diff --git a/include/sudo_eventlog.h b/include/sudo_eventlog.h index 38dc4cf08..a2b361977 100644 --- a/include/sudo_eventlog.h +++ b/include/sudo_eventlog.h @@ -91,5 +91,6 @@ bool eventlog_accept(const struct eventlog *details, struct timespec *submit_tim bool eventlog_alert(const struct eventlog *details, struct timespec *alert_time, const char *reason); bool eventlog_reject(const struct eventlog *details, const char *reason, struct timespec *submit_time, eventlog_json_callback_t info_cb, void *info); bool eventlog_setconf(struct eventlog_config *conf); +void eventlog_free(struct eventlog *evlog); #endif /* SUDO_EVENTLOG_H */ diff --git a/include/sudo_iolog.h b/include/sudo_iolog.h index 54786c4be..cbcd227e9 100644 --- a/include/sudo_iolog.h +++ b/include/sudo_iolog.h @@ -56,28 +56,6 @@ #define IOFD_TIMING 5 #define IOFD_MAX 6 -/* - * Info present in the I/O log file - */ -struct iolog_info { - char *cwd; - char *user; - char *runas_user; - char *runas_group; - char *runchroot; - char *runcwd; - char *tty; - char *cmd; - char *host; - struct timespec tstamp; - int lines; - int cols; - uid_t runas_uid; - gid_t runas_gid; - char **argv; - char **envp; -}; - struct timing_closure { struct timespec delay; const char *decimal; @@ -121,10 +99,9 @@ bool expand_iolog_path(const char *inpath, char *path, size_t pathlen, const str bool iolog_parse_timing(const char *line, struct timing_closure *timing); char *iolog_parse_delay(const char *cp, struct timespec *delay, const char *decimal_point); int iolog_read_timing_record(struct iolog_file *iol, struct timing_closure *timing); -struct iolog_info *iolog_parse_loginfo(int dfd, const char *iolog_dir); -bool iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct iolog_info *li); +struct eventlog *iolog_parse_loginfo(int dfd, const char *iolog_dir); +bool iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct eventlog *evlog); void iolog_adjust_delay(struct timespec *delay, struct timespec *max_delay, double scale_factor); -void iolog_free_loginfo(struct iolog_info *li); /* iolog_fileio.c */ struct passwd; @@ -136,7 +113,7 @@ bool iolog_mkpath(char *path); bool iolog_nextid(char *iolog_dir, char sessid[7]); bool iolog_open(struct iolog_file *iol, int dfd, int iofd, const char *mode); bool iolog_rename(const char *from, const char *to); -bool iolog_write_info_file(int dfd, const char *parent, struct iolog_info *log_info); +bool iolog_write_info_file(int dfd, struct eventlog *evlog); char *iolog_gets(struct iolog_file *iol, char *buf, size_t nbytes, const char **errsttr); const char *iolog_fd_to_name(int iofd); int iolog_openat(int fdf, const char *path, int flags); diff --git a/lib/eventlog/eventlog.c b/lib/eventlog/eventlog.c index 9a541a094..5e8a8c3e8 100644 --- a/lib/eventlog/eventlog.c +++ b/lib/eventlog/eventlog.c @@ -720,6 +720,43 @@ eventlog_alert(const struct eventlog *details, struct timespec *alert_time, debug_return_bool(ret); } +/* + * Free the strings in a struct eventlog. + */ +void +eventlog_free(struct eventlog *evlog) +{ + int i; + debug_decl(eventlog_free, SUDO_DEBUG_UTIL); + + if (evlog != NULL) { + free(evlog->iolog_path); + free(evlog->command); + free(evlog->cwd); + free(evlog->runchroot); + free(evlog->runcwd); + free(evlog->rungroup); + free(evlog->runuser); + free(evlog->submithost); + free(evlog->submituser); + free(evlog->submitgroup); + free(evlog->ttyname); + if (evlog->argv != NULL) { + for (i = 0; evlog->argv[i] != NULL; i++) + free(evlog->argv[i]); + free(evlog->argv); + } + if (evlog->envp != NULL) { + for (i = 0; evlog->envp[i] != NULL; i++) + free(evlog->envp[i]); + free(evlog->envp); + } + free(evlog); + } + + debug_return; +} + /* * Set eventlog config settings. */ diff --git a/lib/iolog/Makefile.in b/lib/iolog/Makefile.in index 68b09c4b0..20a840d5e 100644 --- a/lib/iolog/Makefile.in +++ b/lib/iolog/Makefile.in @@ -76,7 +76,7 @@ PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE) # Regression tests TEST_PROGS = check_iolog_json check_iolog_mkpath check_iolog_path check_iolog_util host_port_test -TEST_LIBS = @LIBS@ +TEST_LIBS = @LIBS@ $(top_builddir)/lib/eventlog/libsudo_eventlog.la TEST_LDFLAGS = @LDFLAGS@ # Set to non-empty for development mode @@ -298,7 +298,7 @@ hostcheck.plog: hostcheck.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/hostcheck.c --i-file $< --output-file $@ iolog_fileio.lo: $(srcdir)/iolog_fileio.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \ - $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \ + $(incdir)/sudo_debug.h $(incdir)/sudo_eventlog.h \ $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ $(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ @@ -307,7 +307,7 @@ iolog_fileio.lo: $(srcdir)/iolog_fileio.c $(incdir)/compat/stdbool.h \ $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_fileio.c iolog_fileio.i: $(srcdir)/iolog_fileio.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \ - $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \ + $(incdir)/sudo_debug.h $(incdir)/sudo_eventlog.h \ $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ $(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ @@ -318,19 +318,19 @@ iolog_fileio.plog: iolog_fileio.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_fileio.c --i-file $< --output-file $@ iolog_json.lo: $(srcdir)/iolog_json.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \ - $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ - $(incdir)/sudo_util.h $(srcdir)/iolog_json.h \ - $(top_builddir)/config.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \ + $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ + $(srcdir)/iolog_json.h $(top_builddir)/config.h $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_json.c iolog_json.i: $(srcdir)/iolog_json.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \ - $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ - $(incdir)/sudo_util.h $(srcdir)/iolog_json.h \ - $(top_builddir)/config.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \ + $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ + $(srcdir)/iolog_json.h $(top_builddir)/config.h $(CC) -E -o $@ $(CPPFLAGS) $< iolog_json.plog: iolog_json.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_json.c --i-file $< --output-file $@ @@ -352,17 +352,17 @@ iolog_path.plog: iolog_path.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_path.c --i-file $< --output-file $@ iolog_util.lo: $(srcdir)/iolog_util.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ - $(top_builddir)/config.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ + $(incdir)/sudo_util.h $(top_builddir)/config.h $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_util.c iolog_util.i: $(srcdir)/iolog_util.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ - $(top_builddir)/config.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ + $(incdir)/sudo_util.h $(top_builddir)/config.h $(CC) -E -o $@ $(CPPFLAGS) $< iolog_util.plog: iolog_util.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_util.c --i-file $< --output-file $@ diff --git a/lib/iolog/iolog_fileio.c b/lib/iolog/iolog_fileio.c index 288ae7df9..9d5c88dbb 100644 --- a/lib/iolog/iolog_fileio.c +++ b/lib/iolog/iolog_fileio.c @@ -41,7 +41,7 @@ #include "sudo_compat.h" #include "sudo_conf.h" #include "sudo_debug.h" -#include "sudo_event.h" +#include "sudo_eventlog.h" #include "sudo_fatal.h" #include "sudo_gettext.h" #include "sudo_iolog.h" @@ -887,8 +887,7 @@ iolog_gets(struct iolog_file *iol, char *buf, size_t nbytes, * This file is not compressed. */ static bool -iolog_write_info_file_legacy(int dfd, const char *parent, - struct iolog_info *log_info) +iolog_write_info_file_legacy(int dfd, struct eventlog *evlog) { char * const *av; FILE *fp; @@ -898,7 +897,7 @@ iolog_write_info_file_legacy(int dfd, const char *parent, fd = iolog_openat(dfd, "log", O_CREAT|O_TRUNC|O_WRONLY); if (fd == -1 || (fp = fdopen(fd, "w")) == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "unable to open %s/log", parent); + "unable to open %s/log", evlog->iolog_path); if (fd != -1) close(fd); debug_return_bool(false); @@ -906,19 +905,19 @@ iolog_write_info_file_legacy(int dfd, const char *parent, if (fchown(fd, iolog_uid, iolog_gid) != 0) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, "%s: unable to fchown %d:%d %s/log", __func__, - (int)iolog_uid, (int)iolog_gid, parent); + (int)iolog_uid, (int)iolog_gid, evlog->iolog_path); } fprintf(fp, "%lld:%s:%s:%s:%s:%d:%d\n%s\n", - (long long)log_info->tstamp.tv_sec, - log_info->user ? log_info->user : "unknown", - log_info->runas_user ? log_info->runas_user : RUNAS_DEFAULT, - log_info->runas_group ? log_info->runas_group : "", - log_info->tty ? log_info->tty : "unknown", - log_info->lines, log_info->cols, - log_info->cwd ? log_info->cwd : "unknown"); - fputs(log_info->cmd ? log_info->cmd : "unknown", fp); - for (av = log_info->argv + 1; *av != NULL; av++) { + (long long)evlog->submit_time.tv_sec, + evlog->submituser ? evlog->submituser : "unknown", + evlog->runuser ? evlog->runuser : RUNAS_DEFAULT, + evlog->rungroup ? evlog->rungroup : "", + evlog->ttyname ? evlog->ttyname : "unknown", + evlog->lines, evlog->columns, + evlog->cwd ? evlog->cwd : "unknown"); + fputs(evlog->command ? evlog->command : "unknown", fp); + for (av = evlog->argv + 1; *av != NULL; av++) { fputc(' ', fp); fputs(*av, fp); } @@ -926,7 +925,7 @@ iolog_write_info_file_legacy(int dfd, const