isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use struct eventlog in place of struct iolog_info.

Browse Source
This commit is contained in:
Todd C. Miller
2020-10-26 15:31:41 -06:00
parent b9aff696fb
commit db72498257
17 changed files with 430 additions and 491 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/sudo_eventlog.h
View File

@@ -91,5 +91,6 @@ bool eventlog_accept(const struct eventlog *details, struct timespec *submit_tim
bool eventlog_alert(const struct eventlog *details, struct timespec *alert_time, const char *reason);
bool eventlog_reject(const struct eventlog *details, const char *reason, struct timespec *submit_time, eventlog_json_callback_t info_cb, void *info);
bool eventlog_setconf(struct eventlog_config *conf);
void eventlog_free(struct eventlog *evlog);
#endif /* SUDO_EVENTLOG_H */

29
include/sudo_iolog.h
View File

@@ -56,28 +56,6 @@
#define IOFD_TIMING 5
#define IOFD_MAX 6
/*
* Info present in the I/O log file
*/
struct iolog_info {
char *cwd;
char *user;
char *runas_user;
char *runas_group;
char *runchroot;
char *runcwd;
char *tty;
char *cmd;
char *host;
struct timespec tstamp;
int lines;
int cols;
uid_t runas_uid;
gid_t runas_gid;
char **argv;
char **envp;
};
struct timing_closure {
struct timespec delay;
const char *decimal;
@@ -121,10 +99,9 @@ bool expand_iolog_path(const char *inpath, char *path, size_t pathlen, const str
bool iolog_parse_timing(const char *line, struct timing_closure *timing);
char *iolog_parse_delay(const char *cp, struct timespec *delay, const char *decimal_point);
int iolog_read_timing_record(struct iolog_file *iol, struct timing_closure *timing);
struct iolog_info *iolog_parse_loginfo(int dfd, const char *iolog_dir);
bool iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct iolog_info *li);
struct eventlog *iolog_parse_loginfo(int dfd, const char *iolog_dir);
bool iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct eventlog *evlog);
void iolog_adjust_delay(struct timespec *delay, struct timespec *max_delay, double scale_factor);
void iolog_free_loginfo(struct iolog_info *li);
/* iolog_fileio.c */
struct passwd;
@@ -136,7 +113,7 @@ bool iolog_mkpath(char *path);
bool iolog_nextid(char *iolog_dir, char sessid[7]);
bool iolog_open(struct iolog_file *iol, int dfd, int iofd, const char *mode);
bool iolog_rename(const char *from, const char *to);
bool iolog_write_info_file(int dfd, const char *parent, struct iolog_info *log_info);
bool iolog_write_info_file(int dfd, struct eventlog *evlog);
char *iolog_gets(struct iolog_file *iol, char *buf, size_t nbytes, const char **errsttr);
const char *iolog_fd_to_name(int iofd);
int iolog_openat(int fdf, const char *path, int flags);

37
lib/eventlog/eventlog.c
View File

@@ -720,6 +720,43 @@ eventlog_alert(const struct eventlog *details, struct timespec *alert_time,
debug_return_bool(ret);
}
/*
* Free the strings in a struct eventlog.
*/
void
eventlog_free(struct eventlog *evlog)
{
int i;
debug_decl(eventlog_free, SUDO_DEBUG_UTIL);
if (evlog != NULL) {
free(evlog->iolog_path);
free(evlog->command);
free(evlog->cwd);
free(evlog->runchroot);
free(evlog->runcwd);
free(evlog->rungroup);
free(evlog->runuser);
free(evlog->submithost);
free(evlog->submituser);
free(evlog->submitgroup);
free(evlog->ttyname);
if (evlog->argv != NULL) {
for (i = 0; evlog->argv[i] != NULL; i++)
free(evlog->argv[i]);
free(evlog->argv);
}
if (evlog->envp != NULL) {
for (i = 0; evlog->envp[i] != NULL; i++)
free(evlog->envp[i]);
free(evlog->envp);
}
free(evlog);
}
debug_return;
}
/*
* Set eventlog config settings.
*/

42
lib/iolog/Makefile.in
View File

@@ -76,7 +76,7 @@ PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
# Regression tests
TEST_PROGS = check_iolog_json check_iolog_mkpath check_iolog_path check_iolog_util host_port_test
TEST_LIBS = @LIBS@
TEST_LIBS = @LIBS@ $(top_builddir)/lib/eventlog/libsudo_eventlog.la
TEST_LDFLAGS = @LDFLAGS@
# Set to non-empty for development mode
@@ -298,7 +298,7 @@ hostcheck.plog: hostcheck.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/hostcheck.c --i-file $< --output-file $@
iolog_fileio.lo: $(srcdir)/iolog_fileio.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_eventlog.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
@@ -307,7 +307,7 @@ iolog_fileio.lo: $(srcdir)/iolog_fileio.c $(incdir)/compat/stdbool.h \
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_fileio.c
iolog_fileio.i: $(srcdir)/iolog_fileio.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_eventlog.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
@@ -318,19 +318,19 @@ iolog_fileio.plog: iolog_fileio.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_fileio.c --i-file $< --output-file $@
iolog_json.lo: $(srcdir)/iolog_json.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/iolog_json.h \
$(top_builddir)/config.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/iolog_json.h $(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_json.c
iolog_json.i: $(srcdir)/iolog_json.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_json.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/iolog_json.h \
$(top_builddir)/config.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_json.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/iolog_json.h $(top_builddir)/config.h
$(CC) -E -o $@ $(CPPFLAGS) $<
iolog_json.plog: iolog_json.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_json.c --i-file $< --output-file $@
@@ -352,17 +352,17 @@ iolog_path.plog: iolog_path.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_path.c --i-file $< --output-file $@
iolog_util.lo: $(srcdir)/iolog_util.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_util.c
iolog_util.i: $(srcdir)/iolog_util.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(top_builddir)/config.h
$(CC) -E -o $@ $(CPPFLAGS) $<
iolog_util.plog: iolog_util.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog_util.c --i-file $< --output-file $@

