Save a pointer to the event_alloc parameter in the plugin open function.
That way we don't need to pass event_alloc around to the log client functions.
This commit is contained in:
Todd C. Miller
@@ -158,6 +158,8 @@ sudoers_audit_open(unsigned int version, sudo_conv_t conversation,
|
|||||||
|
|
||||||
sudo_conv = conversation;
|
sudo_conv = conversation;
|
||||||
sudo_printf = plugin_printf;
|
sudo_printf = plugin_printf;
|
||||||
|
if (sudoers_audit.event_alloc != NULL)
|
||||||
|
plugin_event_alloc = sudoers_audit.event_alloc;
|
||||||
|
|
||||||
bindtextdomain("sudoers", LOCALEDIR);
|
bindtextdomain("sudoers", LOCALEDIR);
|
||||||
|
|
||||||
@@ -284,7 +286,7 @@ log_server_accept(struct eventlog *evlog)
|
|||||||
|
|
||||||
/* Open connection to log server, send hello and accept messages. */
|
/* Open connection to log server, send hello and accept messages. */
|
||||||
client_closure = log_server_open(&audit_details, &now, false,
|
client_closure = log_server_open(&audit_details, &now, false,
|
||||||
SEND_ACCEPT, NULL, sudoers_audit.event_alloc);
|
SEND_ACCEPT, NULL);
|
||||||
if (client_closure != NULL)
|
if (client_closure != NULL)
|
||||||
ret = true;
|
ret = true;
|
||||||
}
|
}
|
||||||
@@ -391,7 +393,7 @@ sudoers_audit_reject(const char *plugin_name, unsigned int plugin_type,
|
|||||||
if (!eventlog_reject(&evlog, 0, message, NULL, NULL))
|
if (!eventlog_reject(&evlog, 0, message, NULL, NULL))
|
||||||
ret = false;
|
ret = false;
|
||||||
|
|
||||||
if (!log_server_reject(&evlog, message, sudoers_audit.event_alloc))
|
if (!log_server_reject(&evlog, message))
|
||||||
ret = false;
|
ret = false;
|
||||||
|
|
||||||
debug_return_int(ret);
|
debug_return_int(ret);
|
||||||
@@ -424,8 +426,7 @@ sudoers_audit_error(const char *plugin_name, unsigned int plugin_type,
|
|||||||
if (!eventlog_alert(&evlog, 0, &now, message, NULL))
|
if (!eventlog_alert(&evlog, 0, &now, message, NULL))
|
||||||
ret = false;
|
ret = false;
|
||||||
|
|
||||||
if (!log_server_alert(&evlog, &now, message, NULL,
|
if (!log_server_alert(&evlog, &now, message, NULL))
|
||||||
sudoers_audit.event_alloc))
|
|
||||||
ret = false;
|
ret = false;
|
||||||
|
|
||||||
debug_return_int(ret);
|
debug_return_int(ret);
|
||||||
|
|||||||
@@ -745,7 +745,7 @@ sudoers_io_open_remote(struct timespec *now)
|
|||||||
|
|
||||||
/* Open connection to log server, send hello and accept messages. */
|
/* Open connection to log server, send hello and accept messages. */
|
||||||
client_closure = log_server_open(&iolog_details, now, true, SEND_ACCEPT,
|
client_closure = log_server_open(&iolog_details, now, true, SEND_ACCEPT,
|
||||||
NULL, sudoers_io.event_alloc);
|
NULL);
|
||||||
if (client_closure != NULL)
|
if (client_closure != NULL)
|
||||||
debug_return_int(1);
|
debug_return_int(1);
|
||||||
|
|
||||||
@@ -768,6 +768,8 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
|
|||||||
|
|
||||||
sudo_conv = conversation;
|
sudo_conv = conversation;
|
||||||
sudo_printf = plugin_printf;
|
sudo_printf = plugin_printf;
|
||||||
|
if (sudoers_io.event_alloc != NULL)
|
||||||
|
plugin_event_alloc = sudoers_io.event_alloc;
|
||||||
|
|
||||||
bindtextdomain("sudoers", LOCALEDIR);
|
bindtextdomain("sudoers", LOCALEDIR);
|
||||||
|
|
||||||
@@ -1329,7 +1331,7 @@ sudoers_io_setops(void)
|
|||||||
debug_decl(sudoers_io_setops, SUDOERS_DEBUG_PLUGIN);
|
debug_decl(sudoers_io_setops, SUDOERS_DEBUG_PLUGIN);
|
||||||
|
|
||||||
#ifdef SUDOERS_LOG_CLIENT
|
#ifdef SUDOERS_LOG_CLIENT
