Hi,
Currently syslogd accepts network input only for either IPv4 or
IPv6. To overcome this limitation, allow to specify more than one
listen addresses.
As multiple TLS contexts need more thought, implement it only for
TCP and UDP sockets now.
ok?
bluhm
Index: usr.sbin/syslogd/syslogd.8
===
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.8,v
retrieving revision 1.52
diff -u -p -r1.52 syslogd.8
--- usr.sbin/syslogd/syslogd.8 17 Oct 2016 11:19:55 - 1.52
+++ usr.sbin/syslogd/syslogd.8 30 Dec 2016 23:48:23 -
@@ -174,6 +174,10 @@ This includes the year and the timezone,
in UTC.
.El
.Pp
+The options
+.Fl a , Fl T , Fl U
+can be given more than once to specify multiple input sources.
+.Pp
.Nm
reads its configuration file,
.Xr syslog.conf 5 ,
Index: usr.sbin/syslogd/syslogd.c
===
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.226
diff -u -p -r1.226 syslogd.c
--- usr.sbin/syslogd/syslogd.c 30 Dec 2016 23:21:26 - 1.226
+++ usr.sbin/syslogd/syslogd.c 30 Dec 2016 23:33:40 -
@@ -214,13 +214,6 @@ intNoDNS = 0; /* when true, refrain fr
intZuluTime = 0; /* display date and time in UTC ISO format */
intIncludeHostname = 0;/* include RFC 3164 hostnames when forwarding */
intFamily = PF_UNSPEC; /* protocol family, may disable IPv4 or IPv6 */
-char *bind_host = NULL; /* bind UDP receive socket */
-char *bind_port = NULL;
-char *listen_host = NULL;/* listen on TCP receive socket */
-char *listen_port = NULL;
-char *tls_hostport = NULL; /* listen on TLS receive socket */
-char *tls_host = NULL;
-char *tls_port = NULL;
char *path_ctlsock = NULL; /* Path to control socket */
struct tls *server_ctx;
@@ -340,6 +333,7 @@ voidusage(void);
void wallmsg(struct filed *, struct iovec *);
intloghost_parse(char *, char **, char **, char **);
intgetmsgbufsize(void);
+void address_alloc(const char *, const char *, char ***, char ***, int *);
intsocket_bind(const char *, const char *, const char *, int,
int *, int *);
intunix_socket(char *, int, mode_t);
@@ -359,8 +353,10 @@ main(int argc, char *argv[])
char*p;
int ch, i;
int lockpipe[2] = { -1, -1}, pair[2], nullfd, fd;
- int fd_ctlsock, fd_klog, fd_sendsys, fd_bind, fd_listen;
- int *fd_unix;
+ int fd_ctlsock, fd_klog, fd_sendsys, *fd_bind, *fd_listen;
+ int *fd_unix, nbind, nlisten;
+ char**bind_host, **bind_port, **listen_host, **listen_port;
+ char*tls_hostport, *tls_host, *tls_port;
/* block signal until handler is set up */
sigemptyset();
@@ -373,6 +369,10 @@ main(int argc, char *argv[])
path_unix[0] = _PATH_LOG;
nunix = 1;
+ bind_host = bind_port = listen_host = listen_port = NULL;
+ tls_hostport = tls_host = NULL;
+ nbind = nlisten = 0;
+
while ((ch = getopt(argc, argv, "46a:C:c:dFf:hK:k:m:nP:p:S:s:T:U:uVZ"))
!= -1)
switch (ch) {
@@ -385,7 +385,7 @@ main(int argc, char *argv[])
case 'a':
if ((path_unix = reallocarray(path_unix, nunix + 1,
sizeof(*path_unix))) == NULL)
- err(1, "malloc %s", optarg);
+ err(1, "unix path %s", optarg);
path_unix[nunix++] = optarg;
break;
case 'C': /* file containing CA certificates */
@@ -440,18 +440,12 @@ main(int argc, char *argv[])
path_ctlsock = optarg;
break;
case 'T': /* allow tcp and listen on address */
- if ((p = strdup(optarg)) == NULL)
- err(1, "strdup listen address");
- if (loghost_parse(p, NULL, _host, _port)
- == -1)
- errx(1, "bad listen address: %s", optarg);
+ address_alloc("listen", optarg, _host,
+ _port, );
break;
case 'U': /* allow udp only from address */
- if ((p = strdup(optarg)) == NULL)
- err(1, "strdup bind address");
- if (loghost_parse(p, NULL, _host, _port)
- == -1)
- errx(1, "bad bind address: %s", optarg);
+ address_alloc("bind", optarg, _host, _port,
+ );
break;
case 'u': /* allow