From eb5c7a04199028703a328d199c36ac6f5b631ccd Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 18 Jan 2013 14:40:41 +0100 Subject: optimize: reduce nbr of strcpy() in FROMHOST processing --- runtime/net.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'runtime/net.c') diff --git a/runtime/net.c b/runtime/net.c index 1a8f2438..a6670eca 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -1125,9 +1125,11 @@ void debugListenInfo(int fd, char *type) * pay. * 2005-05-16 rgerhards: added IP representation. Must also be NI_MAXHOST */ -rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN, uchar *pszIP) +rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN, uchar **pszIP, rs_size_t *lenIP) { DEFiRet; + uchar *host; + rs_size_t lenHost; register uchar *p; int count; @@ -1135,7 +1137,8 @@ rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN assert(pszHost != NULL); assert(pszHostFQDN != NULL); - iRet = dnscacheLookup(f, pszHostFQDN, pszIP); + iRet = dnscacheLookup(f, &host, &lenHost, pszIP, lenIP); + strcpy((char*)pszHostFQDN, (char*)host); // TODO: optimize this! requires more changes below (dirty tricks ;)) if(iRet == RS_RET_INVALID_SOURCE) { strcpy((char*) pszHost, (char*) pszHostFQDN); /* we use whatever was provided as replacement */ -- cgit v1.2.3 From 0d71694fb3cbff71d504769e0e70a58ebe5f9a0d Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Jan 2013 06:19:13 +0100 Subject: optimize: have dns cache pre-create rsyslog prop_t's --- runtime/net.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'runtime/net.c') diff --git a/runtime/net.c b/runtime/net.c index a6670eca..28a8ef95 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -1125,7 +1125,7 @@ void debugListenInfo(int fd, char *type) * pay. * 2005-05-16 rgerhards: added IP representation. Must also be NI_MAXHOST */ -rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN, uchar **pszIP, rs_size_t *lenIP) +rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN, prop_t **ip) { DEFiRet; uchar *host; @@ -1137,7 +1137,7 @@ rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN assert(pszHost != NULL); assert(pszHostFQDN != NULL); - iRet = dnscacheLookup(f, &host, &lenHost, pszIP, lenIP); + iRet = dnscacheLookup(f, &host, &lenHost, ip); strcpy((char*)pszHostFQDN, (char*)host); // TODO: optimize this! requires more changes below (dirty tricks ;)) if(iRet == RS_RET_INVALID_SOURCE) { -- cgit v1.2.3 From 3668e0085b6c6b89df302c4c390b5bc53b6a6769 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Jan 2013 09:06:27 +0100 Subject: refactor cvthname() for cleaner code --- runtime/net.c | 60 +++++++++++++++++++++++++++-------------------------------- 1 file changed, 27 insertions(+), 33 deletions(-) (limited to 'runtime/net.c') diff --git a/runtime/net.c b/runtime/net.c index 28a8ef95..5ec1b0b3 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -579,7 +579,7 @@ static void clearAllowedSenders(uchar *pszType) { struct AllowedSenders *pPrev; - struct AllowedSenders *pCurr; + struct AllowedSenders *pCurr = NULL; if(setAllowRoot(&pCurr, pszType) != RS_RET_OK) return; /* if something went wrong, so let's leave */ @@ -987,7 +987,7 @@ MaskCmp(struct NetAddr *pAllow, uint8_t bits, struct sockaddr *pFrom, const char static int isAllowedSender2(uchar *pszType, struct sockaddr *pFrom, const char *pszFromHost, int bChkDNS) { struct AllowedSenders *pAllow; - struct AllowedSenders *pAllowRoot; + struct AllowedSenders *pAllowRoot = NULL; int bNeededDNS = 0; /* partial check because we could not resolve DNS? */ int ret; @@ -1132,13 +1132,18 @@ rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN rs_size_t lenHost; register uchar *p; int count; + int i; assert(f != NULL); assert(pszHost != NULL); assert(pszHostFQDN != NULL); iRet = dnscacheLookup(f, &host, &lenHost, ip); - strcpy((char*)pszHostFQDN, (char*)host); // TODO: optimize this! requires more changes below (dirty tricks ;)) + /* Convert to lower case */ + for(i = 0 ; i < lenHost ; ++i) { + pszHostFQDN[i] = tolower(host[i]); + } + pszHostFQDN [i] = '\0'; if(iRet == RS_RET_INVALID_SOURCE) { strcpy((char*) pszHost, (char*) pszHostFQDN); /* we use whatever was provided as replacement */ @@ -1147,41 +1152,26 @@ rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN FINALIZE; /* we return whatever error state we have - can not handle it */ } - /* if we reach this point, we obtained a non-numeric hostname and can now process it */ - - /* Convert to lower case */ - for(p = pszHostFQDN ; *p ; p++) - if (isupper((int) *p)) - *p = tolower(*p); - /* OK, the fqdn is now known. Now it is time to extract only the hostname * part if we were instructed to do so. */ - /* TODO: quick and dirty right now: we need to optimize that. We simply - * copy over the buffer and then use the old code. In the long term, that should - * be placed in its own function and probably outside of the net module (at least - * if should no longer reley on syslogd.c's global config-setting variables). - * Note that the old code always removes the local domain. We may want to - * make this in option in the long term. (rgerhards, 2007-09-11) - */ - strcpy((char*)pszHost, (char*)pszHostFQDN); - if( (glbl.GetPreserveFQDN() == 0) - && (p = (uchar*) strchr((char*)pszHost, '.'))) { /* find start of domain name "machine.example.com" */ - strcmp((char*)(p + 1), (char*)glbl.GetLocalDomain()); - if(strcmp((char*)(p + 1), (char*)glbl.GetLocalDomain()) == 0) { - *p = '\0'; /* simply terminate the string */ + if(glbl.GetPreserveFQDN()) { + strcpy((char*)pszHost, (char*)pszHostFQDN); + } else { /* strip domain, if configured for this entry */ + p = (uchar*)strchr((char*)pszHostFQDN, '.'); /* find start of domain name "machine.example.com" */ + if(p == NULL) { /* do we have a domain part? */ + strcpy((char*)pszHost, (char*)pszHostFQDN); /* no! */ } else { + i = p - pszHostFQDN; /* length of hostname */ + memcpy(pszHost, pszHostFQDN, i); /* now check if we belong to any of the domain names that were specified * in the -s command line option. If so, remove and we are done. - * TODO: this must go away! -- rgerhards, 2008-04-16 - * For proper modularization, this must be done different, e.g. via a - * "to be stripped" property of *this* object itself. */ if(glbl.GetStripDomains() != NULL) { count=0; while(glbl.GetStripDomains()[count]) { - if (strcmp((char*)(p + 1), glbl.GetStripDomains()[count]) == 0) { - *p = '\0'; + if(strcmp((char*)(p + 1), glbl.GetStripDomains()[count]) == 0) { + pszHost[i] = '\0'; FINALIZE; /* we are done */ } count++; @@ -1192,20 +1182,24 @@ rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN * and so should be stripped also. If so, we do it and return. Please note that * -l list FQDNs, not just the hostname part. If it did just list the hostname, the * door would be wide-open for all kinds of mixing up of hosts. Because of this, - * you'll see comparison against the full string (pszHost) below. The termination + * you'll see comparison against the full string (pszHostFQDN) below. The termination * still occurs at *p, which points at the first dot after the hostname. * TODO: this must also go away - see comment above -- rgerhards, 2008-04-16 */ if(glbl.GetLocalHosts() != NULL) { count=0; while (glbl.GetLocalHosts()[count]) { - if (!strcmp((char*)pszHost, (char*)glbl.GetLocalHosts()[count])) { - *p = '\0'; - break; /* we are done */ + if (!strcmp((char*)pszHostFQDN, (char*)glbl.GetLocalHosts()[count])) { + pszHost[i] = '\0'; + FINALIZE; /* we are done */ } count++; } } + /* at this point, we have not found anything, so we need to copy + * over the rest. + */ + strcpy((char*)pszHost+i, (char*)p); } } @@ -1474,7 +1468,7 @@ finalize_it: */ static rsRetVal HasRestrictions(uchar *pszType, int *bHasRestrictions) { - struct AllowedSenders *pAllowRoot; + struct AllowedSenders *pAllowRoot = NULL; DEFiRet; CHKiRet(setAllowRoot(&pAllowRoot, pszType)); -- cgit v1.2.3 From 440aaff114607e82aefee56336846611a2e35c9c Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Jan 2013 09:59:26 +0100 Subject: optimize: move lowercasing of hostnames to cache so we save this on each name lookup! --- runtime/net.