Hello community,
here is the log from the commit of package ulogd
checked in at Thu May 31 21:15:21 CEST 2007.
--------
--- ulogd/ulogd.changes 2007-01-10 11:20:05.000000000 +0100
+++ /mounts/work_src_done/STABLE/ulogd/ulogd.changes 2007-05-31 17:41:50.000000000 +0200
@@ -1,0 +2,26 @@
+Thu May 31 17:41:42 CEST 2007 - mt@suse.de
+
+- Updated to ulogd 1.24, providing several bugfixes, like and
+ off-by-one-column fix in sqlite3 plugin, pcap header fix for
+ some architectures, memory leak fix for postgresql plugin,
+ reconnect support for mysql plugin, ...
+- Merged build related changes from into ulogd-1.24-build.dif.
+ Obsolete patches: ulogd-1.23.dif, ulogd-1.23-lib64.dif
+ New patch file: ulogd-1.24-build.dif
+- Splitted ulogd-1.23-strfix.dif into separate files.
+ New patches: ulogd-1.24-fixes-{base,mysql,pgsql,sqlite3}.dif,
+- Added sync option fix for the pcap plugin.
+ New patch: ulogd-1.24-fixes-pcap.dif
+- Changed to compile with --with-*-log-ip-as-string, implemented
+ fallback support for old db formats. Prepared the psql,sqlite3
+ sql scripts. New patches: ulogd-1.24-{pgsql,sqlite3}-table.dif
+- Fixed mysql.table.ipaddr-as-string sql script; no default value
+ for id is allowed when also auto_increment is set.
+ New patch file: ulogd-1.24-mysql-table.dif
+- Implemented an global "user" option allowing to set the user
+ to run as in the config file. Adopted spec, config and logrotate
+ file to run as ulogd user and store log in /var/log/ulogd/.
+ New patch file: ulogd-1.24-user-option.dif
+- Added apparmor policy for ulogd - enabled by default.
+
+-------------------------------------------------------------------
Old:
----
ulogd-1.23-cleanup.dif
ulogd-1.23-config.dif
ulogd-1.23.dif
ulogd-1.23-lib64.dif
ulogd-1.23-pgsql-table.dif
ulogd-1.23-strfix.dif
ulogd-1.23.tar.bz2
ulogd-1.23.tar.bz2.sig
New:
----
ulogd-1.24-build.dif
ulogd-1.24-config.dif
ulogd-1.24-fixes-base.dif
ulogd-1.24-fixes-mysql.dif
ulogd-1.24-fixes-pcap.dif
ulogd-1.24-fixes-pgsql.dif
ulogd-1.24-fixes-sqlite3.dif
ulogd-1.24-mysql-table.dif
ulogd-1.24-pgsql-table.dif
ulogd-1.24-sqlite3-table.dif
ulogd-1.24.tar.bz2
ulogd-1.24.tar.bz2.sig
ulogd-1.24-user-option.dif
ulogd.apparmor
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ulogd.spec ++++++
--- /var/tmp/diff_new_pack.l30839/_old 2007-05-31 21:14:45.000000000 +0200
+++ /var/tmp/diff_new_pack.l30839/_new 2007-05-31 21:14:45.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package ulogd (Version 1.23)
+# spec file for package ulogd (Version 1.24)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -12,27 +12,36 @@
Name: ulogd
BuildRequires: libpcap mysql-devel postgresql-devel sqlite-devel
-Version: 1.23
-Release: 41
+%define ulogd_user ulogd
+%define ulogd_group ulogd
+%define apparmor_policy_dir %{_sysconfdir}/apparmor.d
+Version: 1.24
+Release: 1
License: GNU General Public License (GPL)
Summary: ulogd - netfilter ULOG target log daemon
Group: System/Daemons
Autoreqprov: on
#Requires:
-URL: http://gnumonks.org/projects/
+URL: http://www.netfilter.org/projects/ulogd/
Source0: http://ftp.netfilter.org/pub/ulogd/%{name}-%{version}.tar.bz2
Source1: http://ftp.netfilter.org/pub/ulogd/%{name}-%{version}.tar.bz2.sig
Source2: ulogd.a4.pdf
Source3: ulogd.init
Source4: ulogd.logrotate
-Patch0: %{name}-%{version}.dif
-Patch1: %{name}-%{version}-lib64.dif
-Patch2: %{name}-%{version}-pgsql-table.dif
-Patch3: %{name}-%{version}-strfix.dif
-Patch4: %{name}-%{version}-cleanup.dif
-Patch5: %{name}-%{version}-config.dif
+Source5: ulogd.apparmor
+Patch1: %{name}-%{version}-build.dif
+Patch2: %{name}-%{version}-config.dif
+Patch3: %{name}-%{version}-mysql-table.dif
+Patch4: %{name}-%{version}-pgsql-table.dif
+Patch5: %{name}-%{version}-sqlite3-table.dif
+Patch6: %{name}-%{version}-fixes-base.dif
+Patch7: %{name}-%{version}-fixes-mysql.dif
+Patch8: %{name}-%{version}-fixes-pgsql.dif
+Patch9: %{name}-%{version}-fixes-sqlite3.dif
+Patch10: %{name}-%{version}-fixes-pcap.dif
+Patch11: %{name}-%{version}-user-option.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-PreReq: %insserv_prereq %fillup_prereq
+PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/usermod
%package sqlite
Summary: SQLite output plugin for ulogd
Requires: ulogd sqlite
@@ -123,12 +132,19 @@
%prep
%setup -q
-%patch0 -p0
+cp -a doc/pgsql.table doc/pgsql.table.ipaddr-as-string
+cp -a doc/sqlite3.table doc/sqlite3.table.ipaddr-as-string
%patch1 -p0
%patch2 -p0
%patch3 -p0
%patch4 -p0
%patch5 -p0
+%patch6 -p0
+%patch7 -p0
+%patch8 -p0
+%patch9 -p0
+%patch10 -p0
+%patch11 -p0
%build
autoconf
@@ -137,7 +153,10 @@
%configure \
--with-sqlite3=%{_prefix} \
--with-mysql=%{_prefix} \
- --with-pgsql=%{_prefix}
+ --with-pgsql=%{_prefix} \
+ --with-mysql-log-ip-as-string \
+ --with-pgsql-log-ip-as-string \
+ --with-sqlite3-log-ip-as-string
make
%install
@@ -147,6 +166,9 @@
install -d -m0755 %{buildroot}/%{_includedir}/libipulog
install -d -m0755 %{buildroot}/%{_sbindir}/sbin
install -d -m0755 %{buildroot}/%{_libdir}/ulogd
+install -d -m0755 %{buildroot}/%{_localstatedir}/lib/ulogd
+install -d -m0755 %{buildroot}/%{_localstatedir}/log/ulogd
+install -d -m0755 %{buildroot}/%{apparmor_policy_dir}
make DESTDIR=%{buildroot} install
#
install -m0754 $RPM_SOURCE_DIR/ulogd.init \
@@ -159,10 +181,21 @@
%{buildroot}/%{_includedir}/libipulog/libipulog.h
install -m0644 libipulog/libipulog.a \
%{buildroot}/%{_libdir}/libipulog.a
+install -m0644 $RPM_SOURCE_DIR/ulogd.apparmor \
+ %{buildroot}/%{apparmor_policy_dir}/usr.sbin.ulogd
%clean
rm -rf %{buildroot}
+%pre
+%if %{?ulogd_group:1}0
+/usr/sbin/groupadd -r %{ulogd_group} 2> /dev/null || :
+%endif
+%if %{?ulogd_user:1}0
+/usr/sbin/useradd -r %{?ulogd_group:-g %ulogd_group}%{!?ulogd_group:-g nogroup} -s /bin/false -c "ulog daemon" -d /var/lib/ulog %ulogd_user 2> /dev/null ||:
+/usr/sbin/usermod -s /bin/false -d /var/lib/ulog %ulogd_user 2> /dev/null ||:
+%endif
+
%post
%{fillup_and_insserv -f ulogd}
@@ -177,9 +210,18 @@
%defattr(-,root,root)
%attr(0755,root,root) %{_sbindir}/ulogd
%attr(0755,root,root) %{_sbindir}/rculogd
-%config(noreplace) %{_sysconfdir}/ulogd.conf
+%if %{?ulogd_user:1}0
+%if %{?ulogd_group:1}0
+%attr(0640,root,%ulogd_group) %config(noreplace) %{_sysconfdir}/ulogd.conf
+%else
+%attr(0640,%ulogd_user,root) %config(noreplace) %{_sysconfdir}/ulogd.conf
+%endif
+%else
+%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ulogd.conf
+%endif
%config(noreplace) %{_sysconfdir}/logrotate.d/ulogd
-%{_sysconfdir}/init.d/ulogd
+%dir %{apparmor_policy_dir}
+%config(noreplace) %{apparmor_policy_dir}/usr.sbin.ulogd
%dir %{_libdir}/ulogd
%{_libdir}/ulogd/ulogd_BASE.so
%{_libdir}/ulogd/ulogd_LOCAL.so
@@ -187,11 +229,21 @@
%{_libdir}/ulogd/ulogd_OPRINT.so
%{_libdir}/ulogd/ulogd_PWSNIFF.so
%{_libdir}/ulogd/ulogd_SYSLOG.so
+%{_sysconfdir}/init.d/ulogd
+%dir %{_localstatedir}/lib/ulogd
+%if %{?ulogd_user:1}0
+%attr(0750,%{ulogd_user},%{?ulogd_group}%{!?ulogd_group:root}) %dir %{_localstatedir}/log/ulogd
+%else
+%dir %{_localstatedir}/log/ulogd
+%endif
%doc COPYING AUTHORS README ulogd.conf
%doc doc/ulogd.txt $RPM_SOURCE_DIR/ulogd.a4.pdf doc/ulogd.html
%doc doc/sqlite3.table
%doc doc/mysql.table
%doc doc/pgsql.table
+%doc doc/sqlite3.table.ipaddr-as-string
+%doc doc/mysql.table.ipaddr-as-string
+%doc doc/pgsql.table.ipaddr-as-string
%files sqlite
%defattr(-,root,root)
@@ -215,7 +267,30 @@
%{_libdir}/libipulog.a
%{_includedir}/libipulog
-%changelog -n ulogd
+%changelog
+* Thu May 31 2007 - mt@suse.de
+- Updated to ulogd 1.24, providing several bugfixes, like and
+ off-by-one-column fix in sqlite3 plugin, pcap header fix for
+ some architectures, memory leak fix for postgresql plugin,
+ reconnect support for mysql plugin, ...
