From ec751c63eb3f0a91e8d2e748a1b84ee2ee12641f Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 25 Aug 2021 17:29:15 -0600 Subject: [PATCH] log_allowed: pass struct eventlog * instead of argv[] and envp[]. This lets us log based on the command_info[] list passed in from the front-end. Previously, much of the struct eventlog was constructed from internal sudoers state instead. --- plugins/sudoers/audit.c | 33 ++++++++++++++------------------- plugins/sudoers/logging.c | 10 ++-------- plugins/sudoers/logging.h | 2 +- 3 files changed, 17 insertions(+), 28 deletions(-) diff --git a/plugins/sudoers/audit.c b/plugins/sudoers/audit.c index cd8b27e48..5f07cd140 100644 --- a/plugins/sudoers/audit.c +++ b/plugins/sudoers/audit.c @@ -198,13 +198,13 @@ sudoers_audit_open(unsigned int version, sudo_conv_t conversation, static void audit_to_eventlog(struct eventlog *evlog, char * const command_info[], - char * const run_argv[], char * const run_envp[]) + char * const run_argv[], char * const run_envp[], const char *uuid_str) { char * const *cur; debug_decl(audit_to_eventlog, SUDOERS_DEBUG_PLUGIN); /* Fill in evlog from sudoers Defaults, run_argv and run_envp. */ - sudoers_to_eventlog(evlog, run_argv, run_envp, NULL); + sudoers_to_eventlog(evlog, run_argv, run_envp, uuid_str); /* Update iolog and execution environment from command_info[]. */ if (command_info != NULL) { @@ -242,10 +242,8 @@ audit_to_eventlog(struct eventlog *evlog, char * const command_info[], #ifdef SUDOERS_LOG_CLIENT static bool -log_server_accept(char * const command_info[], char * const run_argv[], - char * const run_envp[]) +log_server_accept(struct eventlog *evlog) { - struct eventlog *evlog = NULL; struct timespec now; bool ret = false; debug_decl(log_server_accept, SUDOERS_DEBUG_PLUGIN); @@ -267,11 +265,6 @@ log_server_accept(char * const command_info[], char * const run_argv[], sudo_warn("%s", U_("unable to get time of day")); goto done; } - if ((evlog = malloc(sizeof(*evlog))) == NULL) { - sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - goto done; - } - audit_to_eventlog(evlog, command_info, run_argv, run_envp); if (client_closure != NULL) { /* Use existing client closure. */ @@ -286,7 +279,6 @@ log_server_accept(char * const command_info[], char * const run_argv[], } else { if (!init_log_details(&audit_details, evlog)) goto done; - evlog = NULL; /* Open connection to log server, send hello and accept messages. */ client_closure = log_server_open(&audit_details, &now, false, @@ -296,8 +288,6 @@ log_server_accept(char * const command_info[], char * const run_argv[], } done: - /* Contents of evlog are not dynamically allocated so no eventlog_free(). */ - free(evlog); debug_return_bool(ret); } @@ -328,8 +318,7 @@ log_server_exit(int status_type, int status) } #else static bool -log_server_accept(char * const command_info[], char * const run_argv[], - char * const run_envp[]) +log_server_accept(struct eventlog *evlog) { return true; } @@ -346,6 +335,8 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type, char * const command_info[], char * const run_argv[], char * const run_envp[], const char **errstr) { + const char *uuid_str = NULL; + struct eventlog evlog; int ret = true; debug_decl(sudoers_audit_accept, SUDOERS_DEBUG_PLUGIN); @@ -359,10 +350,14 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type, if (audit_success(run_argv) != 0 && !def_ignore_audit_errors) ret = false; - if (!log_allowed(run_argv, run_envp) && !def_ignore_logfile_errors) + if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED)) + uuid_str = sudo_user.uuid_str; + + audit_to_eventlog(&evlog, command_info, run_argv, run_envp, uuid_str); + if (!log_allowed(&evlog) && !def_ignore_logfile_errors) ret = false; - if (!log_server_accept(command_info, run_argv, run_envp)) { + if (!log_server_accept(&evlog)) { if (!def_ignore_logfile_errors) ret = false; } @@ -390,7 +385,7 @@ sudoers_audit_reject(const char *plugin_name, unsigned int plugin_type, ret = false; } - audit_to_eventlog(&evlog, command_info, NewArgv, env_get()); + audit_to_eventlog(&evlog, command_info, NewArgv, env_get(), NULL); if (!eventlog_reject(&evlog, 0, message, NULL, NULL)) ret = false; @@ -423,7 +418,7 @@ sudoers_audit_error(const char *plugin_name, unsigned int plugin_type, debug_return_bool(false); } - audit_to_eventlog(&evlog, command_info, NewArgv, env_get()); + audit_to_eventlog(&evlog, command_info, NewArgv, env_get(), NULL); if (!eventlog_alert(&evlog, 0, &now, message, NULL)) ret = false; diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 102c175e4..b410113ff 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -501,10 +501,8 @@ log_auth_failure(int status, unsigned int tries) * Log and potentially mail the allowed command. */ bool -log_allowed(char *const argv[], char *const envp[]) +log_allowed(struct eventlog *evlog) { - const char *uuid_str = NULL; - struct eventlog evlog; int oldlocale; int evl_flags = 0; bool mailit, ret = true; @@ -513,20 +511,16 @@ log_allowed(char *const argv[], char *const envp[]) /* Send mail based on status. */ mailit = should_mail(VALIDATE_SUCCESS); - if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED)) - uuid_str = sudo_user.uuid_str; - if (def_log_allowed || mailit) { /* Log and mail messages should be in the sudoers locale. */ sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); - sudoers_to_eventlog(&evlog, argv, envp, uuid_str); if (mailit) { SET(evl_flags, EVLOG_MAIL); if (!def_log_allowed) SET(evl_flags, EVLOG_MAIL_ONLY); } - if (!eventlog_accept(&evlog, evl_flags, NULL, NULL)) + if (!eventlog_accept(evlog, evl_flags, NULL, NULL)) ret = false; sudoers_setlocale(oldlocale, NULL); diff --git a/plugins/sudoers/logging.h b/plugins/sudoers/logging.h index 17dbcab6a..7c6fa8731 100644 --- a/plugins/sudoers/logging.h +++ b/plugins/sudoers/logging.h @@ -56,7 +56,7 @@ bool sudoers_setlocale(int locale_type, int *prev_locale); int sudoers_getlocale(void); int audit_failure(char *const argv[], char const *const fmt, ...) __printflike(2, 3); int vaudit_failure(char *const argv[], char const *const fmt, va_list ap) __printflike(2, 0); -bool log_allowed(char *const argv[], char *const envp[]); +bool log_allowed(struct eventlog *evlog); bool log_exit_status(int exit_status); bool log_auth_failure(int status, unsigned int tries); bool log_denial(int status, bool inform_user);