log_allowed: pass struct eventlog * instead of argv[] and envp[].

This lets us log based on the command_info[] list passed in from
the front-end.  Previously, much of the struct eventlog was constructed
from internal sudoers state instead.

plugins/sudoers/audit.c

@@ -198,13 +198,13 @@ sudoers_audit_open(unsigned int version, sudo_conv_t conversation,
 
 static void
 audit_to_eventlog(struct eventlog *evlog, char * const command_info[],
-    char * const run_argv[], char * const run_envp[])
+    char * const run_argv[], char * const run_envp[], const char *uuid_str)
 {
     char * const *cur;
     debug_decl(audit_to_eventlog, SUDOERS_DEBUG_PLUGIN);
 
     /* Fill in evlog from sudoers Defaults, run_argv and run_envp. */
-    sudoers_to_eventlog(evlog, run_argv, run_envp, NULL);
+    sudoers_to_eventlog(evlog, run_argv, run_envp, uuid_str);
 
     /* Update iolog and execution environment from command_info[]. */
     if (command_info != NULL) {
@@ -242,10 +242,8 @@ audit_to_eventlog(struct eventlog *evlog, char * const command_info[],
 
 #ifdef SUDOERS_LOG_CLIENT
 static bool
-log_server_accept(char * const command_info[], char * const run_argv[],
-    char * const run_envp[])
+log_server_accept(struct eventlog *evlog)
 {
-    struct eventlog *evlog = NULL;
     struct timespec now;
     bool ret = false;
     debug_decl(log_server_accept, SUDOERS_DEBUG_PLUGIN);
@@ -267,11 +265,6 @@ log_server_accept(char * const command_info[], char * const run_argv[],
 	sudo_warn("%s", U_("unable to get time of day"));
 	goto done;
     }
-    if ((evlog = malloc(sizeof(*evlog))) == NULL) {
-	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
-	goto done;
-    }
-    audit_to_eventlog(evlog, command_info, run_argv, run_envp);
 
     if (client_closure != NULL) {
 	/* Use existing client closure. */
@@ -286,7 +279,6 @@ log_server_accept(char * const command_info[], char * const run_argv[],
     } else {
 	if (!init_log_details(&audit_details, evlog))
 	    goto done;
-	evlog = NULL;
 
 	/* Open connection to log server, send hello and accept messages. */
 	client_closure = log_server_open(&audit_details, &now, false,
@@ -296,8 +288,6 @@ log_server_accept(char * const command_info[], char * const run_argv[],
     }
 
 done:
-    /* Contents of evlog are not dynamically allocated so no eventlog_free(). */
-    free(evlog);
     debug_return_bool(ret);
 }
 
@@ -328,8 +318,7 @@ log_server_exit(int status_type, int status)
 }
 #else
 static bool
-log_server_accept(char * const command_info[], char * const run_argv[],
-    char * const run_envp[])
+log_server_accept(struct eventlog *evlog)
 {
     return true;
 }
@@ -346,6 +335,8 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type,
     char * const command_info[], char * const run_argv[],
     char * const run_envp[], const char **errstr)
 {
+    const char *uuid_str = NULL;
+    struct eventlog evlog;
     int ret = true;
     debug_decl(sudoers_audit_accept, SUDOERS_DEBUG_PLUGIN);
 
@@ -359,10 +350,14 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type,
     if (audit_success(run_argv) != 0 && !def_ignore_audit_errors)
 	ret = false;
 
-    if (!log_allowed(run_argv, run_envp) && !def_ignore_logfile_errors)
+    if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
+	uuid_str = sudo_user.uuid_str;
+
+    audit_to_eventlog(&evlog, command_info, run_argv, run_envp, uuid_str);
+    if (!log_allowed(&evlog) && !def_ignore_logfile_errors)
 	ret = false;
 
-    if (!log_server_accept(command_info, run_argv, run_envp)) {
+    if (!log_server_accept(&evlog)) {
 	if (!def_ignore_logfile_errors)
 	    ret = false;
     }
@@ -390,7 +385,7 @@ sudoers_audit_reject(const char *plugin_name, unsigned int plugin_type,
 	    ret = false;
     }
 
-    audit_to_eventlog(&evlog, command_info, NewArgv, env_get());
+    audit_to_eventlog(&evlog, command_info, NewArgv, env_get(), NULL);
     if (!eventlog_reject(&evlog, 0, message, NULL, NULL))
 	ret = false;
 
@@ -423,7 +418,7 @@ sudoers_audit_error(const char *plugin_name, unsigned int plugin_type,
 	debug_return_bool(false);
     }
 
-    audit_to_eventlog(&evlog, command_info, NewArgv, env_get());
+    audit_to_eventlog(&evlog, command_info, NewArgv, env_get(), NULL);
     if (!eventlog_alert(&evlog, 0, &now, message, NULL))
 	ret = false;
 

plugins/sudoers/logging.c

@@ -501,10 +501,8 @@ log_auth_failure(int status, unsigned int tries)
  * Log and potentially mail the allowed command.
  */
 bool
-log_allowed(char *const argv[], char *const envp[])
+log_allowed(struct eventlog *evlog)
 {
-    const char *uuid_str = NULL;
-    struct eventlog evlog;
     int oldlocale;
     int evl_flags = 0;
     bool mailit, ret = true;
@@ -513,20 +511,16 @@ log_allowed(char *const argv[], char *const envp[])
     /* Send mail based on status. */
     mailit = should_mail(VALIDATE_SUCCESS);
 
-    if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
-	uuid_str = sudo_user.uuid_str;
-
     if (def_log_allowed || mailit) {
 	/* Log and mail messages should be in the sudoers locale. */
 	sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
 
-	sudoers_to_eventlog(&evlog, argv, envp, uuid_str);
 	if (mailit) {
 	    SET(evl_flags, EVLOG_MAIL);
 	    if (!def_log_allowed)
 		SET(evl_flags, EVLOG_MAIL_ONLY);
 	}
-	if (!eventlog_accept(&evlog, evl_flags, NULL, NULL))
+	if (!eventlog_accept(evlog, evl_flags, NULL, NULL))
 	    ret = false;
 
 	sudoers_setlocale(oldlocale, NULL);

plugins/sudoers/logging.h

@@ -56,7 +56,7 @@ bool sudoers_setlocale(int locale_type, int *prev_locale);
 int sudoers_getlocale(void);
 int audit_failure(char *const argv[], char const *const fmt, ...) __printflike(2, 3);
 int vaudit_failure(char *const argv[], char const *const fmt, va_list ap) __printflike(2, 0);
-bool log_allowed(char *const argv[], char *const envp[]);
+bool log_allowed(struct eventlog *evlog);
 bool log_exit_status(int exit_status);
 bool log_auth_failure(int status, unsigned int tries);
 bool log_denial(int status, bool inform_user);