save a pointer to the currently connected audit server in the closure object

plugins/sudoers/iolog.c

@@ -40,6 +40,8 @@
 #include <signal.h>
 #include <pwd.h>
 #include <grp.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
 
 #include "sudoers.h"
 #include "sudo_iolog.h"
@@ -586,17 +588,28 @@ static int
 sudoers_io_open_remote(void)
 {
     int sock, ret = -1;
+    struct sudoers_string *connected_server = NULL;
+
     debug_decl(sudoers_io_open_remote, SUDOERS_DEBUG_PLUGIN);
 
     /* Connect to log server. */
     sock = log_server_connect(iolog_details.log_servers,
-	&iolog_details.server_timeout);
+	&iolog_details.server_timeout, &connected_server);
     if (sock == -1) {
 	/* TODO: support offline logs if server unreachable */
 	sudo_warnx(U_("unable to connect to log server"));
 	ret = -1;
 	goto done;
     }
+
+    /* save the name of the server we are successfully connected to */
+    client_closure.host = connected_server;
+
+    struct sockaddr_in addr;
+    socklen_t addr_len = sizeof(addr);
+    getpeername(sock, (struct sockaddr *) &addr, &addr_len);
+    inet_ntop(addr.sin_family, &(addr.sin_addr), client_closure.ipaddr, INET6_ADDRSTRLEN);
+
     if (!client_closure_fill(&client_closure, sock, &iolog_details, &sudoers_io)) {
 	close(sock);
 	ret = -1;

plugins/sudoers/iolog_client.c

@@ -181,7 +181,8 @@ connect_server(const char *host, const char *port, struct timespec *timo,
  * Returns a socket with O_NONBLOCK and close-on-exec flags set.
  */
 int
-log_server_connect(struct sudoers_str_list *servers, struct timespec *timo)
+log_server_connect(struct sudoers_str_list *servers, struct timespec *timo,
+    struct sudoers_string **connected_server)
 {
     struct sudoers_string *server;
     char *copy, *host, *port;
@@ -204,6 +205,8 @@ log_server_connect(struct sudoers_str_list *servers, struct timespec *timo)
 		close(sock);
 		sock = -1;
 	    }
+        /* this is the server we successfully connected to */
+        *connected_server = server;
 	    break;
 	}
     }

plugins/sudoers/iolog_plugin.h

@@ -86,6 +86,12 @@ enum client_state {
 /* Remote connection closure, non-zero fields must come first. */
 struct client_closure {
     int sock;
+    struct sudoers_string *host;
+#if defined(HAVE_STRUCT_IN6_ADDR)
+    char ipaddr[INET6_ADDRSTRLEN];
+#else
+    char ipaddr[INET_ADDRSTRLEN];
+#endif
 #if defined(HAVE_OPENSSL)
     bool tls;
     SSL_CTX *ssl_ctx;
@@ -109,6 +115,8 @@ struct client_closure {
 # define CLIENT_CLOSURE_INITIALIZER(_c)			\
     {							\
 	-1,						    \
+	NULL,					    \
+	"", 					    \
     false,                      \
     NULL,						\
     NULL,						\
@@ -121,6 +129,8 @@ struct client_closure {
 # define CLIENT_CLOSURE_INITIALIZER(_c)			\
     {							\
 	-1,						\
+	NULL,					    \
+	"", 					    \
 	ERROR,						\
 	false,						\
 	TAILQ_HEAD_INITIALIZER((_c).write_bufs),	\
@@ -137,7 +147,7 @@ bool fmt_exit_message(struct client_closure *closure, int exit_status, int error
 bool fmt_io_buf(struct client_closure *closure, int type, const char *buf, unsigned int len, struct timespec *delay);
 bool fmt_suspend(struct client_closure *closure, const char *signame, struct timespec *delay);
 bool fmt_winsize(struct client_closure *closure, unsigned int lines, unsigned int cols, struct timespec *delay);
-int log_server_connect(struct sudoers_str_list *servers, struct timespec *timo);
+int log_server_connect(struct sudoers_str_list *servers, struct timespec *timo, struct sudoers_string **connected_server);
 void client_closure_free(struct client_closure *closure);
 
 #endif /* SUDOERS_IOLOG_CLIENT_H */