+/* SPDX-License-Identifier: LGPL-2.1+ */
/***
This file is part of systemd.
#include "fs-util.h"
#include "io-util.h"
#include "journal-importer.h"
+#include "journal-util.h"
#include "journald-console.h"
#include "journald-kmsg.h"
#include "journald-native.h"
#include "string-util.h"
#include "unaligned.h"
-bool valid_user_field(const char *p, size_t l, bool allow_protected) {
- const char *a;
-
- /* We kinda enforce POSIX syntax recommendations for
- environment variables here, but make a couple of additional
- requirements.
-
- http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
-
- /* No empty field names */
- if (l <= 0)
- return false;
-
- /* Don't allow names longer than 64 chars */
- if (l > 64)
- return false;
-
- /* Variables starting with an underscore are protected */
- if (!allow_protected && p[0] == '_')
- return false;
-
- /* Don't allow digits as first character */
- if (p[0] >= '0' && p[0] <= '9')
- return false;
-
- /* Only allow A-Z0-9 and '_' */
- for (a = p; a < p + l; a++)
- if ((*a < 'A' || *a > 'Z') &&
- (*a < '0' || *a > '9') &&
- *a != '_')
- return false;
-
- return true;
-}
-
static bool allow_object_pid(const struct ucred *ucred) {
return ucred && ucred->uid == 0;
}
const struct timeval *tv,
const char *label, size_t label_len) {
- /* Process a single entry from a native message.
- * Returns 0 if nothing special happened and the message processing should continue,
- * and a negative or positive value otherwise.
+ /* Process a single entry from a native message. Returns 0 if nothing special happened and the message
+ * processing should continue, and a negative or positive value otherwise.
*
* Note that *remaining is altered on both success and failure. */
+ size_t n = 0, j, tn = (size_t) -1, m = 0, entry_size = 0;
+ char *identifier = NULL, *message = NULL;
struct iovec *iovec = NULL;
- unsigned n = 0, j, tn = (unsigned) -1;
- const char *p;
- size_t m = 0, entry_size = 0;
int priority = LOG_INFO;
- char *identifier = NULL, *message = NULL;
pid_t object_pid = 0;
+ const char *p;
int r = 0;
p = buffer;
break;
}
- if (*p == '.' || *p == '#') {
+ if (IN_SET(*p, '.', '#')) {
/* Ignore control commands for now, and
* comments too. */
*remaining -= (e - p) + 1;
/* A property follows */
/* n existing properties, 1 new, +1 for _TRANSPORT */
- if (!GREEDY_REALLOC(iovec, m, n + 2 + N_IOVEC_META_FIELDS + N_IOVEC_OBJECT_FIELDS)) {
+ if (!GREEDY_REALLOC(iovec, m,
+ n + 2 +
+ N_IOVEC_META_FIELDS + N_IOVEC_OBJECT_FIELDS +
+ client_context_extra_fields_n_iovec(context))) {
r = log_oom();
break;
}
q = memchr(p, '=', e - p);
if (q) {
- if (valid_user_field(p, q - p, false)) {
+ if (journal_field_valid(p, q - p, false)) {
size_t l;
l = e - p;
- /* If the field name starts with an
- * underscore, skip the variable,
- * since that indicates a trusted
- * field */
- iovec[n].iov_base = (char*) p;
- iovec[n].iov_len = l;
+ /* If the field name starts with an underscore, skip the variable, since that indicates
+ * a trusted field */
+ iovec[n++] = IOVEC_MAKE((char*) p, l);
entry_size += l;
- n++;
server_process_entry_meta(p, l, ucred,
&priority,
k[e - p] = '=';
memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
- if (valid_user_field(p, e - p, false)) {
+ if (journal_field_valid(p, e - p, false)) {
iovec[n].iov_base = k;
iovec[n].iov_len = (e - p) + 1 + l;
entry_size += iovec[n].iov_len;
goto finish;
}
+ if (!client_context_test_priority(context, priority)) {
+ r = 0;
+ goto finish;
+ }
+
tn = n++;
- IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
+ iovec[tn] = IOVEC_MAKE_STRING("_TRANSPORT=journal");
entry_size += strlen("_TRANSPORT=journal");
if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */
- log_debug("Entry is too big with %u properties and %zu bytes, ignoring.",
- n, entry_size);
+ log_debug("Entry is too big with %zu properties and %zu bytes, ignoring.", n, entry_size);
goto finish;
}
const char *label, size_t label_len) {
size_t remaining = buffer_size;
- ClientContext *context;
+ ClientContext *context = NULL;
int r;
assert(s);
if (r < 0)
return log_error_errno(errno, "SO_PASSCRED failed: %m");
-#ifdef HAVE_SELINUX
+#if HAVE_SELINUX
if (mac_selinux_use()) {
r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
if (r < 0)