f8883a97a0
- Rebase to 1.9.5p2 - CVE-2023-28486 sudo: Sudo does not escape control characters in log messages Resolves: RHEL-21825 - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output Resolves: RHEL-21831 - CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables Resolves: RHEL-21820 Signed-off-by: Radovan Sroka <rsroka@redhat.com>
885 lines
27 KiB
Diff
885 lines
27 KiB
Diff
From 412858272365f0e6d6f8873e794f64374da8fa06 Mon Sep 17 00:00:00 2001
|
|
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
|
|
Date: Wed, 24 Feb 2021 14:25:39 -0700
|
|
Subject: [PATCH] Move eventlog config code into eventlog_conf.c
|
|
|
|
---
|
|
MANIFEST | 1 +
|
|
include/sudo_eventlog.h | 3 +-
|
|
lib/eventlog/Makefile.in | 20 ++-
|
|
lib/eventlog/eventlog.c | 292 +++++++----------------------------
|
|
lib/eventlog/eventlog_conf.c | 226 +++++++++++++++++++++++++++
|
|
5 files changed, 303 insertions(+), 239 deletions(-)
|
|
create mode 100644 lib/eventlog/eventlog_conf.c
|
|
|
|
diff --git a/MANIFEST b/MANIFEST
|
|
index a2bed131d..c960e3e8b 100644
|
|
--- a/MANIFEST
|
|
+++ b/MANIFEST
|
|
@@ -104,6 +104,7 @@ include/sudo_util.h
|
|
install-sh
|
|
lib/eventlog/Makefile.in
|
|
lib/eventlog/eventlog.c
|
|
+lib/eventlog/eventlog_conf.c
|
|
lib/eventlog/eventlog_free.c
|
|
lib/eventlog/logwrap.c
|
|
lib/eventlog/regress/logwrap/check_wrap.c
|
|
diff --git a/include/sudo_eventlog.h b/include/sudo_eventlog.h
|
|
index 127ee5dd8..e40622a51 100644
|
|
--- a/include/sudo_eventlog.h
|
|
+++ b/include/sudo_eventlog.h
|
|
@@ -66,7 +66,7 @@ enum eventlog_format {
|
|
#define EVENTLOG_INDENT " "
|
|
|
|
/*
|
|
- * Event log config, used with eventlog_setconf()
|
|
+ * Event log config, used with eventlog_getconf()
|
|
*/
|
|
struct eventlog_config {
|
|
int type;
|
|
@@ -144,5 +144,6 @@ void eventlog_set_mailto(const char *to_addr);
|
|
void eventlog_set_mailsub(const char *subject);
|
|
void eventlog_set_open_log(FILE *(*fn)(int type, const char *));
|
|
void eventlog_set_close_log(void (*fn)(int type, FILE *));
|
|
+const struct eventlog_config *eventlog_getconf(void);
|
|
|
|
#endif /* SUDO_EVENTLOG_H */
|
|
diff --git a/lib/eventlog/Makefile.in b/lib/eventlog/Makefile.in
|
|
index 24c2dbce9..02236f70b 100644
|
|
--- a/lib/eventlog/Makefile.in
|
|
+++ b/lib/eventlog/Makefile.in
|
|
@@ -82,7 +82,7 @@ SHELL = @SHELL@
|
|
|
|
TEST_PROGS = check_wrap
|
|
|
|
-LIBEVENTLOG_OBJS = eventlog.lo eventlog_free.lo logwrap.lo
|
|
+LIBEVENTLOG_OBJS = eventlog.lo eventlog_conf.lo eventlog_free.lo logwrap.lo
|
|
|
|
IOBJS = $(LIBEVENTLOG_OBJS:.lo=.i)
|
|
|
|
@@ -213,6 +213,24 @@ eventlog.i: $(srcdir)/eventlog.c $(incdir)/compat/stdbool.h \
|
|
$(CC) -E -o $@ $(CPPFLAGS) $<
|
|
eventlog.plog: eventlog.i
|
|
rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/eventlog.c --i-file $< --output-file $@
|
|
+eventlog_conf.lo: $(srcdir)/eventlog_conf.c $(incdir)/compat/stdbool.h \
|
|
+ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
|
|
+ $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
|
|
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_json.h \
|
|