char *parent, fflush(fp); if ((error = ferror(fp))) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "unable to write to I/O log file %s/log", parent); + "unable to write to I/O log file %s/log", evlog->iolog_path); } fclose(fp); @@ -938,7 +937,7 @@ iolog_write_info_file_legacy(int dfd, const char *parent, * This file is not compressed. */ static bool -iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) +iolog_write_info_file_json(int dfd, struct eventlog *evlog) { struct json_container json; struct json_value json_value; @@ -949,7 +948,8 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) char *cp; debug_decl(iolog_write_info_file_json, SUDO_DEBUG_UTIL); - if (info->cmd == NULL || info->user == NULL || info->runas_user == NULL) + if (evlog->command == NULL || evlog->submituser == NULL || + evlog->submituser == NULL) debug_return_bool(false); if (!sudo_json_init(&json, 4, false, false)) @@ -960,12 +960,12 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) goto oom; json_value.type = JSON_NUMBER; - json_value.u.number = info->tstamp.tv_sec; + json_value.u.number = evlog->submit_time.tv_sec; if (!sudo_json_add_value(&json, "seconds", &json_value)) goto oom; json_value.type = JSON_NUMBER; - json_value.u.number = info->tstamp.tv_nsec; + json_value.u.number = evlog->submit_time.tv_nsec; if (!sudo_json_add_value(&json, "nanoseconds", &json_value)) goto oom; @@ -973,25 +973,25 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) goto oom; json_value.type = JSON_NUMBER; - json_value.u.number = info->cols; + json_value.u.number = evlog->columns; if (!sudo_json_add_value(&json, "columns", &json_value)) goto oom; /* Required */ json_value.type = JSON_STRING; - json_value.u.string = info->cmd; + json_value.u.string = evlog->command; if (!sudo_json_add_value(&json, "command", &json_value)) goto oom; json_value.type = JSON_NUMBER; - json_value.u.number = info->lines; + json_value.u.number = evlog->lines; if (!sudo_json_add_value(&json, "lines", &json_value)) goto oom; - if (info->argv != NULL) { + if (evlog->argv != NULL) { if (!sudo_json_open_array(&json, "runargv")) goto oom; - for (i = 0; (cp = info->argv[i]) != NULL; i++) { + for (i = 0; (cp = evlog->argv[i]) != NULL; i++) { json_value.type = JSON_STRING; json_value.u.string = cp; if (!sudo_json_add_value(&json, NULL, &json_value)) @@ -1001,10 +1001,10 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) goto oom; } - if (info->envp != NULL) { + if (evlog->envp != NULL) { if (!sudo_json_open_array(&json, "runenv")) goto oom; - for (i = 0; (cp = info->envp[i]) != NULL; i++) { + for (i = 0; (cp = evlog->envp[i]) != NULL; i++) { json_value.type = JSON_STRING; json_value.u.string = cp; if (!sudo_json_add_value(&json, NULL, &json_value)) @@ -1014,70 +1014,70 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) goto oom; } - if (info->runas_group!= NULL) { - if (info->runas_gid != (gid_t)-1) { + if (evlog->rungroup!= NULL) { + if (evlog->rungid != (gid_t)-1) { json_value.type = JSON_ID; - json_value.u.id = info->runas_gid; + json_value.u.id = evlog->rungid; if (!sudo_json_add_value(&json, "rungid", &json_value)) goto oom; } json_value.type = JSON_STRING; - json_value.u.string = info->runas_group; + json_value.u.string = evlog->rungroup; if (!sudo_json_add_value(&json, "rungroup", &json_value)) goto oom; } - if (info->runas_uid != (uid_t)-1) { + if (evlog->runuid != (uid_t)-1) { json_value.type = JSON_ID; - json_value.u.id = info->runas_uid; + json_value.u.id = evlog->runuid; if (!sudo_json_add_value(&json, "runuid", &json_value)) goto oom; } - if (info->runchroot != NULL) { + if (evlog->runchroot != NULL) { json_value.type = JSON_STRING; - json_value.u.string = info->runchroot; + json_value.u.string = evlog->runchroot; if (!sudo_json_add_value(&json, "runchroot", &json_value)) goto oom; } - if (info->runcwd != NULL) { + if (evlog->runcwd != NULL) { json_value.type = JSON_STRING; - json_value.u.string = info->runcwd; + json_value.u.string = evlog->runcwd; if (!sudo_json_add_value(&json, "runcwd", &json_value)) goto oom; } /* Required */ json_value.type = JSON_STRING; - json_value.u.string = info->runas_user; + json_value.u.string = evlog->runuser; if (!sudo_json_add_value(&json, "runuser", &json_value)) goto oom; - if (info->cwd != NULL) { + if (evlog->cwd != NULL) { json_value.type = JSON_STRING; - json_value.u.string = info->cwd; + json_value.u.string = evlog->cwd; if (!sudo_json_add_value(&json, "submitcwd", &json_value)) goto oom; } - if (info->host != NULL) { + if (evlog->submithost != NULL) { json_value.type = JSON_STRING; - json_value.u.string = info->host; + json_value.u.string = evlog->submithost; if (!sudo_json_add_value(&json, "submithost", &json_value)) goto oom; } /* Required */ json_value.type = JSON_STRING; - json_value.u.string = info->user; + json_value.u.string = evlog->submituser; if (!sudo_json_add_value(&json, "submituser", &json_value)) goto oom; - if (info->tty != NULL) { + if (evlog->ttyname != NULL) { json_value.type = JSON_STRING; - json_value.u.string = info->tty; + json_value.u.string = evlog->ttyname; if (!sudo_json_add_value(&json, "ttyname", &json_value)) goto oom; } @@ -1085,14 +1085,14 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) fd = iolog_openat(dfd, "log.json", O_CREAT|O_TRUNC|O_WRONLY); if (fd == -1 || (fp = fdopen(fd, "w")) == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "unable to open %s/log.json", parent); + "unable to open %s/log.json", evlog->iolog_path); goto done; } if (fchown(fd, iolog_uid, iolog_gid) != 0) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO, "%s: unable to fchown %d:%d %s/log", __func__, - (int)iolog_uid, (int)iolog_gid, parent); + (int)iolog_uid, (int)iolog_gid, evlog->iolog_path); } fd = -1; @@ -1100,7 +1100,7 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info) fflush(fp); if (ferror(fp)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "unable to write to I/O log file %s/log.json", parent); + "unable to write to I/O log file %s/log.json", evlog->iolog_path); goto done; } @@ -1124,14 +1124,13 @@ done: * These files are not compressed. */ bool -iolog_write_info_file(int dfd, const char *parent, - struct iolog_info *log_info) +iolog_write_info_file(int dfd, struct eventlog *evlog) { debug_decl(iolog_write_info_file, SUDO_DEBUG_UTIL); - if (!iolog_write_info_file_legacy(dfd, parent, log_info)) + if (!iolog_write_info_file_legacy(dfd, evlog)) debug_return_bool(false); - if (!iolog_write_info_file_json(dfd, parent, log_info)) + if (!iolog_write_info_file_json(dfd, evlog)) debug_return_bool(false); debug_return_bool(true); diff --git a/lib/iolog/iolog_json.c b/lib/iolog/iolog_json.c index da7f40f9a..684f938c0 100644 --- a/lib/iolog/iolog_json.c +++ b/lib/iolog/iolog_json.c @@ -39,6 +39,7 @@ #include "sudo_compat.h" #include "sudo_debug.h" +#include "sudo_eventlog.h" #include "sudo_fatal.h" #include "sudo_gettext.h" #include "sudo_iolog.h" @@ -54,48 +55,48 @@ struct json_stack { #define JSON_STACK_INTIALIZER(s) { 0, nitems((s).frames) }; static bool -json_store_columns(struct json_item *item, struct iolog_info *li) +json_store_columns(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_columns, SUDO_DEBUG_UTIL); if (item->u.number < 1 || item->u.number > INT_MAX) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "tty cols %lld: out of range", item->u.number); - li->cols = 0; + evlog->columns = 0; debug_return_bool(false); } - li->cols = item->u.number; + evlog->columns = item->u.number; debug_return_bool(true); } static bool -json_store_command(struct json_item *item, struct iolog_info *li) +json_store_command(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_command, SUDO_DEBUG_UTIL); /* - * Note: struct iolog_info must store command + args. + * Note: struct eventlog must store command + args. * We don't have argv yet so we append the args later. */ - li->cmd = item->u.string; + evlog->command = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_lines(struct json_item *item, struct iolog_info *li) +json_store_lines(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_lines, SUDO_DEBUG_UTIL); if (item->u.number < 1 || item->u.number > INT_MAX) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "tty lines %lld: out of range", item->u.number); - li->lines = 0; + evlog->lines = 0; debug_return_bool(false); } - li->lines = item->u.number; + evlog->lines = item->u.number; debug_return_bool(true); } @@ -130,115 +131,115 @@ json_array_to_strvec(struct json_object *array) } static bool -json_store_runargv(struct json_item *item, struct iolog_info *li) +json_store_runargv(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_runargv, SUDO_DEBUG_UTIL); - li->argv = json_array_to_strvec(&item->u.child); + evlog->argv = json_array_to_strvec(&item->u.child); - debug_return_bool(li->argv != NULL); + debug_return_bool(evlog->argv != NULL); } static bool -json_store_runenv(struct json_item *item, struct iolog_info *li) +json_store_runenv(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_runenv, SUDO_DEBUG_UTIL); - li->envp = json_array_to_strvec(&item->u.child); + evlog->envp = json_array_to_strvec(&item->u.child); - debug_return_bool(li->envp != NULL); + debug_return_bool(evlog->envp != NULL); } static bool -json_store_rungid(struct json_item *item, struct iolog_info *li) +json_store_rungid(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_rungid, SUDO_DEBUG_UTIL); - li->runas_gid = (gid_t)item->u.number; + evlog->rungid = (gid_t)item->u.number; debug_return_bool(true); } static bool -json_store_rungroup(struct json_item *item, struct iolog_info *li) +json_store_rungroup(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_rungroup, SUDO_DEBUG_UTIL); - li->runas_group = item->u.string; + evlog->rungroup = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_runuid(struct json_item *item, struct iolog_info *li) +json_store_runuid(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_runuid, SUDO_DEBUG_UTIL); - li->runas_uid = (uid_t)item->u.number; + evlog->runuid = (uid_t)item->u.number; debug_return_bool(true); } static bool -json_store_runuser(struct json_item *item, struct iolog_info *li) +json_store_runuser(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_runuser, SUDO_DEBUG_UTIL); - li->runas_user = item->u.string; + evlog->runuser = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_runchroot(struct json_item *item, struct iolog_info *li) +json_store_runchroot(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_runchroot, SUDO_DEBUG_UTIL); - li->runchroot = item->u.string; + evlog->runchroot = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_runcwd(struct json_item *item, struct iolog_info *li) +json_store_runcwd(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_runcwd, SUDO_DEBUG_UTIL); - li->runcwd = item->u.string; + evlog->runcwd = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_submitcwd(struct json_item *item, struct iolog_info *li) +json_store_submitcwd(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_submitcwd, SUDO_DEBUG_UTIL); - li->cwd = item->u.string; + evlog->cwd = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_submithost(struct json_item *item, struct iolog_info *li) +json_store_submithost(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_submithost, SUDO_DEBUG_UTIL); - li->host = item->u.string; + evlog->submithost = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_submituser(struct json_item *item, struct iolog_info *li) +json_store_submituser(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_submituser, SUDO_DEBUG_UTIL); - li->user = item->u.string; + evlog->submituser = item->u.string; item->u.string = NULL; debug_return_bool(true); } static bool -json_store_timestamp(struct json_item *item, struct iolog_info *li) +json_store_timestamp(struct json_item *item, struct eventlog *evlog) { struct json_object *object; debug_decl(json_store_timestamp, SUDO_DEBUG_UTIL); @@ -248,11 +249,11 @@ json_store_timestamp(struct json_item *item, struct iolog_info *li) if (item->type != JSON_NUMBER) continue; if (strcmp(item->name, "seconds") == 0) { - li->tstamp.tv_sec = item->u.number; + evlog->submit_time.tv_sec = item->u.number; continue; } if (strcmp(item->name, "nanoseconds") == 0) { - li->tstamp.tv_nsec = item->u.number; + evlog->submit_time.tv_nsec = item->u.number; continue; } } @@ -260,11 +261,11 @@ json_store_timestamp(struct json_item *item, struct iolog_info *li) } static bool -json_store_ttyname(struct json_item *item, struct iolog_info *li) +json_store_ttyname(struct json_item *item, struct eventlog *evlog) { debug_decl(json_store_ttyname, SUDO_DEBUG_UTIL); - li->tty = item->u.string; + evlog->ttyname = item->u.string; item->u.string = NULL; debug_return_bool(true); } @@ -272,7 +273,7 @@ json_store_ttyname(struct json_item *item, struct iolog_info *li) static struct iolog_json_key { const char *name; enum json_value_type type; - bool (*setter)(struct json_item *, struct iolog_info *); + bool (*setter)(struct json_item *, struct eventlog *); } iolog_json_keys[] = { { "columns", JSON_NUMBER, json_store_columns }, { "command", JSON_STRING, json_store_command }, @@ -401,7 +402,7 @@ free_json_items(struct json_item_list *items) } static bool -iolog_parse_json_object(struct json_object *object, struct iolog_info *li) +iolog_parse_json_object(struct json_object *object, struct eventlog *evlog) { struct json_item *item; bool ret = false; @@ -434,7 +435,7 @@ iolog_parse_json_object(struct json_object *object, struct iolog_info *li) goto done; } else { /* Matched name and type. */ - if (!key->setter(item, li)) { + if (!key->setter(item, evlog)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "unable to store %s", key->name); goto done; @@ -443,14 +444,14 @@ iolog_parse_json_object(struct json_object *object, struct iolog_info *li) } /* Merge cmd and argv as sudoreplay expects. */ - if (li->cmd != NULL && li->argv != NULL) { - size_t len = strlen(li->cmd) + 1; + if (evlog->command != NULL && evlog->argv != NULL) { + size_t len = strlen(evlog->command) + 1; char *newcmd; int ac; - /* Skip argv[0], we use li->cmd instead. */ - for (ac = 1; li->argv[ac] != NULL; ac++) - len += strlen(li->argv[ac]) + 1; + /* Skip argv[0], we use evlog->command instead. */ + for (ac = 1; evlog->argv[ac] != NULL; ac++) + len += strlen(evlog->argv[ac]) + 1; if ((newcmd = malloc(len)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); @@ -458,17 +459,17 @@ iolog_parse_json_object(struct json_object *object, struct iolog_info *li) } /* TODO: optimize this. */ - if (strlcpy(newcmd, li->cmd, len) >= len) + if (strlcpy(newcmd, evlog->command, len) >= len) sudo_fatalx(U_("internal error, %s overflow"), __func__); - for (ac = 1; li->argv[ac] != NULL; ac++) { + for (ac = 1; evlog->argv[ac] != NULL; ac++) { if (strlcat(newcmd, " ", len) >= len) sudo_fatalx(U_("internal error, %s overflow"), __func__); - if (strlcat(newcmd, li->argv[ac], len) >= len) + if (strlcat(newcmd, evlog->argv[ac], len) >= len) sudo_fatalx(U_("internal error, %s overflow"), __func__); } - free(li->cmd); - li->cmd = newcmd; + free(evlog->command); + evlog->command = newcmd; } ret = true; @@ -770,7 +771,7 @@ done: } bool -iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct iolog_info *li) +iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct eventlog *evlog) { struct json_object root; bool ret = false; @@ -778,7 +779,7 @@ iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct iolog_info *li) if (iolog_parse_json(fp, iolog_dir, &root)) { /* Walk the stack and parse entries. */ - ret = iolog_parse_json_object(&root, li); + ret = iolog_parse_json_object(&root, evlog); /* Cleanup. */ free_json_items(&root.items); diff --git a/lib/iolog/iolog_util.c b/lib/iolog/iolog_util.c index 5a0c0c9ec..7af33d9e6 100644 --- a/lib/iolog/iolog_util.c +++ b/lib/iolog/iolog_util.c @@ -41,6 +41,7 @@ #include "sudo_compat.h" #include "sudo_debug.h" +#include "sudo_eventlog.h" #include "sudo_fatal.h" #include "sudo_gettext.h" #include "sudo_iolog.h" @@ -50,7 +51,7 @@ static int timing_event_adj; static bool iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, - struct iolog_info *li) + struct eventlog *evlog) { char *buf = NULL, *cp, *ep; const char *errstr; @@ -65,15 +66,15 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, * 3) command with args */ if (getdelim(&buf, &bufsize, '\n', fp) == -1 || - getdelim(&li->cwd, &cwdsize, '\n', fp) == -1 || - getdelim(&li->cmd, &cmdsize, '\n', fp) == -1) { + getdelim(&evlog->cwd, &cwdsize, '\n', fp) == -1 || + getdelim(&evlog->command, &cmdsize, '\n', fp) == -1) { sudo_warn(U_("%s: invalid log file"), iolog_dir); goto done; } /* Strip the newline from the cwd and command. */ - li->cwd[strcspn(li->cwd, "\n")] = '\0'; - li->cmd[strcspn(li->cmd, "\n")] = '\0'; + evlog->cwd[strcspn(evlog->cwd, "\n")] = '\0'; + evlog->command[strcspn(evlog->command, "\n")] = '\0'; /* * Crack the log line (lines and cols not present in old versions). @@ -89,7 +90,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, goto done; } *ep = '\0'; - li->tstamp.tv_sec = sudo_strtonum(cp, 0, TIME_T_MAX, &errstr); + evlog->submit_time.tv_sec = sudo_strtonum(cp, 0, TIME_T_MAX, &errstr); if (errstr != NULL) { sudo_warn(U_("%s: time stamp %s: %s"), iolog_dir, cp, errstr); goto done; @@ -101,7 +102,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, sudo_warn(U_("%s: user field is missing"), iolog_dir); goto done; } - if ((li->user = strndup(cp, (size_t)(ep - cp))) == NULL) + if ((evlog->submituser = strndup(cp, (size_t)(ep - cp))) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); /* runas user */ @@ -110,7 +111,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, sudo_warn(U_("%s: runas user field is missing"), iolog_dir); goto done; } - if ((li->runas_user = strndup(cp, (size_t)(ep - cp))) == NULL) + if ((evlog->runuser = strndup(cp, (size_t)(ep - cp))) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); /* runas group */ @@ -120,7 +121,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, goto done; } if (cp != ep) { - if ((li->runas_group = strndup(cp, (size_t)(ep - cp))) == NULL) + if ((evlog->rungroup = strndup(cp, (size_t)(ep - cp))) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); } @@ -128,11 +129,11 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, cp = ep + 1; if ((ep = strchr(cp, ':')) == NULL) { /* just the tty */ - if ((li->tty = strdup(cp)) == NULL) + if ((evlog->ttyname = strdup(cp)) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); } else { /* tty followed by lines + cols */ - if ((li->tty = strndup(cp, (size_t)(ep - cp))) == NULL) + if ((evlog->ttyname = strndup(cp, (size_t)(ep - cp))) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); cp = ep + 1; /* need to NULL out separator to use sudo_strtonum() */ @@ -140,14 +141,14 