Lines 262-285
Link Here
|
262 |
|
262 |
|
263 |
/* |
263 |
/* |
264 |
* If the send() failed, there are two likely scenarios: |
264 |
* If the send() fails, there are two likely scenarios: |
265 |
* 1) syslogd was restarted |
265 |
* 1) syslogd was restarted |
266 |
* 2) /var/run/log is out of socket buffer space, which |
266 |
* 2) /var/run/log is out of socket buffer space, which |
267 |
* in most cases means local DoS. |
267 |
* in most cases means local DoS. |
268 |
* We attempt to reconnect to /var/run/log[priv] to take care of |
268 |
* If the error does not indicate a full buffer, we address |
269 |
* case #1 and keep send()ing data to cover case #2 |
269 |
* case #1 by attempting to reconnect to /var/run/log[priv] |
270 |
* to give syslogd a chance to empty its socket buffer. |
270 |
* and resending the message once. |
271 |
* |
271 |
* |
272 |
* If we are working with a priveleged socket, then take |
272 |
* If we are working with a privileged socket, the retry |
273 |
* only one attempt, because we don't want to freeze a |
273 |
* attempts end there, because we don't want to freeze a |
274 |
* critical application like su(1) or sshd(8). |
274 |
* critical application like su(1) or sshd(8). |
275 |
* |
275 |
* |
|
|
276 |
* Otherwise, we address case #2 by repeatedly retrying the |
277 |
* send() to give syslogd a chance to empty its socket buffer. |
278 |
* |
276 |
*/ |
279 |
*/ |
277 |
|
280 |
|
278 |
if (send(LogFile, tbuf, cnt, 0) < 0) { |
281 |
if (send(LogFile, tbuf, cnt, 0) < 0) { |
279 |
if (errno != ENOBUFS) { |
282 |
if (errno != ENOBUFS) { |
|
|
283 |
/* scenario 1: syslogd was restarted */ |
284 |
/* reconnect and resend once */ |
280 |
disconnectlog(); |
285 |
disconnectlog(); |
281 |
connectlog(); |
286 |
connectlog(); |
|
|
287 |
if (send(LogFile, tbuf, cnt, 0) >= 0) { |
288 |
THREAD_UNLOCK(); |
289 |
return; |
290 |
} |
291 |
/* if the resend failed, fall through to possible scenario 2 */ |
282 |
} |
292 |
} |
283 |
do { |
293 |
while (errno == ENOBUFS) { |
|
|
294 |
/* scenario 2: out of socket buffer space */ |
295 |
/* possible DoS, fail fast on a privileged socket */ |
284 |
if (status == CONNPRIV) |
296 |
if (status == CONNPRIV) |
285 |
break; |
297 |
break; |
Lines 289-293
Link Here
|
289 |
return; |
301 |
return; |
290 |
} |
302 |
} |
291 |
} while (errno == ENOBUFS); |
303 |
}; |
292 |
} else { |
304 |
} else { |
293 |
THREAD_UNLOCK(); |
305 |
THREAD_UNLOCK(); |