101
lib/iolog/iolog_fileio.c
View File

@@ -41,7 +41,7 @@
#include "sudo_compat.h"
#include "sudo_conf.h"
#include "sudo_debug.h"
#include "sudo_event.h"
#include "sudo_eventlog.h"
#include "sudo_fatal.h"
#include "sudo_gettext.h"
#include "sudo_iolog.h"
@@ -887,8 +887,7 @@ iolog_gets(struct iolog_file *iol, char *buf, size_t nbytes,
* This file is not compressed.
*/
static bool
iolog_write_info_file_legacy(int dfd, const char *parent,
struct iolog_info *log_info)
iolog_write_info_file_legacy(int dfd, struct eventlog *evlog)
{
char * const *av;
FILE *fp;
@@ -898,7 +897,7 @@ iolog_write_info_file_legacy(int dfd, const char *parent,
fd = iolog_openat(dfd, "log", O_CREAT|O_TRUNC|O_WRONLY);
if (fd == -1 || (fp = fdopen(fd, "w")) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to open %s/log", parent);
"unable to open %s/log", evlog->iolog_path);
if (fd != -1)
close(fd);
debug_return_bool(false);
@@ -906,19 +905,19 @@ iolog_write_info_file_legacy(int dfd, const char *parent,
if (fchown(fd, iolog_uid, iolog_gid) != 0) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
"%s: unable to fchown %d:%d %s/log", __func__,
(int)iolog_uid, (int)iolog_gid, parent);
(int)iolog_uid, (int)iolog_gid, evlog->iolog_path);
}
fprintf(fp, "%lld:%s:%s:%s:%s:%d:%d\n%s\n",
(long long)log_info->tstamp.tv_sec,
log_info->user ? log_info->user : "unknown",
log_info->runas_user ? log_info->runas_user : RUNAS_DEFAULT,
log_info->runas_group ? log_info->runas_group : "",
log_info->tty ? log_info->tty : "unknown",
log_info->lines, log_info->cols,
log_info->cwd ? log_info->cwd : "unknown");
fputs(log_info->cmd ? log_info->cmd : "unknown", fp);
for (av = log_info->argv + 1; *av != NULL; av++) {
(long long)evlog->submit_time.tv_sec,
evlog->submituser ? evlog->submituser : "unknown",
evlog->runuser ? evlog->runuser : RUNAS_DEFAULT,
evlog->rungroup ? evlog->rungroup : "",
evlog->ttyname ? evlog->ttyname : "unknown",
evlog->lines, evlog->columns,
evlog->cwd ? evlog->cwd : "unknown");
fputs(evlog->command ? evlog->command : "unknown", fp);
for (av = evlog->argv + 1; *av != NULL; av++) {
fputc(' ', fp);
fputs(*av, fp);
}
@@ -926,7 +925,7 @@ iolog_write_info_file_legacy(int dfd, const char *parent,
fflush(fp);
if ((error = ferror(fp))) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to write to I/O log file %s/log", parent);
"unable to write to I/O log file %s/log", evlog->iolog_path);
}
fclose(fp);
@@ -938,7 +937,7 @@ iolog_write_info_file_legacy(int dfd, const char *parent,
* This file is not compressed.
*/
static bool
iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
iolog_write_info_file_json(int dfd, struct eventlog *evlog)
{
struct json_container json;
struct json_value json_value;
@@ -949,7 +948,8 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
char *cp;
debug_decl(iolog_write_info_file_json, SUDO_DEBUG_UTIL);
if (info->cmd == NULL || info->user == NULL || info->runas_user == NULL)
if (evlog->command == NULL || evlog->submituser == NULL ||
evlog->submituser == NULL)
debug_return_bool(false);
if (!sudo_json_init(&json, 4, false, false))
@@ -960,12 +960,12 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
goto oom;
json_value.type = JSON_NUMBER;
json_value.u.number = info->tstamp.tv_sec;
json_value.u.number = evlog->submit_time.tv_sec;
if (!sudo_json_add_value(&json, "seconds", &json_value))
goto oom;
json_value.type = JSON_NUMBER;
json_value.u.number = info->tstamp.tv_nsec;
json_value.u.number = evlog->submit_time.tv_nsec;
if (!sudo_json_add_value(&json, "nanoseconds", &json_value))
goto oom;
@@ -973,25 +973,25 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
goto oom;
json_value.type = JSON_NUMBER;
json_value.u.number = info->cols;
json_value.u.number = evlog->columns;
if (!sudo_json_add_value(&json, "columns", &json_value))
goto oom;
/* Required */
json_value.type = JSON_STRING;
json_value.u.string = info->cmd;
json_value.u.string = evlog->command;
if (!sudo_json_add_value(&json, "command", &json_value))
goto oom;
json_value.type = JSON_NUMBER;
json_value.u.number = info->lines;
json_value.u.number = evlog->lines;
if (!sudo_json_add_value(&json, "lines", &json_value))
goto oom;
if (info->argv != NULL) {
if (evlog->argv != NULL) {
if (!sudo_json_open_array(&json, "runargv"))
goto oom;
for (i = 0; (cp = info->argv[i]) != NULL; i++) {
for (i = 0; (cp = evlog->argv[i]) != NULL; i++) {
json_value.type = JSON_STRING;
json_value.u.string = cp;
if (!sudo_json_add_value(&json, NULL, &json_value))
@@ -1001,10 +1001,10 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
goto oom;
}
if (info->envp != NULL) {
if (evlog->envp != NULL) {
if (!sudo_json_open_array(&json, "runenv"))
goto oom;
for (i = 0; (cp = info->envp[i]) != NULL; i++) {
for (i = 0; (cp = evlog->envp[i]) != NULL; i++) {
json_value.type = JSON_STRING;
json_value.u.string = cp;
if (!sudo_json_add_value(&json, NULL, &json_value))
@@ -1014,70 +1014,70 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
goto oom;
}
if (info->runas_group!= NULL) {
if (info->runas_gid != (gid_t)-1) {
if (evlog->rungroup!= NULL) {
if (evlog->rungid != (gid_t)-1) {
json_value.type = JSON_ID;
json_value.u.id = info->runas_gid;
json_value.u.id = evlog->rungid;
if (!sudo_json_add_value(&json, "rungid", &json_value))
goto oom;
}
json_value.type = JSON_STRING;
json_value.u.string = info->runas_group;
json_value.u.string = evlog->rungroup;
if (!sudo_json_add_value(&json, "rungroup", &json_value))
goto oom;
}
if (info->runas_uid != (uid_t)-1) {
if (evlog->runuid != (uid_t)-1) {
json_value.type = JSON_ID;
json_value.u.id = info->runas_uid;
json_value.u.id = evlog->runuid;
if (!sudo_json_add_value(&json, "runuid", &json_value))
goto oom;
}
if (info->runchroot != NULL) {
if (evlog->runchroot != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = info->runchroot;
json_value.u.string = evlog->runchroot;
if (!sudo_json_add_value(&json, "runchroot", &json_value))
goto oom;
}
if (info->runcwd != NULL) {
if (evlog->runcwd != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = info->runcwd;
json_value.u.string = evlog->runcwd;
if (!sudo_json_add_value(&json, "runcwd", &json_value))
goto oom;
}
/* Required */
json_value.type = JSON_STRING;
json_value.u.string = info->runas_user;
json_value.u.string = evlog->runuser;
if (!sudo_json_add_value(&json, "runuser", &json_value))
goto oom;
if (info->cwd != NULL) {
if (evlog->cwd != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = info->cwd;
json_value.u.string = evlog->cwd;
if (!sudo_json_add_value(&json, "submitcwd", &json_value))
goto oom;
}
if (info->host != NULL) {
if (evlog->submithost != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = info->host;
json_value.u.string = evlog->submithost;
if (!sudo_json_add_value(&json, "submithost", &json_value))
goto oom;
}
/* Required */
json_value.type = JSON_STRING;
json_value.u.string = info->user;
json_value.u.string = evlog->submituser;
if (!sudo_json_add_value(&json, "submituser", &json_value))
goto oom;
if (info->tty != NULL) {
if (evlog->ttyname != NULL) {
json_value.type = JSON_STRING;
json_value.u.string = info->tty;
json_value.u.string = evlog->ttyname;
if (!sudo_json_add_value(&json, "ttyname", &json_value))
goto oom;
}
@@ -1085,14 +1085,14 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
fd = iolog_openat(dfd, "log.json", O_CREAT|O_TRUNC|O_WRONLY);
if (fd == -1 || (fp = fdopen(fd, "w")) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to open %s/log.json", parent);
"unable to open %s/log.json", evlog->iolog_path);
goto done;
}
if (fchown(fd, iolog_uid, iolog_gid) != 0) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
"%s: unable to fchown %d:%d %s/log", __func__,
(int)iolog_uid, (int)iolog_gid, parent);
(int)iolog_uid, (int)iolog_gid, evlog->iolog_path);
}
fd = -1;
@@ -1100,7 +1100,7 @@ iolog_write_info_file_json(int dfd, const char *parent, struct iolog_info *info)
fflush(fp);
if (ferror(fp)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to write to I/O log file %s/log.json", parent);
"unable to write to I/O log file %s/log.json", evlog->iolog_path);
goto done;
}
@@ -1124,14 +1124,13 @@ done:
* These files are not compressed.
*/
bool
iolog_write_info_file(int dfd, const char *parent,
struct iolog_info *log_info)
iolog_write_info_file(int dfd, struct eventlog *evlog)
{
debug_decl(iolog_write_info_file, SUDO_DEBUG_UTIL);
if (!iolog_write_info_file_legacy(dfd, parent, log_info))
if (!iolog_write_info_file_legacy(dfd, evlog))
debug_return_bool(false);
if (!iolog_write_info_file_json(dfd, parent, log_info))
if (!iolog_write_info_file_json(dfd, evlog))
debug_return_bool(false);
debug_return_bool(true);

