isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Forward the journaled entry after it has been stored locally.

Browse Source
This commit is contained in:
Todd C. Miller
2021-04-23 16:56:18 -06:00
parent 280fabac38
commit 050e91f8d1
4 changed files with 223 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

208
logsrvd/logsrvd.c
View File

@@ -89,13 +89,18 @@ static const char server_id[] = "Sudo Audit Server " PACKAGE_VERSION;
static const char *conf_file = _PATH_SUDO_LOGSRVD_CONF; static const char *conf_file = _PATH_SUDO_LOGSRVD_CONF;
static double random_drop; static double random_drop;
/* Server callback may redirect to client callback for TLS. */ /* Event loop callbacks. */
static void client_msg_cb(int fd, int what, void *v); static void client_msg_cb(int fd, int what, void *v);
static void server_msg_cb(int fd, int what, void *v);
static void server_commit_cb(int fd, int what, void *v);
#if defined(HAVE_OPENSSL)
static void tls_handshake_cb(int fd, int what, void *v);
#endif
/* /*
* Free a struct connection_closure container and its contents. * Free a struct connection_closure container and its contents.
*/ */
void static void
connection_closure_free(struct connection_closure *closure) connection_closure_free(struct connection_closure *closure)
{ {
debug_decl(connection_closure_free, SUDO_DEBUG_UTIL); debug_decl(connection_closure_free, SUDO_DEBUG_UTIL);
@@ -123,6 +128,8 @@ connection_closure_free(struct connection_closure *closure)
eventlog_free(closure->evlog); eventlog_free(closure->evlog);
free(closure->read_buf.data); free(closure->read_buf.data);
while ((buf = TAILQ_FIRST(&closure->write_bufs)) != NULL) { while ((buf = TAILQ_FIRST(&closure->write_bufs)) != NULL) {
sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
"discarding write buffer %p, len %u", buf, buf->len - buf->off);
TAILQ_REMOVE(&closure->write_bufs, buf, entries); TAILQ_REMOVE(&closure->write_bufs, buf, entries);
free(buf->data); free(buf->data);
free(buf); free(buf);
@@ -144,6 +151,113 @@ connection_closure_free(struct connection_closure *closure)
debug_return; debug_return;
} }
/*
* Allocate a new connection closure.
*/
static struct connection_closure *
connection_closure_alloc(int fd, bool tls, bool relay_only,
struct sudo_event_base *base)
{
struct connection_closure *closure;
debug_decl(connection_closure_alloc, SUDO_DEBUG_UTIL);
if ((closure = calloc(1, sizeof(*closure))) == NULL)
debug_return_ptr(NULL);
closure->iolog_dir_fd = -1;
closure->sock = relay_only ? -1 : fd;
closure->evbase = base;
closure->relay_only = relay_only;
closure->store_first = !relay_only && logsrvd_conf_relay_store_first();
TAILQ_INIT(&closure->write_bufs);
TAILQ_INIT(&closure->free_bufs);
TAILQ_INSERT_TAIL(&connections, closure, entries);
closure->read_buf.size = 64 * 1024;
closure->read_buf.data = malloc(closure->read_buf.size);
if (closure->read_buf.data == NULL)
goto bad;
closure->read_ev = sudo_ev_alloc(fd, SUDO_EV_READ|SUDO_EV_PERSIST,
client_msg_cb, closure);
if (closure->read_ev == NULL)
goto bad;
if (!relay_only) {
closure->write_ev = sudo_ev_alloc(fd, SUDO_EV_WRITE|SUDO_EV_PERSIST,
server_msg_cb, closure);
if (closure->write_ev == NULL)
goto bad;
closure->commit_ev = sudo_ev_alloc(-1, SUDO_EV_TIMEOUT,
server_commit_cb, closure);
if (closure->commit_ev == NULL)
goto bad;
}
#if defined(HAVE_OPENSSL)
if (tls) {
closure->ssl_accept_ev = sudo_ev_alloc(fd, SUDO_EV_READ,
tls_handshake_cb, closure);
if (closure->ssl_accept_ev == NULL)
goto bad;
}
#endif
debug_return_ptr(closure);
bad:
connection_closure_free(closure);
debug_return_ptr(NULL);
}
/*
* Close the client connection when finished.
* If in store-and-forward mode, initiate a relay connection.
* Otherwise, free the connection closure, removing any events.