|
||||||
if (sudoers_io.event_alloc != NULL && iolog_details.log_servers != NULL) {
|
if (plugin_event_alloc != NULL && iolog_details.log_servers != NULL) {
|
||||||
io_operations.open = sudoers_io_open_remote;
|
io_operations.open = sudoers_io_open_remote;
|
||||||
io_operations.close = sudoers_io_close_remote;
|
io_operations.close = sudoers_io_close_remote;
|
||||||
io_operations.log = sudoers_io_log_remote;
|
io_operations.log = sudoers_io_log_remote;
|
||||||
|
|||||||
@@ -1964,12 +1964,17 @@ bad:
|
|||||||
*/
|
*/
|
||||||
static struct client_closure *
|
static struct client_closure *
|
||||||
client_closure_alloc(struct log_details *details, struct timespec *now,
|
client_closure_alloc(struct log_details *details, struct timespec *now,
|
||||||
bool log_io, enum client_state initial_state, const char *reason,
|
bool log_io, enum client_state initial_state, const char *reason)
|
||||||
struct sudo_plugin_event * (*event_alloc)(void))
|
|
||||||
{
|
{
|
||||||
struct client_closure *closure;
|
struct client_closure *closure;
|
||||||
debug_decl(client_closure_alloc, SUDOERS_DEBUG_UTIL);
|
debug_decl(client_closure_alloc, SUDOERS_DEBUG_UTIL);
|
||||||
|
|
||||||
|
if (plugin_event_alloc == NULL) {
|
||||||
|
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
||||||
|
"plugin_event_alloc is not set");
|
||||||
|
debug_return_ptr(NULL);
|
||||||
|
}
|
||||||
|
|
||||||
if ((closure = calloc(1, sizeof(*closure))) == NULL)
|
if ((closure = calloc(1, sizeof(*closure))) == NULL)
|
||||||
goto oom;
|
goto oom;
|
||||||
|
|
||||||
@@ -1990,10 +1995,10 @@ client_closure_alloc(struct log_details *details, struct timespec *now,
|
|||||||
if (closure->read_buf.data == NULL)
|
if (closure->read_buf.data == NULL)
|
||||||
goto oom;
|
goto oom;
|
||||||
|
|
||||||
if ((closure->read_ev = event_alloc()) == NULL)
|
if ((closure->read_ev = plugin_event_alloc()) == NULL)
|
||||||
goto oom;
|
goto oom;
|
||||||
|
|
||||||
if ((closure->write_ev = event_alloc()) == NULL)
|
if ((closure->write_ev = plugin_event_alloc()) == NULL)
|
||||||
goto oom;
|
goto oom;
|
||||||
|
|
||||||
closure->log_details = details;
|
closure->log_details = details;
|
||||||
@@ -2007,15 +2012,14 @@ oom:
|
|||||||
|
|
||||||
struct client_closure *
|
struct client_closure *
|
||||||
log_server_open(struct log_details *details, struct timespec *now,
|
log_server_open(struct log_details *details, struct timespec *now,
|
||||||
bool log_io, enum client_state initial_state, const char *reason,
|
bool log_io, enum client_state initial_state, const char *reason)
|
||||||
struct sudo_plugin_event * (*event_alloc)(void))
|
|
||||||
{
|
{
|
||||||
struct client_closure *closure;
|
struct client_closure *closure;
|
||||||
static bool warned = false;
|
static bool warned = false;
|
||||||
debug_decl(log_server_open, SUDOERS_DEBUG_UTIL);
|
debug_decl(log_server_open, SUDOERS_DEBUG_UTIL);
|
||||||
|
|
||||||
closure = client_closure_alloc(details, now, log_io, initial_state,
|
closure = client_closure_alloc(details, now, log_io, initial_state,
|
||||||
reason, event_alloc);
|
reason);
|
||||||
if (closure == NULL)
|
if (closure == NULL)
|
||||||
goto bad;
|
goto bad;
|
||||||
|
|
||||||
|
|||||||
@@ -106,7 +106,7 @@ struct client_closure {
|
|||||||
};
|
};
|
||||||
|
|
||||||
/* iolog_client.c */
|
/* iolog_client.c */
|
||||||
struct client_closure *log_server_open(struct log_details *details, struct timespec *now, bool log_io, enum client_state initial_state, const char *reason, struct sudo_plugin_event * (*event_alloc)(void));