107
lib/iolog/iolog_json.c
View File

@@ -39,6 +39,7 @@
#include "sudo_compat.h"
#include "sudo_debug.h"
#include "sudo_eventlog.h"
#include "sudo_fatal.h"
#include "sudo_gettext.h"
#include "sudo_iolog.h"
@@ -54,48 +55,48 @@ struct json_stack {
#define JSON_STACK_INTIALIZER(s) { 0, nitems((s).frames) };
static bool
json_store_columns(struct json_item *item, struct iolog_info *li)
json_store_columns(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_columns, SUDO_DEBUG_UTIL);
if (item->u.number < 1 || item->u.number > INT_MAX) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"tty cols %lld: out of range", item->u.number);
li->cols = 0;
evlog->columns = 0;
debug_return_bool(false);
}
li->cols = item->u.number;
evlog->columns = item->u.number;
debug_return_bool(true);
}
static bool
json_store_command(struct json_item *item, struct iolog_info *li)
json_store_command(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_command, SUDO_DEBUG_UTIL);
/*
* Note: struct iolog_info must store command + args.
* Note: struct eventlog must store command + args.
* We don't have argv yet so we append the args later.
*/
li->cmd = item->u.string;
evlog->command = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_lines(struct json_item *item, struct iolog_info *li)
json_store_lines(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_lines, SUDO_DEBUG_UTIL);
if (item->u.number < 1 || item->u.number > INT_MAX) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"tty lines %lld: out of range", item->u.number);
li->lines = 0;
evlog->lines = 0;
debug_return_bool(false);
}
li->lines = item->u.number;
evlog->lines = item->u.number;
debug_return_bool(true);
}
@@ -130,115 +131,115 @@ json_array_to_strvec(struct json_object *array)
}
static bool
json_store_runargv(struct json_item *item, struct iolog_info *li)
json_store_runargv(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_runargv, SUDO_DEBUG_UTIL);
li->argv = json_array_to_strvec(&item->u.child);
evlog->argv = json_array_to_strvec(&item->u.child);
debug_return_bool(li->argv != NULL);
debug_return_bool(evlog->argv != NULL);
}
static bool
json_store_runenv(struct json_item *item, struct iolog_info *li)
json_store_runenv(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_runenv, SUDO_DEBUG_UTIL);
li->envp = json_array_to_strvec(&item->u.child);
evlog->envp = json_array_to_strvec(&item->u.child);
debug_return_bool(li->envp != NULL);
debug_return_bool(evlog->envp != NULL);
}
static bool
json_store_rungid(struct json_item *item, struct iolog_info *li)
json_store_rungid(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_rungid, SUDO_DEBUG_UTIL);
li->runas_gid = (gid_t)item->u.number;
evlog->rungid = (gid_t)item->u.number;
debug_return_bool(true);
}
static bool
json_store_rungroup(struct json_item *item, struct iolog_info *li)
json_store_rungroup(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_rungroup, SUDO_DEBUG_UTIL);
li->runas_group = item->u.string;
evlog->rungroup = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_runuid(struct json_item *item, struct iolog_info *li)
json_store_runuid(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_runuid, SUDO_DEBUG_UTIL);
li->runas_uid = (uid_t)item->u.number;
evlog->runuid = (uid_t)item->u.number;
debug_return_bool(true);
}
static bool
json_store_runuser(struct json_item *item, struct iolog_info *li)
json_store_runuser(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_runuser, SUDO_DEBUG_UTIL);
li->runas_user = item->u.string;
evlog->runuser = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_runchroot(struct json_item *item, struct iolog_info *li)
json_store_runchroot(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_runchroot, SUDO_DEBUG_UTIL);
li->runchroot = item->u.string;
evlog->runchroot = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_runcwd(struct json_item *item, struct iolog_info *li)
json_store_runcwd(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_runcwd, SUDO_DEBUG_UTIL);
li->runcwd = item->u.string;
evlog->runcwd = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_submitcwd(struct json_item *item, struct iolog_info *li)
json_store_submitcwd(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_submitcwd, SUDO_DEBUG_UTIL);
li->cwd = item->u.string;
evlog->cwd = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_submithost(struct json_item *item, struct iolog_info *li)
json_store_submithost(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_submithost, SUDO_DEBUG_UTIL);
li->host = item->u.string;
evlog->submithost = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_submituser(struct json_item *item, struct iolog_info *li)
json_store_submituser(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_submituser, SUDO_DEBUG_UTIL);
li->user = item->u.string;
evlog->submituser = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
static bool
json_store_timestamp(struct json_item *item, struct iolog_info *li)
json_store_timestamp(struct json_item *item, struct eventlog *evlog)
{
struct json_object *object;
debug_decl(json_store_timestamp, SUDO_DEBUG_UTIL);
@@ -248,11 +249,11 @@ json_store_timestamp(struct json_item *item, struct iolog_info *li)
if (item->type != JSON_NUMBER)
continue;
if (strcmp(item->name, "seconds") == 0) {
li->tstamp.tv_sec = item->u.number;
evlog->submit_time.tv_sec = item->u.number;
continue;
}
if (strcmp(item->name, "nanoseconds") == 0) {
li->tstamp.tv_nsec = item->u.number;
evlog->submit_time.tv_nsec = item->u.number;
continue;
}
}
@@ -260,11 +261,11 @@ json_store_timestamp(struct json_item *item, struct iolog_info *li)
}
static bool
json_store_ttyname(struct json_item *item, struct iolog_info *li)
json_store_ttyname(struct json_item *item, struct eventlog *evlog)
{
debug_decl(json_store_ttyname, SUDO_DEBUG_UTIL);
li->tty = item->u.string;
evlog->ttyname = item->u.string;
item->u.string = NULL;
debug_return_bool(true);
}
@@ -272,7 +273,7 @@ json_store_ttyname(struct json_item *item, struct iolog_info *li)
static struct iolog_json_key {
const char *name;
enum json_value_type type;
bool (*setter)(struct json_item *, struct iolog_info *);
bool (*setter)(struct json_item *, struct eventlog *);
} iolog_json_keys[] = {
{ "columns", JSON_NUMBER, json_store_columns },
{ "command", JSON_STRING, json_store_command },
@@ -401,7 +402,7 @@ free_json_items(struct json_item_list *items)
}
static bool
iolog_parse_json_object(struct json_object *object, struct iolog_info *li)
iolog_parse_json_object(struct json_object *object, struct eventlog *evlog)
{
struct json_item *item;
bool ret = false;
@@ -434,7 +435,7 @@ iolog_parse_json_object(struct json_object *object, struct iolog_info *li)
goto done;
} else {
/* Matched name and type. */
if (!key->setter(item, li)) {
if (!key->setter(item, evlog)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to store %s", key->name);
goto done;
@@ -443,14 +444,14 @@ iolog_parse_json_object(struct json_object *object, struct iolog_info *li)
}
/* Merge cmd and argv as sudoreplay expects. */
if (li->cmd != NULL && li->argv != NULL) {
size_t len = strlen(li->cmd) + 1;
if (evlog->command != NULL && evlog->argv != NULL) {
size_t len = strlen(evlog->command) + 1;
char *newcmd;
int ac;
/* Skip argv[0], we use li->cmd instead. */
for (ac = 1; li->argv[ac] != NULL; ac++)
len += strlen(li->argv[ac]) + 1;
/* Skip argv[0], we use evlog->command instead. */
for (ac = 1; evlog->argv[ac] != NULL; ac++)
len += strlen(evlog->argv[ac]) + 1;
if ((newcmd = malloc(len)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
@@ -458,17 +459,17 @@ iolog_parse_json_object(struct json_object *object, struct iolog_info *li)
}
/* TODO: optimize this. */
if (strlcpy(newcmd, li->cmd, len) >= len)
if (strlcpy(newcmd, evlog->command, len) >= len)
sudo_fatalx(U_("internal error, %s overflow"), __func__);
for (ac = 1; li->argv[ac] != NULL; ac++) {
for (ac = 1; evlog->argv[ac] != NULL; ac++) {
if (strlcat(newcmd, " ", len) >= len)
sudo_fatalx(U_("internal error, %s overflow"), __func__);
if (strlcat(newcmd, li->argv[ac], len) >= len)
if (strlcat(newcmd, evlog->argv[ac], len) >= len)
sudo_fatalx(U_("internal error, %s overflow"), __func__);
}
free(li->cmd);
li->cmd = newcmd;
free(evlog->command);
evlog->command = newcmd;
}
ret = true;
@@ -770,7 +771,7 @@ done:
}
bool
iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct iolog_info *li)
iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct eventlog *evlog)
{
struct json_object root;
bool ret = false;
@@ -778,7 +779,7 @@ iolog_parse_loginfo_json(FILE *fp, const char *iolog_dir, struct iolog_info *li)
if (iolog_parse_json(fp, iolog_dir, &root)) {
/* Walk the stack and parse entries. */
ret = iolog_parse_json_object(&root, li);
ret = iolog_parse_json_object(&root, evlog);
/* Cleanup. */
free_json_items(&root.items);

74
lib/iolog/iolog_util.c
View File

@@ -41,6 +41,7 @@
#include "sudo_compat.h"
#include "sudo_debug.h"
#include "sudo_eventlog.h"
#include "sudo_fatal.h"
#include "sudo_gettext.h"
#include "sudo_iolog.h"
@@ -50,7 +51,7 @@ static int timing_event_adj;
static bool
iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
struct iolog_info *li)
struct eventlog *evlog)
{
char *buf = NULL, *cp, *ep;
const char *errstr;
@@ -65,15 +66,15 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
* 3) command with args
*/
if (getdelim(&buf, &bufsize, '\n', fp) == -1 ||
getdelim(&li->cwd, &cwdsize, '\n', fp) == -1 ||
getdelim(&li->cmd, &cmdsize, '\n', fp) == -1) {
getdelim(&evlog->cwd, &cwdsize, '\n', fp) == -1 ||
getdelim(&evlog->command, &cmdsize, '\n', fp) == -1) {
sudo_warn(U_("%s: invalid log file"), iolog_dir);
goto done;
}
/* Strip the newline from the cwd and command. */
li->cwd[strcspn(li->cwd, "\n")] = '\0';
li->cmd[strcspn(li->cmd, "\n")] = '\0';
evlog->cwd[strcspn(evlog->cwd, "\n")] = '\0';
evlog->command[strcspn(evlog->command, "\n")] = '\0';
/*
* Crack the log line (lines and cols not present in old versions).
@@ -89,7 +90,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
goto done;
}
*ep = '\0';
li->tstamp.tv_sec = sudo_strtonum(cp, 0, TIME_T_MAX, &errstr);
evlog->submit_time.tv_sec = sudo_strtonum(cp, 0, TIME_T_MAX, &errstr);
if (errstr != NULL) {
sudo_warn(U_("%s: time stamp %s: %s"), iolog_dir, cp, errstr);
goto done;
@@ -101,7 +102,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
sudo_warn(U_("%s: user field is missing"), iolog_dir);
goto done;
}
if ((li->user = strndup(cp, (size_t)(ep - cp))) == NULL)
if ((evlog->submituser = strndup(cp, (size_t)(ep - cp))) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
/* runas user */
@@ -110,7 +111,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
sudo_warn(U_("%s: runas user field is missing"), iolog_dir);
goto done;
}
if ((li->runas_user = strndup(cp, (size_t)(ep - cp))) == NULL)
if ((evlog->runuser = strndup(cp, (size_t)(ep - cp))) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
/* runas group */
@@ -120,7 +121,7 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
goto done;
}
if (cp != ep) {
if ((li->runas_group = strndup(cp, (size_t)(ep - cp))) == NULL)
if ((evlog->rungroup = strndup(cp, (size_t)(ep - cp))) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
}
@@ -128,11 +129,11 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
cp = ep + 1;
if ((ep = strchr(cp, ':')) == NULL) {
/* just the tty */
if ((li->tty = strdup(cp)) == NULL)
if ((evlog->ttyname = strdup(cp)) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
} else {
/* tty followed by lines + cols */
if ((li->tty = strndup(cp, (size_t)(ep - cp))) == NULL)
if ((evlog->ttyname = strndup(cp, (size_t)(ep - cp))) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
cp = ep + 1;
/* need to NULL out separator to use sudo_strtonum() */
@@ -140,14 +141,14 @@ iolog_parse_loginfo_legacy(FILE *fp, const char *iolog_dir,
if ((ep = strchr(cp, ':')) != NULL) {
*ep = '\0';
}
li->lines = sudo_strtonum(cp, 1, INT_MAX, &errstr);
evlog->lines = sudo_strtonum(cp, 1, INT_MAX, &errstr);
if (errstr != NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"%s: tty lines %s: %s", iolog_dir, cp, errstr);
}
if (ep != NULL) {
cp = ep + 1;
li->cols = sudo_strtonum(cp, 1, INT_MAX, &errstr);
evlog->columns = sudo_strtonum(cp, 1, INT_MAX, &errstr);
if (errstr != NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"%s: tty cols %s: %s", iolog_dir, cp, errstr);
@@ -162,10 +163,10 @@ done:
debug_return_bool(ret);
}
struct iolog_info *
struct eventlog *
iolog_parse_loginfo(int dfd, const char *iolog_dir)
{
struct iolog_info *li = NULL;
struct eventlog *evlog = NULL;
FILE *fp = NULL;
int fd = -1;
int tmpfd = -1;
@@ -191,16 +192,16 @@ iolog_parse_loginfo(int dfd, const char *iolog_dir)
}
fd = -1;
if ((li = calloc(1, sizeof(*li))) == NULL)
if ((evlog = calloc(1, sizeof(*evlog))) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
li->runas_uid = (uid_t)-1;
li->runas_gid = (gid_t)-1;
evlog->runuid = (uid_t)-1;
evlog->rungid = (gid_t)-1;
ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, li) :
iolog_parse_loginfo_json(fp, iolog_dir, li);
ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, evlog) :
iolog_parse_loginfo_json(fp, iolog_dir, evlog);
if (ok) {
fclose(fp);
debug_return_ptr(li);
debug_return_ptr(evlog);
}
bad:
@@ -208,7 +209,7 @@ bad:
close(fd);
if (fp != NULL)
fclose(fp);
iolog_free_loginfo(li);
eventlog_free(evlog);
debug_return_ptr(NULL);
}
@@ -428,32 +429,3 @@ iolog_read_timing_record(struct iolog_file *iol, struct timing_closure *timing)
debug_return_int(0);
}
void
iolog_free_loginfo(struct iolog_info *li)
{
char **p;
if (li != NULL) {
if (li->argv != NULL) {
for (p = li->argv; *p != NULL; p++)
free(*p);
free(li->argv);
}
if (li->envp != NULL) {
for (p = li->envp; *p != NULL; p++)
free(*p);
free(li->envp);
}
free(li->cwd);
free(li->user);
free(li->runas_user);
free(li->runas_group);
free(li->runchroot);
free(li->runcwd);
free(li->tty);
free(li->cmd);
free(li->host);
free(li);
}
}

