Opened 7 years ago
Closed 7 years ago
#1540 closed defect (invalid)
Support for '-' (dash) in syslog TAG field
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | other | Version: | 1.13.x |
| Keywords: | syslog tag | Cc: | |
| uname -a: | Linux mirrors 4.9.2-20180402.mweibo.el7.centos.x86_64 #1 SMP Mon Apr 2 15:58:57 CST 2018 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.13.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) built with OpenSSL 1.0.2j-fips 26 Sep 2016 (running with OpenSSL 1.0.2k-fips 26 Jan 2017) TLS SNI support enabled configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-syslog --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream --with-stream_ssl_module --with-google_perftools_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E' |
||
Description
An nginx.conf contains dash in syslog tag:
error_log syslog:local6:info:127.0.0.1:514:XXX-nginx-error-YYY; # nginx -c /etc/nginx/nginx.conf -t nginx: [emerg] syslog "tag" only allows alphanumeric characters and underscore in /etc/nginx/nginx.conf:8
The syslog TAG field is defined in RFC3164 https://tools.ietf.org/html/rfc3164 as "a string of ABNF alphanumeric characters that MUST NOT exceed 32 characters.", and the ABNF naming rule is defined in RFC2234 https://tools.ietf.org/html/rfc2234 as "a sequence of characters, beginning with an alphabetic character, and followed by a combination of alphabetics, digits and hyphens (dashes)."
While the nginx syslog module does not include '-' in the check logic https://trac.nginx.org/nginx/browser/nginx/src/core/ngx_syslog.c#L185 , it returns NGX_CONF_ERROR.
I modified the TAG checking logic, and it works, in combination with rsyslog (which is comply with RFC3164 specification):
if ((c < '0' && c != '-') || (c > '9' && c < 'a' && c != '_') || c > 'z') { ... }
The naming rule in RFC 2234 refers to the "ABNF rule name", not to their contents.
RFC 3165 says, as you quote, that the only allowed characters for TAG are alphanumeric, please see https://tools.ietf.org/html/rfc2234#section-6.1 for ALPHA and DIGIT rules.
Note that underscore was allowed as exception, in a patch to #667.