Add print_error() function that uses the conversation function to

print a variable number of error strings and use it in log_error().
2010-05-03 16:53:05 -04:00
parent 0eda64b235
commit 13966481c7
3 changed files with 69 additions and 37 deletions
--- a/plugins/sudoers/logging.c
+++ b/plugins/sudoers/logging.c
@@ -275,23 +275,24 @@ log_denial(int status, int inform_user)

    /* Inform the user if they failed to authenticate.  */
    if (inform_user) {
-	if (ISSET(status, FLAG_NO_USER))
-	    (void) fprintf(stderr, "%s is not in the sudoers file.  %s",
-		user_name, "This incident will be reported.\n");
-	else if (ISSET(status, FLAG_NO_HOST))
-	    (void) fprintf(stderr, "%s is not allowed to run sudo on %s.  %s",
-		user_name, user_shost, "This incident will be reported.\n");
-	else if (ISSET(status, FLAG_NO_CHECK))
-	    (void) fprintf(stderr, "Sorry, user %s may not run sudo on %s.\n",
-		user_name, user_shost);
-	else
-	    (void) fprintf(stderr,
-		"Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n",
-		user_name, user_cmnd, user_args ? " " : "",
-		user_args ? user_args : "",
-		list_pw ? list_pw->pw_name : runas_pw ?
-		runas_pw->pw_name : user_name, runas_gr ? ":" : "",
-		runas_gr ? runas_gr->gr_name : "", user_host);
+	if (ISSET(status, FLAG_NO_USER)) {
+	    print_error(2, user_name, " is not in the sudoers file.  "
+		"This incident will be reported.\n");
+	} else if (ISSET(status, FLAG_NO_HOST)) {
+	    print_error(4, user_name, " is not allowed to run sudo on ",
+		user_shost, ".  This incident will be reported.\n");
+	} else if (ISSET(status, FLAG_NO_CHECK)) {
+	    print_error(5, "Sorry, user ", user_name, " may not run sudo on ",
+		user_shost, ".\n");
+	} else {
+	    print_error(13, "Sorry, user ", user_name,
+		" is not allowed to execute '", user_cmnd,
+		user_args ? " " : "", user_args ? user_args : "", "' ",
+		list_pw ? list_pw->pw_name :
+		runas_pw ? runas_pw->pw_name : user_name,
+		runas_gr ? ":" : "", runas_gr ? runas_gr->gr_name : "", " on ",
+		user_shost, ".\n");
+	}
    }

    /*
--- a/plugins/sudoers/plugin_error.c
+++ b/plugins/sudoers/plugin_error.c
@@ -37,6 +37,7 @@ void
 error(int eval, const char *fmt, ...)
 {
    va_list ap;
+
    va_start(ap, fmt);
    _warning(1, fmt, ap);
    va_end(ap);
@@ -48,6 +49,7 @@ void
 errorx(int eval, const char *fmt, ...)
 {
    va_list ap;
+
    va_start(ap, fmt);
    _warning(0, fmt, ap);
    va_end(ap);
@@ -59,6 +61,7 @@ void
 warning(const char *fmt, ...)
 {
    va_list ap;
+
    va_start(ap, fmt);
    _warning(1, fmt, ap);
    va_end(ap);
@@ -103,3 +106,28 @@ _warning(int use_errno, const char *fmt, va_list ap)
    memset(&repl, 0, sizeof(repl));
    sudo_conv(nmsgs, msg, repl);
 }
+
+void
+print_error(int nmsgs, ...)
+{
+    struct sudo_conv_message *msg;
+    struct sudo_conv_reply *repl;
+    va_list ap;
+    int i;
+
+    if (nmsgs <= 0)
+	return;
+
+    msg = emalloc2(nmsgs, sizeof(*msg));
+    repl = emalloc2(nmsgs, sizeof(*repl));
+    memset(repl, 0, nmsgs * sizeof(*repl));
+
+    va_start(ap, nmsgs);
+    for (i = 0; i < nmsgs; i++) {
+	msg[i].msg_type = SUDO_CONV_ERROR_MSG;
+	msg[i].msg = va_arg(ap, char *);
+    }
+    va_end(ap);
+
+    sudo_conv(nmsgs, msg, repl);
+}
--- a/plugins/sudoers/sudoers.h
+++ b/plugins/sudoers/sudoers.h
@@ -311,6 +311,9 @@ void cleanup(int);
 void set_fqdn(void);
 FILE *open_sudoers(const char *, int, int *);

+/* plugin_error.c */
+void print_error(int nmsgs, ...);
+
 #ifndef _SUDO_MAIN
 extern struct sudo_user sudo_user;
 extern struct passwd *auth_pw, *list_pw;