18
logsrvd/Makefile.in
View File

@@ -293,20 +293,22 @@ sendlog.o: $(srcdir)/sendlog.c $(incdir)/compat/getaddrinfo.h \
$(incdir)/hostcheck.h $(incdir)/log_server.pb-c.h \
$(incdir)/protobuf-c/protobuf-c.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/logsrv_util.h $(srcdir)/sendlog.h $(top_builddir)/config.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/logsrv_util.h $(srcdir)/sendlog.h \
$(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sendlog.c
sendlog.i: $(srcdir)/sendlog.c $(incdir)/compat/getaddrinfo.h \
$(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
$(incdir)/hostcheck.h $(incdir)/log_server.pb-c.h \
$(incdir)/protobuf-c/protobuf-c.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/logsrv_util.h $(srcdir)/sendlog.h $(top_builddir)/config.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/logsrv_util.h $(srcdir)/sendlog.h \
$(top_builddir)/config.h
$(CC) -E -o $@ $(CPPFLAGS) $<
sendlog.plog: sendlog.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sendlog.c --i-file $< --output-file $@

174
logsrvd/iolog_writer.c
View File

@@ -104,55 +104,24 @@ bad:
debug_return_ptr(NULL);
}
/*
* Free the strings in a struct eventlog.
*/
void
evlog_free(struct eventlog *evlog)
{
int i;
debug_decl(evlog_free, SUDO_DEBUG_UTIL);
if (evlog != NULL) {
free(evlog->iolog_path);
free(evlog->command);
free(evlog->cwd);
free(evlog->runchroot);
free(evlog->runcwd);
free(evlog->rungroup);
free(evlog->runuser);
free(evlog->submithost);
free(evlog->submituser);
free(evlog->submitgroup);
free(evlog->ttyname);
if (evlog->argv != NULL) {
for (i = 0; evlog->argv[i] != NULL; i++)
free(evlog->argv[i]);
free(evlog->argv);
}
if (evlog->envp != NULL) {
for (i = 0; evlog->envp[i] != NULL; i++)
free(evlog->envp[i]);
free(evlog->envp);
}
}
debug_return;
}
/*
* Fill in eventlog details from an AcceptMessage
* Caller is responsible for freeing strings in struct eventlog.
* Returns true on success and false on failure.
*/
bool
evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
InfoMessage **info_msgs, size_t infolen)
struct eventlog *
evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen)
{
struct eventlog *evlog;
size_t idx;
bool ret = false;
debug_decl(evlog_fill, SUDO_DEBUG_UTIL);
debug_decl(evlog_new, SUDO_DEBUG_UTIL);
evlog = calloc(1, sizeof(*evlog));
if (evlog == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"calloc(1, %zu)", sizeof(*evlog));
goto bad;
}
memset(evlog, 0, sizeof(*evlog));
/* Submit time. */
@@ -189,7 +158,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -217,7 +186,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
if (has_strlistval(info)) {
evlog->argv = strlist_copy(info->u.strlistval);
if (evlog->argv == NULL)
goto done;
goto bad;
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"runargv specified but not a string list");
@@ -230,7 +199,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -244,7 +213,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -256,7 +225,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
if (has_strlistval(info)) {
evlog->envp = strlist_copy(info->u.strlistval);
if (evlog->envp == NULL)
goto done;
goto bad;
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"runenv specified but not a string list");
@@ -281,7 +250,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -307,7 +276,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -323,7 +292,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -337,7 +306,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -351,7 +320,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -365,7 +334,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -381,7 +350,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
} else {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
@@ -397,22 +366,22 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
if (evlog->submituser == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"missing submituser in AcceptMessage");
goto done;
goto bad;
}
if (evlog->submithost == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"missing submithost in AcceptMessage");
goto done;
goto bad;
}
if (evlog->runuser == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"missing runuser in AcceptMessage");
goto done;
goto bad;
}
if (evlog->command == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"missing command in AcceptMessage");
goto done;
goto bad;
}
/* Other settings that must exist for event logging. */
@@ -421,7 +390,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
}
if (evlog->runcwd == NULL) {
@@ -429,7 +398,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
}
if (evlog->submitgroup == NULL) {
@@ -438,7 +407,7 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
}
if (evlog->ttyname == NULL) {
@@ -446,16 +415,15 @@ evlog_fill(struct eventlog *evlog, TimeSpec *submit_time,
sudo_debug_printf(
SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto done;
goto bad;
}
}
ret = true;
debug_return_ptr(evlog);
done:
if (!ret)
evlog_free(evlog);
debug_return_bool(ret);
bad:
eventlog_free(evlog);
debug_return_ptr(NULL);
}
struct iolog_path_closure {
@@ -597,7 +565,7 @@ static const struct iolog_path_escape path_escapes[] = {
static bool
create_iolog_path(struct connection_closure *closure)
{
struct eventlog *evlog = &closure->evlog;
struct eventlog *evlog = closure->evlog;
struct iolog_path_closure path_closure;
char expanded_dir[PATH_MAX], expanded_file[PATH_MAX], pathbuf[PATH_MAX];
size_t len;
@@ -661,38 +629,6 @@ bad:
debug_return_bool(false);
}
/*
* Write the sudo-style I/O log info file containing user and command info.
*/
static bool
iolog_details_write(struct eventlog *evlog, struct connection_closure *closure)
{
struct iolog_info log_info;
debug_decl(iolog_details_write, SUDO_DEBUG_UTIL);
/* Convert to iolog_info */
memset(&log_info, 0, sizeof(log_info));
log_info.cwd = evlog->cwd;
log_info.user = evlog->submituser;
log_info.runchroot = evlog->runchroot;
log_info.runcwd = evlog->runcwd;
log_info.runas_user = evlog->runuser;
log_info.runas_group = evlog->rungroup;
log_info.tty = evlog->ttyname;
log_info.cmd = evlog->command;
log_info.host = evlog->submithost;
log_info.tstamp = evlog->submit_time;
log_info.lines = evlog->lines;
log_info.cols = evlog->columns;
log_info.runas_uid = evlog->runuid;
log_info.runas_gid = evlog->rungid;
log_info.argv = evlog->argv;
log_info.envp = evlog->envp;
debug_return_bool(iolog_write_info_file(closure->iolog_dir_fd,
evlog->iolog_path, &log_info));
}
static bool
iolog_create(int iofd, struct connection_closure *closure)
{
@@ -733,6 +669,7 @@ iolog_close_all(struct connection_closure *closure)
bool
iolog_init(AcceptMessage *msg, struct connection_closure *closure)
{
struct eventlog *evlog = closure->evlog;
debug_decl(iolog_init, SUDO_DEBUG_UTIL);
/* Create I/O log path */
@@ -740,7 +677,7 @@ iolog_init(AcceptMessage *msg, struct connection_closure *closure)
debug_return_bool(false);
/* Write sudo I/O log info file */
if (!iolog_details_write(&closure->evlog, closure))
if (!iolog_write_info_file(closure->iolog_dir_fd, evlog))
debug_return_bool(false);
/*
@@ -792,6 +729,7 @@ iolog_copy(struct iolog_file *src, struct iolog_file *dst, off_t remainder,
static bool
iolog_rewrite(const struct timespec *target, struct connection_closure *closure)
{
const struct eventlog *evlog = closure->evlog;
struct iolog_file new_iolog_files[IOFD_MAX];
off_t iolog_file_sizes[IOFD_MAX] = { 0 };
struct timing_closure timing;
@@ -838,10 +776,10 @@ iolog_rewrite(const struct timespec *target, struct connection_closure *closure)
/* Create new I/O log files in a temporary directory. */
len = snprintf(tmpdir, sizeof(tmpdir), "%s/restart.XXXXXX",
closure->evlog.iolog_path);
evlog->iolog_path);
if (len < 0 || len >= ssizeof(tmpdir)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to format %s/restart.XXXXXX", closure->evlog.iolog_path);
"unable to format %s/restart.XXXXXX", evlog->iolog_path);
goto done;
}