*/
void
connection_close(struct connection_closure *closure)
{
struct connection_closure *new_closure;
debug_decl(connection_close, SUDO_DEBUG_UTIL);
if (closure == NULL)
debug_return;
/*
* If we finished a client connection in store-and-forward mode,
* create a new connection for the relay and replay the journal.
*/
if (closure->store_first && closure->state == FINISHED &&
closure->relay_closure == NULL && closure->journal != NULL) {
new_closure = connection_closure_alloc(fileno(closure->journal), false,
true, closure->evbase);
if (new_closure != NULL) {
/* Re-parent journal settings. */
new_closure->journal = closure->journal;
closure->journal = NULL;
new_closure->journal_path = closure->journal_path;
closure->journal_path = NULL;
/* Connect to the first relay available asynchronously. */
if (!connect_relay(new_closure)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to connect to relay");
connection_closure_free(new_closure);
}
}
}
if (closure->state == FINISHED && closure->journal_path != NULL) {
/* Journal relayed successfully, remove backing file. */
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"removing journal file %s", closure->journal_path);
unlink(closure->journal_path);
}
connection_closure_free(closure);
debug_return;
}
struct connection_buffer * struct connection_buffer *
get_free_buf(size_t len, struct connection_closure *closure) get_free_buf(size_t len, struct connection_closure *closure)
{ {
@@ -483,12 +597,11 @@ handle_exit(ExitMessage *msg, uint8_t *buf, size_t len,
} }
if (closure->store_first) { if (closure->store_first) {
/* Store message in a journal for later relaying. */ /* Store exit message in journal. */
if (!journal_write(buf, len, closure)) if (!journal_write(buf, len, closure))
debug_return_bool(false); debug_return_bool(false);
if (!journal_finish(closure)) if (!journal_finish(closure))
debug_return_bool(false); debug_return_bool(false);
/* XXX - schedule relay of journal file */
} }
if (closure->log_io) { if (closure->log_io) {
@@ -898,7 +1011,7 @@ server_shutdown(struct sudo_event_base *base)
} }
} else { } else {
/* No commit point, close connection immediately. */ /* No commit point, close connection immediately. */
connection_closure_free(closure); connection_close(closure);
} }
} }
@@ -989,7 +1102,7 @@ server_msg_cb(int fd, int what, void *v)
} else } else
#endif #endif
{ {
nwritten = send(fd, buf->data + buf->off, buf->len - buf->off, 0); nwritten = write(fd, buf->data + buf->off, buf->len - buf->off);
} }
if (nwritten == -1) { if (nwritten == -1) {
@@ -1018,7 +1131,7 @@ server_msg_cb(int fd, int what, void *v)
debug_return; debug_return;
finished: finished:
connection_closure_free(closure); connection_close(closure);
debug_return; debug_return;
} }
@@ -1096,7 +1209,7 @@ client_msg_cb(int fd, int what, void *v)
} else } else
#endif #endif
{ {
nread = recv(fd, buf->data + buf->len, buf->size - buf->len, 0); nread = read(fd, buf->data + buf->len, buf->size - buf->len);
} }
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received %zd bytes from client %s", sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received %zd bytes from client %s",
@@ -1164,7 +1277,7 @@ send_error:
* Try to send client an error message before closing connection. * Try to send client an error message before closing connection.
* If we are already in an error state, just give up. * If we are already in an error state, just give up.
