Add print_error() function that uses the conversation function to

print a variable number of error strings and use it in log_error().

plugins/sudoers/logging.c

@@ -275,23 +275,24 @@ log_denial(int status, int inform_user)
 
     /* Inform the user if they failed to authenticate.  */
     if (inform_user) {
-	if (ISSET(status, FLAG_NO_USER))
+	if (ISSET(status, FLAG_NO_USER)) {
-	    (void) fprintf(stderr, "%s is not in the sudoers file.  %s",
+	    print_error(2, user_name, " is not in the sudoers file.  "
-		user_name, "This incident will be reported.\n");
+		"This incident will be reported.\n");
-	else if (ISSET(status, FLAG_NO_HOST))
+	} else if (ISSET(status, FLAG_NO_HOST)) {
-	    (void) fprintf(stderr, "%s is not allowed to run sudo on %s.  %s",
+	    print_error(4, user_name, " is not allowed to run sudo on ",
-		user_name, user_shost, "This incident will be reported.\n");
+		user_shost, ".  This incident will be reported.\n");
-	else if (ISSET(status, FLAG_NO_CHECK))
+	} else if (ISSET(status, FLAG_NO_CHECK)) {
-	    (void) fprintf(stderr, "Sorry, user %s may not run sudo on %s.\n",
+	    print_error(5, "Sorry, user ", user_name, " may not run sudo on ",
-		user_name, user_shost);
+		user_shost, ".\n");
-	else
+	} else {
-	    (void) fprintf(stderr,
+	    print_error(13, "Sorry, user ", user_name,
-		"Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n",
+		" is not allowed to execute '", user_cmnd,
-		user_name, user_cmnd, user_args ? " " : "",
+		user_args ? " " : "", user_args ? user_args : "", "' ",
-		user_args ? user_args : "",
+		list_pw ? list_pw->pw_name :
-		list_pw ? list_pw->pw_name : runas_pw ?
+		runas_pw ? runas_pw->pw_name : user_name,
-		runas_pw->pw_name : user_name, runas_gr ? ":" : "",
+		runas_gr ? ":" : "", runas_gr ? runas_gr->gr_name : "", " on ",
-		runas_gr ? runas_gr->gr_name : "", user_host);
+		user_shost, ".\n");
+	}
     }
 
     /*

plugins/sudoers/plugin_error.c

@@ -36,41 +36,44 @@ extern sudo_conv_t sudo_conv;
 void
 error(int eval, const char *fmt, ...)
 {
-	va_list ap;
+    va_list ap;
-	va_start(ap, fmt);
+
-	_warning(1, fmt, ap);
+    va_start(ap, fmt);
-	va_end(ap);
+    _warning(1, fmt, ap);
-	cleanup(0);
+    va_end(ap);
-	siglongjmp(error_jmp, eval);
+    cleanup(0);
+    siglongjmp(error_jmp, eval);
 }
 
 void
 errorx(int eval, const char *fmt, ...)
 {
-	va_list ap;
+    va_list ap;
-	va_start(ap, fmt);
+
-	_warning(0, fmt, ap);
+    va_start(ap, fmt);
-	va_end(ap);
+    _warning(0, fmt, ap);
-	cleanup(0);
+    va_end(ap);
-	siglongjmp(error_jmp, eval);
+    cleanup(0);
+    siglongjmp(error_jmp, eval);
 }
 
 void
 warning(const char *fmt, ...)
 {
-	va_list ap;
+    va_list ap;
-	va_start(ap, fmt);
+
-	_warning(1, fmt, ap);
+    va_start(ap, fmt);
-	va_end(ap);
+    _warning(1, fmt, ap);
+    va_end(ap);
 }
 
 void
 warningx(const char *fmt, ...)
 {
-	va_list ap;
+    va_list ap;
-	va_start(ap, fmt);
+    va_start(ap, fmt);
-	_warning(0, fmt, ap);
+    _warning(0, fmt, ap);
-	va_end(ap);
+    va_end(ap);
 }
 
 static void
@@ -103,3 +106,28 @@ _warning(int use_errno, const char *fmt, va_list ap)
     memset(&repl, 0, sizeof(repl));
     sudo_conv(nmsgs, msg, repl);
 }
+
+void
+print_error(int nmsgs, ...)
+{
+    struct sudo_conv_message *msg;
+    struct sudo_conv_reply *repl;
+    va_list ap;
+    int i;
+
+    if (nmsgs <= 0)
+	return;
+
+    msg = emalloc2(nmsgs, sizeof(*msg));
+    repl = emalloc2(nmsgs, sizeof(*repl));
+    memset(repl, 0, nmsgs * sizeof(*repl));
+
+    va_start(ap, nmsgs);
+    for (i = 0; i < nmsgs; i++) {
+	msg[i].msg_type = SUDO_CONV_ERROR_MSG;
+	msg[i].msg = va_arg(ap, char *);
+    }
+    va_end(ap);
+
+    sudo_conv(nmsgs, msg, repl);
+}

plugins/sudoers/sudoers.h

@@ -311,6 +311,9 @@ void cleanup(int);
 void set_fqdn(void);
 FILE *open_sudoers(const char *, int, int *);
 
+/* plugin_error.c */
+void print_error(int nmsgs, ...);
+
 #ifndef _SUDO_MAIN
 extern struct sudo_user sudo_user;
 extern struct passwd *auth_pw, *list_pw;