labelled-process fork function
[exim.git] / src / src / log.c
1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
4
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* See the file NOTICE for conditions of use and distribution. */
7
8 /* Functions for writing log files. The code for maintaining datestamped
9 log files was originally contributed by Tony Sheen. */
10
11
12 #include "exim.h"
13
14 #define LOG_NAME_SIZE 256
15 #define MAX_SYSLOG_LEN 870
16
17 #define LOG_MODE_FILE 1
18 #define LOG_MODE_SYSLOG 2
19
20 enum { lt_main, lt_reject, lt_panic, lt_debug };
21
22 static uschar *log_names[] = { US"main", US"reject", US"panic", US"debug" };
23
24
25
26 /*************************************************
27 * Local static variables *
28 *************************************************/
29
30 static uschar mainlog_name[LOG_NAME_SIZE];
31 static uschar rejectlog_name[LOG_NAME_SIZE];
32 static uschar debuglog_name[LOG_NAME_SIZE];
33
34 static uschar *mainlog_datestamp = NULL;
35 static uschar *rejectlog_datestamp = NULL;
36
37 static int mainlogfd = -1;
38 static int rejectlogfd = -1;
39 static ino_t mainlog_inode = 0;
40 static ino_t rejectlog_inode = 0;
41
42 static uschar *panic_save_buffer = NULL;
43 static BOOL panic_recurseflag = FALSE;
44
45 static BOOL syslog_open = FALSE;
46 static BOOL path_inspected = FALSE;
47 static int logging_mode = LOG_MODE_FILE;
48 static uschar *file_path = US"";
49
50 static size_t pid_position[2];
51
52
53 /* These should be kept in-step with the private delivery error
54 number definitions in macros.h */
55
56 static const uschar * exim_errstrings[] = {
57 US"",
58 US"unknown error",
59 US"user slash",
60 US"exist race",
61 US"not regular",
62 US"not directory",
63 US"bad ugid",
64 US"bad mode",
65 US"inode changed",
66 US"lock failed",
67 US"bad address2",
68 US"forbid pipe",
69 US"forbid file",
70 US"forbid reply",
71 US"missing pipe",
72 US"missing file",
73 US"missing reply",
74 US"bad redirect",
75 US"smtp closed",
76 US"smtp format",
77 US"spool format",
78 US"not absolute",
79 US"Exim-imposed quota",
80 US"held",
81 US"Delivery filter process failure",
82 US"Delivery add/remove header failure",
83 US"Delivery write incomplete error",
84 US"Some expansion failed",
85 US"Failed to get gid",
86 US"Failed to get uid",
87 US"Unset or non-existent transport",
88 US"MBX length mismatch",
89 US"Lookup failed routing or in smtp tpt",
90 US"Can't match format in appendfile",
91 US"Creation outside home in appendfile",
92 US"Can't check a list; lookup defer",
93 US"DNS lookup defer",
94 US"Failed to start TLS session",
95 US"Mandatory TLS session not started",
96 US"Failed to chown a file",
97 US"Failed to create a pipe",
98 US"When verifying",
99 US"When required by client",
100 US"Used internally in smtp transport",
101 US"RCPT gave 4xx error",
102 US"MAIL gave 4xx error",
103 US"DATA gave 4xx error",
104 US"Negotiation failed for proxy configured host",
105 US"Authenticator 'other' failure",
106 US"target not supporting SMTPUTF8",
107 US"",
108
109 US"Not time for routing",
110 US"Not time for local delivery",
111 US"Not time for any remote host",
112 US"Local-only delivery",
113 US"Domain in queue_domains",
114 US"Transport concurrency limit",
115 US"Event requests alternate response",
116 };
117
118
119 /************************************************/
120 const uschar *
121 exim_errstr(int err)
122 {
123 return err < 0 ? exim_errstrings[-err] : CUS strerror(err);
124 }
125
126 /*************************************************
127 * Write to syslog *
128 *************************************************/
129
130 /* The given string is split into sections according to length, or at embedded
131 newlines, and syslogged as a numbered sequence if it is overlong or if there is
132 more than one line. However, if we are running in the test harness, do not do
133 anything. (The test harness doesn't use syslog - for obvious reasons - but we
134 can get here if there is a failure to open the panic log.)
135
136 Arguments:
137 priority syslog priority
138 s the string to be written
139
140 Returns: nothing
141 */
142
143 static void
144 write_syslog(int priority, const uschar *s)
145 {
146 int len;
147 int linecount = 0;
148
149 if (!syslog_pid && LOGGING(pid))
150 s = string_sprintf("%.*s%s", (int)pid_position[0], s, s + pid_position[1]);
151 if (!syslog_timestamp)
152 {
153 len = log_timezone ? 26 : 20;
154 if (LOGGING(millisec)) len += 4;
155 s += len;
156 }
157
158 len = Ustrlen(s);
159
160 #ifndef NO_OPENLOG
161 if (!syslog_open && !f.running_in_test_harness)
162 {
163 # ifdef SYSLOG_LOG_PID
164 openlog(CS syslog_processname, LOG_PID|LOG_CONS, syslog_facility);
165 # else
166 openlog(CS syslog_processname, LOG_CONS, syslog_facility);
167 # endif
168 syslog_open = TRUE;
169 }
170 #endif
171
172 /* First do a scan through the message in order to determine how many lines
173 it is going to end up as. Then rescan to output it. */
174
175 for (int pass = 0; pass < 2; pass++)
176 {
177 const uschar * ss = s;
178 for (int i = 1, tlen = len; tlen > 0; i++)
179 {
180 int plen = tlen;
181 uschar *nlptr = Ustrchr(ss, '\n');
182 if (nlptr != NULL) plen = nlptr - ss;
183 #ifndef SYSLOG_LONG_LINES
184 if (plen > MAX_SYSLOG_LEN) plen = MAX_SYSLOG_LEN;
185 #endif
186 tlen -= plen;
187 if (ss[plen] == '\n') tlen--; /* chars left */
188
189 if (pass == 0)
190 linecount++;
191 else if (f.running_in_test_harness)
192 if (linecount == 1)
193 fprintf(stderr, "SYSLOG: '%.*s'\n", plen, ss);
194 else
195 fprintf(stderr, "SYSLOG: '[%d%c%d] %.*s'\n", i,
196 ss[plen] == '\n' && tlen != 0 ? '\\' : '/',
197 linecount, plen, ss);
198 else
199 if (linecount == 1)
200 syslog(priority, "%.*s", plen, ss);
201 else
202 syslog(priority, "[%d%c%d] %.*s", i,
203 ss[plen] == '\n' && tlen != 0 ? '\\' : '/',
204 linecount, plen, ss);
205
206 ss += plen;
207 if (*ss == '\n') ss++;
208 }
209 }
210 }
211
212
213
214 /*************************************************
215 * Die tidily *
216 *************************************************/
217
218 /* This is called when Exim is dying as a result of something going wrong in
219 the logging, or after a log call with LOG_PANIC_DIE set. Optionally write a
220 message to debug_file or a stderr file, if they exist. Then, if in the middle
221 of accepting a message, throw it away tidily by calling receive_bomb_out();
222 this will attempt to send an SMTP response if appropriate. Passing NULL as the
223 first argument stops it trying to run the NOTQUIT ACL (which might try further
224 logging and thus cause problems). Otherwise, try to close down an outstanding