*/ */
if (closure->state == ERROR) if (closure->state == ERROR || closure->write_ev == NULL)
goto close_connection; goto close_connection;
if (closure->errstr == NULL || !fmt_error_message(closure->errstr, closure)) if (closure->errstr == NULL || !fmt_error_message(closure->errstr, closure))
goto close_connection; goto close_connection;
@@ -1178,7 +1291,7 @@ send_error:
closure->state = ERROR; closure->state = ERROR;
debug_return; debug_return;
close_connection: close_connection:
connection_closure_free(closure); connection_close(closure);
debug_return; debug_return;
} }
@@ -1232,7 +1345,7 @@ server_commit_cb(int unused, int what, void *v)
commit_point.tv_sec = closure->elapsed_time.tv_sec; commit_point.tv_sec = closure->elapsed_time.tv_sec;
commit_point.tv_nsec = closure->elapsed_time.tv_nsec; commit_point.tv_nsec = closure->elapsed_time.tv_nsec;
if (!schedule_commit_point(&commit_point, closure)) if (!schedule_commit_point(&commit_point, closure))
connection_closure_free(closure); connection_close(closure);
debug_return; debug_return;
} }
@@ -1255,11 +1368,14 @@ start_protocol(struct connection_closure *closure)
closure->relay_closure->relay_addr = NULL; closure->relay_closure->relay_addr = NULL;
} }
if (!fmt_hello_message(closure)) /* When replaying a journal there is no write event. */
debug_return_bool(false); if (closure->write_ev != NULL) {
if (!fmt_hello_message(closure))
debug_return_bool(false);
if (sudo_ev_add(closure->evbase, closure->write_ev, timeout, false) == -1) if (sudo_ev_add(closure->evbase, closure->write_ev, timeout, false) == -1)
debug_return_bool(false); debug_return_bool(false);
}
/* No read timeout, client messages may happen at arbitrary times. */ /* No read timeout, client messages may happen at arbitrary times. */
if (sudo_ev_add(closure->evbase, closure->read_ev, NULL, false) == -1) if (sudo_ev_add(closure->evbase, closure->read_ev, NULL, false) == -1)
@@ -1423,67 +1539,11 @@ tls_handshake_cb(int fd, int what, void *v)
debug_return; debug_return;
bad: bad:
connection_closure_free(closure); connection_close(closure);
debug_return; debug_return;
} }
#endif /* HAVE_OPENSSL */ #endif /* HAVE_OPENSSL */
/*
* Allocate a new connection closure.
*/
static struct connection_closure *
connection_closure_alloc(int sock, bool tls, struct sudo_event_base *base)
{
struct connection_closure *closure;
debug_decl(connection_closure_alloc, SUDO_DEBUG_UTIL);
if ((closure = calloc(1, sizeof(*closure))) == NULL)
debug_return_ptr(NULL);
closure->iolog_dir_fd = -1;
closure->sock = sock;
closure->evbase = base;
closure->store_first = logsrvd_conf_relay_store_first();
TAILQ_INIT(&closure->write_bufs);
TAILQ_INIT(&closure->free_bufs);
TAILQ_INSERT_TAIL(&connections, closure, entries);
closure->read_buf.size = 64 * 1024;
closure->read_buf.data = malloc(closure->read_buf.size);
if (closure->read_buf.data == NULL)
goto bad;
closure->commit_ev = sudo_ev_alloc(-1, SUDO_EV_TIMEOUT,
server_commit_cb, closure);
if (closure->commit_ev == NULL)
goto bad;
closure->read_ev = sudo_ev_alloc(sock, SUDO_EV_READ|SUDO_EV_PERSIST,
client_msg_cb, closure);
if (closure->read_ev == NULL)
goto bad;
closure->write_ev = sudo_ev_alloc(sock, SUDO_EV_WRITE|SUDO_EV_PERSIST,
server_msg_cb, closure);
if (closure->write_ev == NULL)
goto bad;
#if defined(HAVE_OPENSSL)
if (tls) {
closure->ssl_accept_ev = sudo_ev_alloc(sock, SUDO_EV_READ,
tls_handshake_cb, closure);
if (closure->ssl_accept_ev == NULL)
goto bad;
}
#endif
debug_return_ptr(closure);
bad:
connection_closure_free(closure);
debug_return_ptr(NULL);
}
/* /*
* New connection. * New connection.
* Allocate a connection closure and optionally perform TLS handshake. * Allocate a connection closure and optionally perform TLS handshake.
