When registering with the debug subsystem, the caller now passes
in an arrary of ints that gets filled in with the subsytem IDs to be used in debug_decl.
This commit is contained in:
Todd C. Miller
@@ -64,20 +64,20 @@ struct sudo_conf_debug_file_list;
|
||||
* This includes subsystems in the sudoers plugin.
|
||||
* Note: order must match sudo_debug_subsystems[]
|
||||
*/
|
||||
#define SUDO_DEBUG_MAIN ( 1<<16) /* sudo main() */
|
||||
#define SUDO_DEBUG_UTIL ( 2<<16) /* utility functions */
|
||||
#define SUDO_DEBUG_NETIF ( 3<<16) /* network interface functions */
|
||||
#define SUDO_DEBUG_PLUGIN ( 4<<16) /* main plugin functions */
|
||||
#define SUDO_DEBUG_EVENT ( 5<<16) /* event handling */
|
||||
#define SUDO_DEBUG_ARGS ( 6<<16) /* command line argument processing */
|
||||
#define SUDO_DEBUG_EXEC ( 7<<16) /* command execution */
|
||||
#define SUDO_DEBUG_PTY ( 8<<16) /* pseudo-tty */
|
||||
#define SUDO_DEBUG_UTMP ( 9<<16) /* utmp file ops */
|
||||
#define SUDO_DEBUG_CONV (10<<16) /* user conversation */
|
||||
#define SUDO_DEBUG_PCOMM (11<<16) /* plugin communications */
|
||||
#define SUDO_DEBUG_EDIT (12<<16) /* sudoedit */
|
||||
#define SUDO_DEBUG_SELINUX (13<<16) /* selinux */
|
||||
#define SUDO_DEBUG_HOOKS (14<<16) /* hook functions */
|
||||
#define SUDO_DEBUG_ARGS ( 1<<16) /* command line argument processing */
|
||||
#define SUDO_DEBUG_CONV ( 2<<16) /* user conversation */
|
||||
#define SUDO_DEBUG_EDIT ( 3<<16) /* sudoedit */
|
||||
#define SUDO_DEBUG_EVENT ( 4<<16) /* event handling */
|
||||
#define SUDO_DEBUG_EXEC ( 5<<16) /* command execution */
|
||||
#define SUDO_DEBUG_HOOKS ( 6<<16) /* hook functions */
|
||||
#define SUDO_DEBUG_MAIN ( 7<<16) /* sudo main() */
|
||||
#define SUDO_DEBUG_NETIF ( 8<<16) /* network interface functions */
|
||||
#define SUDO_DEBUG_PCOMM ( 9<<16) /* plugin communications */
|
||||
#define SUDO_DEBUG_PLUGIN (10<<16) /* main plugin functions */
|
||||
#define SUDO_DEBUG_PTY (11<<16) /* pseudo-tty */
|
||||
#define SUDO_DEBUG_SELINUX (12<<16) /* selinux */
|
||||
#define SUDO_DEBUG_UTIL (13<<16) /* utility functions */
|
||||
#define SUDO_DEBUG_UTMP (14<<16) /* utmp file ops */
|
||||
#define SUDO_DEBUG_ALL 0xffff0000 /* all subsystems */
|
||||
|
||||
/* Initializer for instance index to indicate that debugging is not setup. */
|
||||
@@ -231,7 +231,7 @@ __dso_public int sudo_debug_get_fds(fd_set **fdsetp);
|
||||
__dso_public int sudo_debug_get_instance(const char *program);
|
||||
__dso_public void sudo_debug_printf2(const char *func, const char *file, int line, int level, const char *fmt, ...) __printf0like(5, 6);
|
||||
__dso_public void sudo_debug_printf_nvm(int pri, const char *fmt, ...) __printf0like(2, 3);
|
||||
__dso_public int sudo_debug_register(const char *program, const char *const subsystems[], int num_subsystems, struct sudo_conf_debug_file_list *debug_files);
|
||||
__dso_public int sudo_debug_register(const char *program, const char *const subsystems[], int ids[], struct sudo_conf_debug_file_list *debug_files);
|
||||
__dso_public int sudo_debug_set_default_instance(int inst);
|
||||
__dso_public void sudo_debug_update_fd(int ofd, int nfd);
|
||||
__dso_public void sudo_debug_vprintf2(const char *func, const char *file, int line, int level, const char *fmt, va_list ap) __printf0like(5, 0);
|
||||
|
||||
@@ -352,7 +352,7 @@ set_debugging(const char *conf_file)
|
||||
* Register debug instance for the main program, making it
|
||||
* the default instance if one is not already set.