225 SMTP call tidily.
226
227 Arguments:
228 s1 Error message to write to debug_file and/or stderr and syslog
229 s2 Error message for any SMTP call that is in progress
230 Returns: The function does not return
231 */
232
233 static void
234 die(uschar *s1, uschar *s2)
235 {
236 if (s1)
237 {
238 write_syslog(LOG_CRIT, s1);
239 if (debug_file) debug_printf("%s\n", s1);
240 if (log_stderr && log_stderr != debug_file)
241 fprintf(log_stderr, "%s\n", s1);
242 }
243 if (f.receive_call_bombout) receive_bomb_out(NULL, s2); /* does not return */
244 if (smtp_input) smtp_closedown(s2);
245 exim_exit(EXIT_FAILURE, NULL);
246 }
247
248
249
250 /*************************************************
251 * Create a log file *
252 *************************************************/
253
254 /* This function is called to create and open a log file. It may be called in a
255 subprocess when the original process is root.
256
257 Arguments:
258 name the file name
259
260 The file name has been build in a working buffer, so it is permissible to
261 overwrite it temporarily if it is necessary to create the directory.
262
263 Returns: a file descriptor, or < 0 on failure (errno set)
264 */
265
266 int
267 log_create(uschar *name)
268 {
269 int fd = Uopen(name,
270 #ifdef O_CLOEXEC
271 O_CLOEXEC |
272 #endif
273 O_CREAT|O_APPEND|O_WRONLY, LOG_MODE);
274
275 /* If creation failed, attempt to build a log directory in case that is the
276 problem. */
277
278 if (fd < 0 && errno == ENOENT)
279 {
280 BOOL created;
281 uschar *lastslash = Ustrrchr(name, '/');
282 *lastslash = 0;
283 created = directory_make(NULL, name, LOG_DIRECTORY_MODE, FALSE);
284 DEBUG(D_any) debug_printf("%s log directory %s\n",
285 created ? "created" : "failed to create", name);
286 *lastslash = '/';
287 if (created) fd = Uopen(name,
288 #ifdef O_CLOEXEC
289 O_CLOEXEC |
290 #endif
291 O_CREAT|O_APPEND|O_WRONLY, LOG_MODE);
292 }
293
294 return fd;
295 }
296
297
298
299 /*************************************************
300 * Create a log file as the exim user *
301 *************************************************/
302
303 /* This function is called when we are root to spawn an exim:exim subprocess
304 in which we can create a log file. It must be signal-safe since it is called
305 by the usr1_handler().
306
307 Arguments:
308 name the file name
309
310 Returns: a file descriptor, or < 0 on failure (errno set)
311 */
312
313 int
314 log_create_as_exim(uschar *name)
315 {
316 pid_t pid = exim_fork(US"logfile create");
317 int status = 1;
318 int fd = -1;
319
320 /* In the subprocess, change uid/gid and do the creation. Return 0 from the
321 subprocess on success. If we don't check for setuid failures, then the file
322 can be created as root, so vulnerabilities which cause setuid to fail mean
323 that the Exim user can use symlinks to cause a file to be opened/created as
324 root. We always open for append, so can't nuke existing content but it would
325 still be Rather Bad. */
326
327 if (pid == 0)
328 {
329 if (setgid(exim_gid) < 0)
330 die(US"exim: setgid for log-file creation failed, aborting",
331 US"Unexpected log failure, please try later");
332 if (setuid(exim_uid) < 0)
333 die(US"exim: setuid for log-file creation failed, aborting",
334 US"Unexpected log failure, please try later");
335 _exit((log_create(name) < 0)? 1 : 0);
336 }
337
338 /* If we created a subprocess, wait for it. If it succeeded, try the open. */
339
340 while (pid > 0 && waitpid(pid, &status, 0) != pid);
341 if (status == 0) fd = Uopen(name,
342 #ifdef O_CLOEXEC
343 O_CLOEXEC |
344 #endif
345 O_APPEND|O_WRONLY, LOG_MODE);
346
347 /* If we failed to create a subprocess, we are in a bad way. We return
348 with fd still < 0, and errno set, letting the caller handle the error. */
349
350 return fd;
351 }
352
353
354
355
356 /*************************************************
357 * Open a log file *
358 *************************************************/
359
360 /* This function opens one of a number of logs, creating the log directory if
361 it does not exist. This may be called recursively on failure, in order to open
362 the panic log.
363
364 The directory is in the static variable file_path. This is static so that it
365 the work of sorting out the path is done just once per Exim process.
366
367 Exim is normally configured to avoid running as root wherever possible, the log
368 files must be owned by the non-privileged exim user. To ensure this, first try
369 an open without O_CREAT - most of the time this will succeed. If it fails, try
370 to create the file; if running as root, this must be done in a subprocess to
371 avoid races.
372
373 Arguments:
374 fd where to return the resulting file descriptor
375 type lt_main, lt_reject, lt_panic, or lt_debug
376 tag optional tag to include in the name (only hooked up for debug)
377
378 Returns: nothing
379 */
380
381 static void
382 open_log(int *fd, int type, uschar *tag)
383 {
384 uid_t euid;
385 BOOL ok, ok2;
386 uschar buffer[LOG_NAME_SIZE];
387
388 /* The names of the log files are controlled by file_path. The panic log is
389 written to the same directory as the main and reject logs, but its name does
390 not have a datestamp. The use of datestamps is indicated by %D/%M in file_path.