+- Merged build related changes from into ulogd-1.24-build.dif.
+ Obsolete patches: ulogd-1.23.dif, ulogd-1.23-lib64.dif
+ New patch file: ulogd-1.24-build.dif
+- Splitted ulogd-1.23-strfix.dif into separate files.
+ New patches: ulogd-1.24-fixes-{base,mysql,pgsql,sqlite3}.dif,
+- Added sync option fix for the pcap plugin.
+ New patch: ulogd-1.24-fixes-pcap.dif
+- Changed to compile with --with-*-log-ip-as-string, implemented
+ fallback support for old db formats. Prepared the psql,sqlite3
+ sql scripts. New patches: ulogd-1.24-{pgsql,sqlite3}-table.dif
+- Fixed mysql.table.ipaddr-as-string sql script; no default value
+ for id is allowed when also auto_increment is set.
+ New patch file: ulogd-1.24-mysql-table.dif
+- Implemented an global "user" option allowing to set the user
+ to run as in the config file. Adopted spec, config and logrotate
+ file to run as ulogd user and store log in /var/log/ulogd/.
+ New patch file: ulogd-1.24-user-option.dif
+- Added apparmor policy for ulogd - enabled by default.
* Wed Jan 10 2007 - mt@suse.de
- Bug #229970: fixed several string length calculations
New patch file: ulogd-1.23-strfix.dif
++++++ ulogd-1.24-build.dif ++++++
--- configure.in
+++ configure.in 2007/03/19 12:04:40
@@ -63,15 +63,10 @@ else
MYSQLLIBS=`$d/mysql_config --libs`
DATABASE_DIR="${DATABASE_DIR} mysql"
-
- MYSQL_LIB="${DATABASE_LIB} ${MYSQLLIBS} "
- # no change to DATABASE_LIB_DIR, since --libs already includes -L
-
- DATABASE_DRIVERS="${DATABASE_DRIVERS} ../mysql/mysql_driver.o "
+ MYSQL_LIB="${MYSQLLIBS}"
DB_DEF="${DB_DEF} -DHAVE_MYSQL "
-
AC_SUBST(MYSQLINCLUDES)
AC_SUBST(MYSQL_LIB)
@@ -81,18 +76,22 @@ else
dnl Having a look in the libary itself should be more reliable than
dnl parsing the output of mysql --version.
- AC_MSG_CHECKING(for mysql_real_escape_string support)
-
- MYSQL_FUNCTION_TEST=`strings ${MYSQLLIBS}/libmysqlclient.so | grep mysql_real_escape_string`
-
- if test "x$MYSQL_FUNCTION_TEST" = x
- then
- EXTRA_MYSQL_DEF="-DOLD_MYSQL=1 "
- AC_MSG_RESULT(found old MySQL)
- else
- AC_MSG_RESULT(found new MySQL)
- fi
-
+ dnl AC_MSG_CHECKING(for mysql_real_escape_string support)
+ dnl
+ dnl MYSQL_FUNCTION_TEST=`strings ${MYSQLLIBS}/libmysqlclient.so | grep mysql_real_escape_string`
+ dnl
+ dnl if test "x$MYSQL_FUNCTION_TEST" = x
+ dnl then
+ dnl EXTRA_MYSQL_DEF="-DOLD_MYSQL=1 "
+ dnl AC_MSG_RESULT(found old MySQL)
+ dnl else
+ dnl AC_MSG_RESULT(found new MySQL)
+ dnl fi
+
+ OLDLIBS="$LIBS"
+ LIBS="$MYSQLLIBS"
+ AC_CHECK_FUNCS([mysql_real_escape_string], [], [EXTRA_MYSQL_DEF="-DOLD_MYSQL=1 "])
+ LIBS="$OLDLIBS"
fi
])
@@ -141,13 +140,12 @@ then
AC_MSG_WARN(PGSQL backend not used)
else
AC_DEFINE(HAVE_PGSQL)
- PGSQLINCLUDES=`$pgsqldir/pg_config --includedir`
- PGSQLLIBS=`$pgsqldir/pg_config --libdir`
+ PGSQLINCLUDES=-I`$pgsqldir/pg_config --includedir`
+ PGSQLLIBS=-L`$pgsqldir/pg_config --libdir`
DATABASE_DIR="${DATABASE_DIR} pgsql"
- PGSQL_LIB="${DATABASE_LIB} -lpq "
+ PGSQL_LIB="${PGSQLLIBS} -lpq "
- DATABASE_LIB_DIR="${DATABASE_LIB_DIR} -L${PGSQLLIBS} "
DB_DEF="${DB_DEF} -DHAVE_PGSQL "
AC_SUBST(PGSQLINCLUDES)
@@ -179,34 +177,38 @@ then
else
dir="/usr/local"
fi
-mysqldir=""
+sqlite3dir=""
AC_MSG_CHECKING(for sqlite3 files)
for d in $dir /usr /usr/local /usr/local/sqlite3
do
- if test -f $d/lib/sqlite3/libsqlite3.so
- then
- AC_MSG_RESULT(found sqlite3 in $d)
- sqlite3dir=$d
- sqlite3dir_suffix=/sqlite3
- break
- elif test -f $d/lib64/sqlite3/libsqlite3.so
+ if test -f $d/lib64/sqlite3/libsqlite3.so
then
AC_MSG_RESULT(found sqlite3 in $d)
sqlite3dir=$d
sqlite3dir_suffix=/sqlite3
+ sqlite3dir_libdir=${sqlite3dir}/lib64
break
- elif test -f $d/lib/libsqlite3.so
+ elif test -f $d/lib/sqlite3/libsqlite3.so
then
- AC_MSG_RESULT(found sqlite in $d)
+ AC_MSG_RESULT(found sqlite3 in $d)
sqlite3dir=$d
- sqlite3dir_suffix=
+ sqlite3dir_suffix=/sqlite3
+ sqlite3dir_libdir=${sqlite3dir}/lib
break
elif test -f $d/lib64/libsqlite3.so
then
- AC_MSG_RESULT(found sqlite in $d)
+ AC_MSG_RESULT(found sqlite3 in $d)
sqlite3dir=$d
sqlite3dir_suffix=
+ sqlite3dir_libdir=${sqlite3dir}/lib64
break
+ elif test -f $d/lib/libsqlite3.so
+ then
+ AC_MSG_RESULT(found sqlite3 in $d)
+ sqlite3dir=$d
+ sqlite3dir_suffix=
+ sqlite3dir_libdir=${sqlite3dir}/lib
+ break
fi
done
@@ -215,15 +217,11 @@ then
AC_MSG_WARN(sqlite3 backend not used)
else
AC_DEFINE(HAVE_SQLITE3)
- SQLITE3INCLUDES=${sqlite3dir}/include${sqlite3dir_suffix}
- SQLITE3LIBS=${sqlite3dir}/lib${sqlite3dir_suffix}
+ SQLITE3INCLUDES=-I${sqlite3dir}/include${sqlite3dir_suffix}
+ SQLITE3LIBS=-L${sqlite3dir_libdir}${sqlite3dir_suffix}
DATABASE_DIR="${DATABASE_DIR} sqlite3"
-
- SQLITE3_LIB="${DATABASE_LIB} -lsqlite3 "
- DATABASE_LIB_DIR="${DATABASE_LIB_DIR} -L${SQLITE3LIBS} "
-
-dnl DATABASE_DRIVERS="${DATABASE_DRIVERS} ../sqlite3/mysql_driver.o "
+ SQLITE3_LIB="${SQLITE3LIBS} -lsqlite3 "
DB_DEF="${DB_DEF} -DHAVE_SQLITE3 "
--- Makefile.in
+++ Makefile.in 2007/03/19 10:09:19
@@ -63,7 +63,7 @@ recurse:
@for d in $(SUBDIRS); do if ! make -C $$d; then exit 1; fi; done
ulogd: ulogd.c $(LIBIPULOG) include/ulogd/ulogd.h conffile/conffile.o $(LIBIPULOG)/libipulog.a ulogd.conf
- $(CC) $(CFLAGS) -rdynamic $< conffile/conffile.o $(LIBIPULOG)/libipulog.a -o $@ $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -rdynamic $< conffile/conffile.o $(LIBIPULOG)/libipulog.a -o $@ $(LIBS)
edit = sed -e 's,@libdir\@,$(ULOGD_LIB_PATH),g'
--- Rules.make.in
+++ Rules.make.in 2007/03/19 12:05:38
@@ -22,7 +22,7 @@ CFLAGS=@CFLAGS@ @CPPFLAGS@ -Wall
CFLAGS+=-DULOGD_CONFIGFILE=\"$(ULOGD_CONFIGFILE)\"
# doesn't work for subdirs
#CFLAGS+=$(INCIPULOG) $(INCCONFFILE)
-CFLAGS+=-I/lib/modules/`uname -r`/build/include
+#CFLAGS+=-I/lib/modules/`uname -r`/build/include
#CFLAGS+=@DEFS@
#CFLAGS+=-g -DDEBUG -DDEBUG_MYSQL -DDEBUG_PGSQL
@@ -34,16 +34,16 @@ ULOGD_SL:=BASE OPRINT PWSNIFF LOGEMU LOC
# mysql output support
#ULOGD_SL+=MYSQL
-MYSQL_CFLAGS=-I@MYSQLINCLUDES@ @EXTRA_MYSQL_DEF@
-MYSQL_LDFLAGS=@DATABASE_LIB_DIR@ @MYSQL_LIB@
+MYSQL_CFLAGS=@MYSQLINCLUDES@ @EXTRA_MYSQL_DEF@
+MYSQL_LDFLAGS=$(LDFLAGS) @MYSQL_LIB@
# postgreSQL output support
#ULOGD_SL+=PGSQL
