1/*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1983, 1993
5 *	The Regents of the University of California.  All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 *    may be used to endorse or promote products derived from this software
17 *    without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32#include <sys/capsicum.h>
33#include <sys/param.h>
34#include <sys/socket.h>
35#include <netinet/in.h>
36
37#include <capsicum_helpers.h>
38#include <ctype.h>
39#include <err.h>
40#include <netdb.h>
41#include <stdio.h>
42#include <stdlib.h>
43#include <string.h>
44#include <time.h>
45#include <unistd.h>
46
47#include <libcasper.h>
48#include <casper/cap_syslog.h>
49
50#define	SYSLOG_NAMES
51#include <syslog.h>
52
53#define	sstosa(ss)	((struct sockaddr *)(void *)ss)
54
55struct socks {
56	int sk_sock;
57	int sk_addrlen;
58	struct sockaddr_storage sk_addr;
59};
60
61static int	decode(char *, const CODE *);
62static int	pencode(char *);
63static ssize_t	socksetup(const char *, const char *, const char *,
64		    struct socks **);
65static void	logmessage(int, const char *, const char *, const char *,
66		    struct socks *, ssize_t, const char *);
67static void	usage(void);
68
69static cap_channel_t *capsyslog;
70#ifdef INET6
71static int family = PF_UNSPEC;	/* protocol family (IPv4, IPv6 or both) */
72#else
73static int family = PF_INET;	/* protocol family (IPv4 only) */
74#endif
75static int send_to_all = 0;	/* send message to all IPv4/IPv6 addresses */
76
77/*
78 * logger -- read and log utility
79 *
80 *	Reads from an input and arranges to write the result on the system
81 *	log.
82 */
83int
84main(int argc, char *argv[])
85{
86	cap_channel_t *capcas;
87	struct socks *socks;
88	ssize_t nsock;
89	time_t now;
90	int ch, logflags, pri;
91	char *tag, *host, buf[1024], *timestamp, tbuf[26],
92	    *hostname, hbuf[MAXHOSTNAMELEN], *pristr;
93	const char *svcname, *src;
94
95	tag = NULL;
96	host = NULL;
97	hostname = NULL;
98	svcname = "syslog";
99	src = NULL;
100	socks = NULL;
101	pri = LOG_USER | LOG_NOTICE;
102	pristr = NULL;
103	logflags = 0;
104	unsetenv("TZ");
105	while ((ch = getopt(argc, argv, "46Af:H:h:iP:p:S:st:")) != -1)
106		switch((char)ch) {
107		case '4':
108			family = PF_INET;
109			break;
110#ifdef INET6
111		case '6':
112			family = PF_INET6;
113			break;
114#endif
115		case 'A':
116			send_to_all++;
117			break;
118		case 'f':		/* file to log */
119			if (freopen(optarg, "r", stdin) == NULL)
120				err(1, "%s", optarg);
121			setvbuf(stdin, 0, _IONBF, 0);
122			break;
123		case 'H':		/* hostname to set in message header */
124			hostname = optarg;
125			break;
126		case 'h':		/* hostname to deliver to */
127			host = optarg;
128			break;
129		case 'i':		/* log process id also */
130			logflags |= LOG_PID;
131			break;
132		case 'P':		/* service name or port number */
133			svcname = optarg;
134			break;
135		case 'p':		/* priority */
136			pristr = optarg;
137			break;
138		case 's':		/* log to standard error */
139			logflags |= LOG_PERROR;
140			break;
141		case 'S':		/* source address */