391 When opening the panic log, if %D or %M is present, we remove the datestamp
392 from the generated name; if it is at the start, remove a following
393 non-alphanumeric character as well; otherwise, remove a preceding
394 non-alphanumeric character. This is definitely kludgy, but it sort of does what
395 people want, I hope. */
396
397 ok = string_format(buffer, sizeof(buffer), CS file_path, log_names[type]);
398
399 /* Save the name of the mainlog for rollover processing. Without a datestamp,
400 it gets statted to see if it has been cycled. With a datestamp, the datestamp
401 will be compared. The static slot for saving it is the same size as buffer,
402 and the text has been checked above to fit, so this use of strcpy() is OK. */
403
404 if (type == lt_main && string_datestamp_offset >= 0)
405 {
406 Ustrcpy(mainlog_name, buffer);
407 mainlog_datestamp = mainlog_name + string_datestamp_offset;
408 }
409
410 /* Ditto for the reject log */
411
412 else if (type == lt_reject && string_datestamp_offset >= 0)
413 {
414 Ustrcpy(rejectlog_name, buffer);
415 rejectlog_datestamp = rejectlog_name + string_datestamp_offset;
416 }
417
418 /* and deal with the debug log (which keeps the datestamp, but does not
419 update it) */
420
421 else if (type == lt_debug)
422 {
423 Ustrcpy(debuglog_name, buffer);
424 if (tag)
425 {
426 /* this won't change the offset of the datestamp */
427 ok2 = string_format(buffer, sizeof(buffer), "%s%s",
428 debuglog_name, tag);
429 if (ok2)
430 Ustrcpy(debuglog_name, buffer);
431 }
432 }
433
434 /* Remove any datestamp if this is the panic log. This is rare, so there's no
435 need to optimize getting the datestamp length. We remove one non-alphanumeric
436 char afterwards if at the start, otherwise one before. */
437
438 else if (string_datestamp_offset >= 0)
439 {
440 uschar * from = buffer + string_datestamp_offset;
441 uschar * to = from + string_datestamp_length;
442
443 if (from == buffer || from[-1] == '/')
444 {
445 if (!isalnum(*to)) to++;
446 }
447 else
448 if (!isalnum(from[-1])) from--;
449
450 /* This copy is ok, because we know that to is a substring of from. But
451 due to overlap we must use memmove() not Ustrcpy(). */
452 memmove(from, to, Ustrlen(to)+1);
453 }
454
455 /* If the file name is too long, it is an unrecoverable disaster */
456
457 if (!ok)
458 die(US"exim: log file path too long: aborting",
459 US"Logging failure; please try later");
460
461 /* We now have the file name. Try to open an existing file. After a successful
462 open, arrange for automatic closure on exec(), and then return. */
463
464 *fd = Uopen(buffer,
465 #ifdef O_CLOEXEC
466 O_CLOEXEC |
467 #endif
468 O_APPEND|O_WRONLY, LOG_MODE);
469
470 if (*fd >= 0)
471 {
472 #ifndef O_CLOEXEC
473 (void)fcntl(*fd, F_SETFD, fcntl(*fd, F_GETFD) | FD_CLOEXEC);
474 #endif
475 return;
476 }
477
478 /* Open was not successful: try creating the file. If this is a root process,
479 we must do the creating in a subprocess set to exim:exim in order to ensure
480 that the file is created with the right ownership. Otherwise, there can be a
481 race if another Exim process is trying to write to the log at the same time.
482 The use of SIGUSR1 by the exiwhat utility can provoke a lot of simultaneous
483 writing. */
484
485 euid = geteuid();
486
487 /* If we are already running as the Exim user (even if that user is root),
488 we can go ahead and create in the current process. */
489
490 if (euid == exim_uid) *fd = log_create(buffer);
491
492 /* Otherwise, if we are root, do the creation in an exim:exim subprocess. If we
493 are neither exim nor root, creation is not attempted. */
494
495 else if (euid == root_uid) *fd = log_create_as_exim(buffer);
496
497 /* If we now have an open file, set the close-on-exec flag and return. */
498
499 if (*fd >= 0)
500 {
501 #ifndef O_CLOEXEC
502 (void)fcntl(*fd, F_SETFD, fcntl(*fd, F_GETFD) | FD_CLOEXEC);
503 #endif
504 return;
505 }
506
507 /* Creation failed. There are some circumstances in which we get here when
508 the effective uid is not root or exim, which is the problem. (For example, a
509 non-setuid binary with log_arguments set, called in certain ways.) Rather than
510 just bombing out, force the log to stderr and carry on if stderr is available.
511 */
512
513 if (euid != root_uid && euid != exim_uid && log_stderr != NULL)
514 {
515 *fd = fileno(log_stderr);
516 return;
517 }
518
519 /* Otherwise this is a disaster. This call is deliberately ONLY to the panic
520 log. If possible, save a copy of the original line that was being logged. If we
521 are recursing (can't open the panic log either), the pointer will already be
522 set. */
523
524 if (!panic_save_buffer)
525 if ((panic_save_buffer = US malloc(LOG_BUFFER_SIZE)))
526 memcpy(panic_save_buffer, log_buffer, LOG_BUFFER_SIZE);
527
528 log_write(0, LOG_PANIC_DIE, "Cannot open %s log file \"%s\": %s: "
529 "euid=%d egid=%d", log_names[type], buffer, strerror(errno), euid, getegid());
530 /* Never returns */
531 }
532
533
534 static void
535 unlink_log(int type)
536 {
537 if (type == lt_debug) unlink(CS debuglog_name);
538 }
539
540
541
542 /*************************************************
543 * Add configuration file info to log line *
544 *************************************************/
545
546 /* This is put in a function because it's needed twice (once for debugging,
547 once for real).
548
549 Arguments:
550 ptr pointer to the end of the line we are building
551 flags log flags
552
553 Returns: updated pointer
554 */
555
556 static gstring *
557 log_config_info(gstring * g, int flags)
558 {
559 g = string_cat(g, US"Exim configuration error");
560
561 if (flags & (LOG_CONFIG_FOR & ~LOG_CONFIG))
562 return string_cat(g, US" for ");
563
564 if (flags & (LOG_CONFIG_IN & ~LOG_CONFIG))
565 g = string_fmt_append(g, " in line %d of %s", config_lineno, config_filename);
566
567 return string_catn(g, US":\n ", 4);
568 }
569
570
571 /*************************************************
572 * A write() operation failed *
573 *************************************************/
574
575 /* This function is called when write() fails on anything other than the panic
576 log, which can happen if a disk gets full or a file gets too large or whatever.