|
struct client_closure *log_server_open(struct log_details *details, struct timespec *now, bool log_io, enum client_state initial_state, const char *reason);
|
||||||
bool log_server_close(struct client_closure *closure, int exit_status, int error);
|
bool log_server_close(struct client_closure *closure, int exit_status, int error);
|
||||||
bool fmt_client_message(struct client_closure *closure, ClientMessage *msg);
|
bool fmt_client_message(struct client_closure *closure, ClientMessage *msg);
|
||||||
bool fmt_accept_message(struct client_closure *closure, struct eventlog *evlog);
|
bool fmt_accept_message(struct client_closure *closure, struct eventlog *evlog);
|
||||||
|
|||||||
@@ -70,8 +70,6 @@ static struct parse_error_list parse_error_list =
|
|||||||
static bool should_mail(int);
|
static bool should_mail(int);
|
||||||
static bool warned = false;
|
static bool warned = false;
|
||||||
|
|
||||||
extern struct policy_plugin sudoers_policy; /* XXX */
|
|
||||||
|
|
||||||
#ifdef SUDOERS_LOG_CLIENT
|
#ifdef SUDOERS_LOG_CLIENT
|
||||||
/*
|
/*
|
||||||
* Convert a defaults-style list to a stringlist.
|
* Convert a defaults-style list to a stringlist.
|
||||||
@@ -129,8 +127,7 @@ init_log_details(struct log_details *details, struct eventlog *evlog)
|
|||||||
}
|
}
|
||||||
|
|
||||||
bool
|
bool
|
||||||
log_server_reject(struct eventlog *evlog, const char *message,
|
log_server_reject(struct eventlog *evlog, const char *message)
|
||||||
struct sudo_plugin_event * (*event_alloc)(void))
|
|
||||||
{
|
{
|
||||||
bool ret = false;
|
bool ret = false;
|
||||||
debug_decl(log_server_reject, SUDOERS_DEBUG_LOGGING);
|
debug_decl(log_server_reject, SUDOERS_DEBUG_LOGGING);
|
||||||
@@ -160,7 +157,7 @@ log_server_reject(struct eventlog *evlog, const char *message,
|
|||||||
|
|
||||||
/* Open connection to log server, send hello and reject messages. */
|
/* Open connection to log server, send hello and reject messages. */
|
||||||
client_closure = log_server_open(&details, &sudo_user.submit_time,
|
client_closure = log_server_open(&details, &sudo_user.submit_time,
|
||||||
false, SEND_REJECT, message, event_alloc);
|
false, SEND_REJECT, message);
|
||||||
if (client_closure != NULL) {
|
if (client_closure != NULL) {
|
||||||
client_closure_free(client_closure);
|
client_closure_free(client_closure);
|
||||||
client_closure = NULL;
|
client_closure = NULL;
|
||||||
@@ -177,8 +174,7 @@ done:
|
|||||||
|
|
||||||
bool
|
bool
|
||||||
log_server_alert(struct eventlog *evlog, struct timespec *now,
|
log_server_alert(struct eventlog *evlog, struct timespec *now,
|
||||||
const char *message, const char *errstr,
|
const char *message, const char *errstr)
|
||||||
struct sudo_plugin_event * (*event_alloc)(void))
|
|
||||||
{
|
{
|
||||||
struct log_details details;
|
struct log_details details;
|
||||||
char *emessage = NULL;
|
char *emessage = NULL;
|
||||||
@@ -217,7 +213,7 @@ log_server_alert(struct eventlog *evlog, struct timespec *now,
|
|||||||
|
|
||||||
/* Open connection to log server, send hello and alert messages. */
|
/* Open connection to log server, send hello and alert messages. */
|
||||||
client_closure = log_server_open(&details, now, false,
|
client_closure = log_server_open(&details, now, false,
|
||||||
SEND_ALERT, emessage ? emessage : message, event_alloc);
|
SEND_ALERT, emessage ? emessage : message);
|
||||||
if (client_closure != NULL) {
|