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir, if ((ep = strchr(cp, ':')) != NULL) { *ep = '\0'; } - li->lines = sudo_strtonum(cp, 1, INT_MAX, &errstr); + evlog->lines = sudo_strtonum(cp, 1, INT_MAX, &errstr); if (errstr != NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "%s: tty lines %s: %s", iolog_dir, cp, errstr); } if (ep != NULL) { cp = ep + 1; - li->cols = sudo_strtonum(cp, 1, INT_MAX, &errstr); + evlog->columns = sudo_strtonum(cp, 1, INT_MAX, &errstr); if (errstr != NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "%s: tty cols %s: %s", iolog_dir, cp, errstr); @@ -162,10 +163,10 @@ done: debug_return_bool(ret); } -struct iolog_info * +struct eventlog * iolog_parse_loginfo(int dfd, const char *iolog_dir) { - struct iolog_info *li = NULL; + struct eventlog *evlog = NULL; FILE *fp = NULL; int fd = -1; int tmpfd = -1; @@ -191,16 +192,16 @@ iolog_parse_loginfo(int dfd, const char *iolog_dir) } fd = -1; - if ((li = calloc(1, sizeof(*li))) == NULL) + if ((evlog = calloc(1, sizeof(*evlog))) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - li->runas_uid = (uid_t)-1; - li->runas_gid = (gid_t)-1; + evlog->runuid = (uid_t)-1; + evlog->rungid = (gid_t)-1; - ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, li) : - iolog_parse_loginfo_json(fp, iolog_dir, li); + ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, evlog) : + iolog_parse_loginfo_json(fp, iolog_dir, evlog); if (ok) { fclose(fp); - debug_return_ptr(li); + debug_return_ptr(evlog); } bad: @@ -208,7 +209,7 @@ bad: close(fd); if (fp != NULL) fclose(fp); - iolog_free_loginfo(li); + eventlog_free(evlog); debug_return_ptr(NULL); } @@ -428,32 +429,3 @@ iolog_read_timing_record(struct iolog_file *iol, struct timing_closure *timing) debug_return_int(0); } - -void -iolog_free_loginfo(struct iolog_info *li) -{ - char **p; - - if (li != NULL) { - if (li->argv != NULL) { - for (p = li->argv; *p != NULL; p++) - free(*p); - free(li->argv); - } - if (li->envp != NULL) { - for (p = li->envp; *p != NULL; p++) - free(*p); - free(li->envp); - } - free(li->cwd); - free(li->user); - free(li->runas_user); - free(li->runas_group); - free(li->runchroot); - free(li->runcwd); - free(li->tty); - free(li->cmd); - free(li->host); - free(li); - } -} diff --git a/logsrvd/Makefile.in b/logsrvd/Makefile.in index 1eb6aaf79..2be670981 100644 --- a/logsrvd/Makefile.in +++ b/logsrvd/Makefile.in @@ -293,20 +293,22 @@ sendlog.o: $(srcdir)/sendlog.c $(incdir)/compat/getaddrinfo.h \ $(incdir)/hostcheck.h $(incdir)/log_server.pb-c.h \ $(incdir)/protobuf-c/protobuf-c.h $(incdir)/sudo_compat.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ - $(srcdir)/logsrv_util.h $(srcdir)/sendlog.h $(top_builddir)/config.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ + $(incdir)/sudo_util.h $(srcdir)/logsrv_util.h $(srcdir)/sendlog.h \ + $(top_builddir)/config.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sendlog.c sendlog.i: $(srcdir)/sendlog.c $(incdir)/compat/getaddrinfo.h \ $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \ $(incdir)/hostcheck.h $(incdir)/log_server.pb-c.h \ $(incdir)/protobuf-c/protobuf-c.h $(incdir)/sudo_compat.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ - $(srcdir)/logsrv_util.h $(srcdir)/sendlog.h $(top_builddir)/config.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ + $(incdir)/sudo_util.h $(srcdir)/logsrv_util.h $(srcdir)/sendlog.h \ + $(top_builddir)/config.h $(CC) -E -o $@ $(CPPFLAGS) $< sendlog.plog: sendlog.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sendlog.c --i-file $< --output-file $@ diff --git a/logsrvd/iolog_writer.c b/logsrvd/iolog_writer.c index 88b4ed83f..c69f58117 100644 --- a/logsrvd/iolog_writer.c +++ b/logsrvd/iolog_writer.c @@ -104,55 +104,24 @@ bad: debug_return_ptr(NULL); } -/* - * Free the strings in a struct eventlog. - */ -void -evlog_free(struct eventlog *evlog) -{ - int i; - debug_decl(evlog_free, SUDO_DEBUG_UTIL); - - if (evlog != NULL) { - free(evlog->iolog_path); - free(evlog->command); - free(evlog->cwd); - free(evlog->runchroot); - free(evlog->runcwd); - free(evlog->rungroup); - free(evlog->runuser); - free(evlog->submithost); - free(evlog->submituser); - free(evlog->submitgroup); - free(evlog->ttyname); - if (evlog->argv != NULL) { - for (i = 0; evlog->argv[i] != NULL; i++) - free(evlog->argv[i]); - free(evlog->argv); - } - if (evlog->envp != NULL) { - for (i = 0; evlog->envp[i] != NULL; i++) - free(evlog->envp[i]); - free(evlog->envp); - } - } - - debug_return; -} - /* * Fill in eventlog details from an AcceptMessage * Caller is responsible for freeing strings in struct eventlog. * Returns true on success and false on failure. */ -bool -evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, - InfoMessage **info_msgs, size_t infolen) +struct eventlog * +evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen) { + struct eventlog *evlog; size_t idx; - bool ret = false; - debug_decl(evlog_fill, SUDO_DEBUG_UTIL); + debug_decl(evlog_new, SUDO_DEBUG_UTIL); + evlog = calloc(1, sizeof(*evlog)); + if (evlog == NULL) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, + "calloc(1, %zu)", sizeof(*evlog)); + goto bad; + } memset(evlog, 0, sizeof(*evlog)); /* Submit time. */ @@ -189,7 +158,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -217,7 +186,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, if (has_strlistval(info)) { evlog->argv = strlist_copy(info->u.strlistval); if (evlog->argv == NULL) - goto done; + goto bad; } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "runargv specified but not a string list"); @@ -230,7 +199,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -244,7 +213,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -256,7 +225,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, if (has_strlistval(info)) { evlog->envp = strlist_copy(info->u.strlistval); if (evlog->envp == NULL) - goto done; + goto bad; } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "runenv specified but not a string list"); @@ -281,7 +250,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -307,7 +276,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -323,7 +292,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -337,7 +306,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -351,7 +320,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -365,7 +334,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -381,7 +350,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } else { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, @@ -397,22 +366,22 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, if (evlog->submituser == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "missing submituser in AcceptMessage"); - goto done; + goto bad; } if (evlog->submithost == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "missing submithost in AcceptMessage"); - goto done; + goto bad; } if (evlog->runuser == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "missing runuser in AcceptMessage"); - goto done; + goto bad; } if (evlog->command == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "missing command in AcceptMessage"); - goto done; + goto bad; } /* Other settings that must exist for event logging. */ @@ -421,7 +390,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } if (evlog->runcwd == NULL) { @@ -429,7 +398,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } if (evlog->submitgroup == NULL) { @@ -438,7 +407,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } if (evlog->ttyname == NULL) { @@ -446,16 +415,15 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, sudo_debug_printf( SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); - goto done; + goto bad; } } - ret = true; + debug_return_ptr(evlog); -done: - if (!ret) - evlog_free(evlog); - debug_return_bool(ret); +bad: + eventlog_free(evlog); + debug_return_ptr(NULL); } struct iolog_path_closure { @@ -597,7 +565,7 @@ static const struct iolog_path_escape path_escapes[] = { static bool create_iolog_path(struct connection_closure *closure) { - struct eventlog *evlog = &closure->evlog; + struct eventlog *evlog = closure->evlog; struct iolog_path_closure path_closure; char expanded_dir[PATH_MAX], expanded_file[PATH_MAX], pathbuf[PATH_MAX]; size_t len; @@ -661,38 +629,6 @@ bad: debug_return_bool(false); } -/* - * Write the sudo-style I/O log info file containing user and command info. - */ -static bool -iolog_details_write(struct eventlog *evlog, struct connection_closure *closure) -{ - struct iolog_info log_info; - debug_decl(iolog_details_write, SUDO_DEBUG_UTIL); - - /* Convert to iolog_info */ - memset(&log_info, 0, sizeof(log_info)); - log_info.cwd = evlog->cwd; - log_info.user = evlog->submituser; - log_info.runchroot = evlog->runchroot; - log_info.runcwd = evlog->runcwd; - log_info.runas_user = evlog->runuser; - log_info.runas_group = evlog->rungroup; - log_info.tty = evlog->ttyname; - log_info.cmd = evlog->command; - log_info.host = evlog->submithost; - log_info.tstamp = evlog->submit_time; - log_info.lines = evlog->lines; - log_info.cols = evlog->columns; - log_info.runas_uid = evlog->runuid; - log_info.runas_gid = evlog->rungid; - log_info.argv = evlog->argv; - log_info.envp = evlog->envp; - - debug_return_bool(iolog_write_info_file(closure->iolog_dir_fd, - evlog->iolog_path, &log_info)); -} - static bool iolog_create(int iofd, struct connection_closure *closure) { @@ -733,6 +669,7 @@ iolog_close_all(struct