577 We try to save the relevant message in the panic_save buffer before crashing
578 out.
579
580 The potential invoker should probably not call us for EINTR -1 writes. But
581 otherwise, short writes are bad as we don't do non-blocking writes to fds
582 subject to flow control. (If we do, that's new and the logic of this should
583 be reconsidered).
584
585 Arguments:
586 name the name of the log being written
587 length the string length being written
588 rc the return value from write()
589
590 Returns: does not return
591 */
592
593 static void
594 log_write_failed(uschar *name, int length, int rc)
595 {
596 int save_errno = errno;
597
598 if (!panic_save_buffer)
599 if ((panic_save_buffer = US malloc(LOG_BUFFER_SIZE)))
600 memcpy(panic_save_buffer, log_buffer, LOG_BUFFER_SIZE);
601
602 log_write(0, LOG_PANIC_DIE, "failed to write to %s: length=%d result=%d "
603 "errno=%d (%s)", name, length, rc, save_errno,
604 (save_errno == 0)? "write incomplete" : strerror(save_errno));
605 /* Never returns */
606 }
607
608
609
610 /*************************************************
611 * Write to an fd, retrying after signals *
612 *************************************************/
613
614 /* Basic write to fd for logs, handling EINTR.
615
616 Arguments:
617 fd the fd to write to
618 buf the string to write
619 length the string length being written
620
621 Returns:
622 length actually written, persisting an errno from write()
623 */
624 ssize_t
625 write_to_fd_buf(int fd, const uschar *buf, size_t length)
626 {
627 ssize_t wrote;
628 size_t total_written = 0;
629 const uschar *p = buf;
630 size_t left = length;
631
632 while (1)
633 {
634 wrote = write(fd, p, left);
635 if (wrote == (ssize_t)-1)
636 {
637 if (errno == EINTR) continue;
638 return wrote;
639 }
640 total_written += wrote;
641 if (wrote == left)
642 break;
643 else
644 {
645 p += wrote;
646 left -= wrote;
647 }
648 }
649 return total_written;
650 }
651
652
653
654 static void
655 set_file_path(void)
656 {
657 int sep = ':'; /* Fixed separator - outside use */
658 uschar *t;
659 const uschar *tt = US LOG_FILE_PATH;
660 while ((t = string_nextinlist(&tt, &sep, log_buffer, LOG_BUFFER_SIZE)))
661 {
662 if (Ustrcmp(t, "syslog") == 0 || t[0] == 0) continue;
663 file_path = string_copy(t);
664 break;
665 }
666 }
667
668
669 void
670 mainlog_close(void)
671 {
672 if (mainlogfd < 0) return;
673 (void)close(mainlogfd);
674 mainlogfd = -1;
675 mainlog_inode = 0;
676 }
677
678 /*************************************************
679 * Write message to log file *
680 *************************************************/
681
682 /* Exim can be configured to log to local files, or use syslog, or both. This
683 is controlled by the setting of log_file_path. The following cases are
684 recognized:
685
686 log_file_path = "" write files in the spool/log directory
687 log_file_path = "xxx" write files in the xxx directory
688 log_file_path = "syslog" write to syslog
689 log_file_path = "syslog : xxx" write to syslog and to files (any order)
690
691 The message always gets '\n' added on the end of it, since more than one
692 process may be writing to the log at once and we don't want intermingling to
693 happen in the middle of lines. To be absolutely sure of this we write the data
694 into a private buffer and then put it out in a single write() call.
695
696 The flags determine which log(s) the message is written to, or for syslogging,
697 which priority to use, and in the case of the panic log, whether the process
698 should die afterwards.
699
700 The variable really_exim is TRUE only when exim is running in privileged state
701 (i.e. not with a changed configuration or with testing options such as -brw).
702 If it is not, don't try to write to the log because permission will probably be
703 denied.
704
705 Avoid actually writing to the logs when exim is called with -bv or -bt to
706 test an address, but take other actions, such as panicking.
707
708 In Exim proper, the buffer for building the message is got at start-up, so that
709 nothing gets done if it can't be got. However, some functions that are also
710 used in utilities occasionally obey log_write calls in error situations, and it
711 is simplest to put a single malloc() here rather than put one in each utility.
712 Malloc is used directly because the store functions may call log_write().
713
714 If a message_id exists, we include it after the timestamp.
715
716 Arguments:
717 selector write to main log or LOG_INFO only if this value is zero, or if
718 its bit is set in log_selector[0]
719 flags each bit indicates some independent action:
720 LOG_SENDER add raw sender to the message
721 LOG_RECIPIENTS add raw recipients list to message
722 LOG_CONFIG add "Exim configuration error"
723 LOG_CONFIG_FOR add " for " instead of ":\n "
724 LOG_CONFIG_IN add " in line x[ of file y]"
725 LOG_MAIN write to main log or syslog LOG_INFO
726 LOG_REJECT write to reject log or syslog LOG_NOTICE
727 LOG_PANIC write to panic log or syslog LOG_ALERT
728 LOG_PANIC_DIE write to panic log or LOG_ALERT and then crash
729 format a printf() format
730 ... arguments for format
731
732 Returns: nothing
733 */
734
735 void
736 log_write(unsigned int selector, int flags, const char *format, ...)
