isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pass argc to audit functions too. Will be needed for Solaris audit

Browse Source 
support.
This commit is contained in:
Todd C. Miller
2014-05-13 09:41:53 -06:00
parent ffb07443c3
commit 337a712745
9 changed files with 36 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
plugins/sudoers/audit.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 2009-2014 Todd C. Miller <Todd.Miller@courtesan.com>
* *
* Permission to use, copy, modify, and distribute this software for any * Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above * purpose with or without fee is hereby granted, provided that the above
@@ -48,18 +48,18 @@
#endif #endif
int int
audit_success(char *exec_args[]) audit_success(int argc, char *argv[])
{ {
int rc = 0; int rc = 0;
debug_decl(audit_success, SUDO_DEBUG_AUDIT) debug_decl(audit_success, SUDO_DEBUG_AUDIT)
if (exec_args != NULL) { if (argv != NULL) {
#ifdef HAVE_BSM_AUDIT #ifdef HAVE_BSM_AUDIT
if (bsm_audit_success(exec_args) == -1) if (bsm_audit_success(argv) == -1)
rc = -1; rc = -1;
#endif #endif
#ifdef HAVE_LINUX_AUDIT #ifdef HAVE_LINUX_AUDIT
if (linux_audit_command(exec_args, 1) == -1) if (linux_audit_command(argv, 1) == -1)
rc = -1; rc = -1;
#endif #endif
} }
@@ -68,13 +68,13 @@ audit_success(char *exec_args[])
} }
int int
audit_failure(char *exec_args[], char const *const fmt, ...) audit_failure(int argc, char *argv[], char const *const fmt, ...)
{ {
int rc = 0; int rc = 0;
debug_decl(audit_success, SUDO_DEBUG_AUDIT) debug_decl(audit_success, SUDO_DEBUG_AUDIT)
#if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT) #if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT)
if (exec_args != NULL) { if (argv != NULL) {
va_list ap; va_list ap;
int oldlocale; int oldlocale;
@@ -83,13 +83,13 @@ audit_failure(char *exec_args[], char const *const fmt, ...)
#ifdef HAVE_BSM_AUDIT #ifdef HAVE_BSM_AUDIT
va_start(ap, fmt); va_start(ap, fmt);
if (bsm_audit_failure(exec_args, _(fmt), ap) == -1) if (bsm_audit_failure(argv, _(fmt), ap) == -1)
rc = -1; rc = -1;
va_end(ap); va_end(ap);
#endif #endif
#ifdef HAVE_LINUX_AUDIT #ifdef HAVE_LINUX_AUDIT
va_start(ap, fmt); va_start(ap, fmt);
if (linux_audit_command(exec_args, 0) == -1) if (linux_audit_command(argv, 0) == -1)
rc = -1; rc = -1;
va_end(ap); va_end(ap);
#endif #endif

2
plugins/sudoers/auth/sia.c
View File

@@ -90,8 +90,6 @@ sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{ {
SIAENTITY *siah = NULL; SIAENTITY *siah = NULL;
int i; int i;
extern int NewArgc;
extern char **NewArgv;
debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH) debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH)
/* Rebuild argv for sia_ses_init() */ /* Rebuild argv for sia_ses_init() */

6
plugins/sudoers/auth/sudo_auth.c
View File

@@ -95,8 +95,6 @@ static sudo_auth auth_switch[] = {
static int standalone; static int standalone;
extern char **NewArgv; /* XXX - for auditing */
static void pass_warn(void); static void pass_warn(void);
/* /*
@@ -116,7 +114,7 @@ sudo_auth_init(struct passwd *pw)
/* Make sure we haven't mixed standalone and shared auth methods. */ /* Make sure we haven't mixed standalone and shared auth methods. */
standalone = IS_STANDALONE(&auth_switch[0]); standalone = IS_STANDALONE(&auth_switch[0]);
if (standalone && auth_switch[1].name != NULL) { if (standalone && auth_switch[1].name != NULL) {
audit_failure(NewArgv, N_("invalid authentication methods")); audit_failure(NewArgc, NewArgv, N_("invalid authentication methods"));
log_warningx(SLOG_SEND_MAIL, log_warningx(SLOG_SEND_MAIL,
N_("Invalid authentication methods compiled into sudo! " N_("Invalid authentication methods compiled into sudo! "
"You may not mix standalone and non-standalone authentication.")); "You may not mix standalone and non-standalone authentication."));
@@ -187,7 +185,7 @@ verify_user(struct passwd *pw, char *prompt, int validated)
/* Make sure we have at least one auth method. */ /* Make sure we have at least one auth method. */
/* XXX - check FLAG_DISABLED too */ /* XXX - check FLAG_DISABLED too */
if (auth_switch[0].name == NULL) { if (auth_switch[0].name == NULL) {
audit_failure(NewArgv, N_("no authentication methods")); audit_failure(NewArgc, NewArgv, N_("no authentication methods"));
log_warningx(SLOG_SEND_MAIL, log_warningx(SLOG_SEND_MAIL,
N_("There are no authentication methods compiled into sudo! " N_("There are no authentication methods compiled into sudo! "
"If you want to turn off authentication, use the " "If you want to turn off authentication, use the "

