Add event_alloc to the audit plugin API.

The sudoers audit plugin will use this to communicate with sudo_logsrvd.

doc/sudo_plugin.man.in

@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.TH "SUDO_PLUGIN" "5" "August 31, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDO_PLUGIN" "5" "November 2, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -2746,6 +2746,7 @@ struct audit_plugin {
         int (*register_hook)(struct sudo_hook *hook));
     void (*deregister_hooks)(int version,
         int (*deregister_hook)(struct sudo_hook *hook));
+    struct sudo_plugin_event * (*event_alloc)(void);
 }
 .RE
 .fi
@@ -3354,6 +3355,44 @@ See the
 \fIPolicy plugin API\fR
 section for a description of
 \fRderegister_hooks\fR.
+.TP 6n
+event_alloc
+.nf
+.RS 6n
+struct sudo_plugin_event * (*event_alloc)(void);
+.RE
+.fi
+.RS 6n
+.sp
+The
+\fBevent_alloc\fR()
+function is used to allocate a
+\fRstruct sudo_plugin_event\fR
+which provides access to the main
+\fBsudo\fR
+event loop.
+Unlike the other fields, the
+\fBevent_alloc\fR()
+pointer is filled in by the
+\fBsudo\fR
+front end, not by the plugin.
+.sp
+See the
+\fIEvent API\fR
+section below for more information
+about events.
+.sp
+NOTE: the
+\fBevent_alloc\fR()
+function is only available starting
+with API version 1.17.
+If the
+\fBsudo\fR
+front end doesn't support API
+version 1.17 or higher,
+\fBevent_alloc\fR()
+will not be set.
+.RE
 .SS "Approval plugin API"
 .nf
 .RS 0n
@@ -5062,6 +5101,11 @@ and
 enties were added to the
 \fRsettings\fR
 list.
+.TP 6n
+Version 1.17 (sudo 1.9.4)
+The
+\fIevent_alloc\fR
+field was added to the audit_plugin and approval_plugin structs.
 .SH "SEE ALSO"
 sudo.conf(@mansectform@),
 sudoers(@mansectform@),

doc/sudo_plugin.mdoc.in

@@ -15,7 +15,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd August 31, 2020
+.Dd November 2, 2020
 .Dt SUDO_PLUGIN @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -2446,6 +2446,7 @@ struct audit_plugin {
         int (*register_hook)(struct sudo_hook *hook));
     void (*deregister_hooks)(int version,
         int (*deregister_hook)(struct sudo_hook *hook));
+    struct sudo_plugin_event * (*event_alloc)(void);
 }
 .Ed
 .Pp
@@ -2985,6 +2986,39 @@ See the
 .Sx Policy plugin API
 section for a description of
 .Li deregister_hooks .
+.It event_alloc
+.Bd -literal -compact
+struct sudo_plugin_event * (*event_alloc)(void);
+.Ed
+.Pp
+The
+.Fn event_alloc
+function is used to allocate a
+.Li struct sudo_plugin_event
+which provides access to the main
+.Nm sudo
+event loop.
+Unlike the other fields, the
+.Fn event_alloc
+pointer is filled in by the
+.Nm sudo
+front end, not by the plugin.
+.Pp
+See the
+.Sx Event API
+section below for more information
+about events.
+.Pp
+NOTE: the
+.Fn event_alloc
+function is only available starting
+with API version 1.17.
+If the
+.Nm sudo
+front end doesn't support API
+version 1.17 or higher,
+.Fn event_alloc
+will not be set.
 .El
 .Ss Approval plugin API
 .Bd -literal
@@ -4474,6 +4508,10 @@ and
 enties were added to the
 .Li settings
 list.
+.It Version 1.17 (sudo 1.9.4)
+The
+.Em event_alloc
+field was added to the audit_plugin and approval_plugin structs.
 .El
 .Sh SEE ALSO
 .Xr sudo.conf @mansectform@ ,

include/sudo_plugin.h

@@ -21,7 +21,7 @@
 
 /* API version major/minor */
 #define SUDO_API_VERSION_MAJOR 1
-#define SUDO_API_VERSION_MINOR 16
+#define SUDO_API_VERSION_MINOR 17
 #define SUDO_API_MKVERSION(x, y) (((x) << 16) | (y))
 #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR, SUDO_API_VERSION_MINOR)
 
@@ -240,6 +240,7 @@ struct audit_plugin {
     int (*show_version)(int verbose);
     void (*register_hooks)(int version, int (*register_hook)(struct sudo_hook *hook));
     void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook));
+    struct sudo_plugin_event * (*event_alloc)(void);
 };
 
 /* Approval plugin type and defines */

plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout

@@ -26,7 +26,7 @@
         "INFO1=VALUE1",
         "info2=value2"
     \],
-    "version": "1.16"
+    "version": "1.17"
 }
 (APPROVAL 2) Constructed:
 {
@@ -56,7 +56,7 @@
         "INFO1=VALUE1",
         "info2=value2"
     \],
-    "version": "1.16"
+    "version": "1.17"
 }
 (APPROVAL 1) Show version was called with arguments: (0,)
 Python approval plugin (API 1.0): ApprovalTestPlugin (loaded from 'SRC_DIR/regress/plugin_approval_test.py')

src/exec.c

@@ -309,7 +309,7 @@ sudo_terminated(struct command_status *cstat)
     debug_return_bool(false);
 }
 
-#if SUDO_API_VERSION != SUDO_API_MKVERSION(1, 16)
+#if SUDO_API_VERSION != SUDO_API_MKVERSION(1, 17)
 # error "Update sudo_needs_pty() after changing the plugin API"
 #endif
 static bool

src/load_plugins.c

@@ -430,6 +430,10 @@ sudo_init_event_alloc(void)
 	if (container->u.io->version >= SUDO_API_MKVERSION(1, 15))
 	    container->u.io->event_alloc = sudo_plugin_event_alloc;
     }
+    TAILQ_FOREACH(container, &audit_plugins, entries) {
+	if (container->u.audit->version >= SUDO_API_MKVERSION(1, 17))
+	    container->u.audit->event_alloc = sudo_plugin_event_alloc;
+    }
 
     debug_return;
 }