-PGSQL_CFLAGS=-I@PGSQLINCLUDES@ @EXTRA_PGSQL_DEF@
-PGSQL_LDFLAGS=@DATABASE_LIB_DIR@ @PGSQL_LIB@
+PGSQL_CFLAGS=@PGSQLINCLUDES@ @EXTRA_PGSQL_DEF@
+PGSQL_LDFLAGS=$(LDFLAGS) @PGSQL_LIB@
# mysql output support
#ULOGD_SL+=SQLITE3
-SQLITE3_CFLAGS=-I@SQLITE3INCLUDES@ @EXTRA_SQLITE3_DEF@
-SQLITE3_LDFLAGS=@DATABASE_LIB_DIR@ @SQLITE3_LIB@
+SQLITE3_CFLAGS=@SQLITE3INCLUDES@ @EXTRA_SQLITE3_DEF@
+SQLITE3_LDFLAGS=$(LDFLAGS) @SQLITE3_LIB@
++++++ ulogd-1.23-config.dif -> ulogd-1.24-config.dif ++++++
--- ulogd/ulogd-1.23-config.dif 2007-01-09 12:14:55.000000000 +0100
+++ /mounts/work_src_done/STABLE/ulogd/ulogd-1.24-config.dif 2007-05-31 12:16:34.000000000 +0200
@@ -1,11 +1,38 @@
--- ulogd.conf.in
-+++ ulogd.conf.in 2007/01/05 18:23:47
-@@ -73,7 +73,7 @@ host="localhost"
++++ ulogd.conf.in 2007/05/31 10:16:28
+@@ -11,7 +11,7 @@
+ nlgroup=1
+
+ # logfile for status messages
+-logfile="/var/log/ulogd.log"
++logfile="/var/log/ulogd/ulogd.log"
+
+ # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+ loglevel=5
+@@ -50,11 +50,11 @@ plugin="@libdir@/ulogd_LOGEMU.so"
+
+
+ [LOGEMU]
+-file="/var/log/ulogd.syslogemu"
++file="/var/log/ulogd/ulogd.syslogemu"
+ sync=1
+
+ [OPRINT]
+-file="/var/log/ulogd.pktlog"
++file="/var/log/ulogd/ulogd.pktlog"
+
+ [MYSQL]
+ table="ulog"
+@@ -73,10 +73,10 @@ host="localhost"
[SQLITE3]
table="ulog"
-db="/path/to/sqlite/db"
-+db="/var/log/ulogd.sqlite3db"
++db="/var/log/ulogd/ulogd.sqlite3db"
buffer=200
[PCAP]
+-file="/var/log/ulogd.pcap"
++file="/var/log/ulogd/ulogd.pcap"
+ sync=1
+
++++++ ulogd-1.24-fixes-base.dif ++++++
--- ulogd.c
+++ ulogd.c 2007/03/20 13:21:29
@@ -595,14 +595,15 @@ static void sigterm_handler(int signal)
ipulog_destroy_handle(libulog_h);
free(libulog_buf);
- if (logfile != stdout && logfile != &syslog_dummy)
- fclose(logfile);
for (p = ulogd_outputs; p; p = p->next) {
if (p->fini)
(*p->fini)();
}
+ if (logfile != stdout && logfile != &syslog_dummy)
+ fclose(logfile);
+
exit(0);
}
--- extensions/printpkt.h
+++ extensions/printpkt.h 2007/03/19 19:14:40
@@ -1,7 +1,7 @@
#ifndef _PRINTPKT_H
#define _PRINTPKT_H
-int printpkt_print(ulog_iret_t *res, char *buf, int prefix);
+int printpkt_print(ulog_iret_t *res, char *buf, size_t buf_siz, int prefix);
int printpkt_init(void);
#endif
--- extensions/printpkt.c
+++ extensions/printpkt.c 2007/03/19 19:14:40
@@ -95,13 +95,22 @@ static struct intr_id intr_ids[INTR_IDS]
#define GET_VALUE(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].value
#define GET_FLAGS(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].flags
-int printpkt_print(ulog_iret_t *res, char *buf, int prefix)
+int printpkt_print(ulog_iret_t *res, char *buf, size_t buf_siz, int prefix)
{
char *timestr;
char *tmp;
time_t now;
- char *buf_cur = buf;
+ if(buf_siz)
+ *buf = '\0';
+ else
+ return 1;
+
+#define BUF_ADD(ptr, siz, fmt...) \
+ do { \
+ size_t len=strlen(ptr); \
+ snprintf(((ptr)+(len)), ((siz) > (len) ? (siz)-(len) : 0), ##fmt); \
+ } while(0)
if (prefix) {
now = (time_t) GET_VALUE(0).ui32;
@@ -116,127 +125,129 @@ int printpkt_print(ulog_iret_t *res, cha
*tmp = '\0';
/* print time and hostname */
- buf_cur += sprintf(buf_cur, "%.15s %s", timestr, hostname);
+ BUF_ADD(buf, buf_siz, "%.15s %s", timestr, hostname);
}
- if (*(char *) GET_VALUE(1).ptr)
- buf_cur += sprintf(buf_cur, " %s", (char *) GET_VALUE(1).ptr);
+ if (*((char *) GET_VALUE(1).ptr))
+ BUF_ADD(buf, buf_siz, " %s", (char *) GET_VALUE(1).ptr);
- buf_cur += sprintf(buf_cur," IN=%s OUT=%s ",
+ BUF_ADD(buf, buf_siz, " IN=%s OUT=%s ",
(char *) GET_VALUE(2).ptr,
(char *) GET_VALUE(3).ptr);
/* FIXME: configurable */
- buf_cur += sprintf(buf_cur, "MAC=%s ",
+ BUF_ADD(buf, buf_siz, "MAC=%s ",
(GET_FLAGS(4) & ULOGD_RETF_VALID) ? (char *) GET_VALUE(4).ptr : "");
- buf_cur += sprintf(buf_cur, "SRC=%s ",
+ BUF_ADD(buf, buf_siz, "SRC=%s ",
inet_ntoa((struct in_addr) {htonl(GET_VALUE(5).ui32)}));
- buf_cur += sprintf(buf_cur, "DST=%s ",
+ BUF_ADD(buf, buf_siz, "DST=%s ",
inet_ntoa((struct in_addr) {htonl(GET_VALUE(6).ui32)}));
- buf_cur += sprintf(buf_cur,"LEN=%u TOS=%02X PREC=0x%02X TTL=%u ID=%u ",
+ BUF_ADD(buf, buf_siz, "LEN=%u TOS=%02X PREC=0x%02X TTL=%u ID=%u ",
GET_VALUE(7).ui16, GET_VALUE(8).ui8 & IPTOS_TOS_MASK,
GET_VALUE(8).ui8 & IPTOS_PREC_MASK, GET_VALUE(9).ui8,
GET_VALUE(10).ui16);
if (GET_VALUE(10).ui16 & IP_RF)
- buf_cur += sprintf(buf_cur, "CE ");
+ BUF_ADD(buf, buf_siz, "CE ");
if (GET_VALUE(11).ui16 & IP_DF)
- buf_cur += sprintf(buf_cur, "DF ");
+ BUF_ADD(buf, buf_siz, "DF ");
if (GET_VALUE(11).ui16 & IP_MF)
- buf_cur += sprintf(buf_cur, "MF ");
+ BUF_ADD(buf, buf_siz, "MF ");
if (GET_VALUE(11).ui16 & IP_OFFMASK)
- buf_cur += sprintf(buf_cur, "FRAG:%u ",
+ BUF_ADD(buf, buf_siz, "FRAG:%u ",
GET_VALUE(11).ui16 & IP_OFFMASK);
switch (GET_VALUE(12).ui8) {
case IPPROTO_TCP:
- buf_cur += sprintf(buf_cur, "PROTO=TCP ");
- buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u ",
+ BUF_ADD(buf, buf_siz, "PROTO=TCP ");
+ BUF_ADD(buf, buf_siz, "SPT=%u DPT=%u ",
GET_VALUE(13).ui16, GET_VALUE(14).ui16);
/* FIXME: config */
- buf_cur += sprintf(buf_cur, "SEQ=%u ACK=%u ",
+ BUF_ADD(buf, buf_siz, "SEQ=%u ACK=%u ",
GET_VALUE(15).ui32, GET_VALUE(16).ui32);
- buf_cur += sprintf(buf_cur, "WINDOW=%u ", GET_VALUE(17).ui16);
+ BUF_ADD(buf, buf_siz, "WINDOW=%u ", GET_VALUE(17).ui16);
-// buf_cur += sprintf(buf_cur, "RES=0x%02x ",
+// BUF_ADD(buf, buf_siz, "RES=0x%02x ",
if (GET_VALUE(18).b)
- buf_cur += sprintf(buf_cur, "URG ");
+ BUF_ADD(buf, buf_siz, "URG ");
if (GET_VALUE(19).b)
- buf_cur += sprintf(buf_cur, "ACK ");
+ BUF_ADD(buf, buf_siz, "ACK ");
if (GET_VALUE(20).b)
- buf_cur += sprintf(buf_cur, "PSH ");
+ BUF_ADD(buf, buf_siz, "PSH ");
if (GET_VALUE(21).b)
- buf_cur += sprintf(buf_cur, "RST ");
+ BUF_ADD(buf, buf_siz, "RST ");
if (GET_VALUE(22).b)
- buf_cur += sprintf(buf_cur, "SYN ");
+ BUF_ADD(buf, buf_siz, "SYN ");
if (GET_VALUE(23).b)
- buf_cur += sprintf(buf_cur, "FIN ");
+ BUF_ADD(buf, buf_siz, "FIN ");
- buf_cur += sprintf(buf_cur, "URGP=%u ", GET_VALUE(24).ui16);
+ BUF_ADD(buf, buf_siz, "URGP=%u ", GET_VALUE(24).ui16);
break;
case IPPROTO_UDP:
- buf_cur += sprintf(buf_cur, "PROTO=UDP ");