@@ -1495,7 +1555,7 @@ new_connection(int sock, bool tls, const struct sockaddr *sa,
struct connection_closure *closure; struct connection_closure *closure;
debug_decl(new_connection, SUDO_DEBUG_UTIL); debug_decl(new_connection, SUDO_DEBUG_UTIL);
if ((closure = connection_closure_alloc(sock, tls, evbase)) == NULL) if ((closure = connection_closure_alloc(sock, tls, false, evbase)) == NULL)
goto bad; goto bad;
/* store the peer's IP address in the closure object */ /* store the peer's IP address in the closure object */
@@ -1565,7 +1625,7 @@ new_connection(int sock, bool tls, const struct sockaddr *sa,
debug_return_bool(true); debug_return_bool(true);
bad: bad:
connection_closure_free(closure); connection_close(closure);
debug_return_bool(false); debug_return_bool(false);
} }

3
logsrvd/logsrvd.h
View File

@@ -104,6 +104,7 @@ struct connection_closure {
enum connection_status state; enum connection_status state;
bool tls; bool tls;
bool log_io; bool log_io;
bool relay_only;
bool store_first; bool store_first;
bool read_instead_of_write; bool read_instead_of_write;
bool write_instead_of_read; bool write_instead_of_read;
@@ -159,7 +160,7 @@ void update_elapsed_time(TimeSpec *delta, struct timespec *elapsed);
/* logsrvd.c */ /* logsrvd.c */
bool start_protocol(struct connection_closure *closure); bool start_protocol(struct connection_closure *closure);
void connection_closure_free(struct connection_closure *closure); void connection_close(struct connection_closure *closure);
bool schedule_commit_point(TimeSpec *commit_point, struct connection_closure *closure); bool schedule_commit_point(TimeSpec *commit_point, struct connection_closure *closure);
bool fmt_log_id_message(const char *id, struct connection_closure *closure); bool fmt_log_id_message(const char *id, struct connection_closure *closure);
bool fmt_error_message(const char *errstr, struct connection_closure *closure); bool fmt_error_message(const char *errstr, struct connection_closure *closure);

2
logsrvd/logsrvd_journal.c
View File

@@ -180,6 +180,8 @@ journal_seek(struct timespec *target, struct connection_closure *closure)
closure->errstr = _("client message too large"); closure->errstr = _("client message too large");
break; break;
} }
/* Read actual message from journal. */
if (msg_len > bufsize) { if (msg_len > bufsize) {
bufsize = sudo_pow2_roundup(msg_len); bufsize = sudo_pow2_roundup(msg_len);
free(buf); free(buf);

147
logsrvd/logsrvd_relay.c
View File

@@ -428,13 +428,13 @@ connect_cb(int sock, int what, void *v)
/* Relay connection succeeded, start TLS handshake. */ /* Relay connection succeeded, start TLS handshake. */
if (relay_closure->relay_addr->tls) { if (relay_closure->relay_addr->tls) {
if (!connect_relay_tls(closure)) if (!connect_relay_tls(closure))
connection_closure_free(closure); connection_close(closure);
} else } else
#endif #endif
{ {
/* Relay connection succeeded, start talking to the client. */ /* Relay connection succeeded, start talking to the client. */
if (!start_relay(sock, closure)) if (!start_relay(sock, closure))
connection_closure_free(closure); connection_close(closure);
} }
} else { } else {
/* Connection failed, try next relay (if any). */ /* Connection failed, try next relay (if any). */
@@ -552,6 +552,10 @@ handle_log_id(char *id, struct connection_closure *closure)
closure->relay_closure->relay_name.name, closure->relay_closure->relay_name.name,
closure->relay_closure->relay_name.ipaddr); closure->relay_closure->relay_name.ipaddr);
/* No client connection when replaying a journaled entry. */
if (closure->write_ev == NULL)
debug_return_bool(true);
/* Generate a new log ID that includes the relay host. */ /* Generate a new log ID that includes the relay host. */
len = asprintf(&new_id, "%s/%s", id, len = asprintf(&new_id, "%s/%s", id,
closure->relay_closure->relay_name.name); closure->relay_closure->relay_name.name);
@@ -586,16 +590,18 @@ handle_server_error(char *errmsg, struct connection_closure *closure)
relay_closure->relay_name.name, relay_closure->relay_name.ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr,
errmsg); errmsg);
if (!fmt_error_message(errmsg, closure)) if (closure->write_ev != NULL) {
debug_return_bool(false); if (!fmt_error_message(errmsg, closure))
debug_return_bool(false);
sudo_ev_del(closure->evbase, closure->read_ev); if (sudo_ev_add(closure->evbase, closure->write_ev,
if (sudo_ev_add(closure->evbase, closure->write_ev, logsrvd_conf_relay_timeout(), false) == -1) {
logsrvd_conf_relay_timeout(), false) == -1) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "unable to add server write event");
"unable to add server write event"); debug_return_bool(false);
debug_return_bool(false); }
} }
sudo_ev_del(closure->evbase, relay_closure->read_ev);