if (!iolog_mkdtemp(tmpdir)) {
@@ -879,7 +817,7 @@ iolog_rewrite(const struct timespec *target, struct connection_closure *closure)
name = iolog_fd_to_name(iofd);
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to copy %s/%s to %s/%s: %s",
closure->evlog.iolog_path, name, tmpdir, name, errstr);
evlog->iolog_path, name, tmpdir, name, errstr);
goto done;
}
}
@@ -899,11 +837,11 @@ iolog_rewrite(const struct timespec *target, struct connection_closure *closure)
"unable to format %s/%s", tmpdir, name);
goto done;
}
len = snprintf(to, sizeof(to), "%s/%s", closure->evlog.iolog_path,
len = snprintf(to, sizeof(to), "%s/%s", evlog->iolog_path,
name);
if (len < 0 || len >= ssizeof(from)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to format %s/%s", closure->evlog.iolog_path, name);
"unable to format %s/%s", evlog->iolog_path, name);
goto done;
}
if (!iolog_rename(from, to)) {
@@ -943,6 +881,7 @@ done:
bool
iolog_restart(RestartMessage *msg, struct connection_closure *closure)
{
struct eventlog *evlog = closure->evlog;
struct timespec target;
struct stat sb;
int iofd;
@@ -951,7 +890,7 @@ iolog_restart(RestartMessage *msg, struct connection_closure *closure)
target.tv_sec = msg->resume_point->tv_sec;
target.tv_nsec = msg->resume_point->tv_nsec;
if ((closure->evlog.iolog_path = strdup(msg->log_id)) == NULL) {
if ((evlog->iolog_path = strdup(msg->log_id)) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"strdup");
goto bad;
@@ -959,28 +898,28 @@ iolog_restart(RestartMessage *msg, struct connection_closure *closure)
/* We use iolog_dir_fd in calls to openat(2) */
closure->iolog_dir_fd =
iolog_openat(AT_FDCWD, closure->evlog.iolog_path, O_RDONLY);
iolog_openat(AT_FDCWD, evlog->iolog_path, O_RDONLY);
if (closure->iolog_dir_fd == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"%s", closure->evlog.iolog_path);
"%s", evlog->iolog_path);
goto bad;
}
/* If the timing file write bit is clear, log is already complete. */
if (fstatat(closure->iolog_dir_fd, "timing", &sb, 0) == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to stat %s/timing", closure->evlog.iolog_path);
"unable to stat %s/timing", evlog->iolog_path);
goto bad;
}
if (!ISSET(sb.st_mode, S_IWUSR)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"%s already complete", closure->evlog.iolog_path);
"%s already complete", evlog->iolog_path);
closure->errstr = _("log is already complete, cannot be restarted");
goto bad;
}
/* Open existing I/O log files. */
if (!iolog_open_all(closure->iolog_dir_fd, closure->evlog.iolog_path,
if (!iolog_open_all(closure->iolog_dir_fd, evlog->iolog_path,
closure->iolog_files, "r+"))
goto bad;
@@ -991,7 +930,7 @@ iolog_restart(RestartMessage *msg, struct connection_closure *closure)
}
/* Parse timing file until we reach the target point. */
if (!iolog_seekto(closure->iolog_dir_fd, closure->evlog.iolog_path,
if (!iolog_seekto(closure->iolog_dir_fd, evlog->iolog_path,
closure->iolog_files, &closure->elapsed_time, &target))
goto bad;
@@ -1033,6 +972,7 @@ update_elapsed_time(TimeSpec *delta, struct timespec *elapsed)
int
store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure)
{
const struct eventlog *evlog = closure->evlog;
const char *errstr;
char tbuf[1024];
int len;
@@ -1059,7 +999,7 @@ store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure)
if (!iolog_write(&closure->iolog_files[iofd], msg->data.data,
msg->data.len, &errstr)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to write to %s/%s: %s", closure->evlog.iolog_path,
"unable to write to %s/%s: %s", evlog->iolog_path,
iolog_fd_to_name(iofd), errstr);
debug_return_int(-1);
}
@@ -1068,7 +1008,7 @@ store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure)
if (!iolog_write(&closure->iolog_files[IOFD_TIMING], tbuf,
len, &errstr)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to write to %s/%s: %s", closure->evlog.iolog_path,
"unable to write to %s/%s: %s", evlog->iolog_path,
iolog_fd_to_name(IOFD_TIMING), errstr);
debug_return_int(-1);
}
@@ -1081,6 +1021,7 @@ store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure)
int
store_suspend(CommandSuspend *msg, struct connection_closure *closure)
{
const struct eventlog *evlog = closure->evlog;
const char *errstr;
char tbuf[1024];
int len;
@@ -1101,7 +1042,7 @@ store_suspend(CommandSuspend *msg, struct connection_closure *closure)
if (!iolog_write(&closure->iolog_files[IOFD_TIMING], tbuf,
len, &errstr)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to write to %s/%s: %s", closure->evlog.iolog_path,
"unable to write to %s/%s: %s", evlog->iolog_path,
iolog_fd_to_name(IOFD_TIMING), errstr);
debug_return_int(-1);
}
@@ -1114,6 +1055,7 @@ store_suspend(CommandSuspend *msg, struct connection_closure *closure)
int
store_winsize(ChangeWindowSize *msg, struct connection_closure *closure)
{
const struct eventlog *evlog = closure->evlog;
const char *errstr;
char tbuf[1024];
int len;
@@ -1133,7 +1075,7 @@ store_winsize(ChangeWindowSize *msg, struct connection_closure *closure)
if (!iolog_write(&closure->iolog_files[IOFD_TIMING], tbuf,
len, &errstr)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to write to %s/%s: %s", closure->evlog.iolog_path,
"unable to write to %s/%s: %s", evlog->iolog_path,
iolog_fd_to_name(IOFD_TIMING), errstr);
debug_return_int(-1);
}

21
logsrvd/logsrvd.c
View File

@@ -119,7 +119,7 @@ connection_closure_free(struct connection_closure *closure)
#if defined(HAVE_OPENSSL)
sudo_ev_free(closure->ssl_accept_ev);
#endif
evlog_free(&closure->evlog);
eventlog_free(closure->evlog);
free(closure->read_buf.data);
free(closure->write_buf.data);
free(closure);
@@ -300,8 +300,8 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure)
}
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received AcceptMessage", __func__);
if (!evlog_fill(&closure->evlog, msg->submit_time, msg->info_msgs,
msg->n_info_msgs)) {
closure->evlog = evlog_new(msg->submit_time, msg->info_msgs, msg->n_info_msgs);
if (closure->evlog == NULL) {
closure->errstr = _("error parsing AcceptMessage");
debug_return_bool(false);
}
@@ -315,7 +315,7 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure)
closure->log_io = true;
}
if (!eventlog_accept(&closure->evlog, &closure->evlog.submit_time,
if (!eventlog_accept(closure->evlog, &closure->evlog->submit_time,
logsrvd_json_log_cb, &info)) {
closure->errstr = _("error logging accept event");
debug_return_bool(false);
@@ -327,7 +327,7 @@ handle_accept(AcceptMessage *msg, struct connection_closure *closure)
}
/* Send log ID to client for restarting connections. */
if (!fmt_log_id_message(closure->evlog.iolog_path, &closure->write_buf))
if (!fmt_log_id_message(closure->evlog->iolog_path, &closure->write_buf))
debug_return_bool(false);
if (sudo_ev_add(closure->evbase, closure->write_ev,
logsrvd_conf_get_sock_timeout(), false) == -1) {
@@ -366,14 +366,15 @@ handle_reject(RejectMessage *msg, struct connection_closure *closure)
}
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: received RejectMessage", __func__);
if (!evlog_fill(&closure->evlog, msg->submit_time, msg->info_msgs,
msg->n_info_msgs)) {
closure->evlog = evlog_new(msg->submit_time, msg->info_msgs,
msg->n_info_msgs);
if (closure->evlog == NULL) {
closure->errstr = _("error parsing RejectMessage");
debug_return_bool(false);
}
if (!eventlog_reject(&closure->evlog, msg->reason,
&closure->evlog.submit_time, logsrvd_json_log_cb, &info)) {
if (!eventlog_reject(closure->evlog, msg->reason,
&closure->evlog->submit_time, logsrvd_json_log_cb, &info)) {
closure->errstr = _("error logging reject event");
debug_return_bool(false);
}
@@ -491,7 +492,7 @@ handle_alert(AlertMessage *msg, struct connection_closure *closure)
alert_time.tv_sec = msg->alert_time->tv_sec;
alert_time.tv_nsec = msg->alert_time->tv_nsec;
if (!eventlog_alert(&closure->evlog, &alert_time, msg->reason)) {
if (!eventlog_alert(closure->evlog, &alert_time, msg->reason)) {
closure->errstr = _("error logging alert event");
debug_return_bool(false);
}