|
||||
*/
|
||||
instance = sudo_debug_register(progname, NULL, 0,
|
||||
instance = sudo_debug_register(progname, NULL, NULL,
|
||||
&debug_spec->debug_files);
|
||||
if (sudo_debug_get_default_instance() == SUDO_DEBUG_INSTANCE_INITIALIZER)
|
||||
sudo_debug_set_default_instance(instance);
|
||||
|
||||
@@ -86,24 +86,24 @@ static const char *const sudo_debug_priorities[] = {
|
||||
|
||||
/* Note: this must match the order in sudo_debug.h */
|
||||
static const char *const sudo_debug_default_subsystems[] = {
|
||||
"main",
|
||||
"util",
|
||||
"netif",
|
||||
"plugin",
|
||||
"event",
|
||||
"args",
|
||||
"exec",
|
||||
"pty",
|
||||
"utmp",
|
||||
"conv",
|
||||
"pcomm",
|
||||
"edit",
|
||||
"selinux",
|
||||
"event",
|
||||
"exec",
|
||||
"hooks",
|
||||
"main",
|
||||
"netif",
|
||||
"pcomm",
|
||||
"plugin",
|
||||
"pty",
|
||||
"selinux",
|
||||
"util",
|
||||
"utmp",
|
||||
NULL
|
||||
};
|
||||
|
||||
#define NUM_SUBSYSTEMS (sizeof(sudo_debug_default_subsystems) / sizeof(sudo_debug_default_subsystems[0]) - 1)
|
||||
#define NUM_DEF_SUBSYSTEMS (sizeof(sudo_debug_default_subsystems) / sizeof(sudo_debug_default_subsystems[0]) - 1)
|
||||
|
||||
/*
|
||||
* For multiple programs/plugins there is a per-program instance
|
||||
@@ -119,7 +119,8 @@ SLIST_HEAD(sudo_debug_output_list, sudo_debug_output);
|
||||
struct sudo_debug_instance {
|
||||
char *program;
|
||||
const char *const *subsystems;
|
||||
int num_subsystems;
|
||||
const int *subsystem_ids;
|
||||
unsigned int max_subsystem;
|
||||
struct sudo_debug_output_list outputs;
|
||||
};
|
||||
|
||||
@@ -146,17 +147,17 @@ sudo_debug_new_output(struct sudo_debug_instance *instance,
|
||||
{
|
||||
char *buf, *cp, *subsys, *pri;
|
||||
struct sudo_debug_output *output;
|
||||
int i, j;
|
||||
unsigned int i, j;
|
||||
|
||||
/* Create new output for the instance. */
|
||||
/* XXX - reuse fd for existing filename? */
|
||||
output = sudo_emalloc(sizeof(*output));
|
||||
output->settings = sudo_emallocarray(instance->num_subsystems, sizeof(int));
|
||||
output->settings = sudo_emallocarray(instance->max_subsystem + 1, sizeof(int));
|
||||
output->filename = sudo_estrdup(debug_file->debug_file);
|
||||
output->fd = -1;
|
||||
|
||||
/* Init per-subsystems settings to -1 since 0 is a valid priority. */
|
||||
for (i = 0; i < instance->num_subsystems; i++)
|
||||
for (i = 0; i <= instance->max_subsystem; i++)
|
||||
output->settings[i] = -1;
|
||||
|
||||
/* Open debug file. */
|
||||
@@ -196,11 +197,13 @@ sudo_debug_new_output(struct sudo_debug_instance *instance,
|
||||
if (strcasecmp(pri, sudo_debug_priorities[i]) == 0) {
|
||||
for (j = 0; instance->subsystems[j] != NULL; j++) {
|
||||
if (strcasecmp(subsys, "all") == 0) {
|
||||
output->settings[j] = i;
|
||||
const int idx = SUDO_DEBUG_SUBSYS(instance->subsystem_ids[j]);
|
||||
output->settings[idx] = i;
|
||||
continue;
|
||||
}
|
||||
if (strcasecmp(subsys, instance->subsystems[j]) == 0) {
|
||||
output->settings[j] = i;
|
||||
const int idx = SUDO_DEBUG_SUBSYS(instance->subsystem_ids[j]);
|
||||
output->settings[idx] = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -222,20 +225,22 @@ sudo_debug_new_output(struct sudo_debug_instance *instance,