737 {
738 int paniclogfd;
739 ssize_t written_len;
740 gstring gs = { .size = LOG_BUFFER_SIZE-1, .ptr = 0, .s = log_buffer };
741 gstring * g;
742 va_list ap;
743
744 /* If panic_recurseflag is set, we have failed to open the panic log. This is
745 the ultimate disaster. First try to write the message to a debug file and/or
746 stderr and also to syslog. If panic_save_buffer is not NULL, it contains the
747 original log line that caused the problem. Afterwards, expire. */
748
749 if (panic_recurseflag)
750 {
751 uschar *extra = panic_save_buffer ? panic_save_buffer : US"";
752 if (debug_file) debug_printf("%s%s", extra, log_buffer);
753 if (log_stderr && log_stderr != debug_file)
754 fprintf(log_stderr, "%s%s", extra, log_buffer);
755 if (*extra) write_syslog(LOG_CRIT, extra);
756 write_syslog(LOG_CRIT, log_buffer);
757 die(US"exim: could not open panic log - aborting: see message(s) above",
758 US"Unexpected log failure, please try later");
759 }
760
761 /* Ensure we have a buffer (see comment above); this should never be obeyed
762 when running Exim proper, only when running utilities. */
763
764 if (!log_buffer)
765 if (!(log_buffer = US malloc(LOG_BUFFER_SIZE)))
766 {
767 fprintf(stderr, "exim: failed to get store for log buffer\n");
768 exim_exit(EXIT_FAILURE, NULL);
769 }
770
771 /* If we haven't already done so, inspect the setting of log_file_path to
772 determine whether to log to files and/or to syslog. Bits in logging_mode
773 control this, and for file logging, the path must end up in file_path. This
774 variable must be in permanent store because it may be required again later in
775 the process. */
776
777 if (!path_inspected)
778 {
779 BOOL multiple = FALSE;
780 int old_pool = store_pool;
781
782 store_pool = POOL_PERM;
783
784 /* If nothing has been set, don't waste effort... the default values for the
785 statics are file_path="" and logging_mode = LOG_MODE_FILE. */
786
787 if (*log_file_path)
788 {
789 int sep = ':'; /* Fixed separator - outside use */
790 uschar *s;
791 const uschar *ss = log_file_path;
792
793 logging_mode = 0;
794 while ((s = string_nextinlist(&ss, &sep, log_buffer, LOG_BUFFER_SIZE)))
795 {
796 if (Ustrcmp(s, "syslog") == 0)
797 logging_mode |= LOG_MODE_SYSLOG;
798 else if (logging_mode & LOG_MODE_FILE)
799 multiple = TRUE;
800 else
801 {
802 logging_mode |= LOG_MODE_FILE;
803
804 /* If a non-empty path is given, use it */
805
806 if (*s)
807 file_path = string_copy(s);
808
809 /* If the path is empty, we want to use the first non-empty, non-
810 syslog item in LOG_FILE_PATH, if there is one, since the value of
811 log_file_path may have been set at runtime. If there is no such item,
812 use the ultimate default in the spool directory. */
813
814 else
815 set_file_path(); /* Empty item in log_file_path */
816 } /* First non-syslog item in log_file_path */
817 } /* Scan of log_file_path */
818 }
819
820 /* If no modes have been selected, it is a major disaster */
821
822 if (logging_mode == 0)
823 die(US"Neither syslog nor file logging set in log_file_path",
824 US"Unexpected logging failure");
825
826 /* Set up the ultimate default if necessary. Then revert to the old store
827 pool, and record that we've sorted out the path. */
828
829 if (logging_mode & LOG_MODE_FILE && !file_path[0])
830 file_path = string_sprintf("%s/log/%%slog", spool_directory);
831 store_pool = old_pool;
832 path_inspected = TRUE;
833
834 /* If more than one file path was given, log a complaint. This recursive call
835 should work since we have now set up the routing. */
836
837 if (multiple)
838 log_write(0, LOG_MAIN|LOG_PANIC,
839 "More than one path given in log_file_path: using %s", file_path);
840 }
841
842 /* If debugging, show all log entries, but don't show headers. Do it all
843 in one go so that it doesn't get split when multi-processing. */
844
845 DEBUG(D_any|D_v)
846 {
847 int i;
848
849 g = string_catn(&gs, US"LOG:", 4);
850
851 /* Show the selector that was passed into the call. */
852
853 for (i = 0; i < log_options_count; i++)
854 {
855 unsigned int bitnum = log_options[i].bit;
856 if (bitnum < BITWORDSIZE && selector == BIT(bitnum))
857 g = string_fmt_append(g, " %s", log_options[i].name);
858 }
859
860 g = string_fmt_append(g, "%s%s%s%s\n ",
861 flags & LOG_MAIN ? " MAIN" : "",
862 flags & LOG_PANIC ? " PANIC" : "",
863 (flags & LOG_PANIC_DIE) == LOG_PANIC_DIE ? " DIE" : "",
864 flags & LOG_REJECT ? " REJECT" : "");
865
866 if (flags & LOG_CONFIG) g = log_config_info(g, flags);
867
868 /* We want to be able to log tainted info, but log_buffer is directly
869 malloc'd. So use deliberately taint-nonchecking routines to build into
870 it, trusting that we will never expand the results. */
871
872 va_start(ap, format);
873 i = g->ptr;
874 if (!string_vformat(g, SVFMT_TAINT_NOCHK, format, ap))
875 {
876 g->ptr = i;
877 g = string_cat(g, US"**** log string overflowed log buffer ****");
878 }
879 va_end(ap);
880
881 g->size = LOG_BUFFER_SIZE;
882 g = string_catn(g, US"\n", 1);
883 debug_printf("%s", string_from_gstring(g));
884
885 gs.size = LOG_BUFFER_SIZE-1; /* Having used the buffer for debug output, */
886 gs.ptr = 0; /* reset it for the real use. */
887 gs.s = log_buffer;
888 }
889 /* If no log file is specified, we are in a mess. */
890
891 if (!(flags & (LOG_MAIN|LOG_PANIC|LOG_REJECT)))
892 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_write called with no log "
893 "flags set");
894
895 /* There are some weird circumstances in which logging is disabled. */
896
897 if (f.disable_logging)
898 {
899 DEBUG(D_any) debug_printf("log writing disabled\n");
900 return;
901 }
902
903 /* Handle disabled reject log */
904
905 if (!write_rejectlog) flags &= ~LOG_REJECT;
906
907 /* Create the main message in the log buffer. Do not include the message id
908 when called by a utility. */
909
910 g = string_fmt_append(&gs, "%s ", tod_stamp(tod_log));
911
912 if (LOGGING(pid))
913 {
914 if (!syslog_pid) pid_position[0] = g->ptr; /* remember begin … */
915 g = string_fmt_append(g, "[%d] ", (int)getpid());
916 if (!syslog_pid) pid_position[1] = g->ptr; /* … and end+1 of the PID */
917 }
918
919 if (f.really_exim && message_id[0] != 0)
920 g = string_fmt_append(g, "%s ", message_id);
921
922 if (flags & LOG_CONFIG)
923 g = log_config_info(g, flags);
924
925 va_start(ap, format);
926 {
927 int i = g->ptr;
928
929 /* We want to be able to log tainted info, but log_buffer is directly
930 malloc'd. So use deliberately taint-nonchecking routines to build into
931 it, trusting that we will never expand the results. */
932
933 if (!string_vformat(g, SVFMT_TAINT_NOCHK, format, ap))
934 {
935 g->ptr = i;
936 g = string_cat(g, US"**** log string overflowed log buffer ****\n");
937 }
938 }
939 va_end(ap);
940
941 /* Add the raw, unrewritten, sender to the message if required. This is done
942 this way because it kind of fits with LOG_RECIPIENTS. */
943
944 if ( flags & LOG_SENDER
945 && g->ptr < LOG_BUFFER_SIZE - 10 - Ustrlen(raw_sender))
946 g = string_fmt_append_f(g, SVFMT_TAINT_NOCHK, " from <%s>", raw_sender);
947
948 /* Add list of recipients to the message if required; the raw list,
949 before rewriting, was saved in raw_recipients. There may be none, if an ACL
950 discarded them all. */
951
952 if ( flags & LOG_RECIPIENTS
953 && g->ptr < LOG_BUFFER_SIZE - 6
954 && raw_recipients_count > 0)
955 {
956 int i;
957 g = string_fmt_append_f(g, SVFMT_TAINT_NOCHK, " for", NULL);
958 for (i = 0; i < raw_recipients_count; i++)
959 {
960 uschar * s = raw_recipients[i];
961 if (LOG_BUFFER_SIZE - g->ptr < Ustrlen(s) + 3) break;
962 g = string_fmt_append_f(g, SVFMT_TAINT_NOCHK, " %s", s);
963 }
964 }
965
966 g = string_catn(g, US"\n", 1);
967 string_from_gstring(g);
968
969 /* Handle loggable errors when running a utility, or when address testing.