if (client_closure != NULL) {
|
||||||
client_closure_free(client_closure);
|
client_closure_free(client_closure);
|
||||||
client_closure = NULL;
|
client_closure = NULL;
|
||||||
@@ -234,16 +230,14 @@ done:
|
|||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
bool
|
bool
|
||||||
log_server_reject(struct eventlog *evlog, const char *message,
|
log_server_reject(struct eventlog *evlog, const char *message)
|
||||||
struct sudo_plugin_event * (*event_alloc)(void))
|
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool
|
bool
|
||||||
log_server_alert(struct eventlog *evlog, struct timespec *now,
|
log_server_alert(struct eventlog *evlog, struct timespec *now,
|
||||||
const char *message, const char *errstr,
|
const char *message, const char *errstr)
|
||||||
struct sudo_plugin_event * (*event_alloc)(void))
|
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@@ -258,7 +252,7 @@ log_reject(const char *message, bool logit, bool mailit)
|
|||||||
const char *uuid_str = NULL;
|
const char *uuid_str = NULL;
|
||||||
struct eventlog evlog;
|
struct eventlog evlog;
|
||||||
int evl_flags = 0;
|
int evl_flags = 0;
|
||||||
bool ret = true;
|
bool ret;
|
||||||
debug_decl(log_reject, SUDOERS_DEBUG_LOGGING);
|
debug_decl(log_reject, SUDOERS_DEBUG_LOGGING);
|
||||||
|
|
||||||
if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
|
if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
|
||||||
@@ -270,10 +264,8 @@ log_reject(const char *message, bool logit, bool mailit)
|
|||||||
SET(evl_flags, EVLOG_MAIL_ONLY);
|
SET(evl_flags, EVLOG_MAIL_ONLY);
|
||||||
}
|
}
|
||||||
sudoers_to_eventlog(&evlog, NewArgv, env_get(), uuid_str);
|
sudoers_to_eventlog(&evlog, NewArgv, env_get(), uuid_str);
|
||||||
if (!eventlog_reject(&evlog, evl_flags, message, NULL, NULL))
|
ret = eventlog_reject(&evlog, evl_flags, message, NULL, NULL);
|
||||||
ret = false;
|
if (!log_server_reject(&evlog, message))
|
||||||
|
|
||||||
if (!log_server_reject(&evlog, message, sudoers_policy.event_alloc))
|
|
||||||
ret = false;
|
ret = false;
|
||||||
|
|
||||||
debug_return_bool(ret);
|
debug_return_bool(ret);
|
||||||
@@ -705,9 +697,7 @@ vlog_warning(int flags, int errnum, const char *fmt, va_list ap)
|
|||||||
}
|
}
|
||||||
sudoers_to_eventlog(&evlog, NewArgv, env_get(), sudo_user.uuid_str);
|
sudoers_to_eventlog(&evlog, NewArgv, env_get(), sudo_user.uuid_str);
|
||||||
eventlog_alert(&evlog, evl_flags, &now, message, errstr);
|
eventlog_alert(&evlog, evl_flags, &now, message, errstr);
|
||||||
|
log_server_alert(&evlog, &now, message, errstr);
|
||||||
log_server_alert(&evlog, &now, message, errstr,
|
|
||||||
sudoers_policy.event_alloc);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -836,10 +826,8 @@ mail_parse_errors(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
ret = eventlog_alert(&evlog, evl_flags, &now, mailbody, NULL);
|
ret = eventlog_alert(&evlog, evl_flags, &now, mailbody, NULL);
|
||||||
if (!log_server_alert(&evlog, &now, mailbody, NULL,
|
if (!log_server_alert(&evlog, &now, mailbody, NULL))
|
||||||
sudoers_policy.event_alloc)) {
|
|
||||||
ret = false;
|
ret = false;
|
||||||
}
|
|
||||||
|
|
||||||
done:
|
done:
|
||||||
free(mailbody);
|
free(mailbody);
|
||||||
|
|||||||
@@ -78,8 +78,8 @@ bool log_exit_status(int exit_status);
|
|||||||
bool log_auth_failure(int status, unsigned int tries);
|
bool log_auth_failure(int status, unsigned int tries);
|
||||||
bool log_denial(int status, bool inform_user);
|