5
logsrvd/logsrvd.h
View File

@@ -58,7 +58,7 @@ enum connection_status {
*/
struct connection_closure {
TAILQ_ENTRY(connection_closure) entries;
struct eventlog evlog;
struct eventlog *evlog;
struct timespec elapsed_time;
struct connection_buffer read_buf;
struct connection_buffer write_buf;
@@ -137,14 +137,13 @@ struct logsrvd_tls_runtime {
#endif
/* iolog_writer.c */
bool evlog_fill(struct eventlog *evlog, TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen);
struct eventlog *evlog_new(TimeSpec *submit_time, InfoMessage **info_msgs, size_t infolen);
bool iolog_init(AcceptMessage *msg, struct connection_closure *closure);
bool iolog_restart(RestartMessage *msg, struct connection_closure *closure);
int store_iobuf(int iofd, IoBuffer *msg, struct connection_closure *closure);
int store_suspend(CommandSuspend *msg, struct connection_closure *closure);
int store_winsize(ChangeWindowSize *msg, struct connection_closure *closure);
void iolog_close_all(struct connection_closure *closure);
void evlog_free(struct eventlog *evlog);
/* logsrvd_conf.c */
bool logsrvd_conf_read(const char *path);

47
logsrvd/sendlog.c
View File

@@ -63,6 +63,7 @@
#include "sudo_conf.h"
#include "sudo_debug.h"
#include "sudo_event.h"
#include "sudo_eventlog.h"
#include "sudo_fatal.h"
#include "sudo_gettext.h"
#include "sudo_iolog.h"
@@ -366,7 +367,7 @@ free_info_messages(InfoMessage **info_msgs, size_t n_info_msgs)
}
static InfoMessage **
fmt_info_messages(struct iolog_info *log_info, char *hostname,
fmt_info_messages(const struct eventlog *evlog, char *hostname,
size_t *n_info_msgs)
{
InfoMessage **info_msgs = NULL;
@@ -379,7 +380,7 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname,
if (runargv == NULL)
goto oom;
info_message__string_list__init(runargv);
runargv->strings = split_command(log_info->cmd, &runargv->n_strings);
runargv->strings = split_command(evlog->command, &runargv->n_strings);
if (runargv->strings == NULL)
goto oom;
@@ -398,17 +399,17 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname,
/* Fill in info_msgs */
n = 0;
info_msgs[n]->key = "command";
info_msgs[n]->u.strval = log_info->cmd;
info_msgs[n]->u.strval = evlog->command;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL;
n++;
info_msgs[n]->key = "columns";
info_msgs[n]->u.numval = log_info->cols;
info_msgs[n]->u.numval = evlog->columns;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_NUMVAL;
n++;
info_msgs[n]->key = "lines";
info_msgs[n]->u.numval = log_info->lines;
info_msgs[n]->u.numval = evlog->lines;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_NUMVAL;
n++;
@@ -418,20 +419,20 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname,
runargv = NULL;
n++;
if (log_info->runas_group != NULL) {
if (evlog->rungroup != NULL) {
info_msgs[n]->key = "rungroup";
info_msgs[n]->u.strval = log_info->runas_group;
info_msgs[n]->u.strval = evlog->rungroup;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL;
n++;
}
info_msgs[n]->key = "runuser";
info_msgs[n]->u.strval = log_info->runas_user;
info_msgs[n]->u.strval = evlog->runuser;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL;
n++;
info_msgs[n]->key = "submitcwd";
info_msgs[n]->u.strval = log_info->cwd;
info_msgs[n]->u.strval = evlog->cwd;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL;
n++;
@@ -441,12 +442,12 @@ fmt_info_messages(struct iolog_info *log_info, char *hostname,
n++;
info_msgs[n]->key = "submituser";
info_msgs[n]->u.strval = log_info->user;
info_msgs[n]->u.strval = evlog->submituser;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL;
n++;
info_msgs[n]->key = "ttyname";
info_msgs[n]->u.strval = log_info->tty;
info_msgs[n]->u.strval = evlog->ttyname;
info_msgs[n]->value_case = INFO_MESSAGE__VALUE_STRVAL;
n++;
@@ -496,14 +497,14 @@ fmt_reject_message(struct client_closure *closure)
}
/* Sudo I/O logs only store start time in seconds. */
tv.tv_sec = closure->log_info->tstamp.tv_sec;
tv.tv_nsec = closure->log_info->tstamp.tv_nsec;
tv.tv_sec = closure->evlog->submit_time.tv_sec;
tv.tv_nsec = closure->evlog->submit_time.tv_nsec;
reject_msg.submit_time = &tv;
/* Why the command was rejected. */
reject_msg.reason = closure->reject_reason;
reject_msg.info_msgs = fmt_info_messages(closure->log_info, hostname,
reject_msg.info_msgs = fmt_info_messages(closure->evlog, hostname,
&n_info_msgs);
if (reject_msg.info_msgs == NULL)
goto done;
@@ -555,14 +556,14 @@ fmt_accept_message(struct client_closure *closure)
}
/* Sudo I/O logs only store start time in seconds. */
tv.tv_sec = closure->log_info->tstamp.tv_sec;
tv.tv_nsec = closure->log_info->tstamp.tv_nsec;
tv.tv_sec = closure->evlog->submit_time.tv_sec;
tv.tv_nsec = closure->evlog->submit_time.tv_nsec;
accept_msg.submit_time = &tv;
/* Client will send IoBuffer messages. */
accept_msg.expect_iobufs = !closure->accept_only;
accept_msg.info_msgs = fmt_info_messages(closure->log_info, hostname,
accept_msg.info_msgs = fmt_info_messages(closure->evlog, hostname,
&n_info_msgs);
if (accept_msg.info_msgs == NULL)
goto done;
@@ -1581,7 +1582,7 @@ client_closure_free(struct client_closure *closure)
static struct client_closure *
client_closure_alloc(int sock, struct sudo_event_base *base,
struct timespec *elapsed, struct timespec *restart, const char *iolog_id,
char *reject_reason, bool accept_only, struct iolog_info *log_info)
char *reject_reason, bool accept_only, struct eventlog *evlog)
{
struct client_closure *closure;
debug_decl(client_closure_alloc, SUDO_DEBUG_UTIL);
@@ -1597,7 +1598,7 @@ client_closure_alloc(int sock, struct sudo_event_base *base,
closure->state = RECV_HELLO;
closure->accept_only = accept_only;
closure->reject_reason = reject_reason;
closure->log_info = log_info;
closure->evlog = evlog;
closure->elapsed.tv_sec = elapsed->tv_sec;
closure->elapsed.tv_nsec = elapsed->tv_nsec;
@@ -1667,7 +1668,7 @@ main(int argc, char *argv[])
{
struct client_closure *closure = NULL;
struct sudo_event_base *evbase;
struct iolog_info *log_info;
struct eventlog *evlog;
const char *port = NULL;
struct timespec restart = { 0, 0 };
struct timespec elapsed = { 0, 0 };
@@ -1791,7 +1792,7 @@ main(int argc, char *argv[])
}
/* Parse I/O log info file. */
if ((log_info = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL)
if ((evlog = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL)
goto bad;
if ((evbase = sudo_ev_base_alloc()) == NULL)
@@ -1809,7 +1810,7 @@ main(int argc, char *argv[])
printf("Connected to %s:%s\n", server_name, port);
closure = client_closure_alloc(sock, evbase, &elapsed, &restart,
iolog_id, reject_reason, accept_only, log_info);
iolog_id, reject_reason, accept_only, evlog);
if (closure == NULL)
goto bad;
@@ -1860,7 +1861,7 @@ main(int argc, char *argv[])
}
client_closure_free(closure);
}
iolog_free_loginfo(log_info);
eventlog_free(evlog);
#if defined(HAVE_OPENSSL)
SSL_CTX_free(ssl_ctx);
#endif

2
logsrvd/sendlog.h
View File

@@ -64,7 +64,7 @@ struct client_closure {
#endif
struct sudo_event *read_ev;
struct sudo_event *write_ev;
struct iolog_info *log_info;
struct eventlog *evlog;
struct iolog_file iolog_files[IOFD_MAX];
const char *iolog_id;
char *reject_reason;

