handle SO_BSDCOMPAT

2 files changed, 73 insertions, 0 deletions

diff --git a/app-admin/sysklogd/files/digest-sysklogd-1.4.1-r5 b/app-admin/sysklogd/files/digest-sysklogd-1.4.1-r5
new file mode 100644
index 000000000000..9e53804f2d1c
--- /dev/null
+++ b/app-admin/sysklogd/files/digest-sysklogd-1.4.1-r5
@@ -0,0 +1 @@
+MD5 d214aa40beabf7bdb0c9b3c64432c774 sysklogd-1.4.1.tar.gz 81784
diff --git a/app-admin/sysklogd/files/sysklogd-1.4.1-SO_BSDCOMPAT.patch b/app-admin/sysklogd/files/sysklogd-1.4.1-SO_BSDCOMPAT.patch
new file mode 100644
index 000000000000..c027f2784553
--- /dev/null
+++ b/app-admin/sysklogd/files/sysklogd-1.4.1-SO_BSDCOMPAT.patch
@@ -0,0 +1,72 @@
+--- sysklogd-1.4.1/syslogd.c.orig	2003-09-01 22:00:04.172556504 +0200
++++ sysklogd-1.4.1/syslogd.c	2003-09-01 22:04:33.503611960 +0200
+@@ -1212,6 +1212,44 @@
+ #endif
+ 
+ #ifdef SYSLOG_INET
++/* This is from a patch by Mikael Pettersson <mikpe@csd.uu.se> to
++   fix HAVE_SO_BSDCOMPAT issues with 2.5+ kernels and Erlang/OTP.
++ */
++#if defined(__linux__)
++#include <sys/utsname.h>
++static int should_use_so_bsdcompat()
++{
++	static int init_done;
++	static int so_bsdcompat_is_obsolete;
++                                                                                                                            
++	if (!init_done) {
++		struct utsname utsname;
++		unsigned int version, patchlevel;
++                                                                                                                            
++		init_done = 1;
++		if (uname(&utsname) < 0) {
++			fprintf(stderr, "uname: %s\r\n", strerror(errno));
++			return 1;
++		 }
++		/* Format is <version>.<patchlevel>.<sublevel><extraversion>
++		   where the first three are unsigned integers and the last
++		   is an arbitrary string. We only care about the first two. */
++		if (sscanf(utsname.release, "%u.%u", &version, &patchlevel) != 2) {
++			fprintf(stderr, "uname: unexpected release '%s'\r\n",
++				utsname.release);
++			return 1;
++		}
++		/* SO_BSCOMPAT is deprecated and triggers warnings in 2.5
++		   kernels. It is a no-op in 2.4 but not in 2.2 kernels. */
++		if (version > 2 || (version == 2 && patchlevel >= 5))
++			so_bsdcompat_is_obsolete = 1;
++	}
++	return !so_bsdcompat_is_obsolete;
++}
++#else   /* __linux__ */
++#define should_use_so_bsdcompat() 1
++#endif  /* __linux__ */
++
+ static int create_inet_socket()
+ {
+ 	int fd, on = 1;
+@@ -1232,14 +1270,16 @@
+ 		close(fd);
+ 		return -1;
+ 	}
+-	/* We need to enable BSD compatibility. Otherwise an attacker
+-	 * could flood our log files by sending us tons of ICMP errors.
+-	 */
+-	if (setsockopt(fd, SOL_SOCKET, SO_BSDCOMPAT, \
+-			(char *) &on, sizeof(on)) < 0) {
+-		logerror("setsockopt(BSDCOMPAT), suspending inet");
+-		close(fd);
+-		return -1;
++	if (should_use_so_bsdcompat()) {
++		/* We need to enable BSD compatibility. Otherwise an attacker
++		 * could flood our log files by sending us tons of ICMP errors.
++		 */
++		if (setsockopt(fd, SOL_SOCKET, SO_BSDCOMPAT, \
++				(char *) &on, sizeof(on)) < 0) {
++			logerror("setsockopt(BSDCOMPAT), suspending inet");
++			close(fd);
++			return -1;
++		}
+ 	}
+ 	if (bind(fd, (struct sockaddr *) &sin, sizeof(sin)) < 0) {
+ 		logerror("bind, suspending inet");