closure->state = ERROR; closure->state = ERROR;
debug_return_bool(true); debug_return_bool(true);
@@ -616,16 +622,18 @@ handle_server_abort(char *errmsg, struct connection_closure *closure)
relay_closure->relay_name.name, relay_closure->relay_name.ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr,
errmsg); errmsg);
if (!fmt_error_message(errmsg, closure)) if (closure->write_ev != NULL) {
debug_return_bool(false); if (!fmt_error_message(errmsg, closure))
debug_return_bool(false);
sudo_ev_del(closure->evbase, closure->read_ev); if (sudo_ev_add(closure->evbase, closure->write_ev,
if (sudo_ev_add(closure->evbase, closure->write_ev, logsrvd_conf_relay_timeout(), false) == -1) {
logsrvd_conf_relay_timeout(), false) == -1) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "unable to add server write event");
"unable to add server write event"); debug_return_bool(false);
debug_return_bool(false); }
} }
sudo_ev_del(closure->evbase, relay_closure->read_ev);
closure->state = ERROR; closure->state = ERROR;
debug_return_bool(true); debug_return_bool(true);
@@ -787,7 +795,7 @@ relay_server_msg_cb(int fd, int what, void *v)
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: ServerMessage from relay %s (%s)", __func__, "%s: ServerMessage from relay %s (%s)", __func__,
relay_closure->relay_name.name, relay_closure->relay_name.ipaddr); relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
nread = recv(fd, buf->data + buf->len, buf->size - buf->len, 0); nread = read(fd, buf->data + buf->len, buf->size - buf->len);
} }
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
@@ -798,7 +806,7 @@ relay_server_msg_cb(int fd, int what, void *v)
if (errno == EAGAIN) if (errno == EAGAIN)
debug_return; debug_return;
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"recv from %s (%s)", relay_closure->relay_name.name, "read from %s (%s)", relay_closure->relay_name.name,
relay_closure->relay_name.ipaddr); relay_closure->relay_name.ipaddr);
closure->errstr = _("unable to read from relay"); closure->errstr = _("unable to read from relay");
goto send_error; goto send_error;
@@ -865,18 +873,20 @@ send_error:
goto close_connection; goto close_connection;
if (closure->errstr != NULL || !fmt_error_message(closure->errstr, closure)) if (closure->errstr != NULL || !fmt_error_message(closure->errstr, closure))
goto close_connection; goto close_connection;
sudo_ev_del(closure->evbase, relay_closure->read_ev); if (closure->write_ev != NULL) {
if (sudo_ev_add(closure->evbase, closure->write_ev, if (sudo_ev_add(closure->evbase, closure->write_ev,
logsrvd_conf_relay_timeout(), false) == -1) { logsrvd_conf_relay_timeout(), false) == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to add server write event"); "unable to add server write event");
goto close_connection; goto close_connection;
}
} }
sudo_ev_del(closure->evbase, relay_closure->read_ev);
closure->state = ERROR; closure->state = ERROR;
debug_return; debug_return;
close_connection: close_connection:
connection_closure_free(closure); connection_close(closure);
debug_return; debug_return;
} }
@@ -978,10 +988,10 @@ relay_client_msg_cb(int fd, int what, void *v)
} else } else
#endif #endif
{ {
nwritten = send(fd, buf->data + buf->off, buf->len - buf->off, 0); nwritten = write(fd, buf->data + buf->off, buf->len - buf->off);
if (nwritten == -1) { if (nwritten == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"send to %s (%s)", relay_closure->relay_name.name, "write to %s (%s)", relay_closure->relay_name.name,
relay_closure->relay_name.ipaddr); relay_closure->relay_name.ipaddr);
closure->errstr = _("error writing to relay"); closure->errstr = _("error writing to relay");
goto send_error; goto send_error;
@@ -1011,18 +1021,20 @@ send_error:
goto close_connection; goto close_connection;
if (closure->errstr != NULL || !fmt_error_message(closure->errstr, closure)) if (closure->errstr != NULL || !fmt_error_message(closure->errstr, closure))
goto close_connection; goto close_connection;
sudo_ev_del(closure->evbase, relay_closure->read_ev); if (closure->write_ev != NULL) {
if (sudo_ev_add(closure->evbase, closure->write_ev, if (sudo_ev_add(closure->evbase, closure->write_ev,
logsrvd_conf_relay_timeout(), false) == -1) { logsrvd_conf_relay_timeout(), false) == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to add server write event"); "unable to add server write event");
goto close_connection; goto close_connection;
}
} }
sudo_ev_del(closure->evbase, relay_closure->read_ev);
closure->state = ERROR; closure->state = ERROR;
debug_return; debug_return;
close_connection: close_connection:
connection_closure_free(closure); connection_close(closure);
debug_return; debug_return;
} }