4
plugins/sudoers/bsm_audit.c
View File

@@ -80,7 +80,7 @@ audit_sudo_selected(int sorf)
* Returns 0 on success or -1 on error. * Returns 0 on success or -1 on error.
*/ */
int int
bsm_audit_success(char **exec_args) bsm_audit_success(char *exec_args[])
{ {
auditinfo_addr_t ainfo_addr; auditinfo_addr_t ainfo_addr;
auditinfo_t ainfo; auditinfo_t ainfo;
@@ -168,7 +168,7 @@ bsm_audit_success(char **exec_args)
* Returns 0 on success or -1 on error. * Returns 0 on success or -1 on error.
*/ */
int int
bsm_audit_failure(char **exec_args, char const *const fmt, va_list ap) bsm_audit_failure(char *exec_args[], char const *const fmt, va_list ap)
{ {
auditinfo_addr_t ainfo_addr; auditinfo_addr_t ainfo_addr;
auditinfo_t ainfo; auditinfo_t ainfo;

4
plugins/sudoers/bsm_audit.h
View File

@@ -18,7 +18,7 @@
#ifndef _SUDOERS_BSM_AUDIT_H #ifndef _SUDOERS_BSM_AUDIT_H
#define _SUDOERS_BSM_AUDIT_H #define _SUDOERS_BSM_AUDIT_H
int bsm_audit_success(char **); int bsm_audit_success(int argc, char *argv[]);
int bsm_audit_failure(char **, char const * const, va_list); int bsm_audit_failure(int argc, char *argv[], char const * const, va_list);
#endif /* _SUDOERS_BSM_AUDIT_H */ #endif /* _SUDOERS_BSM_AUDIT_H */

2
plugins/sudoers/linux_audit.h
View File

@@ -17,6 +17,6 @@
#ifndef _SUDOERS_LINUX_AUDIT_H #ifndef _SUDOERS_LINUX_AUDIT_H
#define _SUDOERS_LINUX_AUDIT_H #define _SUDOERS_LINUX_AUDIT_H
int linux_audit_command(char *argv[], int result); int linux_audit_command(int argc, char *argv[], int result);
#endif /* _SUDOERS_LINUX_AUDIT_H */ #endif /* _SUDOERS_LINUX_AUDIT_H */

8
plugins/sudoers/logging.c
View File

@@ -69,8 +69,6 @@ static int should_mail(int);
static void mysyslog(int, const char *, ...); static void mysyslog(int, const char *, ...);
static char *new_logline(const char *, int); static char *new_logline(const char *, int);
extern char **NewArgv; /* XXX - for auditing */
#define MAXSYSLOGTRIES 16 /* num of retries for broken syslogs */ #define MAXSYSLOGTRIES 16 /* num of retries for broken syslogs */
/* /*
@@ -241,9 +239,9 @@ log_denial(int status, bool inform_user)
/* Handle auditing first (audit_failure() handles the locale itself). */ /* Handle auditing first (audit_failure() handles the locale itself). */
if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST)) if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST))
audit_failure(NewArgv, N_("No user or host")); audit_failure(NewArgc, NewArgv, N_("No user or host"));
else else
audit_failure(NewArgv, N_("validation failure")); audit_failure(NewArgc, NewArgv, N_("validation failure"));
/* Log and mail messages should be in the sudoers locale. */ /* Log and mail messages should be in the sudoers locale. */
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
@@ -352,7 +350,7 @@ log_auth_failure(int status, unsigned int tries)
debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING) debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
/* Handle auditing first. */ /* Handle auditing first. */
audit_failure(NewArgv, N_("authentication failure")); audit_failure(NewArgc, NewArgv, N_("authentication failure"));
/* /*
* Do we need to send mail? * Do we need to send mail?