connection_closure *closure) bool iolog_init(AcceptMessage *msg, struct connection_closure *closure) { + struct eventlog *evlog = closure->evlog; debug_decl(iolog_init, SUDO_DEBUG_UTIL); /* Create I/O log path */ @@ -740,7 +677,7 @@ iolog_init(AcceptMessage *msg, struct connection_closure *closure) debug_return_bool(false); /* Write sudo I/O log info file */ - if (!iolog_details_write(&closure->evlog, closure)) + if (!iolog_write_info_file(closure->iolog_dir_fd, evlog)) debug_return_bool(false); /* @@ -792,6 +729,7 @@ iolog_copy(struct iolog_file *src, struct iolog_file *dst, off_t remainder, static bool iolog_rewrite(const struct timespec *target, struct connection_closure *closure) { + const struct eventlog *evlog = closure->evlog; struct iolog_file new_iolog_files[IOFD_MAX]; off_t iolog_file_sizes[IOFD_MAX] = { 0 }; struct timing_closure timing; @@ -838,10 +776,10 @@ iolog_rewrite(const struct timespec *target, struct connection_closure *closure) /* Create new I/O log files in a temporary directory. */ len = snprintf(tmpdir, sizeof(tmpdir), "%s/restart.XXXXXX", - closure->evlog.iolog_path); + evlog->iolog_path); if (len < 0 || len >= ssizeof(tmpdir)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to format %s/restart.XXXXXX", closure->evlog.iolog_path); + "unable to format %s/restart.XXXXXX", evlog->iolog_path); goto done; } if (!iolog_mkdtemp(tmpdir)) { @@ -879,7 +817,7 @@ iolog_rewrite(const struct timespec *target, struct connection_closure *closure) name = iolog_fd_to_name(iofd); sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, "unable to copy %s/%s to %s/%s: %s", - closure->evlog.iolog_path, name, tmpdir, name, errstr); + evlog->iolog_path, name, tmpdir, name, errstr); goto done; } } @@ -899,11 +837,11 @@ iolog_rewrite(const struct timespec *target, struct connection_closure *closure) "unable to format %s/%s", tmpdir, name); goto done; } - len = snprintf(to, sizeof(to), "%s/%s", closure->evlog.iolog_path, + len = snprintf(to, sizeof(to), "%s/%s", evlog->iolog_path, name); if (len < 0 || len >= ssizeof(from)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to format %s/%s", closure->evlog.iolog_path, name); + "unable to format %s/%s", evlog->iolog_path, name); goto done; } if (!iolog_rename(from, to)) { @@ -943,6 +881,7 @@ done: bool iolog_restart(RestartMessage *msg, struct connection_closure *closure) { + struct eventlog *evlog = closure->evlog; struct timespec target; struct stat sb; int iofd; @@ -951,7 +890,7 @@ iolog_restart(RestartMessage *msg, struct connection_closure *closure) target.tv_sec = msg->resume_point->tv_sec; target.tv_nsec = msg->resume_point->tv_nsec; - if ((closure->evlog.iolog_path = strdup(msg->log_id)) == NULL) { + if ((evlog->iolog_path = strdup(msg->log_id)) == NULL) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "strdup"); goto bad; @@ -959,28 +898,28 @@ iolog_restart(RestartMessage *msg, struct connection_closure *closure) /* We use iolog_dir_fd in calls to openat(2) */ closure->iolog_dir_fd = - iolog_openat(AT_FDCWD, closure->evlog.iolog_path, O_RDONLY); + iolog_openat(AT_FDCWD, evlog->iolog_path, O_RDONLY); if (closure->iolog_dir_fd == -1) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "%s", closure->evlog.iolog_path); + "%s", evlog->iolog_path); goto bad; } /* If the timing file write bit is clear, log is already complete. */ if (fstatat(closure->iolog_dir_fd, "timing", &sb, 0) == -1) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, - "unable to stat %s/timing", closure->evlog.iolog_path); + "unable to stat %s/timing", evlog->iolog_path); goto bad; } if (!ISSET(sb.st_mode, S_IWUSR)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "%s already complete", closure->evlog.iolog_path); + "%s already complete", evlog->iolog_path); closure->errstr = _("log is already complete, cannot be restarted"); goto bad; } /* Open existing I/O log files. */ - if (!iolog_open_all(closure->iolog_dir_fd, closure->evlog.iolog_path, + if (!iolog_open_all(closure->iolog_dir_fd, evlog->iolog_path, closure->iolog_files, "r+")) goto bad; @@ -991,7 +930,7 @@ iolog_restart(RestartMessage *msg, struct connection_closure *closure) } /* Parse timing file until we reach the target point. */ - if (!iolog_seekto(closure->iolog_dir_fd, closure->evlog.iolog_path, + if (!iolog_seekto(closure->iolog_dir_fd, evlog->iolog_path, closure->iolog_files, &closure->elapsed_time, &target)) goto bad; @@ -1033,6 +972,7 @@ update_elapsed_time(TimeSpec *delta, struct timespec *elapsed) int store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure) { + const struct eventlog *evlog = closure->evlog; const char *errstr; char tbuf[1024]; int len; @@ -1059,7 +999,7 @@ store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure) if (!iolog_write(&closure->iolog_files[iofd], msg->data.data, msg->data.len, &errstr)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to write to %s/%s: %s", closure->evlog.iolog_path, + "unable to write to %s/%s: %s", evlog->iolog_path, iolog_fd_to_name(iofd), errstr); debug_return_int(-1); } @@ -1068,7 +1008,7 @@ store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure) if (!iolog_write(&closure->iolog_files[IOFD_TIMING], tbuf, len, &errstr)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to write to %s/%s: %s", closure->evlog.iolog_path, + "unable to write to %s/%s: %s", evlog->iolog_path, iolog_fd_to_name(IOFD_TIMING), errstr); debug_return_int(-1); } @@ -1081,6 +1021,7 @@ store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure) int store_suspend(CommandSuspend *msg, struct connection_closure *closure) { + const struct eventlog *evlog = closure->evlog; const char *errstr; char tbuf[1024]; int len; @@ -1101,7 +1042,7 @@ store_suspend(CommandSuspend *msg, struct connection_closure *closure) if (!iolog_write(&closure->iolog_files[IOFD_TIMING], tbuf, len, &errstr)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to write to %s/%s: %s", closure->evlog.iolog_path, + "unable to write to %s/%s: %s", evlog->iolog_path, iolog_fd_to_name(IOFD_TIMING), errstr); debug_return_int(-1); } @@ -1114,6 +1055,7 @@ store_suspend(CommandSuspend *msg, struct connection_closure *closure) int store_winsize(ChangeWindowSize *msg, struct connection_closure *closure) { + const struct eventlog *evlog = closure->evlog; const char *errstr; char tbuf[1024]; int len; @@ -1133,7 +1075,7 @@ store_winsize(ChangeWindowSize *msg, struct connection_closure *closure) if (!iolog_write(&closure->iolog_files[IOFD_TIMING], tbuf, len, &errstr)) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "unable to write to %s/%s: %s", closure->evlog.iolog_path, + "unable to write to %s/%s: %s", evlog->iolog_path, iolog_fd_to_name(IOFD_TIMING), errstr); debug_return_int(-1); } diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c index e40a4fd72..540db94d9 100644 --- a/logsrvd/logsrvd.c +++ b/logsrvd/logsrvd.c @@ -119,7 +119,7 @@ connection_closure_free(struct connection_closure *closure) #if defined(HAVE_OPENSSL) sudo_ev_free(closure->ssl_accept_ev); #endif - evlog_free(&closure->evlog); + eventlog_free(closure->evlog); free(closure->read_buf.data); free(closure->write_buf.data); free(closure); @@ -300,8 +300,8 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure) } sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received AcceptMessage", __func__); - if (!evlog_fill(&closure->evlog, msg->submit_time, msg->info_msgs, - msg->n_info_msgs)) { + closure->evlog = evlog_new(msg->submit_time, msg->info_msgs, msg->n_info_msgs); + if (closure->evlog == NULL) { closure->errstr = _("error parsing AcceptMessage"); debug_return_bool(false); } @@ -315,7 +315,7 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure) closure->log_io = true; } - if (!eventlog_accept(&closure->evlog, &closure->evlog.submit_time, + if (!eventlog_accept(closure->evlog, &closure->evlog->submit_time, logsrvd_json_log_cb, &info)) { closure->errstr = _("error logging accept event"); debug_return_bool(false); @@ -327,7 +327,7 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure) } /* Send log ID to client for restarting connections. */ - if (!fmt_log_id_message(closure->evlog.iolog_path, &closure->write_buf)) + if (!fmt_log_id_message(closure->evlog->iolog_path, &closure->write_buf)) debug_return_bool(false); if (sudo_ev_add(closure->evbase, closure->write_ev, logsrvd_conf_get_sock_timeout(), false) == -1) { @@ -366,14 +366,15 @@ handle_reject(RejectMessage *msg, struct connection_closure *closure) } sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received RejectMessage", __func__); - if (!evlog_fill(&closure->evlog, msg->submit_time, msg->info_msgs, - msg->n_info_msgs)) { + closure->evlog = evlog_new(msg->submit_time, msg->info_msgs, + msg->n_info_msgs); + if (closure->evlog == NULL) { closure->errstr = _("error parsing RejectMessage"); debug_return_bool(false); } - if (!eventlog_reject(&closure->evlog, msg->reason, - &closure->evlog.submit_time, logsrvd_json_log_cb, &info)) { + if (!eventlog_reject(closure->evlog, msg->reason, + &closure->evlog->submit_time, logsrvd_json_log_cb, &info)) { closure->errstr = _("error logging reject event"); debug_return_bool(false); } @@ -491,7 +492,7 @@ handle_alert(AlertMessage *msg, struct connection_closure *closure) alert_time.tv_sec = msg->alert_time->tv_sec; alert_time.tv_nsec = msg->alert_time->tv_nsec; - if (!eventlog_alert(&closure->evlog, &alert_time, msg->reason)) { + if (!eventlog_alert(closure->evlog, &alert_time, msg->reason)) { closure->errstr = _("error logging alert event"); debug_return_bool(false); } diff --git a/logsrvd/logsrvd.h b/logsrvd/logsrvd.h index c06b965cf..5c8a8b173 100644 --- a/logsrvd/logsrvd.h +++ b/logsrvd/logsrvd.h @@ -58,7 +58,7 @@ enum connection_status { */ struct connection_closure { TAILQ_ENTRY(connection_closure) entries; - struct eventlog evlog; + struct eventlog *evlog; struct timespec elapsed_time; struct connection_buffer read_buf; struct connection_buffer write_buf; @@ -137,14 +137,13 @@ struct logsrvd_tls_runtime { #endif /* iolog_writer.c */ -bool evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen); +struct eventlog *evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen); bool iolog_init(AcceptMessage *msg, struct connection_closure *closure); bool iolog_restart(RestartMessage *msg, struct connection_closure *closure); int store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure); int store_suspend(CommandSuspend *msg, struct connection_closure *closure); int store_winsize(ChangeWindowSize *msg, struct connection_closure *closure); void iolog_close_all(struct connection_closure *closure); -void evlog_free(struct eventlog *evlog); /* logsrvd_conf.c */ bool logsrvd_conf_read(const char *path); diff --git a/logsrvd/sendlog.c b/logsrvd/sendlog.c index 993fa0492..84e390f3a 100644 --- a/logsrvd/sendlog.c +++ b/logsrvd/sendlog.c @@ -63,6 +63,7 @@ #include "sudo_conf.h" #include "sudo_debug.h" #include "sudo_event.h" +#include "sudo_eventlog.h" #include "sudo_fatal.h" #include "sudo_gettext.h" #include "sudo_iolog.h" @@ -366,7 +367,7 @@ free_info_messages(InfoMessage **info_msgs, size_t n_info_msgs) } static InfoMessage ** -fmt_info_messages(struct iolog_info *log_info, char *hostname, +fmt_info_messages(const struct eventlog *evlog, char *hostname, size_t *n_info_msgs) { InfoMessage **info_msgs = NULL; @@ -379,7 +380,7 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname, if (runargv == NULL) goto oom; info_message__string_list__init(runargv); - runargv->strings = split_command(log_info->cmd, &runargv->n_strings); + runargv->strings = split_command(evlog->command, &runargv->n_strings); if (runargv->strings == NULL) goto oom; @@ -398,17 +399,17 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname, /* Fill in info_msgs */ n = 0; info_msgs[n]->key = "command"; - info_msgs[n]->u.strval = log_info->cmd; + info_msgs[n]->u.strval = evlog->command; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL; n++; info_msgs[n]->key = "columns"; - info_msgs[n]->u.numval = log_info->cols; + info_msgs[n]->u.numval = evlog->columns; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_NUMVAL; n++; info_msgs[n]->key = "lines"; - info_msgs[n]->u.numval = log_info->lines; + info_msgs[n]->u.numval = evlog->lines; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_NUMVAL; n++; @@ -418,20 +419,20 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname, runargv = NULL; n++; - if (log_info->runas_group != NULL) { + if (evlog->rungroup != NULL) { info_msgs[n]->key = "rungroup"; - info_msgs[n]->u.strval = log_info->runas_group; + info_msgs[n]->u.strval = evlog->rungroup; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL; n++; } info_msgs[n]->key = "runuser"; - info_msgs[n]->u.strval = log_info->runas_user; + info_msgs[n]->u.strval = evlog->runuser; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL; n++; info_msgs[n]->key = "submitcwd"; - info_msgs[n]->u.strval = log_info->cwd; + info_msgs[n]->u.strval = evlog->cwd; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL; n++; @@ -441,12 +442,12 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname, n++; info_msgs[n]->key = "submituser"; - info_msgs[n]->u.strval = log_info->user; + info_msgs[n]->u.strval = evlog->submituser; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL; n++; info_msgs[n]->key = "ttyname"; - info_msgs[n]->u.strval = log_info->tty; + info_msgs[n]->u.strval = evlog->ttyname; info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL; n++; @@ -496,14 +497,14 @@ fmt_reject_message(struct client_closure *closure) } /* Sudo I/O logs only store start time in seconds. */ - tv.tv_sec = closure->log_info->tstamp.tv_sec; - tv.tv_nsec = closure->log_info->tstamp.tv_nsec; + tv.tv_sec = closure->evlog->submit_time.tv_sec; + tv.tv_nsec = closure->evlog->submit_time.tv_nsec; reject_msg.submit_time = &tv; /* Why the command was rejected. */ reject_msg.reason = closure->reject_reason; - reject_msg.info_msgs = fmt_info_messages(closure->log_info, hostname, + reject_msg.info_msgs = fmt_info_messages(closure->evlog, hostname, &n_info_msgs); if (reject_msg.info_msgs == NULL) goto done; @@ -555,14 +556,14 @@ fmt_accept_message(struct client_closure *closure) } /* Sudo I/O logs only store start time in seconds. */ - tv.tv_sec = closure->log_info->tstamp.tv_sec; - tv.tv_nsec = closure->log_info->tstamp.tv_nsec; + tv.tv_sec = closure->evlog->submit_time.tv_sec; + tv.tv_nsec = closure->evlog->submit_time.tv_nsec; accept_msg.submit_time = &tv; /* Client will send IoBuffer messages. */ accept_msg.expect_iobufs = !closure->accept_only; - accept_msg.info_msgs = fmt_info_messages(closure->log_info, hostname, + accept_msg.info_msgs = fmt_info_messages(closure->evlog, hostname, &n_info_msgs); if (accept_msg.info_msgs == NULL) goto done; @@ -1581,7 +1582,7 @@ client_closure_free(struct client_closure *closure) static struct client_closure * client_closure_alloc(int sock, struct sudo_event_base *base, struct timespec *elapsed, struct timespec *restart, const char *iolog_id, - char *reject_reason, bool accept_only, struct iolog_info *log_info) + char *reject_reason, bool accept_only, struct eventlog *evlog) { struct client_closure *closure; debug_decl(client_closure_alloc, SUDO_DEBUG_UTIL); @@ -1597,7 +1598,7 @@ client_closure_alloc(int sock, struct sudo_event_base *base, closure->state = RECV_HELLO; closure->accept_only = accept_only; closure->reject_reason = reject_reason; - closure->log_info = log_info; + closure->evlog = evlog; closure->elapsed.tv_sec = elapsed->tv_sec; closure->elapsed.tv_nsec = elapsed->tv_nsec; @@ -1667,7 +1668,7 @@ main(int argc, char *argv[]) { struct client_closure *closure = NULL; struct sudo_event_base *evbase; - struct iolog_info *log_info; + struct eventlog *evlog; const char *port = NULL; struct timespec restart = { 0, 0 }; struct timespec elapsed = { 0, 0 }; @@ -1791,7 +1792,7 @@ main(int argc, char *argv[]) } /* Parse I/O log info file. */ - if ((log_info = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL) + if ((evlog = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL) goto bad; if ((evbase = sudo_ev_base_alloc()) == NULL) @@ -1809,7 +1810,7 @@ main(int argc, char *argv[]) printf("Connected to %s:%s\n", server_name, port); closure = client_closure_alloc(sock, evbase, &elapsed, &restart, - iolog_id, reject_reason, accept_only, log_info); + iolog_id, reject_reason, accept_only, evlog); if (closure == NULL) goto bad; @@ -1860,7 +1861,7 @@ main(int argc, char *argv[]) } client_closure_free(closure); } - iolog_free_loginfo(log_info); + eventlog_free(evlog); #if defined(HAVE_OPENSSL) SSL_CTX_free(ssl_ctx); #endif diff --git a/logsrvd/sendlog.h b/logsrvd/sendlog.h index 0a7a22002..0262cbb87 100644 --- a/logsrvd/sendlog.h +++ b/logsrvd/sendlog.h @@ -64,7 +64,7 @@ struct client_closure { #endif struct sudo_event *read_ev; struct sudo_event *write_ev; - struct iolog_info *log_info; + struct eventlog *evlog; struct iolog_file iolog_files[IOFD_MAX]; const char *iolog_id; char *reject_reason; diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in index 132730949..7e974a228 100644 --- a/plugins/sudoers/Makefile.in +++ b/plugins/sudoers/Makefile.in @@ -55,13 +55,14 @@ INSTALL_OWNER = -o $(install_uid) -g $(install_gid) INSTALL_BACKUP = @INSTALL_BACKUP@ # Libraries -LIBUTIL = $(top_builddir)/lib/util/libsudo_util.la +LIBEVENTLOG = $(top_builddir)/lib/eventlog/libsudo_eventlog.la LIBIOLOG = $(top_builddir)/lib/iolog/libsudo_iolog.la LIBLOGSRV = @LIBLOGSRV@ +LIBUTIL = $(top_builddir)/lib/util/libsudo_util.la LIBS = $(LIBUTIL) NET_LIBS = @NET_LIBS@ SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ @LIBTLS@ $(NET_LIBS) $(LIBIOLOG) $(LIBLOGSRV) -REPLAY_LIBS = @REPLAY_LIBS@ $(LIBIOLOG) +REPLAY_LIBS = @REPLAY_LIBS@ $(LIBEVENTLOG) $(LIBIOLOG) VISUDO_LIBS = $(NET_LIBS) CVTSUDOERS_LIBS = $(NET_LIBS) TESTSUDOERS_LIBS = $(NET_LIBS) @@ -321,7 +322,7 @@ check_hexchar: $(CHECK_HEXCHAR_OBJS) $(LIBUTIL) $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_HEXCHAR_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) check_iolog_plugin: $(CHECK_IOLOG_PLUGIN_OBJS) $(LIBUTIL) $(LIBIOLOG) $(LIBLOGSRV) - $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PLUGIN_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBIOLOG) $(LIBLOGSRV) @LIBTLS@ + $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PLUGIN_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBIOLOG) $(LIBEVENTLOG) $(LIBLOGSRV) @LIBTLS@ check_starttime: $(CHECK_STARTTIME_OBJS) $(LIBUTIL) $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_STARTTIME_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @@ -967,25 +968,27 @@ check_iolog_plugin.o: $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c \ $(devdir)/def_data.c $(devdir)/def_data.h \ $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ - $(srcdir)/defaults.h $(srcdir)/logging.h \ - $(srcdir)/parse.h $(srcdir)/sudo_nss.h \ - $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \ - $(top_builddir)/config.h $(top_builddir)/pathnames.