|
||||
*/
|
||||
int
|
||||
sudo_debug_register(const char *program, const char *const subsystems[],
|
||||
int num_subsystems, struct sudo_conf_debug_file_list *debug_files)
|
||||
int ids[], struct sudo_conf_debug_file_list *debug_files)
|
||||
{
|
||||
struct sudo_debug_instance *instance = NULL;
|
||||
struct sudo_debug_output *output;
|
||||
struct sudo_debug_file *debug_file;
|
||||
int idx, free_idx = -1;
|
||||
|
||||
if (debug_files == NULL || num_subsystems < 0)
|
||||
if (debug_files == NULL)
|
||||
return -1;
|
||||
|
||||
/* Use default subsystem names if none are provided. */
|
||||
if (subsystems == NULL || num_subsystems == 0) {
|
||||
if (subsystems == NULL) {
|
||||
subsystems = sudo_debug_default_subsystems;
|
||||
num_subsystems = NUM_SUBSYSTEMS;
|
||||
} else if (ids == NULL) {
|
||||
/* If subsystems are specified we must have ids[] too. */
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Search for existing instance. */
|
||||
@@ -252,6 +257,20 @@ sudo_debug_register(const char *program, const char *const subsystems[],
|
||||
}
|
||||
|
||||
if (instance == NULL) {
|
||||
unsigned int i, j, max_id = NUM_DEF_SUBSYSTEMS - 1;
|
||||
|
||||
/* Fill in subsystem name -> id mapping. */
|
||||
for (i = 0; subsystems[i] != NULL; i++) {
|
||||
/* Check default subsystems. */
|
||||
for (j = 0; j < NUM_DEF_SUBSYSTEMS; j++) {
|
||||
if (strcmp(subsystems[i], sudo_debug_default_subsystems[j]) == 0)
|
||||
break;
|
||||
}
|
||||
if (j == NUM_DEF_SUBSYSTEMS)
|
||||
j = ++max_id;
|
||||
ids[i] = ((j + 1) << 16);
|
||||
}
|
||||
|
||||
if (free_idx != -1)
|
||||
idx = free_idx;
|
||||
if (idx == SUDO_DEBUG_INSTANCE_MAX) {
|
||||
@@ -266,11 +285,20 @@ sudo_debug_register(const char *program, const char *const subsystems[],
|
||||
instance = sudo_emalloc(sizeof(*instance));
|
||||
instance->program = sudo_estrdup(program);
|
||||
instance->subsystems = subsystems;
|
||||
instance->num_subsystems = num_subsystems;
|
||||
instance->subsystem_ids = ids;
|
||||
instance->max_subsystem = max_id;
|
||||
SLIST_INIT(&instance->outputs);
|
||||
sudo_debug_instances[idx] = instance;
|
||||
if (idx == sudo_debug_num_instances)
|
||||
sudo_debug_num_instances++;
|
||||
} else {
|
||||
/* Check for matching instance but different ids[]. */
|
||||
if (ids != NULL && instance->subsystem_ids != ids) {
|
||||
unsigned int i;
|
||||
|
||||
for (i = 0; subsystems[i] != NULL; i++)
|
||||
ids[i] = instance->subsystem_ids[i];
|
||||
}
|
||||
}
|
||||
|
||||
TAILQ_FOREACH(debug_file, debug_files, entries) {
|
||||
@@ -552,7 +580,8 @@ void
|
||||
sudo_debug_vprintf2(const char *func, const char *file, int lineno, int level,
|
||||
const char *fmt, va_list ap)
|
||||
{
|
||||
int buflen, idx, pri, subsys, saved_errno = errno;
|
||||
int buflen, idx, pri, saved_errno = errno;
|
||||
unsigned int subsys;
|
||||
char static_buf[1024], *buf = static_buf;
|
||||
struct sudo_debug_instance *instance;
|
||||
struct sudo_debug_output *output;
|
||||
@@ -587,7 +616,7 @@ sudo_debug_vprintf2(const char *func, const char *file, int lineno, int level,
|
||||
|
||||
SLIST_FOREACH(output, &instance->outputs, entries) {