970 Write to log_stderr unless debugging (when it will already have been written),
971 or unless there is no log_stderr (expn called from daemon, for example). */
972
973 if (!f.really_exim || f.log_testing_mode)
974 {
975 if ( !debug_selector
976 && log_stderr
977 && (selector == 0 || (selector & log_selector[0]) != 0)
978 )
979 if (host_checking)
980 fprintf(log_stderr, "LOG: %s", CS(log_buffer + 20)); /* no timestamp */
981 else
982 fprintf(log_stderr, "%s", CS log_buffer);
983
984 if ((flags & LOG_PANIC_DIE) == LOG_PANIC_DIE) exim_exit(EXIT_FAILURE, US"");
985 return;
986 }
987
988 /* Handle the main log. We know that either syslog or file logging (or both) is
989 set up. A real file gets left open during reception or delivery once it has
990 been opened, but we don't want to keep on writing to it for too long after it
991 has been renamed. Therefore, do a stat() and see if the inode has changed, and
992 if so, re-open. */
993
994 if ( flags & LOG_MAIN
995 && (!selector || selector & log_selector[0]))
996 {
997 if ( logging_mode & LOG_MODE_SYSLOG
998 && (syslog_duplication || !(flags & (LOG_REJECT|LOG_PANIC))))
999 write_syslog(LOG_INFO, log_buffer);
1000
1001 if (logging_mode & LOG_MODE_FILE)
1002 {
1003 struct stat statbuf;
1004
1005 /* Check for a change to the mainlog file name when datestamping is in
1006 operation. This happens at midnight, at which point we want to roll over
1007 the file. Closing it has the desired effect. */
1008
1009 if (mainlog_datestamp)
1010 {
1011 uschar *nowstamp = tod_stamp(string_datestamp_type);
1012 if (Ustrncmp (mainlog_datestamp, nowstamp, Ustrlen(nowstamp)) != 0)
1013 {
1014 (void)close(mainlogfd); /* Close the file */
1015 mainlogfd = -1; /* Clear the file descriptor */
1016 mainlog_inode = 0; /* Unset the inode */
1017 mainlog_datestamp = NULL; /* Clear the datestamp */
1018 }
1019 }
1020
1021 /* Otherwise, we want to check whether the file has been renamed by a
1022 cycling script. This could be "if else", but for safety's sake, leave it as
1023 "if" so that renaming the log starts a new file even when datestamping is
1024 happening. */
1025
1026 if (mainlogfd >= 0)
1027 if (Ustat(mainlog_name, &statbuf) < 0 || statbuf.st_ino != mainlog_inode)
1028 mainlog_close();
1029
1030 /* If the log is closed, open it. Then write the line. */
1031
1032 if (mainlogfd < 0)
1033 {
1034 open_log(&mainlogfd, lt_main, NULL); /* No return on error */
1035 if (fstat(mainlogfd, &statbuf) >= 0) mainlog_inode = statbuf.st_ino;
1036 }
1037
1038 /* Failing to write to the log is disastrous */
1039
1040 written_len = write_to_fd_buf(mainlogfd, g->s, g->ptr);
1041 if (written_len != g->ptr)
1042 {
1043 log_write_failed(US"main log", g->ptr, written_len);
1044 /* That function does not return */
1045 }
1046 }
1047 }
1048
1049 /* Handle the log for rejected messages. This can be globally disabled, in
1050 which case the flags are altered above. If there are any header lines (i.e. if
1051 the rejection is happening after the DATA phase), log the recipients and the
1052 headers. */
1053
1054 if (flags & LOG_REJECT)
1055 {
1056 if (header_list && LOGGING(rejected_header))
1057 {
1058 gstring * g2;
1059 int i;
1060
1061 if (recipients_count > 0)
1062 {
1063 /* List the sender */
1064
1065 g2 = string_fmt_append_f(g, SVFMT_TAINT_NOCHK,
1066 "Envelope-from: <%s>\n", sender_address);
1067 if (g2) g = g2;
1068
1069 /* List up to 5 recipients */
1070
1071 g2 = string_fmt_append_f(g, SVFMT_TAINT_NOCHK,
1072 "Envelope-to: <%s>\n", recipients_list[0].address);
1073 if (g2) g = g2;
1074
1075 for (i = 1; i < recipients_count && i < 5; i++)
1076 {
1077 g2 = string_fmt_append_f(g, SVFMT_TAINT_NOCHK,
1078 " <%s>\n", recipients_list[i].address);
1079 if (g2) g = g2;
1080 }
1081
1082 if (i < recipients_count)
1083 {
1084 g2 = string_fmt_append_f(g, SVFMT_TAINT_NOCHK, " ...\n", NULL);
1085 if (g2) g = g2;
1086 }
1087 }
1088
1089 /* A header with a NULL text is an unfilled in Received: header */
1090
1091 for (header_line * h = header_list; h; h = h->next) if (h->text)
1092 {
1093 g2 = string_fmt_append_f(g, SVFMT_TAINT_NOCHK,
1094 "%c %s", h->type, h->text);
1095 if (g2)
1096 g = g2;
1097 else /* Buffer is full; truncate */
1098 {
1099 g->ptr -= 100; /* For message and separator */
1100 if (g->s[g->ptr-1] == '\n') g->ptr--;
1101 g = string_cat(g, US"\n*** truncated ***\n");
1102 break;
1103 }
1104 }
1105 }
1106
1107 /* Write to syslog or to a log file */
1108
1109 if ( logging_mode & LOG_MODE_SYSLOG
1110 && (syslog_duplication || !(flags & LOG_PANIC)))
1111 write_syslog(LOG_NOTICE, string_from_gstring(g));
1112
1113 /* Check for a change to the rejectlog file name when datestamping is in
1114 operation. This happens at midnight, at which point we want to roll over
1115 the file. Closing it has the desired effect. */
1116
1117 if (logging_mode & LOG_MODE_FILE)
1118 {