+ BUF_ADD(buf, buf_siz, "PROTO=UDP ");
- buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u LEN=%u ",
+ BUF_ADD(buf, buf_siz, "SPT=%u DPT=%u LEN=%u ",
GET_VALUE(25).ui16, GET_VALUE(26).ui16,
GET_VALUE(27).ui16);
break;
case IPPROTO_ICMP:
- buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
+ BUF_ADD(buf, buf_siz, "PROTO=ICMP ");
- buf_cur += sprintf(buf_cur, "TYPE=%u CODE=%u ",
+ BUF_ADD(buf, buf_siz, "TYPE=%u CODE=%u ",
GET_VALUE(28).ui8, GET_VALUE(29).ui8);
switch (GET_VALUE(28).ui8) {
case ICMP_ECHO:
case ICMP_ECHOREPLY:
- buf_cur += sprintf(buf_cur, "ID=%u SEQ=%u ",
+ BUF_ADD(buf, buf_siz, "ID=%u SEQ=%u ",
GET_VALUE(30).ui16,
GET_VALUE(31).ui16);
break;
case ICMP_PARAMETERPROB:
- buf_cur += sprintf(buf_cur, "PARAMETER=%u ",
+ BUF_ADD(buf, buf_siz, "PARAMETER=%u ",
GET_VALUE(32).ui32 >> 24);
break;
case ICMP_REDIRECT:
- buf_cur += sprintf(buf_cur, "GATEWAY=%s ", inet_ntoa((struct in_addr) {htonl(GET_VALUE(32).ui32)}));
+ BUF_ADD(buf, buf_siz, "GATEWAY=%s ", inet_ntoa((struct in_addr) {htonl(GET_VALUE(32).ui32)}));
break;
case ICMP_DEST_UNREACH:
if (GET_VALUE(29).ui8 == ICMP_FRAG_NEEDED)
- buf_cur += sprintf(buf_cur, "MTU=%u ",
+ BUF_ADD(buf, buf_siz, "MTU=%u ",
GET_VALUE(33).ui16);
break;
}
break;
case IPPROTO_ESP:
case IPPROTO_AH:
- buf_cur += sprintf(buf_cur, "PROTO=%s ", GET_VALUE(12).ui8 == IPPROTO_ESP ? "ESP" : "AH");
+ BUF_ADD(buf, buf_siz, "PROTO=%s ", GET_VALUE(12).ui8 == IPPROTO_ESP ? "ESP" : "AH");
/* FIXME: "INCOMPLETE [%u bytes]" in case of short pkt */
if (intr_ids[34].id > 0) {
- buf_cur += sprintf(buf_cur, "SPI=0x%x ", GET_VALUE(34).ui32);
+ BUF_ADD(buf, buf_siz, "SPI=0x%x ", GET_VALUE(34).ui32);
}
break;
default:
- buf_cur += sprintf(buf_cur, "PROTO=%u ", GET_VALUE(12).ui8);
+ BUF_ADD(buf, buf_siz, "PROTO=%u ", GET_VALUE(12).ui8);
}
- strcat(buf_cur, "\n");
+ BUF_ADD(buf, buf_siz, "\n");
+
+#undef BUF_ADD
return 0;
}
@@ -267,6 +278,7 @@ int printpkt_init(void)
strerror(errno));
exit(2);
}
+ hostname[sizeof(hostname)-1] = '\0';
if (get_ids())
return 1;
--- extensions/ulogd_BASE.c
+++ extensions/ulogd_BASE.c 2007/03/20 15:55:27
@@ -32,6 +32,7 @@
#include
#include
+#include
#include
#include
#include
@@ -63,11 +64,13 @@ static ulog_iret_t *_interp_raw(ulog_int
{
unsigned char *p;
int i;
- char *buf, *oldbuf = NULL;
+ char *buf, *ptr = NULL;
ulog_iret_t *ret = ip->result;
+ size_t siz;
if (pkt->mac_len) {
- buf = (char *) malloc(3 * pkt->mac_len + 1);
+ siz = 3 * pkt->mac_len + 1;
+ buf = (char *) malloc(siz);
if (!buf) {
ulogd_log(ULOGD_ERROR, "OOM!!!\n");
return NULL;
@@ -75,9 +78,11 @@ static ulog_iret_t *_interp_raw(ulog_int
*buf = '\0';
p = pkt->mac;
- oldbuf = buf;
- for (i = 0; i < pkt->mac_len; i++, p++)
- sprintf(buf, "%s%02x%c", oldbuf, *p, i==pkt->mac_len-1 ? ' ':':');
+ ptr = buf;
+ for (i = 0; i < pkt->mac_len; i++, p++) {
+ snprintf(ptr, siz-(ptr-buf), "%02x%s", *p, i==pkt->mac_len-1 ? "":":");
+ ptr = buf + strlen(buf);
+ }
ret[0].value.ptr = buf;
ret[0].flags |= ULOGD_RETF_VALID;
}
--- extensions/ulogd_LOCAL.c
+++ extensions/ulogd_LOCAL.c 2007/03/20 15:33:09
@@ -93,6 +93,7 @@ void _init(void)
strerror(errno));
exit(2);
}
+ hostname[sizeof(hostname)-1] = '\0';
/* strip off everything after first '.' */
if ((tmp = strchr(hostname, '.')))
*tmp = '\0';
--- extensions/ulogd_LOGEMU.c
+++ extensions/ulogd_LOGEMU.c 2007/03/20 15:36:29
@@ -67,7 +67,7 @@ static int _output_logemu(ulog_iret_t *r
{
static char buf[4096];
- printpkt_print(res, buf, 1);
+ printpkt_print(res, buf, sizeof(buf), 1);
fprintf(of, "%s", buf);
@@ -79,15 +79,18 @@ static int _output_logemu(ulog_iret_t *r
static void signal_handler_logemu(int signal)
{
+ FILE *old=of;
+
switch (signal) {
case SIGHUP:
ulogd_log(ULOGD_NOTICE, "syslogemu: reopening logfile\n");
- fclose(of);
of = fopen(syslogf_ce.u.string, "a");
if (!of) {
ulogd_log(ULOGD_FATAL, "can't open syslogemu: %s\n",
strerror(errno));
- exit(2);
+ of=old;
+ } else {
+ fclose(old);
}
break;
default:
--- extensions/ulogd_OPRINT.c
+++ extensions/ulogd_OPRINT.c 2007/03/20 15:36:04
@@ -48,7 +48,7 @@ static FILE *of = NULL;
static int _output_print(ulog_iret_t *res)
{
ulog_iret_t *ret;
-
+
fprintf(of, "===>PACKET BOUNDARY\n");
for (ret = res; ret; ret = ret->cur_next) {
fprintf(of,"%s=", ret->key);
@@ -72,7 +72,10 @@ static int _output_print(ulog_iret_t *re
HIPQUAD(ret->value.ui32));
break;
case ULOGD_RET_NONE:
- fprintf(of, "<none>");
+ fprintf(of, "<none>\n");
+ break;
+ default:
+ fprintf(of, "\n");
break;
}
}
@@ -88,16 +91,18 @@ static config_entry_t outf_ce = {
static void sighup_handler_print(int signal)
{
+ FILE *old=of;
switch (signal) {
case SIGHUP:
ulogd_log(ULOGD_NOTICE, "PKTLOG: reopening logfile\n");
- fclose(of);
of = fopen(outf_ce.u.string, "a");
if (!of) {
ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n",
strerror(errno));
- exit(2);
+ of=old;
+ } else {
+ fclose(old);
}
break;
default:
--- extensions/ulogd_PWSNIFF.c
+++ extensions/ulogd_PWSNIFF.c 2007/03/19 19:14:40
@@ -116,7 +116,7 @@ static ulog_iret_t *_interp_pwsniff(ulog
return NULL;
}
strncpy(ret[0].value.ptr, (char *)begp, len);
- *((char *)ret[0].value.ptr + len + 1) = '\0';
+ *((char *)ret[0].value.ptr + len) = '\0';
}
if (pw_len) {
ret[1].value.ptr = (char *) malloc(pw_len+1);
@@ -126,7 +126,7 @@ static ulog_iret_t *_interp_pwsniff(ulog
return NULL;
}
strncpy(ret[1].value.ptr, (char *)pw_begp, pw_len);
- *((char *)ret[1].value.ptr + pw_len + 1) = '\0';
+ *((char *)ret[1].value.ptr + pw_len) = '\0';
}
return ret;
--- extensions/ulogd_SYSLOG.c
+++ extensions/ulogd_SYSLOG.c 2007/03/19 19:14:40
@@ -61,7 +61,7 @@ static int _output_syslog(ulog_iret_t *r
{
static char buf[4096];
- printpkt_print(res, buf, 0);
+ printpkt_print(res, buf, sizeof(buf), 0);
syslog(syslog_level|syslog_facility, buf);
return 0;
++++++ ulogd-1.24-fixes-mysql.dif ++++++
--- mysql/ulogd_MYSQL.c
+++ mysql/ulogd_MYSQL.c 2007/05/30 12:59:54
@@ -43,6 +43,7 @@
#include
#include
#include
+#include
#ifdef DEBUG_MYSQL
#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
@@ -53,6 +54,7 @@
struct _field {
char name[ULOGD_MAX_KEYLEN];
unsigned int id;