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ + $(incdir)/sudo_util.h $(srcdir)/defaults.h \ + $(srcdir)/logging.h $(srcdir)/parse.h \ + $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \ + $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \ + $(top_builddir)/pathnames.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c check_iolog_plugin.i: $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c \ $(devdir)/def_data.c $(devdir)/def_data.h \ $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ - $(srcdir)/defaults.h $(srcdir)/logging.h \ - $(srcdir)/parse.h $(srcdir)/sudo_nss.h \ - $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \ - $(top_builddir)/config.h $(top_builddir)/pathnames.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ + $(incdir)/sudo_util.h $(srcdir)/defaults.h \ + $(srcdir)/logging.h $(srcdir)/parse.h \ + $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \ + $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \ + $(top_builddir)/pathnames.h $(CC) -E -o $@ $(CPPFLAGS) $< check_iolog_plugin.plog: check_iolog_plugin.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c --i-file $< --output-file $@ @@ -1570,24 +1573,24 @@ interfaces.plog: interfaces.i iolog.lo: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \ $(incdir)/log_server.pb-c.h $(incdir)/protobuf-c/protobuf-c.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \ - $(srcdir)/iolog_plugin.h $(srcdir)/logging.h $(srcdir)/parse.h \ - $(srcdir)/strlist.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \ - $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \ - $(top_builddir)/pathnames.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ + $(srcdir)/defaults.h $(srcdir)/iolog_plugin.h $(srcdir)/logging.h \ + $(srcdir)/parse.h $(srcdir)/strlist.h $(srcdir)/sudo_nss.h \ + $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \ + $(top_builddir)/config.h $(top_builddir)/pathnames.h $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog.c iolog.i: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \ $(incdir)/log_server.pb-c.h $(incdir)/protobuf-c/protobuf-c.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ - $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ - $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \ - $(srcdir)/iolog_plugin.h $(srcdir)/logging.h $(srcdir)/parse.h \ - $(srcdir)/strlist.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \ - $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \ - $(top_builddir)/pathnames.h + $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \ + $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ + $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \ + $(srcdir)/defaults.h $(srcdir)/iolog_plugin.h $(srcdir)/logging.h \ + $(srcdir)/parse.h $(srcdir)/strlist.h $(srcdir)/sudo_nss.h \ + $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \ + $(top_builddir)/config.h $(top_builddir)/pathnames.h $(CC) -E -o $@ $(CPPFLAGS) $< iolog.plog: iolog.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog.c --i-file $< --output-file $@ @@ -2462,19 +2465,19 @@ sudoers_debug.plog: sudoers_debug.i sudoreplay.o: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \ $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \ - $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ - $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ - $(incdir)/sudo_util.h $(srcdir)/logging.h \ + $(incdir)/sudo_event.h $(incdir)/sudo_eventlog.h \ + $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ + $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ + $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/logging.h \ $(top_builddir)/config.h $(top_builddir)/pathnames.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoreplay.c sudoreplay.i: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \ $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ - $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \ - $(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \ - $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \ - $(incdir)/sudo_util.h $(srcdir)/logging.h \ + $(incdir)/sudo_event.h $(incdir)/sudo_eventlog.h \ + $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \ + $(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \ + $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/logging.h \ $(top_builddir)/config.h $(top_builddir)/pathnames.h $(CC) -E -o $@ $(CPPFLAGS) $< sudoreplay.plog: sudoreplay.i diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c index c4efad178..1a467748a 100644 --- a/plugins/sudoers/iolog.c +++ b/plugins/sudoers/iolog.c @@ -40,6 +40,7 @@ #include #include "sudoers.h" +#include "sudo_eventlog.h" #include "sudo_iolog.h" #include "iolog_plugin.h" @@ -498,31 +499,32 @@ oom: * This file is not compressed. */ static bool -write_info_log(int dfd, char *iolog_dir, struct iolog_details *details) +write_info_log(int dfd, char *iolog_path, struct iolog_details *details) { - struct iolog_info iolog_info; + struct eventlog evlog; debug_decl(write_info_log, SUDOERS_DEBUG_UTIL); - /* XXX - just use iolog_info in the first place? */ - memset(&iolog_info, 0, sizeof(iolog_info)); - iolog_info.cwd = (char *)details->cwd; - iolog_info.user = (char *)details->user; - iolog_info.runchroot = (char *)details->runchroot; - iolog_info.runcwd = (char *)details->runcwd; - iolog_info.runas_user = details->runas_pw->pw_name; - iolog_info.runas_group = details->runas_gr ? details->runas_gr->gr_name: NULL; - iolog_info.tty = (char *)details->tty; - iolog_info.cmd = (char *)details->command; - iolog_info.host = (char *)details->host; - sudo_gettime_real(&iolog_info.tstamp); - iolog_info.lines = details->lines; - iolog_info.cols = details->cols; - iolog_info.runas_uid = details->runas_pw->pw_uid; - iolog_info.runas_gid = details->runas_gr ? details->runas_gr->gr_gid: (gid_t)-1; - iolog_info.argv = (char **)details->argv; - iolog_info.envp = (char **)details->user_env; + /* XXX - just use eventlog in the first place? */ + memset(&evlog, 0, sizeof(evlog)); + evlog.cwd = (char *)details->cwd; + evlog.iolog_path = iolog_path; + evlog.submituser = (char *)details->user; + evlog.runchroot = (char *)details->runchroot; + evlog.runcwd = (char *)details->runcwd; + evlog.runuser = details->runas_pw->pw_name; + evlog.rungroup = details->runas_gr ? details->runas_gr->gr_name: NULL; + evlog.ttyname = (char *)details->tty; + evlog.command = (char *)details->command; + evlog.submithost = (char *)details->host; + sudo_gettime_real(&evlog.submit_time); + evlog.lines = details->lines; + evlog.columns = details->cols; + evlog.runuid = details->runas_pw->pw_uid; + evlog.rungid = details->runas_gr ? details->runas_gr->gr_gid: (gid_t)-1; + evlog.argv = (char **)details->argv; + evlog.envp = (char **)details->user_env; - if (!iolog_write_info_file(dfd, iolog_dir, &iolog_info)) { + if (!iolog_write_info_file(dfd, &evlog)) { log_warningx(SLOG_SEND_MAIL, N_("unable to write to I/O log file: %s"), strerror(errno)); warned = true; diff --git a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c index 492b845ba..1d21a4d21 100644 --- a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c +++ b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c @@ -28,8 +28,9 @@ #define SUDO_ERROR_WRAP 0 #include "sudoers.h" -#include "sudo_plugin.h" +#include "sudo_eventlog.h" #include "sudo_iolog.h" +#include "sudo_plugin.h" #include /* for iolog_path.c */ @@ -78,77 +79,77 @@ sudo_printf_int(int msg_type, const char *fmt, ...) static bool validate_iolog_info(const char *log_dir, bool legacy) { - struct iolog_info *info; + struct eventlog *evlog; time_t now; time(&now); /* Parse log file. */ - if ((info = iolog_parse_loginfo(-1, log_dir)) == NULL) + if ((evlog = iolog_parse_loginfo(-1, log_dir)) == NULL) return false; - if (info->cwd == NULL || strcmp(info->cwd, "/") != 0) { + if (evlog->cwd == NULL || strcmp(evlog->cwd, "/") != 0) { sudo_warnx("bad cwd: want \"/\", got \"%s\"", - info->cwd ? info->cwd : "NULL"); + evlog->cwd ? evlog->cwd : "NULL"); return false; } /* No host in the legacy log file. */ if (!legacy) { - if (info->host == NULL || strcmp(info->host, "localhost") != 0) { + if (evlog->submithost == NULL || strcmp(evlog->submithost, "localhost") != 0) { sudo_warnx("bad host: want \"localhost\", got \"%s\"", - info->host ? info->host : "NULL"); + evlog->submithost ? evlog->submithost : "NULL"); return false; } } - if (info->user == NULL || strcmp(info->user, "nobody") != 0) { + if (evlog->submituser == NULL || strcmp(evlog->submituser, "nobody") != 0) { sudo_warnx("bad user: want \"nobody\" got \"%s\"", - info->user ? info->user : "NULL"); + evlog->submituser ? evlog->submituser : "NULL"); return false; } - if (info->runas_user == NULL || strcmp(info->runas_user, "root") != 0) { - sudo_warnx("bad runas_user: want \"root\" got \"%s\"", - info->runas_user ? info->runas_user : "NULL"); + if (evlog->runuser == NULL || strcmp(evlog->runuser, "root") != 0) { + sudo_warnx("bad runuser: want \"root\" got \"%s\"", + evlog->runuser ? evlog->runuser : "NULL"); return false; } /* No runas group specified, should be NULL. */ - if (info->runas_group != NULL) { - sudo_warnx("bad runas_group: want \"\" got \"%s\"", info->runas_group); + if (evlog->rungroup != NULL) { + sudo_warnx("bad rungroup: want \"\" got \"%s\"", evlog->rungroup); return false; } - if (info->tty == NULL || strcmp(info->tty, "/dev/console") != 0) { + if (evlog->ttyname == NULL || strcmp(evlog->ttyname, "/dev/console") != 0) { sudo_warnx("bad tty: want \"/dev/console\" got \"%s\"", - info->tty ? info->tty : "NULL"); + evlog->ttyname ? evlog->ttyname : "NULL"); return false; } - if (info->cmd == NULL || strcmp(info->cmd, "/usr/bin/id") != 0) { + if (evlog->command == NULL || strcmp(evlog->command, "/usr/bin/id") != 0) { sudo_warnx("bad command: want \"/usr/bin/id\" got \"%s\"", - info->cmd ? info->cmd : "NULL"); + evlog->command ? evlog->command : "NULL"); return false; } - if (info->lines != 24) { - sudo_warnx("bad lines: want 24 got %d", info->lines); + if (evlog->lines != 24) { + sudo_warnx("bad lines: want 24 got %d", evlog->lines); return false; } - if (info->cols != 80) { - sudo_warnx("bad cols: want 80 got %d", info->cols); + if (evlog->columns != 80) { + sudo_warnx("bad columns: want 80 got %d", evlog->columns); return false; } - if (info->tstamp.tv_sec < now - 10 || info->tstamp.tv_sec > now + 10) { - sudo_warnx("bad tstamp: want %lld got %lld", (long long)now, - (long long)info->tstamp.tv_sec); + if (evlog->submit_time.tv_sec < now - 10 || evlog->submit_time.tv_sec > now + 10) { + sudo_warnx("bad submit_time: want %lld got %lld", (long long)now, + (long long)evlog->submit_time.tv_sec); return false; } - iolog_free_loginfo(info); + eventlog_free(evlog); return true; } diff --git a/plugins/sudoers/sudoreplay.c b/plugins/sudoers/sudoreplay.c index f83a33d5b..3d9495458 100644 --- a/plugins/sudoers/sudoreplay.c +++ b/plugins/sudoers/sudoreplay.c @@ -61,6 +61,7 @@ #include "sudo_conf.h" #include "sudo_debug.h" #include "sudo_event.h" +#include "sudo_eventlog.h" #include "sudo_fatal.h" #include "sudo_gettext.h" #include "sudo_iolog.h" @@ -181,7 +182,7 @@ static void sudoreplay_cleanup(void); static void usage(int); static void write_output(int fd, int what, void *v); static void restore_terminal_size(void); -static void setup_terminal(struct iolog_info *li, bool interactive, bool resize); +static void setup_terminal(struct eventlog *evlog, bool interactive, bool resize); #define VALID_ID(s) (isalnum((unsigned char)(s)[0]) && \ isalnum((unsigned char)(s)[1]) && isalnum((unsigned char)(s)[2]) && \ @@ -206,7 +207,7 @@ main(int argc, char *argv[]) bool interactive = true, suspend_wait = false, resize = true; const char *decimal, *id, *user = NULL, *pattern = NULL, *tty = NULL; char *cp, *ep, iolog_dir[PATH_MAX]; - struct iolog_info *li; + struct eventlog *evlog; struct timespec max_delay_storage, *max_delay = NULL; double dval; debug_decl(main, SUDO_DEBUG_MAIN); @@ -359,20 +360,20 @@ main(int argc, char *argv[]) } /* Parse log file. */ - if ((li = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL) + if ((evlog = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL) goto done; - printf(_("Replaying sudo session: %s"), li->cmd); + printf(_("Replaying sudo session: %s"), evlog->command); /* Setup terminal if appropriate. */ if (!isatty(STDIN_FILENO) || !isatty(STDOUT_FILENO)) interactive = false; - setup_terminal(li, interactive, resize); + setup_terminal(evlog, interactive, resize); putchar('\r'); putchar('\n'); /* Done with parsed log file. */ - iolog_free_loginfo(li); - li = NULL; + eventlog_free(evlog); + evlog = NULL; /* Replay session corresponding to iolog_files[]. */ exitcode = replay_session(iolog_dir_fd, iolog_dir, max_delay, decimal, @@ -611,7 +612,7 @@ done: } static void -setup_terminal(struct iolog_info *li, bool interactive, bool resize) +setup_terminal(struct eventlog *evlog, bool interactive, bool resize) { const char *term; debug_decl(check_terminal, SUDO_DEBUG_UTIL); @@ -629,7 +630,7 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize) } /* Find terminal size if the session has size info. */ - if (li->lines == 0 && li->cols == 0) { + if (evlog->lines == 0 && evlog->columns == 0) { /* no tty size info, hope for the best... */ debug_return; } @@ -655,17 +656,17 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize) sudo_get_ttysize(&terminal_lines, &terminal_cols); } - if (li->lines == terminal_lines && li->cols == terminal_cols) { + if (evlog->lines == terminal_lines && evlog->columns == terminal_cols) { /* nothing to change */ debug_return; } if (terminal_can_resize) { /* session terminal size is different, try to resize ours */ - if (xterm_set_size(li->lines, li->cols)) { + if (xterm_set_size(evlog->lines, evlog->columns)) { /* success */ sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "resized terminal to %d x %x", li->lines, li->cols); + "resized terminal to %d x %x", evlog->lines, evlog->columns); terminal_was_resized = true; debug_return; } @@ -673,9 +674,9 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize) terminal_can_resize = false; } - if (li->lines > terminal_lines || li->cols > terminal_cols) { + if (evlog->lines > terminal_lines || evlog->columns > terminal_cols) { fputs(_("Warning: your terminal is too small to properly replay the log.\n"), stdout); - printf(_("Log geometry is %d x %d, your terminal's geometry is %d x %d."), li->lines, li->cols, terminal_lines, terminal_cols); + printf(_("Log geometry is %d x %d, your terminal's geometry is %d x %d."), evlog->lines, evlog->columns, terminal_lines, terminal_cols); } debug_return; } @@ -1291,7 +1292,7 @@ parse_expr(struct search_node_list *head, char *argv[], bool sub_expr) } static bool -match_expr(struct search_node_list *head, struct iolog_info *log, bool last_match) +match_expr(struct search_node_list *head, struct eventlog *evlog, bool last_match) { struct search_node *sn; bool res = false, matched = last_match; @@ -1301,34 +1302,34 @@ match_expr(struct search_node_list *head, struct iolog_info *log, bool last_matc STAILQ_FOREACH(sn, head, entries) { switch (sn->type) { case ST_EXPR: - res = match_expr(&sn->u.expr, log, matched); + res = match_expr(&sn->u.expr, evlog, matched); break; case ST_CWD: - if (log->cwd != NULL) - res = strcmp(sn->u.cwd, log->cwd) == 0; + if (evlog->cwd != NULL) + res = strcmp(sn->u.cwd, evlog->cwd) == 0; break; case ST_HOST: - if (log->host != NULL) - res = strcmp(sn->u.host, log->host) == 0; + if (evlog->submithost != NULL) + res = strcmp(sn->u.host, evlog->submithost) == 0; break; case ST_TTY: - if (log->tty != NULL) - res = strcmp(sn->u.tty, log->tty) == 0; + if (evlog->ttyname != NULL) + res = strcmp(sn->u.tty, evlog->ttyname) == 0; break; case ST_RUNASGROUP: - if (log->runas_group != NULL) - res = strcmp(sn->u.runas_group, log->runas_group) == 0; + if (evlog->rungroup != NULL) + res = strcmp(sn->u.runas_group, evlog->rungroup) == 0; break; case ST_RUNASUSER: - if (log->runas_user != NULL) - res = strcmp(sn->u.runas_user, log->runas_user) == 0; + if (evlog->runuser != NULL) + res = strcmp(sn->u.runas_user, evlog->runuser) == 0; break; case ST_USER: - if (log->user != NULL) - res = strcmp(sn->u.user, log->user) == 0; + if (evlog->submituser != NULL) + res = strcmp(sn->u.user, evlog->submituser) == 0; break; case ST_PATTERN: - rc = regexec(&sn->u.cmdre, log->cmd, 0, NULL, 0); + rc = regexec(&sn->u.cmdre, evlog->command, 0, NULL, 0); if (rc && rc != REG_NOMATCH) { char buf[BUFSIZ]; regerror(rc, &sn->u.cmdre, buf, sizeof(buf)); @@ -1337,10 +1338,10 @@ match_expr(struct search_node_list *head, struct iolog_info *log, bool last_matc res = rc == REG_NOMATCH ? 0 : 1; break; case ST_FROMDATE: - res = sudo_timespeccmp(&log->tstamp, &sn->u.tstamp, >=); + res = sudo_timespeccmp(&evlog->submit_time, &sn->u.tstamp, >=); break; case ST_TODATE: - res = sudo_timespeccmp(&log->tstamp, &sn->u.tstamp, <=); + res = sudo_timespeccmp(&evlog->submit_time, &sn->u.tstamp, <=); break; default: sudo_fatalx(U_("unknown search type %d"), sn->type); @@ -1358,16 +1359,16 @@ static int list_session(char *log_dir, regex_t *re, const char *user, const char *tty) { char idbuf[7], *idstr, *cp; - struct iolog_info *li = NULL; + struct eventlog *evlog = NULL; const char *timestr; int ret = -1; debug_decl(list_session, SUDO_DEBUG_UTIL); - if ((li = iolog_parse_loginfo(-1, log_dir)) == NULL) + if ((evlog = iolog_parse_loginfo(-1, log_dir)) == NULL) goto done; /* Match on search expression if there is one. */ - if (!STAILQ_EMPTY(&search_expr) && !match_expr(&search_expr, li, true)) + if (!STAILQ_EMPTY(&search_expr) && !match_expr(&search_expr, evlog, true)) goto done; /* Convert from /var/log/sudo-sessions/00/00/01 to 000001 */ @@ -1386,20 +1387,20 @@ list_session(char *log_dir, regex_t *re, const char *user, const char *tty) idstr = cp; } /* XXX - print lines + cols? */ - timestr = get_timestr(li->tstamp.tv_sec, 1); + timestr = get_timestr(evlog->submit_time.tv_sec, 1); printf("%s : %s : TTY=%s ; CWD=%s ; USER=%s ; ", timestr ? timestr : "invalid date", - li->user, li->tty, li->cwd, li->runas_user); - if (li->runas_group) - printf("GROUP=%s ; ", li->runas_group); - if (li->host) - printf("HOST=%s ; ", li->host); - printf("TSID=%s ; COMMAND=%s\n", idstr, li->cmd); + evlog->submituser, evlog->ttyname, evlog->cwd, evlog->runuser); + if (evlog->rungroup) + printf("GROUP=%s ; ", evlog->rungroup); + if (evlog->submithost) + printf("HOST=%s ; ", evlog->submithost); + printf("TSID=%s ; COMMAND=%s\n", idstr, evlog->command); ret = 0; done: - iolog_free_loginfo(li); + eventlog_free(evlog); debug_return_int(ret); }