From d452678787683da6498668cd1f1cbb8000d63178 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 2 Mar 2021 18:37:35 -0700 Subject: [PATCH] Log peer address in sudo_logsrvd JSON-format logs. The peer that connected to us might not be the same host where the log entry originated. --- include/sudo_eventlog.h | 3 ++- lib/eventlog/eventlog.c | 9 ++++++++- logsrvd/iolog_writer.c | 8 ++++++-- logsrvd/logsrvd.c | 9 +++++---- logsrvd/logsrvd.h | 4 ++-- 5 files changed, 23 insertions(+), 10 deletions(-) diff --git a/include/sudo_eventlog.h b/include/sudo_eventlog.h index e40622a51..49153e173 100644 --- a/include/sudo_eventlog.h +++ b/include/sudo_eventlog.h @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 2020 Todd C. Miller + * Copyright (c) 2020-2021 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -101,6 +101,7 @@ struct eventlog { char *runcwd; char *rungroup; char *runuser; + char *peeraddr; char *submithost; char *submituser; char *submitgroup; diff --git a/lib/eventlog/eventlog.c b/lib/eventlog/eventlog.c index e7505d9d9..0c1e74e38 100644 --- a/lib/eventlog/eventlog.c +++ b/lib/eventlog/eventlog.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1994-1996, 1998-2020 Todd C. Miller + * Copyright (c) 1994-1996, 1998-2021 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -825,6 +825,13 @@ format_json(int event_type, const char *reason, const char *errstr, /* Event log info may be missing for alert messages. */ if (evlog != NULL) { + if (evlog->peeraddr != NULL) { + json_value.type = JSON_STRING; + json_value.u.string = evlog->peeraddr; + if (!sudo_json_add_value(&json, "peeraddr", &json_value)) + goto bad; + } + if (evlog->iolog_path != NULL) { json_value.type = JSON_STRING; json_value.u.string = evlog->iolog_path; -- 2.43.0