@@ -1057,13 +1069,14 @@ relay_accept(AcceptMessage *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_accept, SUDO_DEBUG_UTIL); debug_decl(relay_accept, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying AcceptMessage from %s to %s (%s)", __func__, "%s: relaying AcceptMessage from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
if (ret) { if (ret) {
@@ -1084,13 +1097,14 @@ relay_reject(RejectMessage *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_reject, SUDO_DEBUG_UTIL); debug_decl(relay_reject, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying RejectMessage from %s to %s (%s)", __func__, "%s: relaying RejectMessage from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
closure->state = FINISHED; closure->state = FINISHED;
@@ -1106,18 +1120,22 @@ relay_exit(ExitMessage *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_exit, SUDO_DEBUG_UTIL); debug_decl(relay_exit, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying ExitMessage from %s to %s (%s)", __func__, "%s: relaying ExitMessage from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
if (ret) { if (ret) {
/* Command exited, if I/O logging wait for commit point. */ /* Command exited, if I/O logging wait for commit point. */
closure->state = closure->log_io ? EXITED : FINISHED; if (closure->log_io && !closure->relay_only)
closure->state = EXITED;
else
closure->state = FINISHED;
} }
debug_return_bool(ret); debug_return_bool(ret);
@@ -1132,6 +1150,8 @@ relay_restart(RestartMessage *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
struct sudo_event_base *evbase = closure->evbase; struct sudo_event_base *evbase = closure->evbase;
ClientMessage client_msg = CLIENT_MESSAGE__INIT; ClientMessage client_msg = CLIENT_MESSAGE__INIT;
RestartMessage restart_msg = *msg; RestartMessage restart_msg = *msg;
@@ -1140,9 +1160,8 @@ relay_restart(RestartMessage *msg, uint8_t *buf, size_t len,
debug_decl(relay_restart, SUDO_DEBUG_UTIL); debug_decl(relay_restart, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying RestartMessage from %s to %s (%s)", __func__, "%s: relaying RestartMessage from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
/* /*
* We prepend "relayhost/" to the log ID before relaying it to * We prepend "relayhost/" to the log ID before relaying it to
@@ -1178,13 +1197,14 @@ relay_alert(AlertMessage *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_alert, SUDO_DEBUG_UTIL); debug_decl(relay_alert, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying AlertMessage from %s to %s (%s)", __func__, "%s: relaying AlertMessage from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
@@ -1199,13 +1219,14 @@ relay_suspend(CommandSuspend *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_suspend, SUDO_DEBUG_UTIL); debug_decl(relay_suspend, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying CommandSuspend from %s to %s (%s)", __func__, "%s: relaying CommandSuspend from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
@@ -1220,13 +1241,14 @@ relay_winsize(ChangeWindowSize *msg, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_winsize, SUDO_DEBUG_UTIL); debug_decl(relay_winsize, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying ChangeWindowSize from %s to %s (%s)", __func__, "%s: relaying ChangeWindowSize from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
@@ -1241,13 +1263,14 @@ relay_iobuf(IoBuffer *iobuf, uint8_t *buf, size_t len,
struct connection_closure *closure) struct connection_closure *closure)
{ {
struct relay_closure *relay_closure = closure->relay_closure; struct relay_closure *relay_closure = closure->relay_closure;
const char *source = closure->journal_path ? closure->journal_path :
closure->ipaddr;
bool ret; bool ret;
debug_decl(relay_iobuf, SUDO_DEBUG_UTIL); debug_decl(relay_iobuf, SUDO_DEBUG_UTIL);
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: relaying IoBuffer from %s to %s (%s)", __func__, "%s: relaying IoBuffer from %s to %s (%s)", __func__, source,
closure->ipaddr, relay_closure->relay_name.name, relay_closure->relay_name.name, relay_closure->relay_name.ipaddr);
relay_closure->relay_name.ipaddr);
ret = relay_enqueue_write(buf, len, closure); ret = relay_enqueue_write(buf, len, closure);
@@ -1267,7 +1290,7 @@ relay_shutdown(struct connection_closure *closure)
if (!sudo_ev_pending(relay_closure->read_ev, SUDO_EV_READ, NULL) && if (!sudo_ev_pending(relay_closure->read_ev, SUDO_EV_READ, NULL) &&
!sudo_ev_pending(relay_closure->write_ev, SUDO_EV_WRITE, NULL) && !sudo_ev_pending(relay_closure->write_ev, SUDO_EV_WRITE, NULL) &&
TAILQ_EMPTY(&relay_closure->write_bufs)) { TAILQ_EMPTY(&relay_closure->write_bufs)) {
connection_closure_free(closure); connection_close(closure);
} }
debug_return_bool(true); debug_return_bool(true);