bool log_denial(int status, bool inform_user);
|
||||||
bool log_failure(int status, int flags);
|
bool log_failure(int status, int flags);
|
||||||
bool log_server_alert(struct eventlog *evlog, struct timespec *now, const char *message, const char *errstr, struct sudo_plugin_event * (*event_alloc)(void));
|
bool log_server_alert(struct eventlog *evlog, struct timespec *now, const char *message, const char *errstr);
|
||||||
bool log_server_reject(struct eventlog *evlog, const char *message, struct sudo_plugin_event * (*event_alloc)(void));
|
bool log_server_reject(struct eventlog *evlog, const char *message);
|
||||||
bool log_warning(int flags, const char *fmt, ...) __printflike(2, 3);
|
bool log_warning(int flags, const char *fmt, ...) __printflike(2, 3);
|
||||||
bool log_warningx(int flags, const char *fmt, ...) __printflike(2, 3);
|
bool log_warningx(int flags, const char *fmt, ...) __printflike(2, 3);
|
||||||
bool gai_log_warning(int flags, int errnum, const char *fmt, ...) __printflike(3, 4);
|
bool gai_log_warning(int flags, int errnum, const char *fmt, ...) __printflike(3, 4);
|
||||||
|
|||||||
@@ -54,6 +54,7 @@ static const char *interfaces_string;
|
|||||||
bool sudoers_recovery = true;
|
bool sudoers_recovery = true;
|
||||||
sudo_conv_t sudo_conv;
|
sudo_conv_t sudo_conv;
|
||||||
sudo_printf_t sudo_printf;
|
sudo_printf_t sudo_printf;
|
||||||
|
struct sudo_plugin_event * (*plugin_event_alloc)(void);
|
||||||
const char *path_ldap_conf = _PATH_LDAP_CONF;
|
const char *path_ldap_conf = _PATH_LDAP_CONF;
|
||||||
const char *path_ldap_secret = _PATH_LDAP_SECRET;
|
const char *path_ldap_secret = _PATH_LDAP_SECRET;
|
||||||
static bool session_opened;
|
static bool session_opened;
|
||||||
@@ -1021,6 +1022,8 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
|
|||||||
sudo_version = version;
|
sudo_version = version;
|
||||||
sudo_conv = conversation;
|
sudo_conv = conversation;
|
||||||
sudo_printf = plugin_printf;
|
sudo_printf = plugin_printf;
|
||||||
|
if (sudoers_policy.event_alloc != NULL)
|
||||||
|
plugin_event_alloc = sudoers_policy.event_alloc;
|
||||||
|
|
||||||
/* Plugin args are only specified for API version 1.2 and higher. */
|
/* Plugin args are only specified for API version 1.2 and higher. */
|
||||||
if (sudo_version < SUDO_API_MKVERSION(1, 2))
|
if (sudo_version < SUDO_API_MKVERSION(1, 2))
|
||||||
|
|||||||
@@ -40,6 +40,7 @@ struct sudo_user sudo_user;
|
|||||||
struct passwd *list_pw;
|
struct passwd *list_pw;
|
||||||
sudo_printf_t sudo_printf;
|
sudo_printf_t sudo_printf;
|
||||||
sudo_conv_t sudo_conv;
|
sudo_conv_t sudo_conv;
|
||||||
|
struct sudo_plugin_event * (*plugin_event_alloc)(void);
|
||||||
|
|
||||||
sudo_dso_public int main(int argc, char *argv[], char *envp[]);
|
sudo_dso_public int main(int argc, char *argv[], char *envp[]);
|
||||||
|
|
||||||
|
|||||||
@@ -428,6 +428,7 @@ extern uid_t timestamp_uid;
|
|||||||
extern gid_t timestamp_gid;
|
extern gid_t timestamp_gid;
|
||||||
extern sudo_conv_t sudo_conv;
|
extern sudo_conv_t sudo_conv;
|
||||||
extern sudo_printf_t sudo_printf;
|
extern sudo_printf_t sudo_printf;
|
||||||
|
extern struct sudo_plugin_event * (*plugin_event_alloc)(void);
|
||||||
|
|
||||||
/* sudoers_debug.c */
|
/* sudoers_debug.c */
|
||||||
bool sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files, const char *entry);
|
bool sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files, const char *entry);
|
||||||
|
|||||||
Reference in New Issue
Block a user