Pass argc to audit functions too. Will be needed for Solaris audit
support.
This commit is contained in:
Todd C. Miller
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
* Copyright (c) 2009-2014 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
@@ -48,18 +48,18 @@
|
||||
#endif
|
||||
|
||||
int
|
||||
audit_success(char *exec_args[])
|
||||
audit_success(int argc, char *argv[])
|
||||
{
|
||||
int rc = 0;
|
||||
debug_decl(audit_success, SUDO_DEBUG_AUDIT)
|
||||
|
||||
if (exec_args != NULL) {
|
||||
if (argv != NULL) {
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
if (bsm_audit_success(exec_args) == -1)
|
||||
if (bsm_audit_success(argv) == -1)
|
||||
rc = -1;
|
||||
#endif
|
||||
#ifdef HAVE_LINUX_AUDIT
|
||||
if (linux_audit_command(exec_args, 1) == -1)
|
||||
if (linux_audit_command(argv, 1) == -1)
|
||||
rc = -1;
|
||||
#endif
|
||||
}
|
||||
@@ -68,13 +68,13 @@ audit_success(char *exec_args[])
|
||||
}
|
||||
|
||||
int
|
||||
audit_failure(char *exec_args[], char const *const fmt, ...)
|
||||
audit_failure(int argc, char *argv[], char const *const fmt, ...)
|
||||
{
|
||||
int rc = 0;
|
||||
debug_decl(audit_success, SUDO_DEBUG_AUDIT)
|
||||
|
||||
#if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT)
|
||||
if (exec_args != NULL) {
|
||||
if (argv != NULL) {
|
||||
va_list ap;
|
||||
int oldlocale;
|
||||
|
||||
@@ -83,13 +83,13 @@ audit_failure(char *exec_args[], char const *const fmt, ...)
|
||||
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
va_start(ap, fmt);
|
||||
if (bsm_audit_failure(exec_args, _(fmt), ap) == -1)
|
||||
if (bsm_audit_failure(argv, _(fmt), ap) == -1)
|
||||
rc = -1;
|
||||
va_end(ap);
|
||||
#endif
|
||||
#ifdef HAVE_LINUX_AUDIT
|
||||
va_start(ap, fmt);
|
||||
if (linux_audit_command(exec_args, 0) == -1)
|
||||
if (linux_audit_command(argv, 0) == -1)
|
||||
rc = -1;
|
||||
va_end(ap);
|
||||
#endif
|
||||
|
||||
@@ -90,8 +90,6 @@ sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
||||
{
|
||||
SIAENTITY *siah = NULL;
|
||||
int i;
|
||||
extern int NewArgc;
|
||||
extern char **NewArgv;
|
||||
debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH)
|
||||
|
||||
/* Rebuild argv for sia_ses_init() */
|
||||
|
||||
@@ -95,8 +95,6 @@ static sudo_auth auth_switch[] = {
|
||||
|
||||
static int standalone;
|
||||
|
||||
extern char **NewArgv; /* XXX - for auditing */
|
||||
|
||||
static void pass_warn(void);
|
||||
|
||||
/*
|
||||
@@ -116,7 +114,7 @@ sudo_auth_init(struct passwd *pw)
|
||||
/* Make sure we haven't mixed standalone and shared auth methods. */
|
||||
standalone = IS_STANDALONE(&auth_switch[0]);
|
||||
if (standalone && auth_switch[1].name != NULL) {
|
||||
audit_failure(NewArgv, N_("invalid authentication methods"));
|
||||
audit_failure(NewArgc, NewArgv, N_("invalid authentication methods"));
|
||||
log_warningx(SLOG_SEND_MAIL,
|
||||
N_("Invalid authentication methods compiled into sudo! "
|
||||
"You may not mix standalone and non-standalone authentication."));
|
||||
@@ -187,7 +185,7 @@ verify_user(struct passwd *pw, char *prompt, int validated)
|
||||
/* Make sure we have at least one auth method. */
|
||||
/* XXX - check FLAG_DISABLED too */
|
||||
if (auth_switch[0].name == NULL) {
|
||||
audit_failure(NewArgv, N_("no authentication methods"));
|
||||
audit_failure(NewArgc, NewArgv, N_("no authentication methods"));
|
||||
log_warningx(SLOG_SEND_MAIL,
|
||||
N_("There are no authentication methods compiled into sudo! "
|
||||
"If you want to turn off authentication, use the "
|
||||
|
||||
@@ -80,7 +80,7 @@ audit_sudo_selected(int sorf)
|
||||
* Returns 0 on success or -1 on error.