1119 struct stat statbuf;
1120
1121 if (rejectlog_datestamp)
1122 {
1123 uschar *nowstamp = tod_stamp(string_datestamp_type);
1124 if (Ustrncmp (rejectlog_datestamp, nowstamp, Ustrlen(nowstamp)) != 0)
1125 {
1126 (void)close(rejectlogfd); /* Close the file */
1127 rejectlogfd = -1; /* Clear the file descriptor */
1128 rejectlog_inode = 0; /* Unset the inode */
1129 rejectlog_datestamp = NULL; /* Clear the datestamp */
1130 }
1131 }
1132
1133 /* Otherwise, we want to check whether the file has been renamed by a
1134 cycling script. This could be "if else", but for safety's sake, leave it as
1135 "if" so that renaming the log starts a new file even when datestamping is
1136 happening. */
1137
1138 if (rejectlogfd >= 0)
1139 if (Ustat(rejectlog_name, &statbuf) < 0 ||
1140 statbuf.st_ino != rejectlog_inode)
1141 {
1142 (void)close(rejectlogfd);
1143 rejectlogfd = -1;
1144 rejectlog_inode = 0;
1145 }
1146
1147 /* Open the file if necessary, and write the data */
1148
1149 if (rejectlogfd < 0)
1150 {
1151 open_log(&rejectlogfd, lt_reject, NULL); /* No return on error */
1152 if (fstat(rejectlogfd, &statbuf) >= 0) rejectlog_inode = statbuf.st_ino;
1153 }
1154
1155 written_len = write_to_fd_buf(rejectlogfd, g->s, g->ptr);
1156 if (written_len != g->ptr)
1157 {
1158 log_write_failed(US"reject log", g->ptr, written_len);
1159 /* That function does not return */
1160 }
1161 }
1162 }
1163
1164
1165 /* Handle the panic log, which is not kept open like the others. If it fails to
1166 open, there will be a recursive call to log_write(). We detect this above and
1167 attempt to write to the system log as a last-ditch try at telling somebody. In
1168 all cases except mua_wrapper, try to write to log_stderr. */
1169
1170 if (flags & LOG_PANIC)
1171 {
1172 if (log_stderr && log_stderr != debug_file && !mua_wrapper)
1173 fprintf(log_stderr, "%s", CS string_from_gstring(g));
1174
1175 if (logging_mode & LOG_MODE_SYSLOG)
1176 write_syslog(LOG_ALERT, log_buffer);
1177
1178 /* If this panic logging was caused by a failure to open the main log,
1179 the original log line is in panic_save_buffer. Make an attempt to write it. */
1180
1181 if (logging_mode & LOG_MODE_FILE)
1182 {
1183 panic_recurseflag = TRUE;
1184 open_log(&paniclogfd, lt_panic, NULL); /* Won't return on failure */
1185 panic_recurseflag = FALSE;
1186
1187 if (panic_save_buffer)
1188 {
1189 int i = write(paniclogfd, panic_save_buffer, Ustrlen(panic_save_buffer));
1190 i = i; /* compiler quietening */
1191 }
1192
1193 written_len = write_to_fd_buf(paniclogfd, g->s, g->ptr);
1194 if (written_len != g->ptr)
1195 {
1196 int save_errno = errno;
1197 write_syslog(LOG_CRIT, log_buffer);
1198 sprintf(CS log_buffer, "write failed on panic log: length=%d result=%d "
1199 "errno=%d (%s)", g->ptr, (int)written_len, save_errno, strerror(save_errno));
1200 write_syslog(LOG_CRIT, string_from_gstring(g));
1201 flags |= LOG_PANIC_DIE;
1202 }
1203
1204 (void)close(paniclogfd);
1205 }
1206
1207 /* Give up if the DIE flag is set */
1208
1209 if ((flags & LOG_PANIC_DIE) != LOG_PANIC)
1210 die(NULL, US"Unexpected failure, please try later");
1211 }
1212 }
1213
1214
1215
1216 /*************************************************
1217 * Close any open log files *
1218 *************************************************/
1219
1220 void
1221 log_close_all(void)
1222 {
1223 if (mainlogfd >= 0)
1224 { (void)close(mainlogfd); mainlogfd = -1; }
1225 if (rejectlogfd >= 0)
1226 { (void)close(rejectlogfd); rejectlogfd = -1; }
1227 closelog();
1228 syslog_open = FALSE;
1229 }
1230
1231
1232
1233 /*************************************************
1234 * Multi-bit set or clear *
1235 *************************************************/
1236
1237 /* These functions take a list of bit indexes (terminated by -1) and
1238 clear or set the corresponding bits in the selector.
1239
1240 Arguments:
1241 selector address of the bit string
1242 selsize number of words in the bit string
1243 bits list of bits to set
1244 */
1245
1246 void
1247 bits_clear(unsigned int *selector, size_t selsize, int *bits)
1248 {
1249 for(; *bits != -1; ++bits)
1250 BIT_CLEAR(selector, selsize, *bits);
1251 }
1252
1253 void
1254 bits_set(unsigned int *selector, size_t selsize, int *bits)
1255 {
1256 for(; *bits != -1; ++bits)
1257 BIT_SET(selector, selsize, *bits);
1258 }
1259
1260
1261
1262 /*************************************************
1263 * Decode bit settings for log/debug *
1264 *************************************************/
1265
1266 /* This function decodes a string containing bit settings in the form of +name
1267 and/or -name sequences, and sets/unsets bits in a bit string accordingly. It
1268 also recognizes a numeric setting of the form =<number>, but this is not
1269 intended for user use. It's an easy way for Exim to pass the debug settings
1270 when it is re-exec'ed.
