Make the failed relay retry interval configurable.

This is the amount of time to wait before trying to resend a
journal to the relay server after a connection error.

doc/sudo_logsrvd.conf.man.in

@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "April 14, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "May 1, 2021" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -288,7 +288,7 @@ The default value is 30.
 relay_dir = path
 The directory in which log messages are temporarily stored before they
 are sent to the relay host.
-Messages are stored in the wire format used by
+Messages are stored in the wire format specified by
 sudo_logsrv.proto(@mansectform@)
 The default value is
 \fI@relay_dir@\fR.
@@ -318,6 +318,11 @@ If multiple
 \fIrelay_host\fR
 lines are specified, the first available relay host will be used.
 .TP 10n
+retry_interval = number
+The number of seconds to wait after a connection error before making
+a new attempt to forward a message to a relay host.
+The default value is 30 seconds.
+.TP 10n
 store_first = boolean
 If true,
 \fBsudo_logsrvd\fR
@@ -812,6 +817,21 @@ Sudo log server configuration file
 # The default value is 30.
 #connect_timeout = 30
 
+# The directory to store messages in before they are sent to the relay.
+# Messages are stored in wire format.
+# The default value is /var/log/logsrvd-relay.
+#relay_dir = /var/log/logsrvd-relay
+
+# The number of seconds to wait after a connection error before
+# making a new attempt to forward a message to a relay host.
+# The default value is 30.
+#retry_interval = 30
+
+# Whether to store the log before relaying it.  If true, enable store
+# and forward mode.  If false, the client connection is immediately
+# relayed.  Defaults to false.
+#store_first = true
+
 # If true, enable the SO_KEEPALIVE socket option on relay connections.
 #tcp_keepalive = true
 

doc/sudo_logsrvd.conf.mdoc.in

@@ -15,7 +15,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd April 14, 2021
+.Dd May 1, 2021
 .Dt SUDO_LOGSRVD.CONF @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -250,7 +250,7 @@ The default value is 30.
 .It relay_dir = path
 The directory in which log messages are temporarily stored before they
 are sent to the relay host.
-Messages are stored in the wire format used by
+Messages are stored in the wire format specified by
 .Xr sudo_logsrv.proto @mansectform@
 The default value is
 .Pa @relay_dir@ .
@@ -278,6 +278,10 @@ protocol.
 If multiple
 .Em relay_host
 lines are specified, the first available relay host will be used.
+.It retry_interval = number
+The number of seconds to wait after a connection error before making
+a new attempt to forward a message to a relay host.
+The default value is 30 seconds.
 .It store_first = boolean
 If true,
 .Nm sudo_logsrvd
@@ -744,6 +748,21 @@ Sudo log server configuration file
 # The default value is 30.
 #connect_timeout = 30
 
+# The directory to store messages in before they are sent to the relay.
+# Messages are stored in wire format.
+# The default value is /var/log/logsrvd-relay.
+#relay_dir = /var/log/logsrvd-relay
+
+# The number of seconds to wait after a connection error before
+# making a new attempt to forward a message to a relay host.
+# The default value is 30.
+#retry_interval = 30
+
+# Whether to store the log before relaying it.  If true, enable store
+# and forward mode.  If false, the client connection is immediately
+# relayed.  Defaults to false.
+#store_first = true
+
 # If true, enable the SO_KEEPALIVE socket option on relay connections.
 #tcp_keepalive = true
 

examples/sudo_logsrvd.conf

@@ -80,6 +80,21 @@
 # The default value is 30.
 #connect_timeout = 30
 
+# The directory to store messages in before they are sent to the relay.
+# Messages are stored in wire format.
+# The default value is /var/log/logsrvd-relay.
+#relay_dir = /var/log/logsrvd-relay
+
+# The number of seconds to wait after a connection error before
+# making a new attempt to forward a message to a relay host.
+# The default value is 30.
+#retry_interval = 30
+
+# Whether to store the log before relaying it.  If true, enable store
+# and forward mode.  If false, the client connection is immediately
+# relayed.  Defaults to false.
+#store_first = true
+
 # If true, enable the SO_KEEPALIVE socket option on relay connections.
 #tcp_keepalive = true
 

logsrvd/logsrvd.h

@@ -212,6 +212,7 @@ const char *logsrvd_conf_pid_file(void);
 struct timespec *logsrvd_conf_server_timeout(void);
 struct timespec *logsrvd_conf_relay_connect_timeout(void);
 struct timespec *logsrvd_conf_relay_timeout(void);
+time_t logsrvd_conf_relay_retry_interval(void);
 #if defined(HAVE_OPENSSL)
 bool logsrvd_conf_server_tls_check_peer(void);
 SSL_CTX *logsrvd_server_tls_ctx(void);
@@ -239,7 +240,7 @@ bool store_winsize_local(ChangeWindowSize *msg, uint8_t *buf, size_t len, struct
 bool store_suspend_local(CommandSuspend *msg, uint8_t *buf, size_t len, struct connection_closure *closure);
 
 /* logsrvd_queue.c */
-bool logsrvd_queue_enable(int timeout, struct sudo_event_base *evbase);
+bool logsrvd_queue_enable(time_t timeout, struct sudo_event_base *evbase);
 bool logsrvd_queue_insert(struct connection_closure *closure);
 bool logsrvd_queue_scan(struct sudo_event_base *evbase);
 void logsrvd_queue_dump(void);

logsrvd/logsrvd_conf.c

@@ -119,6 +119,7 @@ static struct logsrvd_config {
         struct address_list_container relays;
         struct timespec connect_timeout;
         struct timespec timeout;
+	time_t retry_interval;
 	char *relay_dir;
         bool tcp_keepalive;
 	bool store_first;
@@ -270,6 +271,12 @@ logsrvd_conf_relay_connect_timeout(void)
     return NULL;
 }
 
+time_t
+logsrvd_conf_relay_retry_interval(void)
+{
+    return logsrvd_config->relay.retry_interval;
+}
+
 #if defined(HAVE_OPENSSL)
 SSL_CTX *
 logsrvd_relay_tls_ctx(void)
@@ -1225,6 +1232,7 @@ logsrvd_conf_alloc(void)
     config->relay.timeout.tv_sec = DEFAULT_SOCKET_TIMEOUT_SEC;
     config->relay.connect_timeout.tv_sec = DEFAULT_SOCKET_TIMEOUT_SEC;
     config->relay.tcp_keepalive = true;
+    config->relay.retry_interval = 30;
     if (!cb_relay_dir(config, _PATH_SUDO_RELAY_DIR, 0))
 	goto bad;
 #if defined(HAVE_OPENSSL)

logsrvd/logsrvd_queue.c

@@ -142,7 +142,7 @@ outgoing_queue_cb(int unused, int what, void *v)
  * The event will fire after the specified timeout elapses.
  */
 bool
-logsrvd_queue_enable(int timeout, struct sudo_event_base *evbase)
+logsrvd_queue_enable(time_t timeout, struct sudo_event_base *evbase)
 {
     debug_decl(logsrvd_queue_enable, SUDO_DEBUG_UTIL);
 
@@ -193,7 +193,8 @@ logsrvd_queue_insert(struct connection_closure *closure)
     closure->journal_path = NULL;
     TAILQ_INSERT_TAIL(&outgoing_journal_queue, oj, entries);
 
-    if (!logsrvd_queue_enable(30, closure->evbase))
+    if (!logsrvd_queue_enable(logsrvd_conf_relay_retry_interval(),
+	    closure->evbase))
 	debug_return_bool(false);
 
     debug_return_bool(true);