Tests did not catch the issue where errstr was not set correctly, but
its pointer contained the expected data, because the memory allocator
reused the same space for storing the string.
Now it is either verified to be NULL, or reset to NULL.
The error is always stored in plugin_ctx, but it is only set into errstr
if the API version is enough. (Previously it worked the opposite:
we only stored the error if API level was enough.)
We need a close function to be able to to free memory allocated for
errstr. Unlike the other plugins, the close function is called
immediately after the plugin's check or show_version function.
The plugin does not remain open until the command completes.
Plugins can raise a sudo.PluginError exception to add context message
for the failure.
The callback's errstr gets filled up with the specified message.
But, as sudo expects a string constant (will not free the string),
we store it in the plugin context at least until next callback
invocation.
Unfortunately the test did not catch this mistake, because it only
searches that "Python policy plugin API version" string is present
and does not check the version.
It is a bit more code, but it is more "pythonic" and easier to debug
as the enum values also know their names.
It is also an API break, eg. sudo.RC_OK becomes sudo.RC.OK as sudo.RC will
be the "type" of the enum, but I guess that is acceptable before the
initial release.
The main problem was that string array objects were constructed
differently:
- if constructed by the test, then the elements were constant
- if constructed by the plugin, then the elements were allocated
Modified it so that now each array contains allocated strings so
they can be handled similarly. For freeing, I have used the
str_array_free function from the plugin, so I have linked its object
into the test runner.
Happy path is now free of "definitely lost" memleaks, so the test
can be used for valgrind.
We should already have displayed a more useful error message.
Otherwise, we can get two "error in event loop" warnings if
the TLS handshake fails (in addition to other error messages).
PyArg_ParseTuple sets the py_config_tuple pointer, but it does not
increment the reference count, so by decrementing, we end up freeing
the argument passed in.
On each plugin initialization we create a separate python interpreter
which gets stored in the plugin_ctx. The main interpreter is
stored in py_ctx and is used for creating more interpreters (if more plugins
get loaded) and final python deinitialization.
The "traceback" module import and the ImportBlocker initialization was
moved, because it has to happen inside the plugin specific interpreters.
The closure pointer in sudo_conv_callback was being filled in with
a struct getpass_closure ** instead of a struct getpass_closure *.
The bug was introduced in the fix for Bug #910; previously the
closure variable was a struct getpass_closure, not a pointer.
Fix from Michael Norton; Bug #914.
