Bracket calls to syslog with an openlog() and closelog() since some

authentication methods (like PAM) may do their own logging via
syslog.  Since we don't use syslog much (usually just once per
session) this doesn't really incur a performance penalty.
It also Fixes a SEGV with pam_kafs.

defaults.c

@@ -669,19 +669,13 @@ store_syslogfac(val, def, op)
 	return(FALSE);				/* not found */
 
     /* Store both name and number. */
-    if (def->sd_un.str) {
+    if (def->sd_un.str)
 	free(def->sd_un.str);
-	closelog();
-    }
-    openlog(Argv[0], 0, fac->num);
     def->sd_un.str = estrdup(fac->name);
     sudo_defs_table[I_LOGFAC].sd_un.ival = fac->num;
 #else
-    if (def->sd_un.str) {
+    if (def->sd_un.str)
 	free(def->sd_un.str);
-	closelog();
-    }
-    openlog(Argv[0], 0);
     def->sd_un.str = estrdup("default");
 #endif /* LOG_NFACILITIES */
     return(TRUE);

logging.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994-1996,1998-1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1994-1996,1998-2000 Todd C. Miller <Todd.Miller@courtesan.com>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -67,33 +67,56 @@ static void do_logfile		__P((char *));
 static void send_mail		__P((char *));
 static void mail_auth		__P((int, char *));
 static char *get_timestr	__P((void));
+static void mysyslog		__P((int, const char *, ...));
 
-#ifdef BROKEN_SYSLOG
 #define MAXSYSLOGTRIES	16	/* num of retries for broken syslogs */
-# define SYSLOG		syslog_wrapper
 
-static void syslog_wrapper	__P((int, char *, char *, char *));
+/*
+ * We do an openlog(3)/closelog(3) for each message because some
+ * authentication methods (notably PAM) use syslog(3) for their
+ * own nefarious purposes and may call openlog(3) and closelog(3).
+ * Sadly this is a maze of #ifdefs.
+ */
+static void
+#ifdef __STDC__
+mysyslog(int pri, const char *fmt, ...)
+#else
+mysyslog(pri, fmt, ap)
+    int pri;
+    const char *fmt;
+    va_dcl
+#endif
+{
+#ifdef BROKEN_SYSLOG
+    int i;
+#endif
+    va_list ap;
 
+#ifdef __STDC__
+    va_start(ap, fmt);
+#else
+    va_start(ap);
+#endif
+#ifdef LOG_NFACILITIES
+    openlog(Argv[0], 0, def_ival(I_LOGFAC));
+#else
+    openlog(Argv[0], 0);
+#endif
+#ifdef BROKEN_SYSLOG
     /*
      * Some versions of syslog(3) don't guarantee success and return
      * an int (notably HP-UX < 10.0).  So, if at first we don't succeed,
      * try, try again...
      */
-static void
-syslog_wrapper(pri, fmt, ap)
-    int pri;
-    const char *fmt;
-    va_list ap;
-{
-    int i;
-
     for (i = 0; i < MAXSYSLOGTRIES; i++)
 	if (vsyslog(pri, fmt, ap) == 0)
 	    break;
-}
 #else
-# define SYSLOG		syslog
+    vsyslog(pri, fmt, ap);
 #endif /* BROKEN_SYSLOG */
+    va_end(ap);
+    closelog();
+}
 
 /*
  * Log a message to syslog, pre-pending the username and splitting the
@@ -128,9 +151,9 @@ do_syslog(pri, msg)
 	    *tmp = '\0';
 
 	    if (count == 0)
-		SYSLOG(pri, "%8.8s : %s", user_name, p);
+		mysyslog(pri, "%8.8s : %s", user_name, p);
 	    else
-		SYSLOG(pri, "%8.8s : (command continued) %s", user_name, p);
+		mysyslog(pri, "%8.8s : (command continued) %s", user_name, p);
 
 	    *tmp = save;			/* restore saved character */
 
@@ -139,9 +162,9 @@ do_syslog(pri, msg)
 		;
 	} else {
 	    if (count == 0)
-		SYSLOG(pri, "%8.8s : %s", user_name, p);
+		mysyslog(pri, "%8.8s : %s", user_name, p);
 	    else
-		SYSLOG(pri, "%8.8s : (command continued) %s", user_name, p);
+		mysyslog(pri, "%8.8s : (command continued) %s", user_name, p);
 	}
     }
 }

sudo.c

@@ -345,14 +345,11 @@ main(argc, argv)
 	/* This *must* have been set if we got a match but... */
 	if (safe_cmnd == NULL) {
 	    log_error(MSG_ONLY,
-		"internal error, cmnd_safe never got set for %s; %s",
+		"internal error, safe_cmnd never got set for %s; %s",
 		user_cmnd,
 		"please report this error at http://courtesan.com/sudo/bugs/");
 	}
 
-	if (def_ival(I_LOGFACSTR))
-	    closelog();
-
 	/* Reset signal mask before we exec. */
 #ifdef POSIX_SIGNALS
 	(void) sigprocmask(SIG_SETMASK, &oset, NULL);