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'runtime/net.c') diff --git a/runtime/net.c b/runtime/net.c index 5ec1b0b3..e5d8b4a4 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -70,6 +70,7 @@ #include "errmsg.h" #include "net.h" #include "dnscache.h" +#include "prop.h" #ifdef OS_SOLARIS # define s6_addr32 _S6_un._S6_u32 @@ -83,6 +84,7 @@ MODULE_TYPE_NOKEEP DEFobjStaticHelpers DEFobjCurrIf(errmsg) DEFobjCurrIf(glbl) +DEFobjCurrIf(prop) /* support for defining allowed TCP and UDP senders. We use the same * structure to implement this (a linked list), but we define two different @@ -1128,8 +1130,7 @@ void debugListenInfo(int fd, char *type) rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN, prop_t **ip) { DEFiRet; - uchar *host; - rs_size_t lenHost; + prop_t *fqdnLowerCase; register uchar *p; int count; int i; @@ -1138,12 +1139,9 @@ rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN assert(pszHost != NULL); assert(pszHostFQDN != NULL); - iRet = dnscacheLookup(f, &host, &lenHost, ip); - /* Convert to lower case */ - for(i = 0 ; i < lenHost ; ++i) { - pszHostFQDN[i] = tolower(host[i]); - } - pszHostFQDN [i] = '\0'; + iRet = dnscacheLookup(f, NULL, &fqdnLowerCase, ip); + strcpy((char*)pszHostFQDN, (char*)propGetSzStr(fqdnLowerCase)); + prop.Destruct(&fqdnLowerCase); if(iRet == RS_RET_INVALID_SOURCE) { strcpy((char*) pszHost, (char*) pszHostFQDN); /* we use whatever was provided as replacement */ @@ -1578,6 +1576,7 @@ BEGINObjClassExit(net, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO CODESTARTObjClassExit(net) /* release objects we no longer need */ objRelease(glbl, CORE_COMPONENT); + objRelease(prop, CORE_COMPONENT); objRelease(errmsg, CORE_COMPONENT); ENDObjClassExit(net) @@ -1590,6 +1589,7 @@ BEGINAbstractObjClassInit(net, 1, OBJ_IS_CORE_MODULE) /* class, version */ /* request objects we use */ CHKiRet(objUse(errmsg, CORE_COMPONENT)); CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(prop, CORE_COMPONENT)); /* set our own handlers */ ENDObjClassInit(net) -- cgit v1.2.3 From 35bec820b601bfcf9eff314fbfc718bb8949bda1 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 22 Jan 2013 16:55:21 +0100 Subject: optimze: reduce memory operations during dns resolution/hostname setting previously, hostname and ip strings were shuffled to the msg object, which created a property out of them. Now the cache holds the property, and it is resused (almost) everywhere, what saves a lot of memory operations. The only exception is imtcp session setup, where different handling of the hostname is done, which we need to sort out (but that's another story). --- runtime/net.c | 86 ++++------------------------------------------------------- 1 file changed, 5 insertions(+), 81 deletions(-) (limited to 'runtime/net.c') diff --git a/runtime/net.c b/runtime/net.c index e5d8b4a4..b291213e 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -1117,91 +1117,15 @@ void debugListenInfo(int fd, char *type) } -/* Return a printable representation of a host address. - * Now (2007-07-16) also returns the full host name (if it could be obtained) - * in the second param [thanks to mildew@gmail.com for the patch]. - * The caller must provide buffer space for pszHost and pszHostFQDN. These - * buffers must be of size NI_MAXHOST. This is not checked here, because - * there is no way to check it. We use this way