--- klogd.c.orig 2006-09-02 08:23:38.000000000 -0700 +++ klogd.c 2006-09-02 08:23:54.000000000 -0700 @@ -243,6 +243,9 @@ * people have submitted patches: Troels Walsted Hansen * , Wolfgang Oertl * and Thomas Roessler. + * Thu Apr 29 15:24:07 2004: Solar Designer + * Prevent potential buffer overflow in reading messages from the + * kernel log rinbuffer. */ @@ -944,7 +947,7 @@ * messages into this fresh buffer. */ memset(log_buffer, '\0', sizeof(log_buffer)); - if ( (rdcnt = ksyslog(2, log_buffer, sizeof(log_buffer))) < 0 ) + if ( (rdcnt = ksyslog(2, log_buffer, sizeof(log_buffer)-1)) < 0 ) { if ( errno == EINTR ) return; --- CHANGES.orig 2001-03-11 11:35:51.000000000 -0800 +++ CHANGES 2006-09-02 08:23:54.000000000 -0700 @@ -1,3 +1,42 @@ +Version 1.4.2 + + . Dmitry V. Levin + - Close file descriptor in FindSymbolFile() in ksym.c in order not to + leak file descriptors. + . Solar Designer + - improve crunch_list() + - Prevent potential buffer overflow in reading messages from the + kernel log ringbuffer. + - Ensure that "len" is not placed in a register, and that the + endtty() signal handler is not installed too early which could + cause a segmentation fault or worse. + . Steve Grubb + - fix memory calculation in crunch_list() + . Martin Schulze + - klogd will reconnect to the logger (mostly syslogd) after it went + away + - On heavily loaded system syslog will not spit out error messages + anymore when recvfrom() results in EAGAIN + - Makefile improvements + - Local copy of module.h + - Improved sysklogd.8 + - Always log with syslogd's timezone and locale + - Remove trailing newline when forwarding messages + . Jon Burgess + - Moved the installation of the signal handler up a little bit so it + guaranteed to be available when the child is forked, hence, fixing a + race condition. This used to create problems with UML and fast + machines. + . Greg Trounson + - Improved README.linux + . Ulf Härnhammar + - Bondary check for fscanf() in InitKsyms() and CheckMapVersion() + . Colin Phipps + - Don't block on the network socket in case of package los + . Dirk Mueller + - Don't crash when filesize limit is reached (e.g. without LFS) + + Version 1.4.1 . klogd will set the console log level only if `-c' is given on the --- ksym.c.orig 2000-09-12 14:53:31.000000000 -0700 +++ ksym.c 2006-09-02 08:23:54.000000000 -0700 @@ -105,6 +105,15 @@ * * Tue Sep 12 23:48:12 CEST 2000: Martin Schulze * Close symbol file in InitKsyms() when an error occurred. + * + * Thu Apr 29 18:07:16 CEST 2004: Dmitry Levin + * Close file descriptor in FindSymbolFile() in order not to leak + * file descriptors. + * + * Fri Jul 16 08:32:49 CEST 2004: Ulf Härnhammar + * Added boundary check for fscanf() in InitKsyms() and + * CheckMapVersion() to prevent an unintended crash when reading + * an incorrect System.map. */ @@ -236,7 +245,7 @@ */ while ( !feof(sym_file) ) { - if ( fscanf(sym_file, "%lx %c %s\n", &address, &type, sym) + if ( fscanf(sym_file, "%lx %c %511s\n", &address, &type, sym) != 3 ) { Syslog(LOG_ERR, "Error in symbol table input (#1)."); @@ -344,6 +353,7 @@ if ( (sym_file = fopen(symfile, "r")) != (FILE *) 0 ) { if (CheckMapVersion(symfile) == 1) file = symfile; + fclose (sym_file); } if (sym_file == (FILE *) 0 || file == (char *) 0) { sprintf (symfile, "%s", *mf); @@ -352,6 +362,7 @@ if ( (sym_file = fopen(symfile, "r")) != (FILE *) 0 ) { if (CheckMapVersion(symfile) == 1) file = symfile; + fclose (sym_file); } } @@ -533,7 +544,7 @@ version = 0; while ( !feof(sym_file) && (version == 0) ) { - if ( fscanf(sym_file, "%lx %c %s\n", &address, \ + if ( fscanf(sym_file, "%lx %c %511s\n", &address, \ &type, sym) != 3 ) { Syslog(LOG_ERR, "Error in symbol table input (#2)."); @@ -899,3 +910,11 @@ return; } #endif + +/* + * Local variables: + * c-indent-level: 8 + * c-basic-offset: 8 + * tab-width: 8 + * End: + */ --- Makefile.orig 1998-10-12 13:25:15.000000000 -0700 +++ Makefile 2006-09-02 08:23:54.000000000 -0700 @@ -4,12 +4,15 @@ #CFLAGS= -g -DSYSV -Wall #LDFLAGS= -g CFLAGS= $(RPM_OPT_FLAGS) -O3 -DSYSV -fomit-frame-pointer -Wall -fno-strength-reduce +# -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE LDFLAGS= -s # Look where your install program is. -INSTALL = /usr/bin/install -BINDIR = /usr/sbin -MANDIR = /usr/man +INSTALL = install + +# Destination paths, set prefix=/opt if required +BINDIR = $(prefix)/usr/sbin +MANDIR = $(prefix)/usr/share/man # There is one report that under an all ELF system there may be a need to # explicilty link with libresolv.a. If linking syslogd fails you may wish @@ -34,8 +37,9 @@ # The following define establishes ownership for the man pages. # Avery tells me that there is a difference between Debian and # Slackware. Rather than choose sides I am leaving it up to the user. -MAN_OWNER = root -# MAN_OWNER = man +MAN_USER = root +MAN_GROUP = root +MAN_PERMS = 644 # The following define establishes the name of the pid file for the # syslogd daemon. The library include file (paths.h) defines the @@ -112,11 +116,13 @@ rm -f syslogd klogd ksym syslog_tst oops_test TAGS tsyslogd tklogd install_exec: syslogd klogd - ${INSTALL} -m 500 -s syslogd ${BINDIR}/syslogd - ${INSTALL} -m 500 -s klogd ${BINDIR}/klogd + ${INSTALL} -dv $(DESTDIR)${BINDIR} + ${INSTALL} -v -m 755 -s syslogd $(DESTDIR)${BINDIR}/syslogd + ${INSTALL} -v -m 755 -s klogd $(DESTDIR)${BINDIR}/klogd install_man: - ${INSTALL} -o ${MAN_OWNER} -g ${MAN_OWNER} -m 644 sysklogd.8 ${MANDIR}/man8/sysklogd.8 - ${INSTALL} -o ${MAN_OWNER} -g ${MAN_OWNER} -m 644 syslogd.8 ${MANDIR}/man8/syslogd.8 - ${INSTALL} -o ${MAN_OWNER} -g ${MAN_OWNER} -m 644 syslog.conf.5 ${MANDIR}/man5/syslog.conf.5 - ${INSTALL} -o ${MAN_OWNER} -g ${MAN_OWNER} -m 644 klogd.8 ${MANDIR}/man8/klogd.8 + ${INSTALL} -dv $(DESTDIR)$(MANDIR)/man5 $(DESTDIR)${MANDIR}/man8 + ${INSTALL} -v -m ${MAN_PERMS} sysklogd.8 $(DESTDIR)${MANDIR}/man8/sysklogd.8 + ${INSTALL} -v -m ${MAN_PERMS} syslogd.8 $(DESTDIR)${MANDIR}/man8/syslogd.8 + ${INSTALL} -v -m ${MAN_PERMS} syslog.conf.5 $(DESTDIR)${MANDIR}/man5/syslog.conf.5 + ${INSTALL} -v -m ${MAN_PERMS} klogd.8 $(DESTDIR)${MANDIR}/man8/klogd.8 --- module.h.orig 2006-09-02 08:23:54.000000000 -0700 +++ module.h 2006-09-02 08:23:54.000000000 -0700 @@ -0,0 +1,90 @@ +/* + module.h - Miscellaneous module definitions + Copyright (c) 1996 Richard Henderson + Copyright (c) 2004 Martin Schulze + + This file is part of the sysklogd package. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* ChangeLog: + * + * Wed Mar 31 17:35:01 CEST 2004: Martin Schulze + * Created local copy of module.h based on the content of Linux + * 2.2 since doesn't work anymore with its + * recent content from Linux 2.4/2.6. + */ + +#include + +#define MODULE_NAME_LEN 60 + +struct kernel_sym +{ + unsigned long value; + char name[MODULE_NAME_LEN]; +}; + + +struct list_head { + struct list_head *next, *prev; +}; + + +struct module_info +{ + unsigned long addr; + unsigned long size; + unsigned long flags; + long usecount; +}; + + +struct module +{ + unsigned long size_of_struct; /* == sizeof(module) */ + struct module *next; + const char *name; + unsigned long size; + + union + { + int usecount; + long pad; + } uc; /* Needs to keep its size - so says rth */ + + unsigned long flags; /* AUTOCLEAN et al */ + + unsigned nsyms; + unsigned ndeps; + + struct module_symbol *syms; + struct module_ref *deps; + struct module_ref *refs; + int (*init)(void); + void (*cleanup)(void); + const struct exception_table_entry *ex_table_start; + const struct exception_table_entry *ex_table_end; +#ifdef __alpha__ + unsigned long gp; +#endif + /* Members past this point are extensions to the basic + module support and are optional. Use mod_opt_member() + to examine them. */ + const struct module_persist *persist_start; + const struct module_persist *persist_end; + int (*can_unload)(void); +}; --- README.1st.orig 1997-06-02 10:21:39.000000000 -0700 +++ README.1st 2006-09-02 08:23:54.000000000 -0700 @@ -1,5 +1,5 @@ -Very important information before using version 1.3 ---------------------------------------------------- +Important information +--------------------- The included version of syslogd behaves in a slightly different manner to the one in former releases. Please review the following important @@ -63,3 +63,10 @@ these scripts should remove all old .pid files found in /var/run. This will insure that klogd and syslogd start properly even if prior executions have been terminated harshly. + +* Large file support, i.e. support to write to log files that are + larger than 2 GB is not part of syslogd, but a matter of the Glibc + emitting different system calls to the kernel interface. To support + large files you'll have to compile syslogd with the compiler defines + -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE so that glibc adjusts the + system calls. --- sysklogd.8.orig 2006-09-02 08:23:38.000000000 -0700 +++ sysklogd.8 2006-09-02 08:23:54.000000000 -0700 @@ -90,7 +90,7 @@ .B MAXFUNIX within the syslogd.c source file. An example for a chroot() daemon is described by the people from OpenBSD at -http://www.psionic.com/papers/dns.html. +. .TP .B "\-d" Turns on debug mode. Using this the daemon will not proceed a @@ -130,7 +130,8 @@ between two \fI-- MARK --\fR lines is 20 minutes. This can be changed with this option. Setting the .I interval -to zero turns it off entirely. +to zero turns it off entirely. Depending on other log messages +generated these lines may not be written consecutively. .TP .B "\-n" Avoid auto-backgrounding. This is needed especially if the @@ -390,8 +391,10 @@ To avoid this in further times no messages that were received from a remote host are sent out to another (or the same) remote host -anymore. If there are scenarios where this doesn't make sense, please -drop me (Joey) a line. +anymore. If you experience are setup in which this doesn't make +sense, please use the +.B \-h +commandline switch. If the remote host is located in the same domain as the host, .B syslogd --- syslog.c.orig 2001-03-11 11:35:51.000000000 -0800 +++ syslog.c 2006-09-02 08:23:54.000000000 -0700 @@ -47,6 +47,9 @@ * Sun Mar 11 20:23:44 CET 2001: Martin Schulze * Use SOCK_DGRAM for loggin, renables it to work. * + * Wed Aug 27 17:48:16 CEST 2003: Martin Schulze + * Improved patch by Michael Pomraning to + * reconnect klogd to the logger after it went away. */ #include @@ -98,6 +101,7 @@ register char *p; time_t now; int fd, saved_errno; + int result; char tbuf[2048], fmt_cpy[1024], *stdp = (char *) 0; saved_errno = errno; @@ -167,7 +171,16 @@ } /* output the message to the local logger */ - if (write(LogFile, tbuf, cnt + 1) >= 0 || !(LogStat&LOG_CONS)) + result = write(LogFile, tbuf, cnt + 1); + + if (result == -1 + && (errno == ECONNRESET || errno == ENOTCONN || errno == ECONNREFUSED)) { + closelog(); + openlog(LogTag, LogStat | LOG_NDELAY, LogFacility); + result = write(LogFile, tbuf, cnt + 1); + } + + if (result >= 0 || !(LogStat&LOG_CONS)) return; /* --- syslogd.c.orig 2006-09-02 08:23:54.000000000 -0700 +++ syslogd.c 2006-09-02 08:24:47.000000000 -0700 @@ -1250,6 +1250,44 @@ #endif #ifdef SYSLOG_INET +/* This is from a patch by Mikael Pettersson to + fix HAVE_SO_BSDCOMPAT issues with 2.5+ kernels and Erlang/OTP. + */ +#if defined(__linux__) +#include +static int should_use_so_bsdcompat() +{ + static int init_done; + static int so_bsdcompat_is_obsolete; + + if (!init_done) { + struct utsname utsname; + unsigned int version, patchlevel; + + init_done = 1; + if (uname(&utsname) < 0) { + fprintf(stderr, "uname: %s\r\n", strerror(errno)); + return 1; + } + /* Format is .. + where the first three are unsigned integers and the last + is an arbitrary string. We only care about the first two. */ + if (sscanf(utsname.release, "%u.%u", &version, &patchlevel) != 2) { + fprintf(stderr, "uname: unexpected release '%s'\r\n", + utsname.release); + return 1; + } + /* SO_BSCOMPAT is deprecated and triggers warnings in 2.5 + kernels. It is a no-op in 2.4 but not in 2.2 kernels. */ + if (version > 2 || (version == 2 && patchlevel >= 5)) + so_bsdcompat_is_obsolete = 1; + } + return !so_bsdcompat_is_obsolete; +} +#else /* __linux__ */ +#define should_use_so_bsdcompat() 1 +#endif /* __linux__ */ + static int create_inet_socket() { int fd, on = 1; @@ -1277,14 +1315,16 @@ close(fd); return -1; } - /* We need to enable BSD compatibility. Otherwise an attacker - * could flood our log files by sending us tons of ICMP errors. - */ - if (setsockopt(fd, SOL_SOCKET, SO_BSDCOMPAT, \ - (char *) &on, sizeof(on)) < 0) { - logerror("setsockopt(BSDCOMPAT), suspending inet"); - close(fd); - return -1; + if (should_use_so_bsdcompat()) { + /* We need to enable BSD compatibility. Otherwise an attacker + * could flood our log files by sending us tons of ICMP errors. + */ + if (setsockopt(fd, SOL_SOCKET, SO_BSDCOMPAT, \ + (char *) &on, sizeof(on)) < 0) { + logerror("setsockopt(BSDCOMPAT), suspending inet"); + close(fd); + return -1; + } } if (bind(fd, (struct sockaddr *) &sin, sizeof(sin)) < 0) { logerror("bind, suspending inet");