81
plugins/sudoers/Makefile.in
View File

@@ -55,13 +55,14 @@ INSTALL_OWNER = -o $(install_uid) -g $(install_gid)
INSTALL_BACKUP = @INSTALL_BACKUP@
# Libraries
LIBUTIL = $(top_builddir)/lib/util/libsudo_util.la
LIBEVENTLOG = $(top_builddir)/lib/eventlog/libsudo_eventlog.la
LIBIOLOG = $(top_builddir)/lib/iolog/libsudo_iolog.la
LIBLOGSRV = @LIBLOGSRV@
LIBUTIL = $(top_builddir)/lib/util/libsudo_util.la
LIBS = $(LIBUTIL)
NET_LIBS = @NET_LIBS@
SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ @LIBTLS@ $(NET_LIBS) $(LIBIOLOG) $(LIBLOGSRV)
REPLAY_LIBS = @REPLAY_LIBS@ $(LIBIOLOG)
REPLAY_LIBS = @REPLAY_LIBS@ $(LIBEVENTLOG) $(LIBIOLOG)
VISUDO_LIBS = $(NET_LIBS)
CVTSUDOERS_LIBS = $(NET_LIBS)
TESTSUDOERS_LIBS = $(NET_LIBS)
@@ -321,7 +322,7 @@ check_hexchar: $(CHECK_HEXCHAR_OBJS) $(LIBUTIL)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_HEXCHAR_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
check_iolog_plugin: $(CHECK_IOLOG_PLUGIN_OBJS) $(LIBUTIL) $(LIBIOLOG) $(LIBLOGSRV)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PLUGIN_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBIOLOG) $(LIBLOGSRV) @LIBTLS@
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PLUGIN_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBIOLOG) $(LIBEVENTLOG) $(LIBLOGSRV) @LIBTLS@
check_starttime: $(CHECK_STARTTIME_OBJS) $(LIBUTIL)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_STARTTIME_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
@@ -967,25 +968,27 @@ check_iolog_plugin.o: $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c \
$(devdir)/def_data.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c
check_iolog_plugin.i: $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c \
$(devdir)/def_data.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -E -o $@ $(CPPFLAGS) $<
check_iolog_plugin.plog: check_iolog_plugin.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/iolog_plugin/check_iolog_plugin.c --i-file $< --output-file $@
@@ -1570,24 +1573,24 @@ interfaces.plog: interfaces.i
iolog.lo: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/log_server.pb-c.h $(incdir)/protobuf-c/protobuf-c.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/iolog_plugin.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/strlist.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/iolog_plugin.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/strlist.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog.c
iolog.i: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/log_server.pb-c.h $(incdir)/protobuf-c/protobuf-c.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/iolog_plugin.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/strlist.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/iolog_plugin.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/strlist.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -E -o $@ $(CPPFLAGS) $<
iolog.plog: iolog.i
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/iolog.c --i-file $< --output-file $@
@@ -2462,19 +2465,19 @@ sudoers_debug.plog: sudoers_debug.i
sudoreplay.o: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/logging.h \
$(incdir)/sudo_event.h $(incdir)/sudo_eventlog.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/logging.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoreplay.c
sudoreplay.i: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_iolog.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/logging.h \
$(incdir)/sudo_event.h $(incdir)/sudo_eventlog.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_iolog.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/logging.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -E -o $@ $(CPPFLAGS) $<
sudoreplay.plog: sudoreplay.i

44
plugins/sudoers/iolog.c
View File

@@ -40,6 +40,7 @@
#include <netinet/in.h>
#include "sudoers.h"
#include "sudo_eventlog.h"
#include "sudo_iolog.h"
#include "iolog_plugin.h"
@@ -498,31 +499,32 @@ oom:
* This file is not compressed.
*/
static bool
write_info_log(int dfd, char *iolog_dir, struct iolog_details *details)
write_info_log(int dfd, char *iolog_path, struct iolog_details *details)
{
struct iolog_info iolog_info;
struct eventlog evlog;
debug_decl(write_info_log, SUDOERS_DEBUG_UTIL);
/* XXX - just use iolog_info in the first place? */
memset(&iolog_info, 0, sizeof(iolog_info));
iolog_info.cwd = (char *)details->cwd;
iolog_info.user = (char *)details->user;
iolog_info.runchroot = (char *)details->runchroot;
iolog_info.runcwd = (char *)details->runcwd;
iolog_info.runas_user = details->runas_pw->pw_name;
iolog_info.runas_group = details->runas_gr ? details->runas_gr->gr_name: NULL;
iolog_info.tty = (char *)details->tty;
iolog_info.cmd = (char *)details->command;
iolog_info.host = (char *)details->host;
sudo_gettime_real(&iolog_info.tstamp);
iolog_info.lines = details->lines;
iolog_info.cols = details->cols;
iolog_info.runas_uid = details->runas_pw->pw_uid;
iolog_info.runas_gid = details->runas_gr ? details->runas_gr->gr_gid: (gid_t)-1;
iolog_info.argv = (char **)details->argv;
iolog_info.envp = (char **)details->user_env;
/* XXX - just use eventlog in the first place? */
memset(&evlog, 0, sizeof(evlog));
evlog.cwd = (char *)details->cwd;
evlog.iolog_path = iolog_path;
evlog.submituser = (char *)details->user;
evlog.runchroot = (char *)details->runchroot;
evlog.runcwd = (char *)details->runcwd;
evlog.runuser = details->runas_pw->pw_name;
evlog.rungroup = details->runas_gr ? details->runas_gr->gr_name: NULL;
evlog.ttyname = (char *)details->tty;
evlog.command = (char *)details->command;
evlog.submithost = (char *)details->host;
sudo_gettime_real(&evlog.submit_time);
evlog.lines = details->lines;
evlog.columns = details->cols;
evlog.runuid = details->runas_pw->pw_uid;
evlog.rungid = details->runas_gr ? details->runas_gr->gr_gid: (gid_t)-1;
evlog.argv = (char **)details->argv;
evlog.envp = (char **)details->user_env;
if (!iolog_write_info_file(dfd, iolog_dir, &iolog_info)) {
if (!iolog_write_info_file(dfd, &evlog)) {
log_warningx(SLOG_SEND_MAIL,
N_("unable to write to I/O log file: %s"), strerror(errno));
warned = true;

53
plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
View File

@@ -28,8 +28,9 @@
#define SUDO_ERROR_WRAP 0
#include "sudoers.h"
#include "sudo_plugin.h"
#include "sudo_eventlog.h"
#include "sudo_iolog.h"
#include "sudo_plugin.h"
#include <def_data.c> /* for iolog_path.c */
@@ -78,77 +79,77 @@ sudo_printf_int(int msg_type, const char *fmt, ...)
static bool
validate_iolog_info(const char *log_dir, bool legacy)
{
struct iolog_info *info;
struct eventlog *evlog;
time_t now;
time(&now);
/* Parse log file. */
if ((info = iolog_parse_loginfo(-1, log_dir)) == NULL)
if ((evlog = iolog_parse_loginfo(-1, log_dir)) == NULL)
return false;
if (info->cwd == NULL || strcmp(info->cwd, "/") != 0) {
if (evlog->cwd == NULL || strcmp(evlog->cwd, "/") != 0) {
sudo_warnx("bad cwd: want \"/\", got \"%s\"",
info->cwd ? info->cwd : "NULL");
evlog->cwd ? evlog->cwd : "NULL");
return false;
}
/* No host in the legacy log file. */
if (!legacy) {
if (info->host == NULL || strcmp(info->host, "localhost") != 0) {
if (evlog->submithost == NULL || strcmp(evlog->submithost, "localhost") != 0) {
sudo_warnx("bad host: want \"localhost\", got \"%s\"",
info->host ? info->host : "NULL");
evlog->submithost ? evlog->submithost : "NULL");
return false;
}
}
if (info->user == NULL || strcmp(info->user, "nobody") != 0) {
if (evlog->submituser == NULL || strcmp(evlog->submituser, "nobody") != 0) {
sudo_warnx("bad user: want \"nobody\" got \"%s\"",
info->user ? info->user : "NULL");
evlog->submituser ? evlog->submituser : "NULL");
return false;
}
if (info->runas_user == NULL || strcmp(info->runas_user, "root") != 0) {
sudo_warnx("bad runas_user: want \"root\" got \"%s\"",
info->runas_user ? info->runas_user : "NULL");
if (evlog->runuser == NULL || strcmp(evlog->runuser, "root") != 0) {
sudo_warnx("bad runuser: want \"root\" got \"%s\"",
evlog->runuser ? evlog->runuser : "NULL");
return false;
}
/* No runas group specified, should be NULL. */
if (info->runas_group != NULL) {
sudo_warnx("bad runas_group: want \"\" got \"%s\"", info->runas_group);
if (evlog->rungroup != NULL) {
sudo_warnx("bad rungroup: want \"\" got \"%s\"", evlog->rungroup);
return false;
}
if (info->tty == NULL || strcmp(info->tty, "/dev/console") != 0) {
if (evlog->ttyname == NULL || strcmp(evlog->ttyname, "/dev/console") != 0) {
sudo_warnx("bad tty: want \"/dev/console\" got \"%s\"",
info->tty ? info->tty : "NULL");
evlog->ttyname ? evlog->ttyname : "NULL");
return false;
}
if (info->cmd == NULL || strcmp(info->cmd, "/usr/bin/id") != 0) {
if (evlog->command == NULL || strcmp(evlog->command, "/usr/bin/id") != 0) {
sudo_warnx("bad command: want \"/usr/bin/id\" got \"%s\"",
info->cmd ? info->cmd : "NULL");
evlog->command ? evlog->command : "NULL");
return false;
}
if (info->lines != 24) {
sudo_warnx("bad lines: want 24 got %d", info->lines);
if (evlog->lines != 24) {
sudo_warnx("bad lines: want 24 got %d", evlog->lines);
return false;
}
if (info->cols != 80) {
sudo_warnx("bad cols: want 80 got %d", info->cols);
if (evlog->columns != 80) {
sudo_warnx("bad columns: want 80 got %d", evlog->columns);
return false;
}
if (info->tstamp.tv_sec < now - 10 || info->tstamp.tv_sec > now + 10) {
sudo_warnx("bad tstamp: want %lld got %lld", (long long)now,
(long long)info->tstamp.tv_sec);
if (evlog->submit_time.tv_sec < now - 10 || evlog->submit_time.tv_sec > now + 10) {
sudo_warnx("bad submit_time: want %lld got %lld", (long long)now,
(long long)evlog->submit_time.tv_sec);
return false;
}
iolog_free_loginfo(info);
eventlog_free(evlog);
return true;
}