142			src = optarg;
143			break;
144		case 't':		/* tag */
145			tag = optarg;
146			break;
147		case '?':
148		default:
149			usage();
150		}
151	argc -= optind;
152	argv += optind;
153
154	if (host) {
155		nsock = socksetup(src, host, svcname, &socks);
156		if (nsock <= 0)
157			errx(1, "socket");
158	} else {
159		if (src)
160			errx(1, "-h option is missing.");
161		nsock = 0;
162	}
163
164	capcas = cap_init();
165	if (capcas == NULL)
166		err(1, "Unable to contact Casper");
167	caph_cache_catpages();
168	caph_cache_tzdata();
169	if (nsock == 0) {
170		if (caph_enter_casper() < 0)
171			err(1, "Unable to enter capability mode");
172	}
173	capsyslog = cap_service_open(capcas, "system.syslog");
174	if (capsyslog == NULL)
175		err(1, "Unable to open system.syslog service");
176	cap_close(capcas);
177
178	if (pristr != NULL)
179		pri = pencode(pristr);
180	if (tag == NULL)
181		tag = getlogin();
182	/* setup for logging */
183	if (host == NULL)
184		cap_openlog(capsyslog, tag, logflags, 0);
185
186	if (hostname == NULL) {
187		hostname = hbuf;
188		(void )gethostname(hbuf, MAXHOSTNAMELEN);
189		*strchrnul(hostname, '.') = '\0';
190	}
191
192	timestamp = tbuf + 4;
193
194	/* log input line if appropriate */
195	if (argc > 0) {
196		char *p, *endp;
197		size_t len;
198
199		(void )time(&now);
200		(void )ctime_r(&now, tbuf);
201		tbuf[19] = '\0';
202
203		for (p = buf, endp = buf + sizeof(buf) - 2; *argv;) {
204			len = strlen(*argv);
205			if (p + len > endp && p > buf) {
206				logmessage(pri, timestamp, hostname, tag,
207				    socks, nsock, buf);
208				p = buf;
209			}
210			if (len > sizeof(buf) - 1)
211				logmessage(pri, timestamp, hostname, tag,
212				    socks, nsock, *argv++);
213			else {
214				if (p != buf)
215					*p++ = ' ';
216				bcopy(*argv++, p, len);
217				*(p += len) = '\0';
218			}
219		}
220		if (p != buf)
221			logmessage(pri, timestamp, hostname, tag, socks, nsock,
222			    buf);
223	} else
224		while (fgets(buf, sizeof(buf), stdin) != NULL) {
225			(void )time(&now);
226			(void )ctime_r(&now, tbuf);
227			tbuf[19] = '\0';
228
229			logmessage(pri, timestamp, hostname, tag, socks, nsock,
230			    buf);
231		}
232	exit(0);
233}
234
235static ssize_t
236socksetup(const char *src, const char *dst, const char *svcname,
237	struct socks **socks)
238{
239	struct addrinfo hints, *res, *res0;
240	struct sockaddr_storage *ss_src[AF_MAX];
241	struct socks *sk;
242	ssize_t nsock = 0;
243	int error, maxs;
244
245	memset(&ss_src[0], 0, sizeof(ss_src));
246	if (src) {
247		char *p, *p0, *hs, *hbuf, *sbuf;
248
249		hbuf = sbuf = NULL;
250		p0 = p = strdup(src);
251		if (p0 == NULL)
252			err(1, "strdup failed");
253		hs = p0;	/* point to search ":" */
254#ifdef INET6
255		/* -S option supports IPv6 addr in "[2001:db8::1]:service". */
256		if (*p0 == '[') {
257			p = strchr(p0, ']');
258			if (p == NULL)
259				errx(1, "\"]\" not found in src addr");
260			*p = '\0';
261			/* hs points just after ']' (':' or '\0'). */
262			hs = p + 1;
263			/*
264			 * p points just after '[' while it points hs
265			 * in the case of [].