+ unsigned int str;
struct _field *next;
};
@@ -68,6 +70,9 @@ static struct _field *fields;
/* buffer for our insert statement */
static char *stmt;
+/* size of our insert statement buffer */
+static size_t stmt_siz;
+
/* pointer to the beginning of the "VALUES" part */
static char *stmt_val;
@@ -132,6 +137,13 @@ static config_entry_t connect_timeout_ce
};
static int _mysql_init_db(ulog_iret_t *result);
+static void _mysql_fini(void);
+
+#define STMT_ADD(pos,beg,siz,fmt...) \
+ do { \
+ if((pos) >= (beg) && (siz) > (pos) - (beg)) \
+ snprintf((pos), (siz)-((pos)-(beg)), ##fmt); \
+ } while(0)
/* our main output function, called by ulogd */
static int mysql_output(ulog_iret_t *result)
@@ -143,6 +155,11 @@ static int mysql_output(ulog_iret_t *res
struct in_addr addr;
#endif
+ if( stmt_val == NULL) {
+ _mysql_fini();
+ return _mysql_init_db(result);
+ }
+
stmt_ins = stmt_val;
for (f = fields; f; f = f->next) {
@@ -155,71 +172,87 @@ static int mysql_output(ulog_iret_t *res
if (!res || !IS_VALID((*res))) {
/* no result, we have to fake something */
- sprintf(stmt_ins, "NULL,");
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "NULL,");
stmt_ins = stmt + strlen(stmt);
continue;
}
switch (res->type) {
case ULOGD_RET_INT8:
- sprintf(stmt_ins, "%d,", res->value.i8);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%d,", res->value.i8);
break;
case ULOGD_RET_INT16:
- sprintf(stmt_ins, "%d,", res->value.i16);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%d,", res->value.i16);
break;
case ULOGD_RET_INT32:
- sprintf(stmt_ins, "%d,", res->value.i32);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%d,", res->value.i32);
break;
case ULOGD_RET_INT64:
- sprintf(stmt_ins, "%lld,", res->value.i64);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%"PRId64",", res->value.i64);
break;
case ULOGD_RET_UINT8:
- sprintf(stmt_ins, "%u,", res->value.ui8);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%u,", res->value.ui8);
break;
case ULOGD_RET_UINT16:
- sprintf(stmt_ins, "%u,", res->value.ui16);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%u,", res->value.ui16);
break;
case ULOGD_RET_IPADDR:
#ifdef IP_AS_STRING
- memset(&addr, 0, sizeof(addr));
- addr.s_addr = ntohl(res->value.ui32);
- *stmt_ins++ = '\'';
- tmpstr = inet_ntoa(addr);
+ if(f->str)
+ {
+ memset(&addr, 0, sizeof(addr));
+ addr.s_addr = ntohl(res->value.ui32);
+ tmpstr = inet_ntoa(addr);
+ if(stmt_siz > (stmt_ins-stmt)+(strlen(tmpstr)*2)+4)
+ {
+ *stmt_ins++ = '\'';
#ifdef OLD_MYSQL
- mysql_escape_string(stmt_ins, tmpstr,
- strlen(tmpstr));
+ mysql_escape_string(stmt_ins, tmpstr,
+ strlen(tmpstr));
#else
- mysql_real_escape_string(dbh, stmt_ins,
- tmpstr,
- strlen(tmpstr));
+ mysql_real_escape_string(dbh, stmt_ins,
+ tmpstr,
+ strlen(tmpstr));
#endif /* OLD_MYSQL */
- stmt_ins = stmt + strlen(stmt);
- sprintf(stmt_ins, "',");
- break;
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "',");
+ }
+ else
+ {
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "'',");
+ }
+ break;
+ }
#endif /* IP_AS_STRING */
/* EVIL: fallthrough when logging IP as
* u_int32_t */
case ULOGD_RET_UINT32:
- sprintf(stmt_ins, "%u,", res->value.ui32);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%u,", res->value.ui32);
break;
case ULOGD_RET_UINT64:
- sprintf(stmt_ins, "%llu,", res->value.ui64);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%"PRIu64",", res->value.ui64);
break;
case ULOGD_RET_BOOL:
- sprintf(stmt_ins, "'%d',", res->value.b);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "'%d',", res->value.b);
break;
case ULOGD_RET_STRING:
- *stmt_ins++ = '\'';
+ if(stmt_siz > (stmt_ins-stmt)+(strlen(res->value.ptr)*2)+4)
+ {
+ *stmt_ins++ = '\'';
#ifdef OLD_MYSQL
- mysql_escape_string(stmt_ins, res->value.ptr,
- strlen(res->value.ptr));
+ mysql_escape_string(stmt_ins, res->value.ptr,
+ strlen(res->value.ptr));
#else
- mysql_real_escape_string(dbh, stmt_ins,
- res->value.ptr, strlen(res->value.ptr));
+ mysql_real_escape_string(dbh, stmt_ins,
+ res->value.ptr, strlen(res->value.ptr));
#endif
- stmt_ins = stmt + strlen(stmt);
- sprintf(stmt_ins, "',");
- /* sprintf(stmt_ins, "'%s',", res->value.ptr); */
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "',");
+ }
+ else
+ {
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "'',");
+ }
break;
case ULOGD_RET_RAW:
ulogd_log(ULOGD_NOTICE,
@@ -235,6 +268,8 @@ static int mysql_output(ulog_iret_t *res
stmt_ins = stmt + strlen(stmt);
}
*(stmt_ins - 1) = ')';
+ *stmt_ins = '\0';
+
DEBUGP("stmt=#%s#\n", stmt);
/* now we have created our statement, insert it */
@@ -242,6 +277,7 @@ static int mysql_output(ulog_iret_t *res
if (mysql_real_query(dbh, stmt, strlen(stmt))) {
ulogd_log(ULOGD_ERROR, "sql error during insert: %s\n",
mysql_error(dbh));
+ _mysql_fini();
return _mysql_init_db(result);
}
@@ -261,7 +297,6 @@ static int mysql_output_disabled(ulog_ir
static int mysql_createstmt(void)
{
struct _field *f;
- unsigned int size;
char buf[ULOGD_MAX_KEYLEN];
char *underscore;
@@ -269,36 +304,39 @@ static int mysql_createstmt(void)
free(stmt);
/* caclulate the size for the insert statement */
- size = strlen(MYSQL_INSERTTEMPL) + strlen(table_ce.u.string);
+ stmt_siz = strlen(MYSQL_INSERTTEMPL) + strlen(table_ce.u.string) + 1;
for (f = fields; f; f = f->next) {
/* we need space for the key and a comma, as well as
* enough space for the values */
- size += strlen(f->name) + 1 + MYSQL_VALSIZE;
+ stmt_siz += strlen(f->name) + 1 + MYSQL_VALSIZE;
}
- ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", size);
+ ulogd_log(ULOGD_DEBUG, "allocating %zu bytes for statement\n", stmt_siz);
- stmt = (char *) malloc(size);
+ stmt = (char *) malloc(stmt_siz);
if (!stmt) {
+ stmt_val = NULL;
+ stmt_siz = 0;
ulogd_log(ULOGD_ERROR, "OOM!\n");
return -1;
}
- sprintf(stmt, "insert into %s (", table_ce.u.string);
+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string);
stmt_val = stmt + strlen(stmt);
for (f = fields; f; f = f->next) {
- strncpy(buf, f->name, ULOGD_MAX_KEYLEN);
+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
while ((underscore = strchr(buf, '.')))
