Skip to content

network(), syslog(): Fixed a potential crash for TLS destinations during reload#418

Merged
MrAnno merged 14 commits intoaxoflow:mainfrom
sodomelle:tls-destination-crash
Dec 19, 2024
Merged

network(), syslog(): Fixed a potential crash for TLS destinations during reload#418
MrAnno merged 14 commits intoaxoflow:mainfrom
sodomelle:tls-destination-crash

Conversation

@sodomelle
Copy link
Contributor

@sodomelle sodomelle commented Dec 14, 2024

Fixes syslog-ng/syslog-ng#5018

It is possible to keep TLS connections alive during reload.
In that case the LogWriter instance is persisted in cfg persist.
This LogWriter's signal slot connector wasn't updated based on the new configuration, which could cause a crash.
The signal slot connector is updated, so the newly configured verifier is used, instead of the old one.

Note that the fix in syslog-ng/syslog-ng#5087 has a security issue, as in that PR, the connector's lifetime is extended, but the verifier plugins are deregistered during reload, which silently disables all TLS verifiers without the user knowing.

sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
876423b 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from fe77161 to 876423b Compare December 16, 2024 08:45
sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
d6e22e8 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from 876423b to d6e22e8 Compare December 16, 2024 08:47
sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
223da2c 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from d6e22e8 to 223da2c Compare December 16, 2024 09:00
sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
0dea14b 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from 223da2c to 0dea14b Compare December 16, 2024 09:08
mitzkia
mitzkia reviewed Dec 16, 2024
View reviewed changes
Copy link
Contributor

@mitzkia mitzkia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for the Light feature update and a new testcase.
I have added some review notes.

sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
24567d0 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from 0dea14b to 24567d0 Compare December 16, 2024 11:24
sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
4f3d2fb 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from 24567d0 to 4f3d2fb Compare December 16, 2024 15:43
@sodomelle sodomelle requested a review from mitzkia December 16, 2024 15:43
sodomelle added a commit to sodomelle/axosyslog that referenced this pull request Dec 16, 2024
@sodomelle
NEWS: Add entry for axoflow#418
fec4647 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle sodomelle force-pushed the tls-destination-crash branch from 4f3d2fb to fec4647 Compare December 16, 2024 16:12
bazsi
bazsi reviewed Dec 16, 2024
View reviewed changes
bazsi
bazsi reviewed Dec 16, 2024
View reviewed changes
bazsi
bazsi reviewed Dec 16, 2024
View reviewed changes
bazsi
bazsi reviewed Dec 16, 2024
View reviewed changes
MrAnno pushed a commit to MrAnno/axosyslog that referenced this pull request Dec 18, 2024
@sodomelle @MrAnno
NEWS: Add entry for axoflow#418
cc6e64f 
Signed-off-by: Tamás Kosztyu <[email protected]>
@MrAnno MrAnno force-pushed the tls-destination-crash branch from fec4647 to 0f831f4 Compare December 18, 2024 17:30
MrAnno and others added 5 commits December 18, 2024 18:31
@MrAnno
light: initial TLS destination support
f68e939 
Signed-off-by: László Várady <[email protected]>
@MrAnno
light: Add test case for tls verifier crash
0498b24 
Signed-off-by: Tamás Kosztyu <[email protected]>
Signed-off-by: László Várady <[email protected]>
@MrAnno
afinet: remove outdated comment
5118804 
Signed-off-by: László Várady <[email protected]>
@sodomelle @MrAnno
transport: Rename getter with side effect
dbd0867 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle @MrAnno
logwriter: add new getter for proto
de3abb0 
Signed-off-by: Tamás Kosztyu <[email protected]>
sodomelle and others added 7 commits December 18, 2024 18:39
@sodomelle @MrAnno
transport-tls: add new getter for LogTransport's TLSSession
5f88541 
Signed-off-by: Tamás Kosztyu <[email protected]>
Signed-off-by: László Várady <[email protected]>
@sodomelle @MrAnno
afsocket: making ReloadStoreItem type public
852dad0 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle @MrAnno
afsocket: expandable KeptAliveConnection from ReloadStoreItem
1991a56 
Signed-off-by: László Várady <[email protected]>
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle @MrAnno
afsocket: update the TLS verifier during reload to fix a crash
08712b9 
It is possible to keep TLS connections alive during reload.
In that case the LogWriter instance is persisted in cfg persist.
This LogWriter's signal slot connector wasn't updated based on the
new configuration, which could cause a crash.
The signal slot connector is updated, so the newly configured
verifier is used, instead of the old one.

Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle @MrAnno
NEWS: Add entry for axoflow#418
fa27f16 
Signed-off-by: Tamás Kosztyu <[email protected]>
@sodomelle @MrAnno
lib: move signal_slot_connector from LogPipe to LogDriver
b529d13 
Signed-off-by: László Várady <[email protected]>
@MrAnno
transport-mapper: add get_transport() and get_logproto()
616137d 
Signed-off-by: László Várady <[email protected]>
@MrAnno MrAnno force-pushed the tls-destination-crash branch from 0f831f4 to 23b3c5b Compare December 18, 2024 17:39
@MrAnno MrAnno force-pushed the tls-destination-crash branch from 23b3c5b to 4648b61 Compare December 18, 2024 17:49
@MrAnno MrAnno removed their request for review December 19, 2024 09:58
@MrAnno
Copy link
Contributor

MrAnno commented Dec 19, 2024
edited
Loading

The plugin_name field of LogPipe appeared at few useful places, so we didn't remove or refactor it in the end.
Let's do it in a separate pull request.

@sodomelle sodomelle requested a review from bazsi December 19, 2024 10:03
bazsi
bazsi reviewed Dec 19, 2024
View reviewed changes
lib/transport/transport-tls.c
TLSSession *
log_tansport_tls_get_session(LogTransport *s)
{
g_assert(s->name == TLS_TRANSPORT_NAME);
Copy link
Member

@bazsi bazsi Dec 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpick: I don't think C compilers will always ensure that the pointer value of a literal string expression is always the same. I would have used the address of one of the private methods instead.

Copy link
Contributor

@MrAnno MrAnno Dec 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We wanted something that will less likely change if we happen to inherit from the TLS clss.

Using the address of a globally declared const gchar *a = "static" and const gchar a[] = "static" should be safe and consistent in C99.

Copy link
Contributor

@MrAnno MrAnno Dec 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Due to the forced merge requirements, I have to "resolve" this comment to merge the PR.
Though I still don't agree with such routine, I'm clicking on "resolve".

bazsi
bazsi approved these changes Dec 19, 2024
View reviewed changes
Copy link
Member

@bazsi bazsi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I only have one nitpick but this can go in without fixing that.

mitzkia
mitzkia approved these changes Dec 19, 2024
View reviewed changes
Copy link
Contributor

@mitzkia mitzkia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the Light part of the update, it is approved from my side.

@MrAnno MrAnno merged commit 7c7ef1f into axoflow:main Dec 19, 2024
@MrAnno MrAnno removed the request for review from alltilla December 19, 2024 14:46
@HofiOne HofiOne mentioned this pull request Apr 4, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MrAnno MrAnno MrAnno approved these changes

@bazsi bazsi bazsi approved these changes

@mitzkia mitzkia mitzkia approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Syslog-ng Service crashes in g_hash_table_lookup function after syslog-ng-ctl reload

4 participants

@sodomelle @MrAnno @bazsi @mitzkia