|
||||
*/
|
||||
int
|
||||
bsm_audit_success(char **exec_args)
|
||||
bsm_audit_success(char *exec_args[])
|
||||
{
|
||||
auditinfo_addr_t ainfo_addr;
|
||||
auditinfo_t ainfo;
|
||||
@@ -168,7 +168,7 @@ bsm_audit_success(char **exec_args)
|
||||
* Returns 0 on success or -1 on error.
|
||||
*/
|
||||
int
|
||||
bsm_audit_failure(char **exec_args, char const *const fmt, va_list ap)
|
||||
bsm_audit_failure(char *exec_args[], char const *const fmt, va_list ap)
|
||||
{
|
||||
auditinfo_addr_t ainfo_addr;
|
||||
auditinfo_t ainfo;
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
#ifndef _SUDOERS_BSM_AUDIT_H
|
||||
#define _SUDOERS_BSM_AUDIT_H
|
||||
|
||||
int bsm_audit_success(char **);
|
||||
int bsm_audit_failure(char **, char const * const, va_list);
|
||||
int bsm_audit_success(int argc, char *argv[]);
|
||||
int bsm_audit_failure(int argc, char *argv[], char const * const, va_list);
|
||||
|
||||
#endif /* _SUDOERS_BSM_AUDIT_H */
|
||||
|
||||
@@ -17,6 +17,6 @@
|
||||
#ifndef _SUDOERS_LINUX_AUDIT_H
|
||||
#define _SUDOERS_LINUX_AUDIT_H
|
||||
|
||||
int linux_audit_command(char *argv[], int result);
|
||||
int linux_audit_command(int argc, char *argv[], int result);
|
||||
|
||||
#endif /* _SUDOERS_LINUX_AUDIT_H */
|
||||
|
||||
@@ -69,8 +69,6 @@ static int should_mail(int);
|
||||
static void mysyslog(int, const char *, ...);
|
||||
static char *new_logline(const char *, int);
|
||||
|
||||
extern char **NewArgv; /* XXX - for auditing */
|
||||
|
||||
#define MAXSYSLOGTRIES 16 /* num of retries for broken syslogs */
|
||||
|
||||
/*
|
||||
@@ -241,9 +239,9 @@ log_denial(int status, bool inform_user)
|
||||
|
||||
/* Handle auditing first (audit_failure() handles the locale itself). */
|
||||
if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST))
|
||||
audit_failure(NewArgv, N_("No user or host"));
|
||||
audit_failure(NewArgc, NewArgv, N_("No user or host"));
|
||||
else
|
||||
audit_failure(NewArgv, N_("validation failure"));
|
||||
audit_failure(NewArgc, NewArgv, N_("validation failure"));
|
||||
|
||||
/* Log and mail messages should be in the sudoers locale. */
|
||||
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
|
||||
@@ -352,7 +350,7 @@ log_auth_failure(int status, unsigned int tries)
|
||||
debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
|
||||
|
||||
/* Handle auditing first. */
|
||||
audit_failure(NewArgv, N_("authentication failure"));
|
||||
audit_failure(NewArgc, NewArgv, N_("authentication failure"));
|
||||
|
||||
/*
|
||||
* Do we need to send mail?