*underscore = '_';
- sprintf(stmt_val, "%s,", buf);
+ STMT_ADD(stmt_val,stmt,stmt_siz, "%s,", buf);
stmt_val = stmt + strlen(stmt);
}
*(stmt_val - 1) = ')';
- sprintf(stmt_val, " values (");
+ STMT_ADD(stmt_val,stmt,stmt_siz, " values (");
stmt_val = stmt + strlen(stmt);
ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt);
@@ -333,7 +371,9 @@ static int mysql_get_columns(const char
while ((field = mysql_fetch_field(result))) {
/* replace all underscores with dots */
- strncpy(buf, field->name, ULOGD_MAX_KEYLEN);
+ strncpy(buf, field->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
+
while ((underscore = strchr(buf, '_')))
*underscore = '.';
@@ -352,8 +392,10 @@ static int mysql_get_columns(const char
ulogd_log(ULOGD_ERROR, "OOM!\n");
return -1;
}
- strncpy(f->name, buf, ULOGD_MAX_KEYLEN);
+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1);
+ f->name[ULOGD_MAX_KEYLEN-1] = '\0';
f->id = id;
+ f->str = !IS_NUM(field->type);
f->next = fields;
fields = f;
}
@@ -374,7 +416,10 @@ static int mysql_open_db(char *server, i
mysql_options(dbh, MYSQL_OPT_CONNECT_TIMEOUT, (const char *) &connect_timeout_ce.u.value);
if (!mysql_real_connect(dbh, server, user, pass, db, port, NULL, 0))
+ {
+ _mysql_fini();
return -1;
+ }
return 0;
}
@@ -413,10 +458,17 @@ static int _mysql_init_db(ulog_iret_t *r
/* read the fieldnames to know which values to insert */
if (mysql_get_columns(table_ce.u.string)) {
ulogd_log(ULOGD_ERROR, "unable to get mysql columns\n");
+ _mysql_fini();
return init_reconnect();
}
- mysql_createstmt();
-
+
+ if (mysql_createstmt())
+ {
+ ulogd_log(ULOGD_ERROR, "unable to create mysql statement\n");
+ _mysql_fini();
+ return init_reconnect();
+ }
+
/* enable plugin */
mysql_plugin.output = &mysql_output;
@@ -438,7 +490,10 @@ static int _mysql_init(void)
static void _mysql_fini(void)
{
- mysql_close(dbh);
+ if( dbh) {
+ mysql_close(dbh);
+ dbh = NULL;
+ }
}
static ulog_output_t mysql_plugin = {
++++++ ulogd-1.24-fixes-pcap.dif ++++++
--- pcap/ulogd_PCAP.c
+++ pcap/ulogd_PCAP.c 2007/05/31 11:55:30
@@ -158,7 +158,7 @@ static int pcap_output(ulog_iret_t *res)
return 1;
}
- if (pcapf_ce.u.value)
+ if (pcapsync_ce.u.value)
fflush(of);
return 0;
@@ -217,8 +217,8 @@ void append_create_outfile(void) {
if (!exist) {
of = fopen(pcapf_ce.u.string, "w");
if (!of) {
- ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n",
- strerror(errno));
+ ulogd_log(ULOGD_FATAL, "can't open pcap file %s: %s\n",
+ pcapf_ce.u.string, strerror(errno));
exit(2);
}
if (!write_pcap_header()) {
++++++ ulogd-1.24-fixes-pgsql.dif ++++++
--- pgsql/ulogd_PGSQL.c
+++ pgsql/ulogd_PGSQL.c 2007/05/30 15:27:23
@@ -16,7 +16,7 @@
#include
#include
#include
-
+#include
#ifdef DEBUG_PGSQL
#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
@@ -27,6 +27,7 @@
struct _field {
char name[ULOGD_MAX_KEYLEN];
unsigned int id;
+ unsigned int str;
struct _field *next;
};
@@ -39,6 +40,9 @@ static struct _field *fields;
/* buffer for our insert statement */
static char *stmt;
+/* size of our insert statement buffer */
+static size_t stmt_siz;
+
/* pointer to the beginning of the "VALUES" part */
static char *stmt_val;
@@ -97,6 +101,12 @@ static config_entry_t port_ce = {
static unsigned char pgsql_have_schemas;
+#define STMT_ADD(pos,beg,siz,fmt...) \
+ do { \
+ if((pos) >= (beg) && (siz) > (pos) - (beg)) \
+ snprintf((pos), (siz)-((pos)-(beg)), ##fmt); \
+ } while(0)
+
/* our main output function, called by ulogd */
static int pgsql_output(ulog_iret_t *result)
{
@@ -108,6 +118,9 @@ static int pgsql_output(ulog_iret_t *res
struct in_addr addr;
#endif
+ if( stmt_val == NULL)
+ return 1;
+
stmt_ins = stmt_val;
for (f = fields; f; f = f->next) {
@@ -120,62 +133,80 @@ static int pgsql_output(ulog_iret_t *res
if (!res || !IS_VALID((*res))) {
/* no result, we have to fake something */
- sprintf(stmt_ins, "NULL,");
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "NULL,");
stmt_ins = stmt + strlen(stmt);
continue;
}
switch (res->type) {
case ULOGD_RET_INT8:
- sprintf(stmt_ins, "%d,", res->value.i8);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%d,", res->value.i8);
break;
case ULOGD_RET_INT16:
- sprintf(stmt_ins, "%d,", res->value.i16);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%d,", res->value.i16);
break;
case ULOGD_RET_INT32:
- sprintf(stmt_ins, "%d,", res->value.i32);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%d,", res->value.i32);
break;
case ULOGD_RET_INT64:
- sprintf(stmt_ins, "%lld,", res->value.i64);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%"PRId64",", res->value.i64);
break;
case ULOGD_RET_UINT8:
- sprintf(stmt_ins, "%u,", res->value.ui8);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%u,", res->value.ui8);
break;
case ULOGD_RET_UINT16:
- sprintf(stmt_ins, "%u,", res->value.ui16);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%u,", res->value.ui16);
break;
case ULOGD_RET_IPADDR:
#ifdef IP_AS_STRING
- *stmt_ins++ = '\'';
- memset(&addr, 0, sizeof(addr));
- addr.s_addr = ntohl(res->value.ui32);
- tmpstr = (char *)inet_ntoa(addr);
- PQescapeString(stmt_ins,tmpstr,strlen(tmpstr));
- stmt_ins = stmt + strlen(stmt);
- sprintf(stmt_ins, "',");
- break;
+ if(f->str)
+ {
+ memset(&addr, 0, sizeof(addr));
+ addr.s_addr = ntohl(res->value.ui32);
+ tmpstr = (char *)inet_ntoa(addr);
+
+ if(stmt_siz > (stmt_ins-stmt)+(strlen(tmpstr)*2)+4)
+ {
+ *stmt_ins++ = '\'';
+ PQescapeString(stmt_ins,tmpstr,strlen(tmpstr));
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "',");
+ }
+ else
+ {
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "'',");
+ }
+ break;
+ }
#endif /* IP_AS_STRING */
/* EVIL: fallthrough when logging IP as
* u_int32_t */
case ULOGD_RET_UINT32:
- sprintf(stmt_ins, "%u,", res->value.ui32);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%u,", res->value.ui32);
break;
case ULOGD_RET_UINT64:
- sprintf(stmt_ins, "%llu,", res->value.ui64);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "%"PRIu64",", res->value.ui64);
break;
case ULOGD_RET_BOOL:
- sprintf(stmt_ins, "'%d',", res->value.b);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "'%d',", res->value.b);
break;
case ULOGD_RET_STRING:
- *stmt_ins++ = '\'';
- PQescapeString(stmt_ins,res->value.ptr,strlen(res->value.ptr));
- stmt_ins = stmt + strlen(stmt);
- sprintf(stmt_ins, "',");
+ if(stmt_siz > (stmt_ins-stmt)+(strlen(res->value.ptr)*2)+4)
+ {
+ *stmt_ins++ = '\'';
+ PQescapeString(stmt_ins,res->value.ptr,strlen(res->value.ptr));
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "',");
+ }
+ else
+ {
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "'',");
+ }
break;
case ULOGD_RET_RAW:
ulogd_log(ULOGD_NOTICE,"%s: pgsql doesn't support type RAW\n",res->key);
- sprintf(stmt_ins, "NULL,");
+ STMT_ADD(stmt_ins,stmt,stmt_siz, "NULL,");
break;
default:
ulogd_log(ULOGD_NOTICE,
@@ -186,6 +217,7 @@ static int pgsql_output(ulog_iret_t *res
stmt_ins = stmt + strlen(stmt);
}
*(stmt_ins - 1) = ')';
+
DEBUGP("stmt=#%s#\n", stmt);
/* now we have created our statement, insert it */
@@ -212,7 +244,7 @@ static int pgsql_namespace(void) {
if (!dbh)
return 1;
- sprintf(pgbuf, PGSQL_HAVE_NAMESPACE_TEMPLATE, schema_ce.u.string);
+ snprintf(pgbuf, sizeof(pgbuf), PGSQL_HAVE_NAMESPACE_TEMPLATE, schema_ce.u.string);
ulogd_log(ULOGD_DEBUG, "%s\n", pgbuf);
result = PQexec(dbh, pgbuf);
@@ -240,7 +272,6 @@ static int pgsql_namespace(void) {
static int pgsql_createstmt(void)
{
struct _field *f;
- unsigned int size;
char buf[ULOGD_MAX_KEYLEN];
char *underscore;
@@ -251,41 +282,43 @@ static int pgsql_createstmt(void)
}
/* caclulate the size for the insert statement */
- size = strlen(PGSQL_INSERTTEMPL) + strlen(table_ce.u.string) + strlen(schema_ce.u.string) + 1;
+ stmt_siz = strlen(PGSQL_INSERTTEMPL) + strlen(table_ce.u.string) + strlen(schema_ce.u.string) + 1;
for (f = fields; f; f = f->next) {
/* we need space for the key and a comma, as well as
* enough space for the values */
- size += strlen(f->name) + 1 + PGSQL_VALSIZE;
+ stmt_siz += strlen(f->name) + 1 + PGSQL_VALSIZE;
}
- ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", size);
+ ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", stmt_siz);
- stmt = (char *) malloc(size);
+ stmt = (char *) malloc(stmt_siz);
if (!stmt) {
+ stmt_siz = 0;
ulogd_log(ULOGD_ERROR, "OOM!\n");
return 1;
}
if (pgsql_have_schemas) {
- sprintf(stmt, "insert into %s.%s (", schema_ce.u.string, table_ce.u.string);
+ snprintf(stmt, stmt_siz, "insert into %s.%s (", schema_ce.u.string, table_ce.u.string);
} else {
- sprintf(stmt, "insert into %s (", table_ce.u.string);
+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string);
}
stmt_val = stmt + strlen(stmt);
for (f = fields; f; f = f->next) {
- strncpy(buf, f->name, ULOGD_MAX_KEYLEN);
+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
while ((underscore = strchr(buf, '.')))
