: $enable_unlimited_select" echo " uuid support enabled: $enable_uuid" -echo " GuardTime signature support enabled: $enable_guardtime" -echo " libgcrypt support enabled: $enable_libgcrypt" +echo " Log file signing support: $enable_guardtime" +echo " Log file encryption support: $enable_libgcrypt" echo " anonymization support enabled: $enable_mmanon" echo echo "---{ input plugins }---" diff --git a/doc/manual.html b/doc/manual.html index 3605dd5..e474906 100644 --- a/doc/manual.html +++ b/doc/manual.html @@ -19,7 +19,7 @@ professional services</a> available directly from the source!</p> <p><b>Please visit the <a href="http://www.rsyslog.com/sponsors">rsyslog sponsor's page</a> to honor the project sponsors or become one yourself!</b> We are very grateful for any help towards the project goals.</p> -<p><b>This documentation is for version 7.3.11 (devel branch) of rsyslog.</b> +<p><b>This documentation is for version 7.3.12 (devel branch) of rsyslog.</b> Visit the <i><a href="http://www.rsyslog.com/status">rsyslog status page</a></i></b> to obtain current version information and project status. </p><p><b>If you like rsyslog, you might diff --git a/doc/omfwd.html b/doc/omfwd.html index fb9145e..53f9e52 100644 --- a/doc/omfwd.html +++ b/doc/omfwd.html @@ -59,7 +59,7 @@ <p><b>Caveats/Known Bugs:</b></p><ul><li>None.</li></ul> <p><b>Sample:</b></p> <p>The following command sends all syslog messages to a remote server via TCP port 10514.</p> -<textarea rows="5" cols="60">Module (path="builtin:omfwd") +<textarea rows="5" cols="60">Module (load="builtin:omfwd") *.* action(type="omfwd" Target="192.168.2.11" Port="10514" diff --git a/doc/rsyslog_conf_basic_structure.html b/doc/rsyslog_conf_basic_structure.html index 00a700d..f5d4891 100644 --- a/doc/rsyslog_conf_basic_structure.html +++ b/doc/rsyslog_conf_basic_structure.html @@ -80,7 +80,7 @@ A ruleset can be "bound" (assigned) to a specific input. In the analogy, this me a message comes in via that input, the "program" (ruleset) bound to it will be executed (but not any other!). <p>There is detail documentation available for -<a href="multi_ruleset">rsyslog rulesets</a>. +<a href="multi_ruleset.html">rsyslog rulesets</a>. <p>For quick reference, rulesets are defined as follows: <pre> ruleset(name="rulesetname") { diff --git a/doc/rsyslog_conf_modules.html b/doc/rsyslog_conf_modules.html index 554b20f..2668bf2 100644 --- a/doc/rsyslog_conf_modules.html +++ b/doc/rsyslog_conf_modules.html @@ -74,6 +74,7 @@ permits rsyslog to alert folks by mail if something important happens</li> <li><a href="omuxsock.html">omuxsock</a> - output module Unix domain sockets</li> <li><a href="omhdfs.html">omhdfs</a> - output module for Hadoop's HDFS file system</li> <li><a href="ommongodb.html">ommongodb</a> - output module for MongoDB</li> +<li><a href="omelasticsearch.html">omelasticsearch</a> - output module for ElasticSearch</li> </ul> <a name="pm"></a><h2>Parser Modules</h2> diff --git a/plugins/omelasticsearch/omelasticsearch.c b/plugins/omelasticsearch/omelasticsearch.c index f27fe62..33e58c1 100644 --- a/plugins/omelasticsearch/omelasticsearch.c +++ b/plugins/omelasticsearch/omelasticsearch.c @@ -11,11 +11,11 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 * -or- * see COPYING.ASL20 in the source distribution - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -79,12 +79,14 @@ typedef struct _instanceData { uchar *parent; uchar *tplName; uchar *timeout; + uchar *bulkId; uchar *restURL; /* last used URL for error reporting */ uchar *errorFile; char *reply; sbool dynSrchIdx; sbool dynSrchType; sbool dynParent; + sbool dynBulkId; sbool bulkmode; sbool asyncRepl; struct { @@ -114,7 +116,9 @@ static struct cnfparamdescr actpdescr[] = { { "asyncrepl", eCmdHdlrBinary, 0 }, { "timeout", eCmdHdlrGetWord, 0 }, { "errorfile", eCmdHdlrGetWord, 0 }, - { "template", eCmdHdlrGetWord, 1 } + { "template", eCmdHdlrGetWord, 1 }, + { "dynbulkid", eCmdHdlrBinary, 0 }, + { "bulkid", eCmdHdlrGetWord, 0 }, }; static struct cnfparamblk actpblk = { CNFPARAMBLK_VERSION, @@ -156,6 +160,7 @@ CODESTARTfreeInstance free(pData->timeout); free(pData->restURL); free(pData->errorFile); + free(pData->bulkId); ENDfreeInstance BEGINdbgPrintInstInfo @@ -177,6 +182,8 @@ CODESTARTdbgPrintInstInfo dbgprintf("\tbulkmode=%d\n", pData->bulkmode); dbgprintf("\terrorfile='%s'\n", pData->errorFile == NULL ? (uchar*)"(not configured)" : pData->errorFile); + dbgprintf("\tdynbulkid=%d\n", pData->dynBulkId); + dbgprintf("\tbulkid='%s'\n", pData->bulkId); ENDdbgPrintInstInfo @@ -220,7 +227,7 @@ checkConn(instanceData *pData) cstr = es_str2cstr(url, NULL); curl_easy_setopt(curl, CURLOPT_URL, cstr); free(cstr); - + pData->reply = NULL; pData->replyLen = 0; curl_easy_setopt(curl, CURLOPT_WRITEDATA, pData); @@ -250,7 +257,8 @@ ENDtryResume /* get the current index and type for this message */ static inline void getIndexTypeAndParent(instanceData *pData, uchar **tpls, - uchar **srchIndex, uchar **srchType, uchar **parent) + uchar **srchIndex, uchar **srchType, uchar **parent, + uchar **bulkId) { if(pData->dynSrchIdx) { *srchIndex = tpls[1]; @@ -258,15 +266,27 @@ getIndexTypeAndParent(instanceData *pData, uchar **tpls, *srchType = tpls[2]; if(pData->dynParent) { *parent = tpls[3]; + if(pData->dynBulkId) { + *bulkId = tpls[4]; + } } else { *parent = pData->parent; + if(pData->dynBulkId) { + *bulkId = tpls[3]; + } } } else { *srchType = pData->searchType; if(pData->dynParent) { *parent = tpls[2]; + if(pData->dynBulkId) { + *bulkId = tpls[3]; + } } else { *parent = pData->parent; + if(pData->dynBulkId) { + *bulkId = tpls[2]; + } } } } else { @@ -275,15 +295,27 @@ getIndexTypeAndParent(instanceData *pData, uchar **tpls, *srchType = tpls[1]; if(pData->dynParent) { *parent = tpls[2]; + if(pData->dynBulkId) { + *bulkId = tpls[3]; + } } else { *parent = pData->parent; + if(pData->dynBulkId) { + *bulkId = tpls[2]; + } } } else { *srchType = pData->searchType; if(pData->dynParent) { *parent = tpls[1]; + if(pData->dynBulkId) { + *bulkId = tpls[2]; + } } else { *parent = pData->parent; + if(pData->dynBulkId) { + *bulkId = tpls[1]; + } } } } @@ -297,6 +329,7 @@ setCurlURL(instanceData *pData, uchar **tpls) uchar *searchIndex; uchar *searchType; uchar *parent; + uchar *bulkId; es_str_t *url; int rLocal; int r; @@ -308,7 +341,7 @@ setCurlURL(instanceData *pData, uchar **tpls) r = es_addBuf(&url, "_bulk", sizeof("_bulk")-1); parent = NULL; } else { - getIndexTypeAndParent(pData, tpls, &searchIndex, &searchType, &parent); + getIndexTypeAndParent(pData, tpls, &searchIndex, &searchType, &parent, &bulkId); r = es_addBuf(&url, (char*)searchIndex, ustrlen(searchIndex)); if(r == 0) r = es_addChar(&url, '/'); if(r == 0) r = es_addBuf(&url, (char*)searchType, ustrlen(searchType)); @@ -330,7 +363,7 @@ setCurlURL(instanceData *pData, uchar **tpls) free(pData->restURL); pData->restURL = (uchar*)es_str2cstr(url, NULL); - curl_easy_setopt(pData->curlHandle, CURLOPT_URL, pData->restURL); + curl_easy_setopt(pData->curlHandle, CURLOPT_URL, pData->restURL); es_deleteStr(url); DBGPRINTF("omelasticsearch: using REST URL: '%s'\n", pData->restURL); @@ -343,7 +376,7 @@ setCurlURL(instanceData *pData, uchar **tpls) rLocal); ABORT_FINALIZE(RS_RET_ERR); } - curl_easy_setopt(pData->curlHandle, CURLOPT_USERPWD, authBuf); + curl_easy_setopt(pData->curlHandle, CURLOPT_USERPWD, authBuf); curl_easy_setopt(pData->curlHandle, CURLOPT_PROXYAUTH, CURLAUTH_ANY); } finalize_it: @@ -363,13 +396,15 @@ buildBatch(instanceData *pData, uchar *message, uchar **tpls) uchar *searchIndex; uchar *searchType; uchar *parent; + uchar *bulkId = NULL; DEFiRet; # define META_STRT "{\"index\":{\"_index\": \"" # define META_TYPE "\",\"_type\":\"" # define META_PARENT "\",\"_parent\":\"" +# define META_ID "\", \"_id\":\"" # define META_END "\"}}\n" - getIndexTypeAndParent(pData, tpls, &searchIndex, &searchType, &parent); + getIndexTypeAndParent(pData, tpls, &searchIndex, &searchType, &parent, &bulkId); r = es_addBuf(&pData->batch.data, META_STRT, sizeof(META_STRT)-1); if(r == 0) r = es_addBuf(&pData->batch.data, (char*)searchIndex, ustrlen(searchIndex)); @@ -380,6 +415,10 @@ buildBatch(instanceData *pData, uchar *message, uchar **tpls) if(r == 0) r = es_addBuf(&pData->batch.data, META_PARENT, sizeof(META_PARENT)-1); if(r == 0) r = es_addBuf(&pData->batch.data, (char*)parent, ustrlen(parent)); } + if(bulkId != NULL) { + if(r == 0) r = es_addBuf(&pData->batch.data, META_ID, sizeof(META_ID)-1); + if(r == 0) r = es_addBuf(&pData->batch.data, (char*)bulkId, ustrlen(bulkId)); + } if(r == 0) r = es_addBuf(&pData->batch.data, META_END, sizeof(META_END)-1); if(r == 0) r = es_addBuf(&pData->batch.data, (char*)message, length); if(r == 0) r = es_addBuf(&pData->batch.data, "\n", sizeof("\n")-1); @@ -409,7 +448,7 @@ writeDataError(instanceData *pData, cJSON **pReplyRoot, uchar *reqmsg) ssize_t wrRet; char errStr[1024]; DEFiRet; - + if(pData->errorFile == NULL) { DBGPRINTF("omelasticsearch: no local error logger defined - " "ignoring ES error information\n"); @@ -524,7 +563,7 @@ checkResult(instanceData *pData, uchar *reqmsg) } /* Note: we ignore errors writing the error file, as we cannot handle - * these in any case. + * these in any case. */ if(iRet == RS_RET_DATAFAIL) { writeDataError(pData, &root, reqmsg); @@ -552,8 +591,8 @@ curlPost(instanceData *pData, uchar *message, int msglen, uchar **tpls) CHKiRet(setCurlURL(pData, tpls)); curl_easy_setopt(curl, CURLOPT_WRITEDATA, pData); - curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char *)message); - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, msglen); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char *)message); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, msglen); code = curl_easy_perform(curl); switch (code) { case CURLE_COULDNT_RESOLVE_HOST: @@ -649,10 +688,10 @@ curlSetup(instanceData *pData) } header = curl_slist_append(NULL, "Content-Type: text/json; charset=utf-8"); - curl_easy_setopt(handle, CURLOPT_HTTPHEADER, header); + curl_easy_setopt(handle, CURLOPT_HTTPHEADER, header); curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, curlResult); - curl_easy_setopt(handle, CURLOPT_POST, 1); + curl_easy_setopt(handle, CURLOPT_POST, 1); pData->curlHandle = handle; pData->postHeader = header; @@ -690,6 +729,8 @@ setInstParamDefaults(instanceData *pData) pData->bulkmode = 0; pData->tplName = NULL; pData->errorFile = NULL; + pData->dynBulkId= 0; + pData->bulkId = NULL; } BEGINnewActInst @@ -737,12 +778,16 @@ CODESTARTnewActInst pData->asyncRepl = pvals[i].val.d.n; } else if(!strcmp(actpblk.descr[i].name, "template")) { pData->tplName = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL); + } else if(!strcmp(actpblk.descr[i].name, "dynbulkid")) { + pData->dynBulkId = pvals[i].val.d.n; + } else if(!strcmp(actpblk.descr[i].name, "bulkid")) { + pData->bulkId = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL); } else { dbgprintf("omelasticsearch: program error, non-handled " "param '%s'\n", actpblk.descr[i].name); } } - + if(pData->pwd != NULL && pData->uid == NULL) { errmsg.LogError(0, RS_RET_UID_MISSING, "omelasticsearch: password is provided, but no uid " @@ -767,6 +812,12 @@ CODESTARTnewActInst "name for parent template given - action definition invalid"); ABORT_FINALIZE(RS_RET_CONFIG_ERROR); } + if(pData->dynBulkId && pData->bulkId == NULL) { + errmsg.LogError(0, RS_RET_CONFIG_ERROR, + "omelasticsearch: requested dynamic bulkid, but no " + "name for bulkid template given - action definition invalid"); + ABORT_FINALIZE(RS_RET_CONFIG_ERROR); + } if(pData->bulkmode) { pData->batch.currTpl1 = NULL; @@ -782,6 +833,7 @@ CODESTARTnewActInst if(pData->dynSrchIdx) ++iNumTpls; if(pData->dynSrchType) ++iNumTpls; if(pData->dynParent) ++iNumTpls; + if(pData->dynBulkId) ++iNumTpls; DBGPRINTF("omelasticsearch: requesting %d templates\n", iNumTpls); CODE_STD_STRING_REQUESTnewActInst(iNumTpls) @@ -803,11 +855,29 @@ CODESTARTnewActInst if(pData->dynParent) { CHKiRet(OMSRsetEntry(*ppOMSR, 3, ustrdup(pData->parent), OMSR_NO_RQD_TPL_OPTS)); + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 4, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } + } else { + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 3, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } } } else { if(pData->dynParent) { CHKiRet(OMSRsetEntry(*ppOMSR, 2, ustrdup(pData->parent), OMSR_NO_RQD_TPL_OPTS)); + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 3, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } + } else { + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 2, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } } } } else { @@ -817,12 +887,30 @@ CODESTARTnewActInst if(pData->dynParent) { CHKiRet(OMSRsetEntry(*ppOMSR, 2, ustrdup(pData->parent), OMSR_NO_RQD_TPL_OPTS)); + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 3, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } + } else { + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 2, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } } } else { if(pData->dynParent) { CHKiRet(OMSRsetEntry(*ppOMSR, 1, ustrdup(pData->parent), OMSR_NO_RQD_TPL_OPTS)); - } + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 2, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } + } else { + if(pData->dynBulkId) { + CHKiRet(OMSRsetEntry(*ppOMSR, 1, ustrdup(pData->bulkId), + OMSR_NO_RQD_TPL_OPTS)); + } + } } } diff --git a/plugins/omudpspoof/omudpspoof.c b/plugins/omudpspoof/omudpspoof.c index 9c4c80b..c80f0e5 100644 --- a/plugins/omudpspoof/omudpspoof.c +++ b/plugins/omudpspoof/omudpspoof.c @@ -435,8 +435,6 @@ UDPSend(instanceData *pData, uchar *pszSourcename, char *msg, size_t len) /* Write it to the wire. */ lsent = libnet_write(pData->libnet_handle); - dbgprintf("DDDD: omudpspoof stage 1 return state %d (expected %d), fd %d\n", lsent, - (int) (LIBNET_IPV4_H+LIBNET_UDP_H+pktLen), pData->libnet_handle->fd); if(lsent != (int) (LIBNET_IPV4_H+LIBNET_UDP_H+pktLen)) { /* note: access to fd is a libnet internal. If a newer version of libnet does * not expose that member, we should simply remove it. However, while it is there @@ -490,7 +488,6 @@ UDPSend(instanceData *pData, uchar *pszSourcename, char *msg, size_t len) } /* Write it to the wire. */ lsent = libnet_write(pData->libnet_handle); - dbgprintf("DDDD: omudpspoof stage 1 return state %d (expected %d)\n", lsent, (int) (LIBNET_IPV4_H+pktLen)); if(lsent != (int) (LIBNET_IPV4_H+pktLen)) { DBGPRINTF("omudpspoof: fragment write error len %d, sent %d: %s\n", LIBNET_IPV4_H+LIBNET_UDP_H+len, lsent, libnet_geterror(pData->libnet_handle)); diff --git a/runtime/Makefile.am b/runtime/Makefile.am index fd8dd3f..3015c3c 100644 --- a/runtime/Makefile.am +++ b/runtime/Makefile.am @@ -133,7 +133,7 @@ pkglib_LTLIBRARIES += lmnet.la lmnetstrms.la # lmnet_la_SOURCES = net.c net.h lmnet_la_CPPFLAGS = $(PTHREADS_CFLAGS) $(RSRT_CFLAGS) -lmnet_la_LDFLAGS = -module -avoid-version +lmnet_la_LDFLAGS = -module -avoid-version ../compat/compat_la-getifaddrs.lo lmnet_la_LIBADD = # network stream master class and stream factory diff --git a/runtime/Makefile.in b/runtime/Makefile.in index a5df967..37a75df 100644 --- a/runtime/Makefile.in +++ b/runtime/Makefile.in @@ -615,7 +615,7 @@ librsyslog_la_LIBADD = $(DL_LIBS) $(RT_LIBS) $(LIBGCRYPT_LIBS) $(LIBEE_LIBS) # @ENABLE_INET_TRUE@lmnet_la_SOURCES = net.c net.h @ENABLE_INET_TRUE@lmnet_la_CPPFLAGS = $(PTHREADS_CFLAGS) $(RSRT_CFLAGS) -@ENABLE_INET_TRUE@lmnet_la_LDFLAGS = -module -avoid-version +@ENABLE_INET_TRUE@lmnet_la_LDFLAGS = -module -avoid-version ../compat/compat_la-getifaddrs.lo @ENABLE_INET_TRUE@lmnet_la_LIBADD = # network stream master class and stream factory diff --git a/runtime/libgcry.c b/runtime/libgcry.c index e57ee8b..51c10af 100644 --- a/runtime/libgcry.c +++ b/runtime/libgcry.c @@ -238,7 +238,7 @@ addPadding(gcryfile pF, uchar *buf, size_t *plen) unsigned i; size_t nPad; nPad = (pF->blkLength - *plen % pF->blkLength) % pF->blkLength; - dbgprintf("DDDD: addPadding %d chars, blkLength %d, mod %d, pad %d\n", + DBGPRINTF("libgcry: addPadding %d chars, blkLength %d, mod %d, pad %d\n", *plen, pF->blkLength, *plen % pF->blkLength, nPad); for(i = 0 ; i < nPad ; ++i) buf[(*plen)+i] = 0x00; diff --git a/runtime/libgcry.h b/runtime/libgcry.h index 