266			 */
267			p = ((p0 + 1) == (hs - 1)) ? hs : p0 + 1;
268		}
269#endif
270		if (*p != '\0') {
271			/* (p == hs) means ":514" or "[]:514". */
272			hbuf = (p == hs && *p == ':') ? NULL : p;
273			p = strchr(hs, ':');
274			if (p != NULL) {
275				*p = '\0';
276				sbuf = (*(p + 1) != '\0') ? p + 1 : NULL;
277			}
278		}
279		hints = (struct addrinfo){
280			.ai_family = family,
281			.ai_socktype = SOCK_DGRAM,
282			.ai_flags = AI_PASSIVE
283		};
284		error = getaddrinfo(hbuf, sbuf, &hints, &res0);
285		if (error)
286			errx(1, "%s: %s", gai_strerror(error), src);
287		for (res = res0; res; res = res->ai_next) {
288			switch (res->ai_family) {
289			case AF_INET:
290#ifdef INET6
291			case AF_INET6:
292#endif
293				if (ss_src[res->ai_family] != NULL)
294					continue;
295				ss_src[res->ai_family] =
296				    malloc(sizeof(struct sockaddr_storage));
297				if (ss_src[res->ai_family] == NULL)
298					err(1, "malloc failed");
299				memcpy(ss_src[res->ai_family], res->ai_addr,
300				    res->ai_addrlen);
301			}
302		}
303		freeaddrinfo(res0);
304		free(p0);
305	}
306
307	/* resolve hostname */
308	hints = (struct addrinfo){
309		.ai_family = family,
310		.ai_socktype = SOCK_DGRAM
311	};
312	error = getaddrinfo(dst, svcname, &hints, &res0);
313	if (error == EAI_SERVICE) {
314		warnx("%s/udp: unknown service", svcname);
315		error = getaddrinfo(dst, "514", &hints, &res0);
316	}
317	if (error)
318		errx(1, "%s: %s", gai_strerror(error), dst);
319	/* count max number of sockets we may open */
320	maxs = 0;
321	for (res = res0; res; res = res->ai_next)
322		maxs++;
323	sk = calloc(maxs, sizeof(*sk));
324	if (sk == NULL)
325		errx(1, "couldn't allocate memory for sockets");
326	for (res = res0; res; res = res->ai_next) {
327		int s;
328
329		s = socket(res->ai_family, res->ai_socktype,
330		    res->ai_protocol);
331		if (s < 0)
332			continue;
333		if (src && ss_src[res->ai_family] == NULL)
334			errx(1, "address family mismatch");
335
336		if (ss_src[res->ai_family]) {
337			error = bind(s, sstosa(ss_src[res->ai_family]),
338				    ss_src[res->ai_family]->ss_len);
339			if (error < 0)
340				err(1, "bind");
341		}
342		sk[nsock] = (struct socks){
343			.sk_addrlen = res->ai_addrlen,
344			.sk_sock = s
345		};
346		memcpy(&sk[nsock].sk_addr, res->ai_addr, res->ai_addrlen);
347		nsock++;
348	}
349	freeaddrinfo(res0);
350
351	*socks = sk;
352	return (nsock);
353}
354
355/*
356 *  Send the message to syslog, either on the local host, or on a remote host
357 */
358static void
359logmessage(int pri, const char *timestamp, const char *hostname,
360    const char *tag, struct socks *sk, ssize_t nsock, const char *buf)
361{
362	char *line;
363	int len, i, lsent;
364
365	if (nsock == 0) {
366		cap_syslog(capsyslog, pri, "%s", buf);
367		return;
368	}
369	if ((len = asprintf(&line, "<%d>%s %s %s: %s", pri, timestamp,
370	    hostname, tag, buf)) == -1)
371		errx(1, "asprintf");
372
373	lsent = -1;
374	for (i = 0; i < nsock; i++) {
375		lsent = sendto(sk[i].sk_sock, line, len, 0,
376			       sstosa(&sk[i].sk_addr), sk[i].sk_addrlen);
377		if (lsent == len && !send_to_all)
378			break;
379	}
380	if (lsent != len) {
381		if (lsent == -1)
382			warn("sendto");
383		else
384			warnx("sendto: short send - %d bytes", lsent);
385	}
386
387	free(line);
388}
389
390/*
391 *  Decode a symbolic name to a numeric value
392 */
393static int
394pencode(char *s)
395{
396	char *save;
397	int fac, lev;
398
399	for (save = s; *s && *s != '.'; ++s);
400	if (*s) {
401		*s = '\0';
402		fac = decode(save, facilitynames);
403		if (fac < 0)
404			errx(1, "unknown facility name: %s", save);
405		*s++ = '.';
406	}
407	else {
408		fac = 0;
409		s = save;
410	}
411	lev = decode(s, prioritynames);
412	if (lev < 0)
413		errx(1, "unknown priority name: %s", save);
414	return ((lev & LOG_PRIMASK) | (fac & LOG_FACMASK));
415}
416
417static int
418decode(char *name, const CODE *codetab)
419{
420	const CODE *c;
421
422	if (isdigit(*name))
423		return (atoi(name));
424
425	for (c = codetab; c->c_name; c++)
426		if (!strcasecmp(name, c->c_name))
427			return (c->c_val);
428
429	return (-1);
430}
431
432static void
433usage(void)
434{
435	(void)fprintf(stderr, "usage: %s\n",
436	    "logger [-46Ais] [-f file] [-h host] [-P port] [-p pri] [-t tag]\n"
437	    "              [-S addr:port] [message ...]"
438	    );
439	exit(1);
440}
441