Remove dependence on VALIDATE_NOT_OK in logging functions.

Split log_auth() into log_allowed() and log_denial()
Replace mail_auth() with should_mail() and a call to send_mail()

logging.c

@@ -62,7 +62,7 @@ __unused static const char rcsid[] = "$Sudo$";
 static void do_syslog		__P((int, char *));
 static void do_logfile		__P((char *));
 static void send_mail		__P((char *));
-static void mail_auth		__P((int, char *));
+static int should_mail		__P((int));
 static char *get_timestr	__P((void));
 static void mysyslog		__P((int, const char *, ...));
 static char *new_logline	__P((const char *, int));
@@ -268,41 +268,31 @@ do_logfile(msg)
 }
 
 /*
- * Two main functions, log_error() to log errors and log_auth() to
- * log allow/deny messages.
+ * Log and mail the denial message, optionally informing the user.
  */
 void
-log_auth(status, inform_user)
+log_denial(status, inform_user)
     int status;
     int inform_user;
 {
     char *message;
     char *logline;
-    int pri;
 
-    if (ISSET(status, VALIDATE_OK))
-	pri = def_syslog_goodpri;
-    else
-	pri = def_syslog_badpri;
-
-    /* Set error message, if any. */
-    if (ISSET(status, VALIDATE_OK))
-	message = NULL;
-    else if (ISSET(status, FLAG_NO_USER))
+    /* Set error message. */
+    if (ISSET(status, FLAG_NO_USER))
 	message = "user NOT in sudoers";
     else if (ISSET(status, FLAG_NO_HOST))
 	message = "user NOT authorized on host";
-    else if (ISSET(status, VALIDATE_NOT_OK))
-	message = "command not allowed";
     else
-	message = "unknown error";
+	message = "command not allowed";
 
     logline = new_logline(message, 0);
 
-    mail_auth(status, logline);		/* send mail based on status */
+    if (should_mail(status))
+	send_mail(logline);	/* send mail based on status */
 
     /* Inform the user if they failed to authenticate.  */
-    if (inform_user && ISSET(status, VALIDATE_NOT_OK)) {
+    if (inform_user) {
 	if (ISSET(status, FLAG_NO_USER))
 	    (void) fprintf(stderr, "%s is not in the sudoers file.  %s",
 		user_name, "This incident will be reported.\n");
@@ -326,7 +316,32 @@ log_auth(status, inform_user)
      * Log via syslog and/or a file.
      */
     if (def_syslog)
-	do_syslog(pri, logline);
+	do_syslog(def_syslog_badpri, logline);
+    if (def_logfile)
+	do_logfile(logline);
+
+    efree(logline);
+}
+
+/*
+ * Log and potentially mail the allowed command.
+ */
+void
+log_allowed(status)
+    int status;
+{
+    char *logline;
+
+    logline = new_logline(NULL, 0);
+
+    if (should_mail(status))
+	send_mail(logline);	/* send mail based on status */
+
+    /*
+     * Log via syslog and/or a file.
+     */
+    if (def_syslog)
+	do_syslog(def_syslog_goodpri, logline);
     if (def_logfile)
 	do_logfile(logline);
 
@@ -523,31 +538,17 @@ send_mail(line)
 }
 
 /*
- * Send mail based on the value of "status" and compile-time options.
+ * Determine whether we should send mail based on "status" and defaults options.
  */
-static void
-mail_auth(status, line)
+static int
+should_mail(status)
     int status;
-    char *line;
 {
-    int mail_mask;
 
-    /* If any of these bits are set in status, we send mail. */
-    if (def_mail_always)
-	mail_mask =
-	    VALIDATE_ERROR|VALIDATE_OK|FLAG_NO_USER|FLAG_NO_HOST|VALIDATE_NOT_OK;
-    else {
-	mail_mask = VALIDATE_ERROR;
-	if (def_mail_no_user)
-	    SET(mail_mask, FLAG_NO_USER);
-	if (def_mail_no_host)
-	    SET(mail_mask, FLAG_NO_HOST);
-	if (def_mail_no_perms)
-	    SET(mail_mask, VALIDATE_NOT_OK);
-    }
-
-    if ((status & mail_mask) != 0)
-	send_mail(line);
+    return(def_mail_always || ISSET(status, VALIDATE_ERROR) ||
+	(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
+	(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
+	(def_mail_no_perms && !ISSET(status, VALIDATE_OK)));
 }
 
 /*

logging.h

@@ -48,7 +48,8 @@
 # define MAXSYSLOGLEN		960
 #endif
 
-void log_auth			__P((int, int));
+void log_allowed		__P((int));
+void log_denial			__P((int, int));
 void log_error			__P((int flags, const char *fmt, ...))
 				    __printflike(2, 3);
 RETSIGTYPE reapchild		__P((int));

sudo.c

@@ -425,7 +425,7 @@ main(argc, argv, envp)
 		validate_env_vars(sudo_user.env_vars);
 	}
 
-	log_auth(validated, 1);
+	log_allowed(validated);
 	if (sudo_mode == MODE_CHECK)
 	    rc = display_cmnd(snl, list_pw ? list_pw : sudo_user.pw);
 	else if (sudo_mode == MODE_LIST)
@@ -514,8 +514,8 @@ main(argc, argv, envp)
 	    execv(_PATH_BSHELL, NewArgv);
 	} warning("unable to execute %s", safe_cmnd);
 	exit(127);
-    } else if (ISSET(validated, FLAG_NO_USER) || (validated & FLAG_NO_HOST)) {
-	log_auth(validated, 1);
+    } else if (ISSET(validated, FLAG_NO_USER) || ISSET(validated, FLAG_NO_HOST)) {
+	log_denial(validated, 1);
 	exit(1);
     } else {
 	if (def_path_info) {
@@ -526,7 +526,7 @@ main(argc, argv, envp)
 	     * is just "no foo in path" since the user can trivially set
 	     * their path to just contain a single dir.
 	     */
-	    log_auth(validated,
+	    log_denial(validated,
 		!(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND));
 	    if (cmnd_status == NOT_FOUND)
 		warningx("%s: command not found", user_cmnd);
@@ -534,7 +534,7 @@ main(argc, argv, envp)
 		warningx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd);
 	} else {
 	    /* Just tell the user they are not allowed to run foo. */
-	    log_auth(validated, 1);
+	    log_denial(validated, 1);
 	}
 	exit(1);
     }