|
||||
/* Make sure we want debug info at this level. */
|
||||
if (subsys < instance->num_subsystems && output->settings[subsys] >= pri) {
|
||||
if (subsys <= instance->max_subsystem && output->settings[subsys] >= pri) {
|
||||
va_copy(ap2, ap);
|
||||
buflen = fmt ? vsnprintf(static_buf, sizeof(static_buf), fmt, ap) : 0;
|
||||
if (buflen >= (int)sizeof(static_buf)) {
|
||||
@@ -640,7 +669,8 @@ sudo_debug_printf2(const char *func, const char *file, int lineno, int level,
|
||||
void
|
||||
sudo_debug_execve2(int level, const char *path, char *const argv[], char *const envp[])
|
||||
{
|
||||
int buflen, idx, pri, subsys, saved_errno = errno;
|
||||
int buflen, idx, pri, saved_errno = errno;
|
||||
unsigned int subsys;
|
||||
struct sudo_debug_instance *instance;
|
||||
struct sudo_debug_output *output;
|
||||
char * const *av;
|
||||
@@ -673,7 +703,7 @@ sudo_debug_execve2(int level, const char *path, char *const argv[], char *const
|
||||
sudo_warnx_nodebug("%s: unregistered instance index %d", __func__, idx);
|
||||
goto out;
|
||||
}
|
||||
if (subsys >= instance->num_subsystems)
|
||||
if (subsys > instance->max_subsystem)
|
||||
goto out;
|
||||
|
||||
/* XXX - use static buffer if possible */
|
||||
|
||||
@@ -46,29 +46,32 @@
|
||||
|
||||
int sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
|
||||
|
||||
static const char *const sudoers_debug_subsystems[] = {
|
||||
"main",
|
||||
"util",
|
||||
"netif",
|
||||
"plugin",
|
||||
"event",
|
||||
"audit",
|
||||
"ldap",
|
||||
"match",
|
||||
"parser",
|
||||
static const char *const sudoers_subsystem_names[] = {
|
||||
"alias",
|
||||
"defaults",
|
||||
"audit",
|
||||
"auth",
|
||||
"defaults",
|
||||
"env",
|
||||
"event",
|
||||
"ldap",
|
||||
"logging",
|
||||
"main",
|
||||
"match",
|
||||
"netif",
|
||||
"nss",
|
||||
"rbtree",
|
||||
"parser",
|
||||
"perms",
|
||||
"plugin",
|
||||
"rbtree",
|
||||
"sssd",
|
||||
"util",
|
||||
NULL
|
||||
};
|
||||
|
||||
#define NUM_SUBSYSTEMS (sizeof(sudoers_debug_subsystems) / sizeof(sudoers_debug_subsystems[0]) - 1)
|
||||
#define NUM_SUBSYSTEMS (sizeof(sudoers_subsystem_names) / sizeof(sudoers_subsystem_names[0]) - 1)
|
||||
|
||||
/* Subsystem IDs assigned at registration time. */
|
||||
int sudoers_subsystem_ids[NUM_SUBSYSTEMS];
|
||||
|
||||
/*
|
||||
* Parse the "filename flags,..." debug_flags entry and insert a new
|
||||
@@ -116,7 +119,7 @@ sudoers_debug_register(struct sudo_conf_debug_file_list *debug_files,
|
||||
if (!TAILQ_EMPTY(debug_files)) {
|
||||
if (plugin_path != NULL) {
|
||||
sudoers_debug_instance = sudo_debug_register(plugin_path,
|
||||
sudoers_debug_subsystems, NUM_SUBSYSTEMS, debug_files);
|
||||
sudoers_subsystem_names, sudoers_subsystem_ids, debug_files);
|
||||
}
|
||||
TAILQ_FOREACH_SAFE(debug_file, debug_files, entries, debug_next) {
|
||||
TAILQ_REMOVE(debug_files, debug_file, entries);
|
||||
|
||||
@@ -21,27 +21,26 @@
|
||||
|
||||
/*
|
||||
* Sudoers debug subsystems.
|
||||
* The first five entries must match the sudo front end.
|
||||
* Note: order must match sudoers_debug_subsystems[]
|
||||
* Note that sudoers_subsystem_ids[] is filled in at debug registration time.