5dde157..b77b0f9 100644 --- a/runtime/libgcry.h +++ b/runtime/libgcry.h @@ -20,7 +20,7 @@ */ #ifndef INCLUDED_LIBGCRY_H #define INCLUDED_LIBGCRY_H -#include <gt_base.h> +#include <stdint.h> struct gcryctx_s { @@ -93,7 +93,9 @@ rsgcryModename2Mode(char *modename) { if(!strcmp((char*)modename, "STREAM")) return GCRY_CIPHER_MODE_STREAM; if(!strcmp((char*)modename, "OFB")) return GCRY_CIPHER_MODE_OFB; if(!strcmp((char*)modename, "CTR")) return GCRY_CIPHER_MODE_CTR; +# ifdef GCRY_CIPHER_MODE_AESWRAP if(!strcmp((char*)modename, "AESWRAP")) return GCRY_CIPHER_MODE_AESWRAP; +# endif return GCRY_CIPHER_MODE_NONE; } #endif /* #ifndef INCLUDED_LIBGCRY_H */ diff --git a/runtime/librsgt.c b/runtime/librsgt.c index afafe2f..ae0b0df 100644 --- a/runtime/librsgt.c +++ b/runtime/librsgt.c @@ -148,6 +148,7 @@ rsgtfileConstruct(gtctx ctx) goto done; gf->ctx = ctx; gf->hashAlg = ctx->hashAlg; + gf->blockSizeLimit = ctx->blockSizeLimit; gf->bKeepRecordHashes = ctx->bKeepRecordHashes; gf->bKeepTreeHashes = ctx->bKeepTreeHashes; gf->x_prev = NULL; @@ -775,7 +776,7 @@ done: static int timestampIt(gtfile gf, GTDataHash *hash) { - unsigned char *der; + unsigned char *der = NULL; size_t lenDer; int r = GT_OK; int ret = 0; diff --git a/runtime/lmcry_gcry.c b/runtime/lmcry_gcry.c index 2e4cfff..0a9b94b 100644 --- a/runtime/lmcry_gcry.c +++ b/runtime/lmcry_gcry.c @@ -69,7 +69,6 @@ errfunc(__attribute__((unused)) void *usrptr, uchar *emsg) /* Standard-Constructor */ BEGINobjConstruct(lmcry_gcry) - dbgprintf("DDDD: lmcry_gcry: called construct\n"); pThis->ctx = gcryCtxNew(); ENDobjConstruct(lmcry_gcry) @@ -77,7 +76,6 @@ ENDobjConstruct(lmcry_gcry) /* destructor for the lmcry_gcry object */ BEGINobjDestruct(lmcry_gcry) /* be sure to specify the object type also in END and CODESTART macros! */ CODESTARTobjDestruct(lmcry_gcry) - dbgprintf("DDDD: lmcry_gcry: called destruct\n"); rsgcryCtxDel(pThis->ctx); ENDobjDestruct(lmcry_gcry) @@ -198,7 +196,6 @@ OnFileOpen(void *pT, uchar *fn, void *pGF) lmcry_gcry_t *pThis = (lmcry_gcry_t*) pT; gcryfile *pgf = (gcryfile*) pGF; DEFiRet; -dbgprintf("DDDD: cry: onFileOpen: %s\n", fn); CHKiRet(rsgcryInitCrypt(pThis->ctx, pgf, fn)); finalize_it: @@ -213,7 +210,6 @@ static rsRetVal Encrypt(void *pF, uchar *rec, size_t *lenRec) { DEFiRet; -dbgprintf("DDDD: Encrypt (%u): %s\n", *lenRec-1, rec); iRet = rsgcryEncrypt(pF, rec, lenRec); RETiRet; @@ -223,7 +219,6 @@ static rsRetVal OnFileClose(void *pF, off64_t offsLogfile) { DEFiRet; -dbgprintf("DDDD: onFileClose\n"); gcryfileDestruct(pF, offsLogfile); RETiRet; diff --git a/runtime/lmsig_gt.c b/runtime/lmsig_gt.c index 0969129..e9194c7 100644 --- a/runtime/lmsig_gt.c +++ b/runtime/lmsig_gt.c @@ -66,7 +66,6 @@ errfunc(__attribute__((unused)) void *usrptr, uchar *emsg) /* Standard-Constructor */ BEGINobjConstruct(lmsig_gt) - dbgprintf("DDDD: lmsig_gt: called construct\n"); pThis->ctx = rsgtCtxNew(); rsgtsetErrFunc(pThis->ctx, errfunc, NULL); ENDobjConstruct(lmsig_gt) @@ -75,7 +74,6 @@ ENDobjConstruct(lmsig_gt) /* destructor for the lmsig_gt object */ BEGINobjDestruct(lmsig_gt) /* be sure to specify the object type also in END and CODESTART macros! */ CODESTARTobjDestruct(lmsig_gt) - dbgprintf("DDDD: lmsig_gt: called destruct\n"); rsgtCtxDel(pThis->ctx); ENDobjDestruct(lmsig_gt) @@ -133,7 +131,7 @@ OnFileOpen(void *pT, uchar *fn, void *pGF) lmsig_gt_t *pThis = (lmsig_gt_t*) pT; gtfile *pgf = (gtfile*) pGF; DEFiRet; -dbgprintf("DDDD: onFileOpen: %s\n", fn); + DBGPRINTF("lmsig_gt: onFileOpen: %s\n", fn); /* note: if *pgf is set to NULL, this auto-disables GT functions */ *pgf = rsgtCtxOpenFile(pThis->ctx, fn); sigblkInit(*pgf); @@ -152,7 +150,7 @@ static rsRetVal OnRecordWrite(void *pF, uchar *rec, rs_size_t lenRec) { DEFiRet; -dbgprintf("DDDD: onRecordWrite (%d): %s\n", lenRec-1, rec); + DBGPRINTF("lmsig_gt: onRecordWrite (%d): %s\n", lenRec-1, rec); sigblkAddRecord(pF, rec, lenRec-1); RETiRet; @@ -162,7 +160,7 @@ static rsRetVal OnFileClose(void *pF) { DEFiRet; -dbgprintf("DDDD: onFileClose\n"); + DBGPRINTF("lmsig_gt: onFileClose\n"); rsgtfileDestruct(pF); RETiRet; diff --git a/runtime/queue.c b/runtime/queue.c index 74090a4..600b568 100644 --- a/runtime/queue.c +++ b/runtime/queue.c @@ -1150,7 +1150,6 @@ tryShutdownWorkersWithinActionTimeout(qqueue_t *pThis) DBGOPRINT((obj_t*) pThis, "trying to shutdown workers within Action Timeout"); DBGOPRINT((obj_t*) pThis, "setting EnqOnly mode\n"); pThis->bEnqOnly = 1; -dbgprintf("DDDD: setting shutdownImmediate mode, ptr %p!