From 050e91f8d15bbbf3b31e31bc3bf823ab461d61a0 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 23 Apr 2021 16:56:18 -0600 Subject: [PATCH] Forward the journaled entry after it has been stored locally. --- logsrvd/logsrvd.c | 208 ++++++++++++++++++++++++-------------- logsrvd/logsrvd.h | 3 +- logsrvd/logsrvd_journal.c | 2 + logsrvd/logsrvd_relay.c | 147 +++++++++++++++------------ 4 files changed, 223 insertions(+), 137 deletions(-) diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c index cded77ca2..f7c92f71c 100644 --- a/logsrvd/logsrvd.c +++ b/logsrvd/logsrvd.c @@ -89,13 +89,18 @@ static const char server_id[] = "Sudo Audit Server " PACKAGE_VERSION; static const char *conf_file = _PATH_SUDO_LOGSRVD_CONF; static double random_drop; -/* Server callback may redirect to client callback for TLS. */ +/* Event loop callbacks. */ static void client_msg_cb(int fd, int what, void *v); +static void server_msg_cb(int fd, int what, void *v); +static void server_commit_cb(int fd, int what, void *v); +#if defined(HAVE_OPENSSL) +static void tls_handshake_cb(int fd, int what, void *v); +#endif /* * Free a struct connection_closure container and its contents. */ -void +static void connection_closure_free(struct connection_closure *closure) { debug_decl(connection_closure_free, SUDO_DEBUG_UTIL); @@ -123,6 +128,8 @@ connection_closure_free(struct connection_closure *closure) eventlog_free(closure->evlog); free(closure->read_buf.data); while ((buf = TAILQ_FIRST(&closure->write_bufs)) != NULL) { + sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO, + "discarding write buffer %p, len %u", buf, buf->len - buf->off); TAILQ_REMOVE(&closure->write_bufs, buf, entries); free(buf->data); free(buf); @@ -144,6 +151,113 @@ connection_closure_free(struct connection_closure *closure) debug_return; } +/* + * Allocate a new connection closure. + */ +static struct connection_closure * +connection_closure_alloc(int fd, bool tls, bool relay_only, + struct sudo_event_base *base) +{ + struct connection_closure *closure; + debug_decl(connection_closure_alloc, SUDO_DEBUG_UTIL); + + if ((closure = calloc(1, sizeof(*closure))) == NULL) + debug_return_ptr(NULL); + + closure->iolog_dir_fd = -1; + closure->sock = relay_only ? -1 : fd; + closure->evbase = base; + closure->relay_only = relay_only; + closure->store_first = !relay_only && logsrvd_conf_relay_store_first(); + TAILQ_INIT(&closure->write_bufs); + TAILQ_INIT(&closure->free_bufs); + + TAILQ_INSERT_TAIL(&connections, closure, entries); + + closure->read_buf.size = 64 * 1024; + closure->read_buf.data = malloc(closure->read_buf.size); + if (closure->read_buf.data == NULL) + goto bad; + + closure->read_ev = sudo_ev_alloc(fd, SUDO_EV_READ|SUDO_EV_PERSIST, + client_msg_cb, closure); + if (closure->read_ev == NULL) + goto bad; + + if (!relay_only) { + closure->write_ev = sudo_ev_alloc(fd, SUDO_EV_WRITE|SUDO_EV_PERSIST, + server_msg_cb, closure); + if (closure->write_ev == NULL) + goto bad; + + closure->commit_ev = sudo_ev_alloc(-1, SUDO_EV_TIMEOUT, + server_commit_cb, closure); + if (closure->commit_ev == NULL) + goto bad; + } +#if defined(HAVE_OPENSSL) + if (tls) { + closure->ssl_accept_ev = sudo_ev_alloc(fd, SUDO_EV_READ, + tls_handshake_cb, closure); + if (closure->ssl_accept_ev == NULL) + goto bad; + } +#endif + + debug_return_ptr(closure); +bad: + connection_closure_free(closure); + debug_return_ptr(NULL); +} + +/* + * Close the client connection when finished. + * If in store-and-forward mode, initiate a relay connection. + * Otherwise, free the connection closure, removing any events. + */ +void +connection_close(struct connection_closure *closure) +{ + struct connection_closure *new_closure; + debug_decl(connection_close, SUDO_DEBUG_UTIL); + + if (closure == NULL) + debug_return; + + /* + * If we finished a client connection in store-and-forward mode, + * create a new connection for the relay and replay the journal. + */ + if (closure->store_first && closure->state == FINISHED && + closure->relay_closure == NULL && closure->journal != NULL) { + new_closure = connection_closure_alloc(fileno(closure->journal), false, + true, closure->evbase); + if (new_closure != NULL) { + /* Re-parent journal settings. */ + new_closure->journal = closure->journal; + closure->journal = NULL; + new_closure->journal_path = closure->journal_path; + closure->journal_path = NULL; + + /* Connect to the first relay available asynchronously. */ + if (!connect_relay(new_closure)) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, + "unable to connect to relay"); + connection_closure_free(new_closure); + } + } + } + if (closure->state == FINISHED && closure->journal_path != NULL) { + /* Journal relayed successfully, remove backing file. */ + sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, + "removing journal file %s", closure->journal_path); + unlink(closure->journal_path); + } + connection_closure_free(closure); + + debug_return; +} + struct connection_buffer * get_free_buf(size_t len, struct connection_closure *closure) { @@ -483,12 +597,11 @@ handle_exit(ExitMessage *msg, uint8_t *buf, size_t len, } if (closure->store_first) { - /* Store message in a journal for later relaying. */ + /* Store exit message in journal. */ if (!journal_write(buf, len, closure)) debug_return_bool(false); if (!journal_finish(closure)) debug_return_bool(false); - /* XXX - schedule relay of journal file */ } if (closure->log_io) { @@ -898,7 +1011,7 @@ server_shutdown(struct sudo_event_base *base) } } else { /* No commit point, close connection immediately. */ - connection_closure_free(closure); + connection_close(closure); } } @@ -989,7 +1102,7 @@ server_msg_cb(int fd, int what, void *v) } else #endif { - nwritten = send(fd, buf->data + buf->off, buf->len - buf->off, 0); + nwritten = write(fd, buf->data + buf->off, buf->len - buf->off); } if (nwritten == -1) { @@ -1018,7 +1131,7 @@ server_msg_cb(int fd, int what, void *v) debug_return; finished: - connection_closure_free(closure); + connection_close(closure); debug_return; } @@ -1096,7 +1209,7 @@ client_msg_cb(int fd, int what, void *v) } else #endif { - nread = recv(fd, buf->data + buf->len, buf->size - buf->len, 0); + nread = read(fd, buf->data + buf->len, buf->size - buf->len); } sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received %zd bytes from client %s", @@ -1164,7 +1277,7 @@ send_error: * Try to send client an error message before closing connection. * If we are already in an error state, just give up. */ - if (closure->state == ERROR) + if (closure->state == ERROR || closure->write_ev == NULL) goto close_connection; if (closure->errstr == NULL || !fmt_error_message(closure->errstr, closure)) goto close_connection; @@ -1178,7 +1291,7 @@ send_error: closure->state = ERROR; debug_return; close_connection: - connection_closure_free(closure); + connection_close(closure); debug_return; } @@ -1232,7 +1345,7 @@ server_commit_cb(int unused, int what, void *v) commit_point.tv_sec = closure->elapsed_time.tv_sec; commit_point.tv_nsec = closure->elapsed_time.tv_nsec; if (!schedule_commit_point(&commit_point, closure)) - connection_closure_free(closure); + connection_close(closure); debug_return; } @@ -1255,11 +1368,14 @@ start_protocol(struct connection_closure *closure) closure->relay_closure->relay_addr = NULL; } - if (!fmt_hello_message(closure)) - debug_return_bool(false); + /* When replaying a journal there is no write event. */ + if (closure->write_ev != NULL) { + if (!fmt_hello_message(closure)) + debug_return_bool(false); - if (sudo_ev_add(closure->evbase, closure->write_ev, timeout, false) == -1) - debug_return_bool(false); + if (sudo_ev_add(closure->evbase, closure->write_ev, timeout, false) == -1) + debug_return_bool(false); + } /* No read timeout, client messages may happen at arbitrary times. */ if (sudo_ev_add(closure->evbase, closure->read_ev, NULL, false) == -1) @@ -1423,67 +1539,11 @@ tls_handshake_cb(int fd, int what, void *v) debug_return; bad: - connection_closure_free(closure); + connection_close(closure); debug_return; } #endif /* HAVE_OPENSSL */ -/* - * Allocate a new connection closure. - */ -static struct connection_closure * -connection_closure_alloc(int sock, bool tls, struct sudo_event_base *base) -{ - struct connection_closure *closure; - debug_decl(connection_closure_alloc, SUDO_DEBUG_UTIL); - - if ((closure = calloc(1, sizeof(*closure))) == NULL) - debug_return_ptr(NULL); - - closure->iolog_dir_fd = -1; - closure->sock = sock; - closure->evbase = base; - closure->store_first = logsrvd_conf_relay_store_first(); - TAILQ_INIT(&closure->write_bufs); - TAILQ_INIT(&closure->free_bufs); - - TAILQ_INSERT_TAIL(&connections, closure, entries); - - closure->read_buf.size = 64 * 1024; - closure->read_buf.data = malloc(closure->read_buf.size); - if (closure->read_buf.data == NULL) - goto bad; - - closure->commit_ev = sudo_ev_alloc(-1, SUDO_EV_TIMEOUT, - server_commit_cb, closure); - if (closure->commit_ev == NULL) - goto bad; - - closure->read_ev = sudo_ev_alloc(sock, SUDO_EV_READ|SUDO_EV_PERSIST, - client_msg_cb, closure); - if (closure->read_ev == NULL) - goto bad; - - closure->write_ev = sudo_ev_alloc(sock, SUDO_EV_WRITE|SUDO_EV_PERSIST, - server_msg_cb, closure); - if (closure->write_ev == NULL) - goto bad; - -#if defined(HAVE_OPENSSL) - if (tls) { - closure->ssl_accept_ev = sudo_ev_alloc(sock, SUDO_EV_READ, - tls_handshake_cb, closure); - if (closure->ssl_accept_ev == NULL) - goto bad; - } -#endif - - debug_return_ptr(closure); -bad: - connection_closure_free(closure); - debug_return_ptr(NULL); -} - /* * New connection. * Allocate a connection closure and optionally perform TLS handshake. @@ -1495,7 +1555,7 @@ new_connection(int sock, bool tls, const struct sockaddr *sa, struct connection_closure *closure; debug_decl(new_connection, SUDO_DEBUG_UTIL); - if ((closure = connection_closure_alloc(sock, tls, evbase)) == NULL) + if ((closure = connection_closure_alloc(sock, tls, false, evbase)) == NULL) goto bad; /* store the peer's IP address in the closure object */ @@ -1565,7 +1625,7 @@ new_connection(int sock, bool tls, const struct sockaddr *sa, debug_return_bool(true); bad: - connection_closure_free(closure); + connection_close(closure); debug_return_bool(false); } diff --git a/logsrvd/logsrvd.h b/logsrvd/logsrvd.h index 2d59870ef..caea221b3 100644 --- a/logsrvd/logsrvd.h +++ b/logsrvd/logsrvd.h @@ -104,6 +104,7 @@ struct connection_closure { enum connection_status state; bool tls; bool log_io; + bool relay_only; bool store_first; bool read_instead_of_write; bool write_instead_of_read; @@ -159,7 +160,7 @@ void update_elapsed_time(TimeSpec *delta, struct timespec *elapsed); /* logsrvd.c */ bool start_protocol(struct connection_closure *closure); -void connection_closure_free(struct connection_closure *closure); +void connection_close(struct connection_closure *closure); bool schedule_commit_point(TimeSpec *commit_point, struct connection_closure *closure); bool fmt_log_id_message(const char *id, struct connection_closure *closure); bool fmt_error_message(const char *errstr, struct connection_closure *closure); diff --git a/logsrvd/logsrvd_journal.c b/logsrvd/logsrvd_journal.c index 46dc8af4e..1cd9dfc9a 100644 --- a/logsrvd/logsrvd_journal.c +++ b/logsrvd/logsrvd_journal.c @@ -180,6 +180,8 @@ journal_seek(struct timespec *target, struct connection_closure *closure) closure->errstr = _("client message too large"); break; } + + /* Read actual message from journal. */ if (msg_len > bufsize) { bufsize = sudo_pow2_roundup(msg_len); free(buf); diff --git a/logsrvd/logsrvd_relay.c b/logsrvd/logsrvd_relay.c index abb78bacb..3a53fc7ac 100644 --- a/logsrvd/logsrvd_relay.c +++ b/logsrvd/logsrvd_relay.c @@ -428,13 +428,13 @@ connect_cb(int sock, int what, void *v) /* Relay connection succeeded, start TLS handshake. */ if (relay_closure->relay_addr->tls) { if (!connect_relay_tls(closure)) - connection_closure_free(closure); + connection_close(closure); } else #endif { /* Relay connection succeeded, start talking to the client. */ if (!start_relay(sock, closure)) - connection_closure_free(closure); + connection_close(closure); } } else { /* Connection failed, try next relay (if any). */ @@ -552,6 +552,10 @@ handle_log_id(char *id, struct connection_closure *closure) closure->relay_closure->relay_name.name, closure->relay_closure->relay_name.ipaddr); + /* No client connection when replaying a journaled entry. */ + if (closure->write_ev == NULL) + debug_return_bool(true); + /* Generate a new log ID that includes the relay host. */ len = asprintf(&new_id, "%s/%s", id, closure->relay_closure->relay_name.name); @@ -586,16 +590,18 @@ handle_server_error(char *errmsg, struct connection_closure *closure) relay_closure->relay_name.name, relay_closure->relay_name.ipaddr, errmsg); - if (!fmt_error_message(errmsg, closure)) - debug_return_bool(false); + if (closure->write_ev != NULL) { + if (!fmt_error_message(errmsg, closure)) + debug_return_bool(false); - sudo_ev_del(closure->evbase, closure->read_ev); - if (sudo_ev_add(closure->evbase, closure->write_ev, - logsrvd_conf_relay_timeout(), false) == -1) { - sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to add server write event"); - debug_return_bool(false); + if (sudo_ev_add(closure->evbase, closure->write_ev, + logsrvd_conf_relay_timeout(), false) == -1) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, + "unable to add server write event"); + debug_return_bool(false); + } } + sudo_ev_del(closure->evbase, relay_closure->read_ev); closure->state = ERROR; debug_return_bool(true); @@ -616,16 +622,18 @@ handle_server_abort(char *errmsg, struct connection_closure *closure) relay_closure->relay_name.name, relay_closure->relay_name.ipaddr, errmsg); - if (!fmt_error_message(errmsg, closure)) - debug_return_bool(false); + if (closure->write_ev != NULL) { + if (!fmt_error_message(errmsg, closure)) + debug_return_bool(false); - sudo_ev_del(closure->evbase, closure->read_ev); - if (sudo_ev_add(closure->evbase, closure->write_ev, - logsrvd_conf_relay_timeout(), false) == -1) { - sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to add server write event"); - debug_return_bool(false); + if (sudo_ev_add(closure->evbase, closure->write_ev, + logsrvd_conf_relay_timeout(), false) == -1) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, + "unable to add server write event"); + debug_return_bool(false); + } } + sudo_ev_del(closure->evbase, relay_closure->read_ev); closure->state = ERROR; debug_return_bool(true); @@ -787,7 +795,7 @@ relay_server_msg_cb(int fd, int what, void *v) sudo_debug_printf(SUDO_DEBUG_INFO, "%s: ServerMessage from relay %s (%s)", __func__, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); - nread = recv(fd, buf->data + buf->len, buf->size - buf->len, 0); + nread = read(fd, buf->data + buf->len, buf->size - buf->len); } sudo_debug_printf(SUDO_DEBUG_INFO, @@ -798,7 +806,7 @@ relay_server_msg_cb(int fd, int what, void *v) if (errno == EAGAIN) debug_return; sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "recv from %s (%s)", relay_closure->relay_name.name, + "read from %s (%s)", relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); closure->errstr = _("unable to read from relay"); goto send_error; @@ -865,18 +873,20 @@ send_error: goto close_connection; if (closure->errstr != NULL || !fmt_error_message(closure->errstr, closure)) goto close_connection; - sudo_ev_del(closure->evbase, relay_closure->read_ev); - if (sudo_ev_add(closure->evbase, closure->write_ev, - logsrvd_conf_relay_timeout(), false) == -1) { - sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to add server write event"); - goto close_connection; + if (closure->write_ev != NULL) { + if (sudo_ev_add(closure->evbase, closure->write_ev, + logsrvd_conf_relay_timeout(), false) == -1) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, + "unable to add server write event"); + goto close_connection; + } } + sudo_ev_del(closure->evbase, relay_closure->read_ev); closure->state = ERROR; debug_return; close_connection: - connection_closure_free(closure); + connection_close(closure); debug_return; } @@ -978,10 +988,10 @@ relay_client_msg_cb(int fd, int what, void *v) } else #endif { - nwritten = send(fd, buf->data + buf->off, buf->len - buf->off, 0); + nwritten = write(fd, buf->data + buf->off, buf->len - buf->off); if (nwritten == -1) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "send to %s (%s)", relay_closure->relay_name.name, + "write to %s (%s)", relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); closure->errstr = _("error writing to relay"); goto send_error; @@ -1011,18 +1021,20 @@ send_error: goto close_connection; if (closure->errstr != NULL || !fmt_error_message(closure->errstr, closure)) goto close_connection; - sudo_ev_del(closure->evbase, relay_closure->read_ev); - if (sudo_ev_add(closure->evbase, closure->write_ev, - logsrvd_conf_relay_timeout(), false) == -1) { - sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to add server write event"); - goto close_connection; + if (closure->write_ev != NULL) { + if (sudo_ev_add(closure->evbase, closure->write_ev, + logsrvd_conf_relay_timeout(), false) == -1) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, + "unable to add server write event"); + goto close_connection; + } } + sudo_ev_del(closure->evbase, relay_closure->read_ev); closure->state = ERROR; debug_return; close_connection: - connection_closure_free(closure); + connection_close(closure); debug_return; } @@ -1057,13 +1069,14 @@ relay_accept(AcceptMessage *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_accept, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying AcceptMessage from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying AcceptMessage from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); if (ret) { @@ -1084,13 +1097,14 @@ relay_reject(RejectMessage *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_reject, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying RejectMessage from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying RejectMessage from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); closure->state = FINISHED; @@ -1106,18 +1120,22 @@ relay_exit(ExitMessage *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_exit, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying ExitMessage from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying ExitMessage from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); if (ret) { /* Command exited, if I/O logging wait for commit point. */ - closure->state = closure->log_io ? EXITED : FINISHED; + if (closure->log_io && !closure->relay_only) + closure->state = EXITED; + else + closure->state = FINISHED; } debug_return_bool(ret); @@ -1132,6 +1150,8 @@ relay_restart(RestartMessage *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; struct sudo_event_base *evbase = closure->evbase; ClientMessage client_msg = CLIENT_MESSAGE__INIT; RestartMessage restart_msg = *msg; @@ -1140,9 +1160,8 @@ relay_restart(RestartMessage *msg, uint8_t *buf, size_t len, debug_decl(relay_restart, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying RestartMessage from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying RestartMessage from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); /* * We prepend "relayhost/" to the log ID before relaying it to @@ -1178,13 +1197,14 @@ relay_alert(AlertMessage *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_alert, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying AlertMessage from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying AlertMessage from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); @@ -1199,13 +1219,14 @@ relay_suspend(CommandSuspend *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_suspend, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying CommandSuspend from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying CommandSuspend from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); @@ -1220,13 +1241,14 @@ relay_winsize(ChangeWindowSize *msg, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_winsize, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying ChangeWindowSize from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying ChangeWindowSize from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); @@ -1241,13 +1263,14 @@ relay_iobuf(IoBuffer *iobuf, uint8_t *buf, size_t len, struct connection_closure *closure) { struct relay_closure *relay_closure = closure->relay_closure; + const char *source = closure->journal_path ? closure->journal_path : + closure->ipaddr; bool ret; debug_decl(relay_iobuf, SUDO_DEBUG_UTIL); sudo_debug_printf(SUDO_DEBUG_INFO, - "%s: relaying IoBuffer from %s to %s (%s)", __func__, - closure->ipaddr, relay_closure->relay_name.name, - relay_closure->relay_name.ipaddr); + "%s: relaying IoBuffer from %s to %s (%s)", __func__, source, + relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); ret = relay_enqueue_write(buf, len, closure); @@ -1267,7 +1290,7 @@ relay_shutdown(struct connection_closure *closure) if (!sudo_ev_pending(relay_closure->read_ev, SUDO_EV_READ, NULL) && !sudo_ev_pending(relay_closure->write_ev, SUDO_EV_WRITE, NULL) && TAILQ_EMPTY(&relay_closure->write_bufs)) { - connection_closure_free(closure); + connection_close(closure); } debug_return_bool(true);