summaryrefslogtreecommitdiff
path: root/plugins/imuxsock/imuxsock.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/imuxsock/imuxsock.c')
-rw-r--r--plugins/imuxsock/imuxsock.c22
1 files changed, 17 insertions, 5 deletions
diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
index 41bff4f..0eee112 100644
--- a/plugins/imuxsock/imuxsock.c
+++ b/plugins/imuxsock/imuxsock.c
@@ -66,6 +66,10 @@ MODULE_TYPE_INPUT
#endif
#endif
+/* emulate struct ucred for platforms that do not have it */
+#ifndef HAVE_SCM_CREDENTIALS
+struct ucred { int pid; };
+#endif
/* handle some defines missing on more than one platform */
#ifndef SUN_LEN
@@ -279,7 +283,7 @@ addLstnSocketName(void __attribute__((unused)) *pVal, uchar *pNewVal)
}
CHKiRet(prop.ConstructFinalize(listeners[nfd].hostName));
if(ratelimitInterval > 0) {
- if((listeners[nfd].ht = create_hashtable(1000, hash_from_key_fn, key_equals_fn, NULL)) == NULL) {
+ if((listeners[nfd].ht = create_hashtable(100, hash_from_key_fn, key_equals_fn, NULL)) == NULL) {
/* in this case, we simply turn of rate-limiting */
dbgprintf("imuxsock: turning off rate limiting because we could not "
"create hash table\n");
@@ -406,6 +410,7 @@ openLogSocket(lstn_t *pLstn)
CHKiRet(createLogSocket(pLstn));
}
+# if HAVE_SCM_CREDENTIALS
if(pLstn->bUseCreds) {
one = 1;
if(setsockopt(pLstn->fd, SOL_SOCKET, SO_PASSCRED, &one, (socklen_t) sizeof(one)) != 0) {
@@ -417,6 +422,9 @@ openLogSocket(lstn_t *pLstn)
pLstn->bUseCreds = 0;
}
}
+# else /* HAVE_SCM_CREDENTIALS */
+ pLstn->bUseCreds = 0;
+# endif /* HAVE_SCM_CREDENTIALS */
finalize_it:
if(iRet != RS_RET_OK) {
@@ -513,7 +521,7 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred)
rs_ratelimit_state_t *ratelimiter = NULL;
DEFiRet;
-// TODO: handle format errors??
+ /* TODO: handle format errors?? */
/* we need to parse the pri first, because we need the severity for
* rate-limiting as well.
*/
@@ -530,8 +538,10 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred)
facil = LOG_FAC(pri);
sever = LOG_PRI(pri);
- if(sever >= pLstn->ratelimitSev)
+ if(sever >= pLstn->ratelimitSev) {
+ /* note: if cred == NULL, then ratelimiter == NULL as well! */
findRatelimiter(pLstn, cred, &ratelimiter); /* ignore error, better so than others... */
+ }
datetime.getCurrTime(&st, &tt);
if(ratelimiter != NULL && !withinRatelimit(ratelimiter, tt, cred->pid)) {
@@ -637,6 +647,7 @@ static rsRetVal readSocket(lstn_t *pLstn)
dbgprintf("Message from UNIX socket: #%d\n", pLstn->fd);
if(iRcvd > 0) {
cred = NULL;
+# if HAVE_SCM_CREDENTIALS
if(pLstn->bUseCreds) {
dbgprintf("XXX: pre CM loop, length of control message %d\n", (int) msgh.msg_controllen);
for (cm = CMSG_FIRSTHDR(&msgh); cm; cm = CMSG_NXTHDR(&msgh, cm)) {
@@ -644,11 +655,12 @@ static rsRetVal readSocket(lstn_t *pLstn)
if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_CREDENTIALS) {
cred = (struct ucred*) CMSG_DATA(cm);
dbgprintf("XXX: got credentials pid %d\n", (int) cred->pid);
- //break;
+ break;
}
}
dbgprintf("XXX: post CM loop\n");
}
+# endif /* HAVE_SCM_CREDENTIALS */
CHKiRet(SubmitMsg(pRcv, iRcvd, pLstn, cred));
} else if(iRcvd < 0 && errno != EINTR) {
char errStr[1024];
@@ -749,7 +761,7 @@ CODESTARTwillRun
if(pLogSockName != NULL)
listeners[0].sockName = pLogSockName;
if(ratelimitIntervalSysSock > 0) {
- if((listeners[0].ht = create_hashtable(1000, hash_from_key_fn, key_equals_fn, NULL)) == NULL) {
+ if((listeners[0].ht = create_hashtable(100, hash_from_key_fn, key_equals_fn, NULL)) == NULL) {
/* in this case, we simply turn of rate-limiting */
dbgprintf("imuxsock: turning off rate limiting because we could not "
"create hash table\n");