\n", &pThis->bShutdownImmediate); pThis->bShutdownImmediate = 1; /* now DA queue */ if(pThis->bIsDA) { @@ -1856,7 +1855,6 @@ ConsumerReg(qqueue_t *pThis, wti_t *pWti) pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &iCancelStateSave); -dbgprintf("DDDD: calling consumer with shutdownImmeditate ptr %p\n", &pThis->bShutdownImmediate); CHKiRet(pThis->pConsumer(pThis->pAction, &pWti->batch, &pThis->bShutdownImmediate)); /* we now need to check if we should deliberately delay processing a bit diff --git a/runtime/rsyslog.h b/runtime/rsyslog.h index 9fdf2b0..a901d2e 100644 --- a/runtime/rsyslog.h +++ b/runtime/rsyslog.h @@ -61,9 +61,9 @@ * rgerhards, 2006-11-30 */ -#define CONF_OMOD_NUMSTRINGS_MAXSIZE 3 /* cache for pointers to output module buffer pointers. All - * rsyslog-provided plugins do NOT need more than three buffers. If - * more are needed (future developments, third-parties), rsyslog +#define CONF_OMOD_NUMSTRINGS_MAXSIZE 5 /* cache for pointers to output module buffer pointers. All + * rsyslog-provided plugins do NOT need more than five buffers. If + * more are needed (future developments, third-parties), rsyslog * must be recompiled with a larger parameter. Hardcoding this * saves us some overhead, both in runtime in code complexity. As * it is doubtful if ever more than 3 parameters are needed, the @@ -91,7 +91,7 @@ /* the rsyslog core provides information about present feature to plugins - * asking it. Below are feature-test macros which must be used to query + * asking it. Below are feature-test macros which must be used to query * features. Note that this must be powers of two, so that multiple queries * can be combined. -- rgerhards, 2009-04-27 */ @@ -153,7 +153,7 @@ typedef uintTiny propid_t; */ enum rsRetVal_ /** return value. All methods return this if not specified otherwise */ { - /* the first two define are for errmsg.logError(), so that we can use the rsRetVal + /* the first two define are for errmsg.logError(), so that we can use the rsRetVal * as an rsyslog error code. -- rgerhards, 20080-06-27 */ RS_RET_NO_ERRCODE = -1, /**< RESERVED for NO_ERRCODE errmsg.logError status name */ @@ -448,7 +448,7 @@ enum rsRetVal_ /** return value. All methods return this if not specified oth /** Object ID. These are for internal checking. Each * object is assigned a specific ID. This is contained in - * all Object structs (just like C++ RTTI). We can use + * all Object structs (just like C++ RTTI). We can use * this field to see if we have been passed a correct ID. * Other than that, there is currently no other use for * the object id. @@ -480,7 +480,7 @@ typedef enum rsObjectID rsObjID; #endif /** - * This macro should be used to free objects. + * This macro should be used to free objects. * It aids in interpreting dumps during debugging. */ #ifdef NDEBUG @@ -547,7 +547,7 @@ rsRetVal rsrtSetErrLogger(rsRetVal (*errLogger)(int, uchar*)); /* TODO: remove this -- this is only for transition of the config system */ extern rsconf_t *ourConf; /* defined by syslogd.c, a hack for functions that do not - yet receive a copy, so that we can incrementially + yet receive a copy, so that we can incrementially compile and change... -- rgerhars, 2011-04-19 */ #endif /* multi-include protection */ diff --git a/runtime/stream.c b/runtime/stream.c index b0df841..b781324 100644 --- a/runtime/stream.c +++ b/runtime/stream.c @@ -255,7 +255,6 @@ doPhysOpen(strm_t *pThis) pThis->bIsTTY = 0; } -dbgprintf("DDDD: cryprov %p\n", pThis->cryprov); if(pThis->cryprov != NULL) { CHKiRet(pThis->cryprov->OnFileOpen(pThis->cryprovData, pThis->pszCurrFName, &pThis->cryprovFileData)); @@ -1218,11 +1217,9 @@ strmPhysWrite(strm_t *pThis, uchar *pBuf, size_t lenBuf) CHKiRet(strmOpenFile(pThis)); /* here we place our crypto interface */ -dbgprintf("DDDD: doing crypto, len %d\n", lenBuf); if(pThis->cryprov != NULL) { pThis->cryprov->Encrypt(pThis->cryprovFileData, pBuf, &lenBuf); } -dbgprintf("DDDD: done crypto, len %d\n", lenBuf); /* end crypto */ iWritten = lenBuf; diff --git a/tools/Makefile.am b/tools/Makefile.am index 938782f..c600d6d 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -46,6 +46,7 @@ rsyslogd_LDFLAGS = -export-dynamic `libgcrypt-config --libs` EXTRA_DIST = $(man_MANS) \ rsgtutil.rst \ + rscryutil.rst \ recover_qi.pl if ENABLE_DIAGTOOLS diff --git a/tools/Makefile.in b/tools/Makefile.in index 123efcf..bb7cb0f 100644 --- a/tools/Makefile.in +++ b/tools/Makefile.in @@ -438,8 +438,8 @@ rsyslogd_CPPFLAGS = $(PTHREADS_CFLAGS) $(RSRT_CFLAGS) rsyslogd_LDADD = ../grammar/libgrammar.la ../runtime/librsyslog.la $(ZLIB_LIBS) $(PTHREADS_LIBS) $(RSRT_LIBS) $(SOL_LIBS) $(LIBEE_LIBS) $(LIBLOGNORM_LIBS) $(LIBUUID_LIBS) rsyslogd_LDFLAGS = -export-dynamic `libgcrypt-config --libs` #rsyslogd_LDFLAGS = -export-dynamic $(LIBGCRYPT_LIBS) -EXTRA_DIST = $(man_MANS) rsgtutil.rst recover_qi.pl $(am__append_4) \ - $(am__append_6) +EXTRA_DIST = $(man_MANS) rsgtutil.rst rscryutil.rst recover_qi.pl \ + $(am__append_4) $(am__append_6) @ENABLE_DIAGTOOLS_TRUE@rsyslog_diag_hostname_SOURCES = gethostn.c @ENABLE_DIAGTOOLS_TRUE@zpipe_SOURCES = zpipe.c @ENABLE_DIAGTOOLS_TRUE@zpipe_LDADD = -lz diff --git a/tools/rscryutil.rst b/tools/rscryutil.rst new file mode 100644 index 0000000..dfd447d --- /dev/null +++ b/tools/rscryutil.rst @@ -0,0 +1,199 @@ +========= +rscryutil +========= + +-------------------------- +Manage Encrypted Log Files +-------------------------- + +:Author: Rainer Gerhards <rgerhards@adiscon.com> +:Date: 2013-04-15 +:Manual section: 1 + +SYNOPSIS +======== + +:: + + rscryutil [OPTIONS] [FILE] ... + + +DESCRIPTION +=========== + +This tool performs various operations on encrypted log files. +Most importantly, it provides the ability to decrypt them. + + +OPTIONS +======= + +-d, --decrypt + Select decryption mode. This is the default mode. + +-W, --write-keyfile <file> + Utility function to write a key to a keyfile. The key can be obtained + via any method. + +-v, --verbose + Select verbose mode. + +-f, --force + Forces operations that otherwise would fail. + +-k, --keyfile <file> + Reads the key from <file>. File _must_ contain the key, only, no headers + or other meta information. Keyfiles can be generated via the + *--write-keyfile* option. + +-p, --key-program <path-to-program> + In this mode, the key is provided by a so-called "key program". This program + is executed and must return the key to (as well as some meta information) + via stdout. The core idea of key programs is that using this interface the + user can implement as complex (and secure) method to obtain keys as + desired, all without the need to make modifications to rsyslog. + +-K, --key <KEY> + TESTING AID, NOT FOR PRODUCTION USE. This uses the KEY specified + on the command line. This is the actual key, and as such this mode + is highly insecure. However, it can be useful for intial testing + steps. This option may be removed in the future. + +-a, --algo <algo> + Sets the encryption algorightm (cipher) to be used. See below + for supported algorithms. The default is "AES128". + +-m, --mode <mode> + Sets the ciphermode to be used. See below for supported modes. + The default is "CBC". + +-r, --generate-random-key <bytes> + Generates a random key of length <bytes>. This option is + meant to be used together with *--write-keyfile* (and it is hard + to envision any other valid use for it). + +OPERATION MODES +=============== + +The operation mode specifies what exactly the tool does with the provided +files. The default operation mode is "dump", but this may change in the future. +Thus, it is recommended to always set the operations mode explicitely. If +multiple operations mode are set on the command line, results are +unpredictable. + +decrypt +------- + +The provided log files are decrypted. Note that the *.encinfo* side files +must exist and be accessible in order for decryption to to work. + +write-keyfile +------------- + +In this mode no log files are processed; thus it is an error to specify +any on the command line. The specified keyfile is written. The key itself +is obtained via the usual key commands. If *--keyfile* is used, that +file is effectively copied. + +For security reasons, existing key files are _not_ overwritten. To permit +this, specify the *--force* option. When doing so, keep in mind that lost +keys cannot be recovered and data encrypted with them may also be considered +lost. + +Keyfiles are always created with 0400 permission, that is read access for only +the user. An exception is when an existing file is overwritten via the +*--force* option, in which case the former permissions still apply. + +EXIT CODES +========== + +The command returns an exit code of 0 if everything went fine, and some +other code in case of failures. + + +SUPPORTED ALGORITHMS +==================== + +We basically support what libgcrypt supports. This is: + + 3DES + CAST5 + BLOWFISH + AES128 + AES192 + AES256 + TWOFISH + TWOFISH128 + ARCFOUR + DES + SERPENT128 + SERPENT192 + SERPENT256 + RFC2268_40 + SEED + CAMELLIA128 + CAMELLIA192 + CAMELLIA256 + + +SUPPORTED CIPHER MODES +====================== + +We basically support what libgcrypt supports. This is: + + ECB + CFB + CBC + STREAM + OFB + CTR + AESWRAP + +EXAMPLES +======== + +**rscryutil logfile** + +Decrypts "logfile" and sends data to stdout. + + +**rscryutil --generate-random-key 16 --keyfile /some/secured/path/keyfile** + +Generates random key and stores it in the specified keyfile. + +LOG SIGNATURES +============== + +Encrypted log files can be used together with signing. To verify such a file, +it must be decrypted first, and the verification tool **rsgtutil(1)** must be +run on the decrypted file. + +SECURITY CONSIDERATIONS +======================= + +Specifying keys directly on the command line (*--key* option) is very +insecure and should +not be done, except for testing purposes with test keys. Even then it is +recommended to use keyfiles, which are also easy to handle during testing. +Keep in mind that command history is usally be kept by bash and can also +easily be monitored. + +Local keyfiles are also a security risk. At a minimum, they should be +used with very restrictive file permissions. For this reason, +the *rscryutil* tool creates them with read permissions for the user, +only, no matter what umask is set to. + +When selecting cipher algorithms and modes, care needs to be taken. The +defaults should be reasonable safe to use, but this tends to change over +time. Keep up with the most current crypto recommendations. + + +SEE ALSO +======== +**rsgtutil(1)**, **rsyslogd(8)** + +COPYRIGHT +========= + +This page is part of the *rsyslog* project, and is available under +LGPLv2. diff --git a/tools/syslogd.c b/tools/syslogd.c index 77adb2c..1b38bf9 100644 --- a/tools/syslogd.c +++ b/tools/syslogd.c @@ -567,7 +567,6 @@ msgConsumer(void __attribute__((unused)) *notNeeded, batch_t *pBatch, int *pbShu assert(pBatch != NULL); pBatch->pbShutdownImmediate = pbShutdownImmediate; /* TODO: move this to batch creation! */ preprocessBatch(pBatch); -dbgprintf("DDDD: batches ShutdownImmediate is %p\n", pBatch->pbShutdownImmediate); ruleset.ProcessBatch(pBatch); //TODO: the BATCH_STATE_COMM must be set somewhere down the road, but we //do not have this yet and so we emulate -- 2010-06-10 @@ -1531,7 +1530,7 @@ queryLocalHostname(void) glbl.SetLocalDomain(LocalDomain); if ( strlen((char*)LocalDomain) ) { - CHKmalloc(LocalFQDNName = (uchar*)malloc(strlen((char*)LocalDomain)+strlen((char*)LocalHostName)+1)); + CHKmalloc(LocalFQDNName = (uchar*)malloc(strlen((char*)LocalDomain)+strlen((char*)LocalHostName)+2));/* one for dot, one for NUL! */ if ( sprintf((char*)LocalFQDNName,"%s.%s",(char*)LocalHostName,(char*)LocalDomain) ) glbl.SetLocalFQDNName(LocalFQDNName); } |