1271
1272 The option table is a list of names and bit indexes. The index -1
1273 means "set all bits, except for those listed in notall". The notall
1274 list is terminated by -1.
1275
1276 The action taken for bad values varies depending upon why we're here.
1277 For log messages, or if the debugging is triggered from config, then we write
1278 to the log on the way out. For debug setting triggered from the command-line,
1279 we treat it as an unknown option: error message to stderr and die.
1280
1281 Arguments:
1282 selector address of the bit string
1283 selsize number of words in the bit string
1284 notall list of bits to exclude from "all"
1285 string the configured string
1286 options the table of option names
1287 count size of table
1288 which "log" or "debug"
1289 flags DEBUG_FROM_CONFIG
1290
1291 Returns: nothing on success - bomb out on failure
1292 */
1293
1294 void
1295 decode_bits(unsigned int *selector, size_t selsize, int *notall,
1296 uschar *string, bit_table *options, int count, uschar *which, int flags)
1297 {
1298 uschar *errmsg;
1299 if (string == NULL) return;
1300
1301 if (*string == '=')
1302 {
1303 char *end; /* Not uschar */
1304 memset(selector, 0, sizeof(*selector)*selsize);
1305 *selector = strtoul(CS string+1, &end, 0);
1306 if (*end == 0) return;
1307 errmsg = string_sprintf("malformed numeric %s_selector setting: %s", which,
1308 string);
1309 goto ERROR_RETURN;
1310 }
1311
1312 /* Handle symbolic setting */
1313
1314 else for(;;)
1315 {
1316 BOOL adding;
1317 uschar *s;
1318 int len;
1319 bit_table *start, *end;
1320
1321 while (isspace(*string)) string++;
1322 if (*string == 0) return;
1323
1324 if (*string != '+' && *string != '-')
1325 {
1326 errmsg = string_sprintf("malformed %s_selector setting: "
1327 "+ or - expected but found \"%s\"", which, string);
1328 goto ERROR_RETURN;
1329 }
1330
1331 adding = *string++ == '+';
1332 s = string;
1333 while (isalnum(*string) || *string == '_') string++;
1334 len = string - s;
1335
1336 start = options;
1337 end = options + count;
1338
1339 while (start < end)
1340 {
1341 bit_table *middle = start + (end - start)/2;
1342 int c = Ustrncmp(s, middle->name, len);
1343 if (c == 0)
1344 {
1345 if (middle->name[len] != 0) c = -1; else
1346 {
1347 unsigned int bit = middle->bit;
1348
1349 if (bit == -1)
1350 {
1351 if (adding)
1352 {
1353 memset(selector, -1, sizeof(*selector)*selsize);
1354 bits_clear(selector, selsize, notall);
1355 }
1356 else
1357 memset(selector, 0, sizeof(*selector)*selsize);
1358 }
1359 else if (adding)
1360 BIT_SET(selector, selsize, bit);
1361 else
1362 BIT_CLEAR(selector, selsize, bit);
1363
1364 break; /* Out of loop to match selector name */
1365 }
1366 }
1367 if (c < 0) end = middle; else start = middle + 1;
1368 } /* Loop to match selector name */
1369
1370 if (start >= end)
1371 {
1372 errmsg = string_sprintf("unknown %s_selector setting: %c%.*s", which,
1373 adding? '+' : '-', len, s);
1374 goto ERROR_RETURN;
1375 }
1376 } /* Loop for selector names */
1377
1378 /* Handle disasters */
1379
1380 ERROR_RETURN:
1381 if (Ustrcmp(which, "debug") == 0)
1382 {
1383 if (flags & DEBUG_FROM_CONFIG)
1384 {
1385 log_write(0, LOG_CONFIG|LOG_PANIC, "%s", errmsg);
1386 return;
1387 }
1388 fprintf(stderr, "exim: %s\n", errmsg);
1389 exit(EXIT_FAILURE);
1390 }
1391 else log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "%s", errmsg);
1392 }
1393
1394
1395
1396 /*************************************************
1397 * Activate a debug logfile (late) *
1398 *************************************************/
1399
1400 /* Normally, debugging is activated from the command-line; it may be useful
1401 within the configuration to activate debugging later, based on certain
1402 conditions. If debugging is already in progress, we return early, no action
1403 taken (besides debug-logging that we wanted debug-logging).
1404
1405 Failures in options are not fatal but will result in paniclog entries for the
1406 misconfiguration.
1407
1408 The first use of this is in ACL logic, "control = debug/tag=foo/opts=+expand"
1409 which can be combined with conditions, etc, to activate extra logging only
1410 for certain sources. The second use is inetd wait mode debug preservation. */
1411
1412 void
1413 debug_logging_activate(uschar *tag_name, uschar *opts)
1414 {
1415 int fd = -1;
1416
1417 if (debug_file)
1418 {
1419 debug_printf("DEBUGGING ACTIVATED FROM WITHIN CONFIG.\n"
1420 "DEBUG: Tag=\"%s\" opts=\"%s\"\n", tag_name, opts ? opts : US"");
1421 return;
1422 }
1423
1424 if (tag_name != NULL && (Ustrchr(tag_name, '/') != NULL))
1425 {
1426 log_write(0, LOG_MAIN|LOG_PANIC, "debug tag may not contain a '/' in: %s",
1427 tag_name);
1428 return;
1429 }
1430
1431 debug_selector = D_default;
1432 if (opts)
1433 decode_bits(&debug_selector, 1, debug_notall, opts,
1434 debug_options, debug_options_count, US"debug", DEBUG_FROM_CONFIG);
1435
1436 /* When activating from a transport process we may never have logged at all
1437 resulting in certain setup not having been done. Hack this for now so we
1438 do not segfault; note that nondefault log locations will not work */
1439
1440 if (!*file_path) set_file_path();
1441
1442 open_log(&fd, lt_debug, tag_name);
1443
1444 if (fd != -1)
1445 debug_file = fdopen(fd, "w");
1446 else
1447 log_write(0, LOG_MAIN|LOG_PANIC, "unable to open debug log");
1448 }
1449
1450
1451 void
1452 debug_logging_stop(void)
1453 {
1454 if (!debug_file || !debuglog_name[0]) return;
1455
1456 debug_selector = 0;
1457 fclose(debug_file);
1458 debug_file = NULL;
1459 unlink_log(lt_debug);
1460 }
1461
1462
1463 /* End of log.c */