85
plugins/sudoers/sudoreplay.c
View File

@@ -61,6 +61,7 @@
#include "sudo_conf.h"
#include "sudo_debug.h"
#include "sudo_event.h"
#include "sudo_eventlog.h"
#include "sudo_fatal.h"
#include "sudo_gettext.h"
#include "sudo_iolog.h"
@@ -181,7 +182,7 @@ static void sudoreplay_cleanup(void);
static void usage(int);
static void write_output(int fd, int what, void *v);
static void restore_terminal_size(void);
static void setup_terminal(struct iolog_info *li, bool interactive, bool resize);
static void setup_terminal(struct eventlog *evlog, bool interactive, bool resize);
#define VALID_ID(s) (isalnum((unsigned char)(s)[0]) && \
isalnum((unsigned char)(s)[1]) && isalnum((unsigned char)(s)[2]) && \
@@ -206,7 +207,7 @@ main(int argc, char *argv[])
bool interactive = true, suspend_wait = false, resize = true;
const char *decimal, *id, *user = NULL, *pattern = NULL, *tty = NULL;
char *cp, *ep, iolog_dir[PATH_MAX];
struct iolog_info *li;
struct eventlog *evlog;
struct timespec max_delay_storage, *max_delay = NULL;
double dval;
debug_decl(main, SUDO_DEBUG_MAIN);
@@ -359,20 +360,20 @@ main(int argc, char *argv[])
}
/* Parse log file. */
if ((li = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL)
if ((evlog = iolog_parse_loginfo(iolog_dir_fd, iolog_dir)) == NULL)
goto done;
printf(_("Replaying sudo session: %s"), li->cmd);
printf(_("Replaying sudo session: %s"), evlog->command);
/* Setup terminal if appropriate. */
if (!isatty(STDIN_FILENO) || !isatty(STDOUT_FILENO))
interactive = false;
setup_terminal(li, interactive, resize);
setup_terminal(evlog, interactive, resize);
putchar('\r');
putchar('\n');
/* Done with parsed log file. */
iolog_free_loginfo(li);
li = NULL;
eventlog_free(evlog);
evlog = NULL;
/* Replay session corresponding to iolog_files[]. */
exitcode = replay_session(iolog_dir_fd, iolog_dir, max_delay, decimal,
@@ -611,7 +612,7 @@ done:
}
static void
setup_terminal(struct iolog_info *li, bool interactive, bool resize)
setup_terminal(struct eventlog *evlog, bool interactive, bool resize)
{
const char *term;
debug_decl(check_terminal, SUDO_DEBUG_UTIL);
@@ -629,7 +630,7 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize)
}
/* Find terminal size if the session has size info. */
if (li->lines == 0 && li->cols == 0) {
if (evlog->lines == 0 && evlog->columns == 0) {
/* no tty size info, hope for the best... */
debug_return;
}
@@ -655,17 +656,17 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize)
sudo_get_ttysize(&terminal_lines, &terminal_cols);
}
if (li->lines == terminal_lines && li->cols == terminal_cols) {
if (evlog->lines == terminal_lines && evlog->columns == terminal_cols) {
/* nothing to change */
debug_return;
}
if (terminal_can_resize) {
/* session terminal size is different, try to resize ours */
if (xterm_set_size(li->lines, li->cols)) {
if (xterm_set_size(evlog->lines, evlog->columns)) {
/* success */
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"resized terminal to %d x %x", li->lines, li->cols);
"resized terminal to %d x %x", evlog->lines, evlog->columns);
terminal_was_resized = true;
debug_return;
}
@@ -673,9 +674,9 @@ setup_terminal(struct iolog_info *li, bool interactive, bool resize)
terminal_can_resize = false;
}
if (li->lines > terminal_lines || li->cols > terminal_cols) {
if (evlog->lines > terminal_lines || evlog->columns > terminal_cols) {
fputs(_("Warning: your terminal is too small to properly replay the log.\n"), stdout);
printf(_("Log geometry is %d x %d, your terminal's geometry is %d x %d."), li->lines, li->cols, terminal_lines, terminal_cols);
printf(_("Log geometry is %d x %d, your terminal's geometry is %d x %d."), evlog->lines, evlog->columns, terminal_lines, terminal_cols);
}
debug_return;
}
@@ -1291,7 +1292,7 @@ parse_expr(struct search_node_list *head, char *argv[], bool sub_expr)
}
static bool
match_expr(struct search_node_list *head, struct iolog_info *log, bool last_match)
match_expr(struct search_node_list *head, struct eventlog *evlog, bool last_match)
{
struct search_node *sn;
bool res = false, matched = last_match;
@@ -1301,34 +1302,34 @@ match_expr(struct search_node_list *head, struct iolog_info *log, bool last_matc
STAILQ_FOREACH(sn, head, entries) {
switch (sn->type) {
case ST_EXPR:
res = match_expr(&sn->u.expr, log, matched);
res = match_expr(&sn->u.expr, evlog, matched);
break;
case ST_CWD:
if (log->cwd != NULL)
res = strcmp(sn->u.cwd, log->cwd) == 0;
if (evlog->cwd != NULL)
res = strcmp(sn->u.cwd, evlog->cwd) == 0;
break;
case ST_HOST:
if (log->host != NULL)
res = strcmp(sn->u.host, log->host) == 0;
if (evlog->submithost != NULL)
res = strcmp(sn->u.host, evlog->submithost) == 0;
break;
case ST_TTY:
if (log->tty != NULL)
res = strcmp(sn->u.tty, log->tty) == 0;
if (evlog->ttyname != NULL)
res = strcmp(sn->u.tty, evlog->ttyname) == 0;
break;
case ST_RUNASGROUP:
if (log->runas_group != NULL)
res = strcmp(sn->u.runas_group, log->runas_group) == 0;
if (evlog->rungroup != NULL)
res = strcmp(sn->u.runas_group, evlog->rungroup) == 0;
break;
case ST_RUNASUSER:
if (log->runas_user != NULL)
res = strcmp(sn->u.runas_user, log->runas_user) == 0;
if (evlog->runuser != NULL)
res = strcmp(sn->u.runas_user, evlog->runuser) == 0;
break;
case ST_USER:
if (log->user != NULL)
res = strcmp(sn->u.user, log->user) == 0;
if (evlog->submituser != NULL)
res = strcmp(sn->u.user, evlog->submituser) == 0;
break;
case ST_PATTERN:
rc = regexec(&sn->u.cmdre, log->cmd, 0, NULL, 0);
rc = regexec(&sn->u.cmdre, evlog->command, 0, NULL, 0);
if (rc && rc != REG_NOMATCH) {
char buf[BUFSIZ];
regerror(rc, &sn->u.cmdre, buf, sizeof(buf));
@@ -1337,10 +1338,10 @@ match_expr(struct search_node_list *head, struct iolog_info *log, bool last_matc
res = rc == REG_NOMATCH ? 0 : 1;
break;
case ST_FROMDATE:
res = sudo_timespeccmp(&log->tstamp, &sn->u.tstamp, >=);
res = sudo_timespeccmp(&evlog->submit_time, &sn->u.tstamp, >=);
break;
case ST_TODATE:
res = sudo_timespeccmp(&log->tstamp, &sn->u.tstamp, <=);
res = sudo_timespeccmp(&evlog->submit_time, &sn->u.tstamp, <=);
break;
default:
sudo_fatalx(U_("unknown search type %d"), sn->type);
@@ -1358,16 +1359,16 @@ static int
list_session(char *log_dir, regex_t *re, const char *user, const char *tty)
{
char idbuf[7], *idstr, *cp;
struct iolog_info *li = NULL;
struct eventlog *evlog = NULL;
const char *timestr;
int ret = -1;
debug_decl(list_session, SUDO_DEBUG_UTIL);
if ((li = iolog_parse_loginfo(-1, log_dir)) == NULL)
if ((evlog = iolog_parse_loginfo(-1, log_dir)) == NULL)
goto done;
/* Match on search expression if there is one. */
if (!STAILQ_EMPTY(&search_expr) && !match_expr(&search_expr, li, true))
if (!STAILQ_EMPTY(&search_expr) && !match_expr(&search_expr, evlog, true))
goto done;
/* Convert from /var/log/sudo-sessions/00/00/01 to 000001 */
@@ -1386,20 +1387,20 @@ list_session(char *log_dir, regex_t *re, const char *user, const char *tty)
idstr = cp;
}
/* XXX - print lines + cols? */
timestr = get_timestr(li->tstamp.tv_sec, 1);
timestr = get_timestr(evlog->submit_time.tv_sec, 1);
printf("%s : %s : TTY=%s ; CWD=%s ; USER=%s ; ",
timestr ? timestr : "invalid date",
li->user, li->tty, li->cwd, li->runas_user);
if (li->runas_group)
printf("GROUP=%s ; ", li->runas_group);
if (li->host)
printf("HOST=%s ; ", li->host);
printf("TSID=%s ; COMMAND=%s\n", idstr, li->cmd);
evlog->submituser, evlog->ttyname, evlog->cwd, evlog->runuser);
if (evlog->rungroup)
printf("GROUP=%s ; ", evlog->rungroup);
if (evlog->submithost)
printf("HOST=%s ; ", evlog->submithost);
printf("TSID=%s ; COMMAND=%s\n", idstr, evlog->command);
ret = 0;
done:
iolog_free_loginfo(li);
eventlog_free(evlog);
debug_return_int(ret);
}