of doing things because it - * frees us from using dynamic memory allocation where it really does not - * pay. - * 2005-05-16 rgerhards: added IP representation. Must also be NI_MAXHOST +/* Return a printable representation of a host addresses. If + * a parameter is NULL, it is not set. rgerhards, 2013-01-22 */ -rsRetVal cvthname(struct sockaddr_storage *f, uchar *pszHost, uchar *pszHostFQDN, prop_t **ip) +rsRetVal +cvthname(struct sockaddr_storage *f, prop_t **localName, prop_t **fqdn, prop_t **ip) { DEFiRet; - prop_t *fqdnLowerCase; - register uchar *p; - int count; - int i; - assert(f != NULL); - assert(pszHost != NULL); - assert(pszHostFQDN != NULL); - - iRet = dnscacheLookup(f, NULL, &fqdnLowerCase, ip); - strcpy((char*)pszHostFQDN, (char*)propGetSzStr(fqdnLowerCase)); - prop.Destruct(&fqdnLowerCase); - - if(iRet == RS_RET_INVALID_SOURCE) { - strcpy((char*) pszHost, (char*) pszHostFQDN); /* we use whatever was provided as replacement */ - ABORT_FINALIZE(RS_RET_OK); /* this is handled, we are happy with it */ - } else if(iRet != RS_RET_OK) { - FINALIZE; /* we return whatever error state we have - can not handle it */ - } - - /* OK, the fqdn is now known. Now it is time to extract only the hostname - * part if we were instructed to do so. - */ - if(glbl.GetPreserveFQDN()) { - strcpy((char*)pszHost, (char*)pszHostFQDN); - } else { /* strip domain, if configured for this entry */ - p = (uchar*)strchr((char*)pszHostFQDN, '.'); /* find start of domain name "machine.example.com" */ - if(p == NULL) { /* do we have a domain part? */ - strcpy((char*)pszHost, (char*)pszHostFQDN); /* no! */ - } else { - i = p - pszHostFQDN; /* length of hostname */ - memcpy(pszHost, pszHostFQDN, i); - /* now check if we belong to any of the domain names that were specified - * in the -s command line option. If so, remove and we are done. - */ - if(glbl.GetStripDomains() != NULL) { - count=0; - while(glbl.GetStripDomains()[count]) { - if(strcmp((char*)(p + 1), glbl.GetStripDomains()[count]) == 0) { - pszHost[i] = '\0'; - FINALIZE; /* we are done */ - } - count++; - } - } - /* if we reach this point, we have not found any domain we should strip. Now - * we try and see if the host itself is listed in the -l command line option - * and so should be stripped also. If so, we do it and return. Please note that - * -l list FQDNs, not just the hostname part. If it did just list the hostname, the - * door would be wide-open for all kinds of mixing up of hosts. Because of this, - * you'll see comparison against the full string (pszHostFQDN) below. The termination - * still occurs at *p, which points at the first dot after the hostname. - * TODO: this must also go away - see comment above -- rgerhards, 2008-04-16 - */ - if(glbl.GetLocalHosts() != NULL) { - count=0; - while (glbl.GetLocalHosts()[count]) { - if (!strcmp((char*)pszHostFQDN, (char*)glbl.GetLocalHosts()[count])) { - pszHost[i] = '\0'; - FINALIZE; /* we are done */ - } - count++; - } - } - /* at this point, we have not found anything, so we need to copy - * over the rest. - */ - strcpy((char*)pszHost+i, (char*)p); - } - } - -finalize_it: + iRet = dnscacheLookup(f, NULL, fqdn, localName, ip); RETiRet; } -- cgit v1.2.3 From 50fc430ccd4305645007327c31026fb4e12fc6f5 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 27 Jun 2013 15:14:09 +0200 Subject: bugfix: in RFC5425 TLS, multiple wildcards in auth could cause segfault --- runtime/net.c | 1 + 1 file changed, 1 insertion(+) (limited to 'runtime/net.c') diff --git a/runtime/net.c b/runtime/net.c index b291213e..13391cc0 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -232,6 +232,7 @@ finalize_it: /* enqueue the element */ if(pPeer->pWildcardRoot == NULL) { pPeer->pWildcardRoot = pNew; + pPeer->pWildcardLast = pNew; } else { pPeer->pWildcardLast->pNext = pNew; } -- cgit v1.2.3