*underscore = '_';
- sprintf(stmt_val, "%s,", buf);
+ STMT_ADD(stmt_val,stmt,stmt_siz, "%s,", buf);
stmt_val = stmt + strlen(stmt);
}
*(stmt_val - 1) = ')';
- sprintf(stmt_val, " values (");
+ STMT_ADD(stmt_val,stmt,stmt_siz, " values (");
stmt_val = stmt + strlen(stmt);
ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt);
@@ -293,9 +326,9 @@ static int pgsql_createstmt(void)
return 0;
}
-#define PGSQL_GETCOLUMN_TEMPLATE "SELECT a.attname FROM pg_class c, pg_attribute a WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid=c.oid ORDER BY a.attnum"
+#define PGSQL_GETCOLUMN_TEMPLATE "SELECT a.attname,t.typname FROM pg_class c, pg_attribute a, pg_type t WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid=c.oid AND a.atttypid=t.oid ORDER BY a.attnum"
-#define PGSQL_GETCOLUMN_TEMPLATE_SCHEMA "SELECT a.attname FROM pg_attribute a, pg_class c LEFT JOIN pg_namespace n ON c.relnamespace=n.oid WHERE c.relname ='%s' AND n.nspname='%s' AND a.attnum>0 AND a.attrelid=c.oid AND a.attisdropped=FALSE ORDER BY a.attnum"
+#define PGSQL_GETCOLUMN_TEMPLATE_SCHEMA "SELECT a.attname,t.typname FROM pg_attribute a, pg_type t, pg_class c LEFT JOIN pg_namespace n ON c.relnamespace=n.oid WHERE c.relname ='%s' AND n.nspname='%s' AND a.attnum>0 AND a.attrelid=c.oid AND a.atttypid=t.oid AND a.attisdropped=FALSE ORDER BY a.attnum"
/* find out which columns the table has */
static int pgsql_get_columns(const char *table)
@@ -307,6 +340,7 @@ static int pgsql_get_columns(const char
struct _field *f;
int id;
int intaux;
+ char *typename;
if (!dbh)
return 1;
@@ -333,7 +367,8 @@ static int pgsql_get_columns(const char
for (intaux=0; intauxname, buf, ULOGD_MAX_KEYLEN);
+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1);
+ f->name[ULOGD_MAX_KEYLEN-1] = '\0';
f->id = id;
+ f->str = 0;
+ if( (typename = PQgetvalue(result, intaux, 1)) != NULL)
+ {
+ if(strcmp(typename, "inet") == 0 ||
+ strstr(typename, "char") != NULL)
+ f->str = 1;
+ }
f->next = fields;
fields = f;
}
@@ -386,34 +429,37 @@ static int pgsql_open_db(char *server, i
if (port)
len += 20;
- connstr = (char *) malloc(len);
+ connstr = (char *) malloc(len+1);
if (!connstr)
return 1;
+ *connstr = '\0';
if (server) {
- strcpy(connstr, " host=");
- strcat(connstr, server);
+ strncat(connstr, " host=", len-strlen(connstr));
+ strncat(connstr, server, len-strlen(connstr));
}
if (port) {
char portbuf[20];
snprintf(portbuf, sizeof(portbuf), " port=%u", port);
- strcat(connstr, portbuf);
+ strncat(connstr, portbuf, len-strlen(connstr));
}
- strcat(connstr, " dbname=");
- strcat(connstr, db);
- strcat(connstr, " user=");
- strcat(connstr, user);
+ strncat(connstr, " dbname=", len-strlen(connstr));
+ strncat(connstr, db, len-strlen(connstr));
+ strncat(connstr, " user=", len-strlen(connstr));
+ strncat(connstr, user, len-strlen(connstr));
if (pass) {
- strcat(connstr, " password=");
- strcat(connstr, pass);
+ strncat(connstr, " password=", len-strlen(connstr));
+ strncat(connstr, pass, len-strlen(connstr));
}
dbh = PQconnectdb(connstr);
+ free(connstr);
if (PQstatus(dbh)!=CONNECTION_OK) {
exit_nicely(dbh);
+ dbh = NULL;
return 1;
}
@@ -432,23 +478,39 @@ static int pgsql_init(void)
}
if (pgsql_namespace()) {
- return 1;
+ PQfinish(dbh);
+ dbh = NULL;
ulogd_log(ULOGD_ERROR, "unable to test for pgsql schemas\n");
+ return 1;
}
/* read the fieldnames to know which values to insert */
if (pgsql_get_columns(table_ce.u.string)) {
+ PQfinish(dbh);
+ dbh = NULL;
ulogd_log(ULOGD_ERROR, "unable to get pgsql columns\n");
return 1;
}
- pgsql_createstmt();
+
+ if(pgsql_createstmt()) {
+ PQfinish(dbh);
+ dbh = NULL;
+ return 1;
+ }
return 0;
}
static void pgsql_fini(void)
{
- PQfinish(dbh);
+ if(dbh)
+ PQfinish(dbh);
+ if(stmt)
+ {
+ free(stmt);
+ stmt = NULL;
+ stmt_val = NULL;
+ }
}
static ulog_output_t pgsql_plugin = {
++++++ ulogd-1.24-fixes-sqlite3.dif ++++++
--- sqlite3/ulogd_SQLITE3.c
+++ sqlite3/ulogd_SQLITE3.c 2007/05/30 15:31:11
@@ -55,6 +55,9 @@ static struct _field *fields;
/* buffer for our insert statement */
static char *stmt;
+/* size of our insert statement buffer */
+static size_t stmt_siz;
+
/* pointer to the final prepared statement */
static sqlite3_stmt *p_stmt;
@@ -85,6 +88,12 @@ static config_entry_t buffer_ce = {
.options = CONFIG_OPT_MANDATORY,
};
+#define STMT_ADD(pos,beg,siz,fmt...) \
+ do { \
+ if((pos) >= (beg) && (siz) > (pos) - (beg)) \
+ snprintf((pos), (siz)-((pos)-(beg)), ##fmt); \
+ } while(0)
+
/* our main output function, called by ulogd */
static int _sqlite3_output(ulog_iret_t *result)
{
@@ -96,6 +105,9 @@ static int _sqlite3_output(ulog_iret_t *
struct in_addr addr;
#endif
+ if (p_stmt == NULL || dbh == NULL)
+ return 1;
+
col_counter = 1;
for (f = fields; f; f = f->next) {
res = keyh_getres(f->id);
@@ -194,7 +206,6 @@ static int _sqlite3_output(ulog_iret_t *
static int _sqlite3_createstmt(void)
{
struct _field *f;
- unsigned int size;
char buf[ULOGD_MAX_KEYLEN];
char *underscore;
char *stmt_pos;
@@ -208,65 +219,68 @@ static int _sqlite3_createstmt(void)
}
/* caclulate the size for the insert statement */
- size = strlen(_SQLITE3_INSERTTEMPL) + strlen(table_ce.u.string);
+ stmt_siz = strlen(_SQLITE3_INSERTTEMPL) + strlen(table_ce.u.string);
- DEBUGP("initial size: %u\n", size);
+ DEBUGP("initial size: %zu\n", stmt_siz);
col_count = 0;
for (f = fields; f; f = f->next) {
/* we need space for the key and a comma, and a ? */
- size += strlen(f->name) + 3;
- DEBUGP("size is now %u since adding %s\n",size,f->name);
+ stmt_siz += strlen(f->name) + 3;
+ DEBUGP("size is now %zu since adding %s\n",stmt_siz,f->name);
col_count++;
}
DEBUGP("there were %d columns\n",col_count);
- DEBUGP("after calc name length: %u\n",size);
+ DEBUGP("after calc name length: %zu\n",stmt_siz);
- ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", size);
+ ulogd_log(ULOGD_DEBUG, "allocating %zu bytes for statement\n", stmt_siz);
- stmt = (char *) malloc(size);
+ stmt = (char *) malloc(stmt_siz);
if (!stmt) {
+ stmt_siz = 0;
ulogd_log(ULOGD_ERROR, "OOM!\n");
return 1;
}
- sprintf(stmt, "insert into %s (", table_ce.u.string);
+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string);
stmt_pos = stmt + strlen(stmt);
for (f = fields; f; f = f->next) {
- strncpy(buf, f->name, ULOGD_MAX_KEYLEN);
+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
while ((underscore = strchr(buf, '.')))