10
plugins/sudoers/logging.h
View File

@@ -58,10 +58,16 @@
*/ */
#define LOG_INDENT " " #define LOG_INDENT " "
#ifndef _SUDO_MAIN
/* XXX - needed for auditing */
extern int NewArgc;
extern char **NewArgv;
#endif
bool sudoers_setlocale(int newlocale, int *prevlocale); bool sudoers_setlocale(int newlocale, int *prevlocale);
int sudoers_getlocale(void); int sudoers_getlocale(void);
int audit_success(char *exec_args[]); int audit_success(int argc, char *argv[]);
int audit_failure(char *exec_args[], char const *const fmt, ...) __printflike(2, 3); int audit_failure(int argc, char *argv[], char const *const fmt, ...) __printflike(3, 4);
void log_allowed(int status); void log_allowed(int status);
void log_auth_failure(int status, unsigned int tries); void log_auth_failure(int status, unsigned int tries);
void log_denial(int status, bool inform_user); void log_denial(int status, bool inform_user);

16
plugins/sudoers/sudoers.c
View File

@@ -354,7 +354,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* Bail if a tty is required and we don't have one. */ /* Bail if a tty is required and we don't have one. */
if (def_requiretty && !tty_present()) { if (def_requiretty && !tty_present()) {
audit_failure(NewArgv, N_("no tty")); audit_failure(NewArgc, NewArgv, N_("no tty"));
warningx(U_("sorry, you must have a tty to run sudo")); warningx(U_("sorry, you must have a tty to run sudo"));
goto bad; goto bad;
} }
@@ -406,15 +406,17 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* Finally tell the user if the command did not exist. */ /* Finally tell the user if the command did not exist. */
if (cmnd_status == NOT_FOUND_DOT) { if (cmnd_status == NOT_FOUND_DOT) {
audit_failure(NewArgv, N_("command in current directory")); audit_failure(NewArgc, NewArgv, N_("command in current directory"));
warningx(U_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd); warningx(U_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
goto bad; goto bad;
} else if (cmnd_status == NOT_FOUND) { } else if (cmnd_status == NOT_FOUND) {
if (ISSET(sudo_mode, MODE_CHECK)) { if (ISSET(sudo_mode, MODE_CHECK)) {
audit_failure(NewArgv, N_("%s: command not found"), NewArgv[0]); audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
NewArgv[0]);
warningx(U_("%s: command not found"), NewArgv[0]); warningx(U_("%s: command not found"), NewArgv[0]);
} else { } else {
audit_failure(NewArgv, N_("%s: command not found"), user_cmnd); audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
user_cmnd);
warningx(U_("%s: command not found"), user_cmnd); warningx(U_("%s: command not found"), user_cmnd);
} }
goto bad; goto bad;
@@ -529,7 +531,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
} }
/* Must audit before uid change. */ /* Must audit before uid change. */
if (audit_success(NewArgv) != 0) if (audit_success(NewArgc, NewArgv) != 0)
goto bad; goto bad;
/* Setup execution environment to pass back to front-end. */ /* Setup execution environment to pass back to front-end. */
@@ -675,7 +677,7 @@ set_cmnd(void)
} }
if (rval == NOT_FOUND_ERROR) { if (rval == NOT_FOUND_ERROR) {
if (errno == ENAMETOOLONG) if (errno == ENAMETOOLONG)
audit_failure(NewArgv, N_("command too long")); audit_failure(NewArgc, NewArgv, N_("command too long"));
log_warning(0, "%s", NewArgv[0]); log_warning(0, "%s", NewArgv[0]);
debug_return_int(rval); debug_return_int(rval);
} }
@@ -1091,7 +1093,7 @@ find_editor(int nfiles, char **files, char ***argv_out)
} while (ep != NULL && editor_path == NULL); } while (ep != NULL && editor_path == NULL);
} }
if (!editor_path) { if (!editor_path) {
audit_failure(NewArgv, N_("%s: command not found"), editor); audit_failure(NewArgc, NewArgv, N_("%s: command not found"), editor);
warningx(U_("%s: command not found"), editor); warningx(U_("%s: command not found"), editor);
} }
debug_return_str(editor_path); debug_return_str(editor_path);