|
||||
*/
|
||||
#define SUDOERS_DEBUG_MAIN ( 1<<16) /* main() */
|
||||
#define SUDOERS_DEBUG_UTIL ( 2<<16) /* utility functions */
|
||||
#define SUDOERS_DEBUG_NETIF ( 3<<16) /* network interface functions */
|
||||
#define SUDOERS_DEBUG_PLUGIN ( 4<<16) /* main plugin functions */
|
||||
#define SUDOERS_DEBUG_EVENT ( 5<<16) /* event handling */
|
||||
#define SUDOERS_DEBUG_AUDIT ( 6<<16) /* audit */
|
||||
#define SUDOERS_DEBUG_LDAP ( 7<<16) /* sudoers LDAP */
|
||||
#define SUDOERS_DEBUG_MATCH ( 8<<16) /* sudoers matching */
|
||||
#define SUDOERS_DEBUG_PARSER ( 9<<16) /* sudoers parser */
|
||||
#define SUDOERS_DEBUG_ALIAS (10<<16) /* sudoers alias functions */
|
||||
#define SUDOERS_DEBUG_DEFAULTS (11<<16) /* sudoers defaults settings */
|
||||
#define SUDOERS_DEBUG_AUTH (12<<16) /* authentication functions */
|
||||
#define SUDOERS_DEBUG_ENV (13<<16) /* environment handling */
|
||||
#define SUDOERS_DEBUG_LOGGING (14<<16) /* logging functions */
|
||||
#define SUDOERS_DEBUG_NSS (15<<16) /* network service switch */
|
||||
#define SUDOERS_DEBUG_RBTREE (16<<16) /* red-black tree functions */
|
||||
#define SUDOERS_DEBUG_PERMS (17<<16) /* uid/gid swapping functions */
|
||||
#define SUDOERS_DEBUG_SSSD (18<<16) /* sudoers SSSD */
|
||||
#define SUDOERS_DEBUG_ALL 0xffff0000 /* all subsystems */
|
||||
extern int sudoers_subsystem_ids[];
|
||||
#define SUDOERS_DEBUG_ALIAS (sudoers_subsystem_ids[ 0]) /* sudoers alias functions */
|
||||
#define SUDOERS_DEBUG_AUDIT (sudoers_subsystem_ids[ 1]) /* audit */
|
||||
#define SUDOERS_DEBUG_AUTH (sudoers_subsystem_ids[ 2]) /* authentication functions */
|
||||
#define SUDOERS_DEBUG_DEFAULTS (sudoers_subsystem_ids[ 3]) /* sudoers defaults settings */
|
||||
#define SUDOERS_DEBUG_ENV (sudoers_subsystem_ids[ 4]) /* environment handling */
|
||||
#define SUDOERS_DEBUG_EVENT (sudoers_subsystem_ids[ 5]) /* event handling */
|
||||
#define SUDOERS_DEBUG_LDAP (sudoers_subsystem_ids[ 6]) /* sudoers LDAP */
|
||||
#define SUDOERS_DEBUG_LOGGING (sudoers_subsystem_ids[ 7]) /* logging functions */
|
||||
#define SUDOERS_DEBUG_MAIN (sudoers_subsystem_ids[ 8]) /* main() */
|
||||
#define SUDOERS_DEBUG_MATCH (sudoers_subsystem_ids[ 9]) /* sudoers matching */
|
||||
#define SUDOERS_DEBUG_NETIF (sudoers_subsystem_ids[10]) /* network interface functions */
|
||||
#define SUDOERS_DEBUG_NSS (sudoers_subsystem_ids[11]) /* network service switch */
|
||||
#define SUDOERS_DEBUG_PARSER (sudoers_subsystem_ids[12]) /* sudoers parser */
|
||||
#define SUDOERS_DEBUG_PERMS (sudoers_subsystem_ids[13]) /* uid/gid swapping functions */
|
||||
#define SUDOERS_DEBUG_PLUGIN (sudoers_subsystem_ids[14]) /* main plugin functions */
|
||||
#define SUDOERS_DEBUG_RBTREE (sudoers_subsystem_ids[15]) /* red-black tree functions */
|
||||
#define SUDOERS_DEBUG_SSSD (sudoers_subsystem_ids[16]) /* sudoers SSSD */
|
||||
#define SUDOERS_DEBUG_UTIL (sudoers_subsystem_ids[17]) /* utility functions */
|
||||
|
||||
#endif /* _SUDOERS_DEBUG_H */
|
||||
|
||||
Reference in New Issue
Block a user