*underscore = '_';
- sprintf(stmt_pos, "%s,", buf);
+ STMT_ADD(stmt_pos,stmt,stmt_siz, "%s,", buf);
stmt_pos = stmt + strlen(stmt);
}
*(stmt_pos - 1) = ')';
- sprintf(stmt_pos, " values (");
+ STMT_ADD(stmt_pos,stmt,stmt_siz, " values (");
stmt_pos = stmt + strlen(stmt);
for (i = 0; i < col_count - 1; i++) {
- sprintf(stmt_pos,"?,");
+ STMT_ADD(stmt_pos,stmt,stmt_siz, "?,");
stmt_pos += 2;
}
- sprintf(stmt_pos, "?)");
+ STMT_ADD(stmt_pos,stmt,stmt_siz, "?)");
ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt);
DEBUGP("about to prepare statement.\n");
- sqlite3_prepare(dbh,stmt,-1,&p_stmt,0);
-
- DEBUGP("statement prepared.\n");
-
- if (!p_stmt) {
+ if (sqlite3_prepare(dbh,stmt,-1,&p_stmt,0) != SQLITE_OK) {
+ p_stmt = NULL;
+ free( stmt);
+ stmt = stmt_pos = NULL;
ulogd_log(ULOGD_ERROR,"unable to prepare statement");
return 1;
}
+ DEBUGP("statement prepared.\n");
+
return 0;
}
@@ -278,7 +292,7 @@ static int _sqlite3_createstmt(void)
static int _sqlite3_get_columns(const char *table)
{
char buf[ULOGD_MAX_KEYLEN];
- char query[SQLITE_SELECT_LEN + CONFIG_VAL_STRING_LEN] = "select * from \0";
+ char query[SQLITE_SELECT_LEN + CONFIG_VAL_STRING_LEN + 1] = "select * from \0";
char *underscore;
struct _field *f;
sqlite3_stmt *schema_stmt;
@@ -289,7 +303,7 @@ static int _sqlite3_get_columns(const ch
if (!dbh)
return 1;
- strncat(query,table,LINE_LEN);
+ strncat(query,table,sizeof(query)-strlen(query)-1);
result = sqlite3_prepare(dbh,query,-1,&schema_stmt,0);
@@ -298,7 +312,8 @@ static int _sqlite3_get_columns(const ch
for (column = 0; column < sqlite3_column_count(schema_stmt); column++) {
/* replace all underscores with dots */
- strncpy(buf, sqlite3_column_name(schema_stmt,column), ULOGD_MAX_KEYLEN);
+ strncpy(buf, sqlite3_column_name(schema_stmt,column), ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
while ((underscore = strchr(buf, '_')))
*underscore = '.';
@@ -317,7 +332,8 @@ static int _sqlite3_get_columns(const ch
ulogd_log(ULOGD_ERROR, "OOM!\n");
return 1;
}
- strncpy(f->name, buf, ULOGD_MAX_KEYLEN);
+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1);
+ f->name[ULOGD_MAX_KEYLEN-1] = '\0';
f->id = id;
f->next = fields;
fields = f;
@@ -357,6 +373,7 @@ static void _sqlite3_fini(void)
ulogd_log(ULOGD_ERROR,"unable to commit remaining records to db.");
sqlite3_close(dbh);
+ dbh = NULL;
DEBUGP("database file closed\n");
}
}
@@ -379,6 +396,8 @@ static int _sqlite3_init(void)
/* read the fieldnames to know which values to insert */
if (_sqlite3_get_columns(table_ce.u.string)) {
+ sqlite3_close(dbh);
+ dbh = NULL;
ulogd_log(ULOGD_ERROR, "unable to get sqlite columns\n");
return 1;
}
@@ -393,7 +412,11 @@ static int _sqlite3_init(void)
ulogd_log(ULOGD_ERROR,"can't create a new transaction\n");
/* create and prepare the actual insert statement */
- _sqlite3_createstmt();
+ if(_sqlite3_createstmt()) {
+ sqlite3_close(dbh);
+ dbh = NULL;
+ return 1;
+ }
return 0;
}
++++++ ulogd-1.24-mysql-table.dif ++++++
--- doc/mysql.table.ipaddr-as-string
+++ doc/mysql.table.ipaddr-as-string 2007/05/30 12:19:52
@@ -11,7 +11,7 @@
# Table structure for table 'ulog'
#
CREATE TABLE ulog (
- id int(10) unsigned DEFAULT '0' NOT NULL auto_increment,
+ id int(10) unsigned NOT NULL auto_increment,
raw_mac varchar(80),
oob_time_sec int(10) unsigned,
oob_time_usec int(10) unsigned,
++++++ ulogd-1.23-pgsql-table.dif -> ulogd-1.24-pgsql-table.dif ++++++
--- ulogd/ulogd-1.23-pgsql-table.dif 2006-05-02 16:59:39.000000000 +0200
+++ /mounts/work_src_done/STABLE/ulogd/ulogd-1.24-pgsql-table.dif 2007-03-20 14:36:29.000000000 +0100
@@ -1,23 +1,23 @@
---- doc/pgsql.table
-+++ doc/pgsql.table 2006/03/08 14:51:05
+--- doc/pgsql.table.ipaddr-as-string
++++ doc/pgsql.table.ipaddr-as-string 2007/03/20 13:34:45
@@ -33,16 +33,16 @@
"ip_csum" integer,
/* log IPs as unsigned int32 (default) */
---- "ip_saddr" bigint,
---- "ip_daddr" bigint,
-+ "ip_saddr" bigint,
-+ "ip_daddr" bigint,
+- "ip_saddr" bigint,
+- "ip_daddr" bigint,
++-- "ip_saddr" bigint,
++-- "ip_daddr" bigint,
/* log IPs as string (--with-pgsql-log-ip-as-string) */
-- "ip_saddr" character varying(40),
-- "ip_daddr" character varying(40),
/* log IPs as inet (--with-pgsql-log-ip-as-string) */
-- "ip_saddr" inet,
-- "ip_daddr" inet,
-+-- "ip_saddr" inet,
-+-- "ip_daddr" inet,
+--- "ip_saddr" inet,
+--- "ip_daddr" inet,
++ "ip_saddr" inet,
++ "ip_daddr" inet,
"tcp_sport" integer,
++++++ ulogd-1.24-sqlite3-table.dif ++++++
--- doc/sqlite3.table.ipaddr-as-string
+++ doc/sqlite3.table.ipaddr-as-string 2007/03/16 12:36:00
@@ -2,8 +2,8 @@ CREATE TABLE ulog (
raw_mac VARCHAR(80),
oob_time_sec INT UNSIGNED,
oob_time_usec INT UNSIGNED,
- ip_saddr INT UNSIGNED,
- ip_daddr INT UNSIGNED,
+ ip_saddr VARCHAR(16),
+ ip_daddr VARCHAR(16),
ip_protocol TINYINT UNSIGNED,
ip_totlen SMALLINT UNSIGNED,
tcp_sport SMALLINT UNSIGNED,
++++++ ulogd-1.23.tar.bz2 -> ulogd-1.24.tar.bz2 ++++++
++++ 7462 lines of diff (skipped)
++++++ ulogd-1.24-user-option.dif ++++++
--- ulogd.c
+++ ulogd.c 2007/05/31 11:51:19
@@ -87,6 +87,11 @@
#define ULOGD_CONFIGFILE "/etc/ulogd.conf"
#endif
+/* default user to run as or "" */
+#ifndef ULOGD_USER_DEFAULT
+#define ULOGD_USER_DEFAULT ""
+#endif
+
/* global variables */
static struct ipulog_handle *libulog_h; /* our libipulog handle */
static unsigned char* libulog_buf; /* the receive buffer */
@@ -545,7 +550,12 @@ static config_entry_t nlgroup_ce = { &pl
static config_entry_t loglevel_ce = { &nlgroup_ce, "loglevel", CONFIG_TYPE_INT,
CONFIG_OPT_NONE, 0,
{ value: ULOGD_NOTICE } };
-static config_entry_t rmem_ce = { &loglevel_ce, "rmem", CONFIG_TYPE_INT,
+
+static config_entry_t user_ce = { &loglevel_ce, "user", CONFIG_TYPE_STRING,
+ CONFIG_OPT_NONE, 0,
+ { string: ULOGD_USER_DEFAULT } };
+
+static config_entry_t rmem_ce = { &user_ce, "rmem", CONFIG_TYPE_INT,
CONFIG_OPT_NONE, 0,
{ value: ULOGD_RMEM_DEFAULT } };
@@ -694,14 +704,17 @@ int main(int argc, char* argv[])
case 'u':
change_uid = 1;
user = strdup(optarg);
+ setpwent();
pw = getpwnam(user);
if (!pw) {
printf("Unknown user %s.\n", user);
+ endpwent();
free(user);
exit(1);
}
uid = pw->pw_uid;
gid = pw->pw_gid;
+ endpwent();
break;
}
}
@@ -739,7 +752,23 @@ int main(int argc, char* argv[])
exit(1);
}
-
+ /* if no -u cmd line option set, read the user option from config. */
+ if (!change_uid && strlen(user_ce.u.string))
+ {
+ change_uid = 1;
+ user = strdup(user_ce.u.string);
+ setpwent();
+ pw = getpwnam(user);
+ if (!pw) {
+ printf("Unknown user %s.\n", user);
+ endpwent();
+ free(user);
+ exit(1);
+ }
+ uid = pw->pw_uid;
+ gid = pw->pw_gid;
+ endpwent();
+ }
if (change_uid) {
ulogd_log(ULOGD_NOTICE, "Changing UID / GID\n");
if (setgid(gid)) {
--- ulogd.conf.in
+++ ulogd.conf.in 2007/05/31 11:11:06
@@ -7,6 +7,9 @@
# GLOBAL OPTIONS
######################################################################
+# username to run as (runs as root if not set)
+user=ulogd
+
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
nlgroup=1
++++++ ulogd.init ++++++
--- ulogd/ulogd.init 2005-07-27 19:41:15.000000000 +0200
+++ /mounts/work_src_done/STABLE/ulogd/ulogd.init 2007-05-31 13:31:12.000000000 +0200
@@ -79,7 +79,8 @@
echo -n "Starting ulogd "
## Start daemon with startproc(8). If this fails
## the return value is set appropriately by startproc.
- startproc $ULOGD_BIN
+ umask 0027
+ startproc $ULOGD_BIN -d
touch $ULOGD_LOCK
# Remember status and be verbose
++++++ ulogd.logrotate ++++++
--- ulogd/ulogd.logrotate 2005-07-27 15:32:17.000000000 +0200
+++ /mounts/work_src_done/STABLE/ulogd/ulogd.logrotate 2007-05-31 17:32:43.000000000 +0200
@@ -1,3 +1,4 @@
+# old log file names
/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap {
compress
dateext
@@ -13,3 +14,19 @@
endscript
}
+# new log file names
+/var/log/ulogd/ulogd.log /var/log/ulogd/ulogd.syslogemu /var/log/ulogd/ulogd.pktlog /var/log/ulogd/ulogd.pcap {
+ compress
+ dateext
+ maxage 365
+ rotate 99
+ missingok
+ notifempty
+ size +4096k
+ create 640 ulog ulog
+ sharedscripts
+ postrotate
+ /etc/init.d/ulogd reload
+ endscript
+}
+
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org