Opened 6 years ago

Closed 6 years ago

#1540 closed defect (invalid)

Support for '-' (dash) in syslog TAG field

Reported by: sgub@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.13.x
Keywords: syslog tag Cc:
uname -a: Linux mirrors 4.9.2-20180402.mweibo.el7.centos.x86_64 #1 SMP Mon Apr 2 15:58:57 CST 2018 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.13.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC)
built with OpenSSL 1.0.2j-fips 26 Sep 2016 (running with OpenSSL 1.0.2k-fips 26 Jan 2017)
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-syslog --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream --with-stream_ssl_module --with-google_perftools_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E'

Description

An nginx.conf contains dash in syslog tag:

  error_log  syslog:local6:info:127.0.0.1:514:XXX-nginx-error-YYY;

  # nginx -c /etc/nginx/nginx.conf -t
  nginx: [emerg] syslog "tag" only allows alphanumeric characters and underscore in /etc/nginx/nginx.conf:8

The syslog TAG field is defined in RFC3164 https://tools.ietf.org/html/rfc3164 as "a string of ABNF alphanumeric characters that MUST NOT exceed 32 characters.", and the ABNF naming rule is defined in RFC2234 https://tools.ietf.org/html/rfc2234 as "a sequence of characters, beginning with an alphabetic character, and followed by a combination of alphabetics, digits and hyphens (dashes)."

While the nginx syslog module does not include '-' in the check logic https://trac.nginx.org/nginx/browser/nginx/src/core/ngx_syslog.c#L185 , it returns NGX_CONF_ERROR.

I modified the TAG checking logic, and it works, in combination with rsyslog (which is comply with RFC3164 specification):

    if ((c < '0' && c != '-') || (c > '9' && c < 'a' && c != '_') || c > 'z') {
    ...
    }

Change History (1)

comment:1 by Ruslan Ermilov, 6 years ago

Resolution: invalid
Status: newclosed

The naming rule in RFC 2234 refers to the "ABNF rule name", not to their contents.

RFC 3165 says, as you quote, that the only allowed characters for TAG are alphanumeric, please see https://tools.ietf.org/html/rfc2234#section-6.1 for ALPHA and DIGIT rules.

Note that underscore was allowed as exception, in a patch to #667.

Note: See TracTickets for help on using tickets.