|
||||
|
||||
@@ -58,10 +58,16 @@
|
||||
*/
|
||||
#define LOG_INDENT " "
|
||||
|
||||
#ifndef _SUDO_MAIN
|
||||
/* XXX - needed for auditing */
|
||||
extern int NewArgc;
|
||||
extern char **NewArgv;
|
||||
#endif
|
||||
|
||||
bool sudoers_setlocale(int newlocale, int *prevlocale);
|
||||
int sudoers_getlocale(void);
|
||||
int audit_success(char *exec_args[]);
|
||||
int audit_failure(char *exec_args[], char const *const fmt, ...) __printflike(2, 3);
|
||||
int audit_success(int argc, char *argv[]);
|
||||
int audit_failure(int argc, char *argv[], char const *const fmt, ...) __printflike(3, 4);
|
||||
void log_allowed(int status);
|
||||
void log_auth_failure(int status, unsigned int tries);
|
||||
void log_denial(int status, bool inform_user);
|
||||
|
||||
@@ -354,7 +354,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
|
||||
/* Bail if a tty is required and we don't have one. */
|
||||
if (def_requiretty && !tty_present()) {
|
||||
audit_failure(NewArgv, N_("no tty"));
|
||||
audit_failure(NewArgc, NewArgv, N_("no tty"));
|
||||
warningx(U_("sorry, you must have a tty to run sudo"));
|
||||
goto bad;
|
||||
}
|
||||
@@ -406,15 +406,17 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
|
||||
/* Finally tell the user if the command did not exist. */
|
||||
if (cmnd_status == NOT_FOUND_DOT) {
|
||||
audit_failure(NewArgv, N_("command in current directory"));
|
||||
audit_failure(NewArgc, NewArgv, N_("command in current directory"));
|
||||
warningx(U_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
|
||||
goto bad;
|
||||
} else if (cmnd_status == NOT_FOUND) {
|
||||
if (ISSET(sudo_mode, MODE_CHECK)) {
|
||||
audit_failure(NewArgv, N_("%s: command not found"), NewArgv[0]);
|
||||
audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
|
||||
NewArgv[0]);
|
||||
warningx(U_("%s: command not found"), NewArgv[0]);
|
||||
} else {
|
||||
audit_failure(NewArgv, N_("%s: command not found"), user_cmnd);
|
||||
audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
|
||||
user_cmnd);
|
||||
warningx(U_("%s: command not found"), user_cmnd);
|
||||
}
|
||||
goto bad;
|
||||
@@ -529,7 +531,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
}
|
||||
|
||||
/* Must audit before uid change. */
|
||||
if (audit_success(NewArgv) != 0)
|
||||
if (audit_success(NewArgc, NewArgv) != 0)
|
||||
goto bad;
|
||||
|
||||
/* Setup execution environment to pass back to front-end. */
|
||||
@@ -675,7 +677,7 @@ set_cmnd(void)
|
||||
}
|
||||
if (rval == NOT_FOUND_ERROR) {
|
||||
if (errno == ENAMETOOLONG)
|
||||
audit_failure(NewArgv, N_("command too long"));
|
||||
audit_failure(NewArgc, NewArgv, N_("command too long"));
|
||||
log_warning(0, "%s", NewArgv[0]);
|
||||
debug_return_int(rval);
|
||||
}
|
||||
@@ -1091,7 +1093,7 @@ find_editor(int nfiles, char **files, char ***argv_out)
|
||||
} while (ep != NULL && editor_path == NULL);
|
||||
}
|
||||
if (!editor_path) {
|
||||
audit_failure(NewArgv, N_("%s: command not found"), editor);
|
||||
audit_failure(NewArgc, NewArgv, N_("%s: command not found"), editor);
|
||||
warningx(U_("%s: command not found"), editor);
|
||||
}
|
||||
debug_return_str(editor_path);
|
||||
|
||||
Reference in New Issue
Block a user