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
|
|
+ $(incdir)/sudo_util.h $(top_builddir)/config.h \
|
|
+ $(top_builddir)/pathnames.h
|
|
+ $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/eventlog_conf.c
|
|
+eventlog_conf.i: $(srcdir)/eventlog_conf.c $(incdir)/compat/stdbool.h \
|
|
+ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
|
|
+ $(incdir)/sudo_eventlog.h $(incdir)/sudo_fatal.h \
|
|
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_json.h \
|
|
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
|
|
+ $(incdir)/sudo_util.h $(top_builddir)/config.h \
|
|
+ $(top_builddir)/pathnames.h
|
|
+ $(CC) -E -o $@ $(CPPFLAGS) $<
|
|
+eventlog_conf.plog: eventlog_conf.i
|
|
+ rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/eventlog_conf.c --i-file $< --output-file $@
|
|
eventlog_free.lo: $(srcdir)/eventlog_free.c $(incdir)/compat/stdbool.h \
|
|
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
|
|
$(incdir)/sudo_eventlog.h $(incdir)/sudo_queue.h \
|
|
diff --git a/lib/eventlog/eventlog.c b/lib/eventlog/eventlog.c
|
|
index c8c9b7ba5..e7505d9d9 100644
|
|
--- a/lib/eventlog/eventlog.c
|
|
+++ b/lib/eventlog/eventlog.c
|
|
@@ -75,35 +75,6 @@
|
|
isalnum((unsigned char)(s)[6]) && isalnum((unsigned char)(s)[7]) && \
|
|
(s)[8] == '\0')
|
|
|
|
-static FILE *eventlog_stub_open_log(int type, const char *logfile);
|
|
-static void eventlog_stub_close_log(int type, FILE *fp);
|
|
-
|
|
-/* Eventlog config settings (default values). */
|
|
-static struct eventlog_config evl_conf = {
|
|
- EVLOG_NONE, /* type */
|
|
- EVLOG_SUDO, /* format */
|
|
- LOG_NOTICE, /* syslog_acceptpri */
|
|
- LOG_ALERT, /* syslog_rejectpri */
|
|
- LOG_ALERT, /* syslog_alertpri */
|
|
- MAXSYSLOGLEN, /* syslog_maxlen */
|
|
- 0, /* file_maxlen */
|
|
- ROOT_UID, /* mailuid */
|
|
- false, /* omit_hostname */
|
|
- _PATH_SUDO_LOGFILE, /* logpath */
|
|
- "%h %e %T", /* time_fmt */
|
|
-#ifdef _PATH_SUDO_SENDMAIL
|
|
- _PATH_SUDO_SENDMAIL, /* mailerpath */
|
|
-#else
|
|
- NULL, /* mailerpath (disabled) */
|
|
-#endif
|
|
- "-t", /* mailerflags */
|
|
- NULL, /* mailfrom */
|
|
- MAILTO, /* mailto */
|
|
- N_(MAILSUBJECT), /* mailsub */
|
|
- eventlog_stub_open_log, /* open_log */
|
|
- eventlog_stub_close_log /* close_log */
|
|
-};
|
|
-
|
|
/*
|
|
* Allocate and fill in a new logline.
|
|
*/
|
|
@@ -111,6 +82,7 @@ static char *
|
|
new_logline(int flags, const char *message, const char *errstr,
|
|
const struct eventlog *evlog)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
char *line = NULL, *evstr = NULL;
|
|
const char *iolog_file = evlog->iolog_file;
|
|
const char *tty, *tsid = NULL;
|
|
@@ -159,7 +131,7 @@ new_logline(int flags, const char *message, const char *errstr,
|
|
len += strlen(message) + 3;
|
|
if (errstr != NULL)
|
|
len += strlen(errstr) + 3;
|
|
- if (evlog->submithost != NULL && !evl_conf.omit_hostname)
|
|
+ if (evlog->submithost != NULL && !evl_conf->omit_hostname)
|
|
len += sizeof(LL_HOST_STR) + 2 + strlen(evlog->submithost);
|
|
if (tty != NULL)
|
|
len += sizeof(LL_TTY_STR) + 2 + strlen(tty);
|
|
@@ -218,7 +190,7 @@ new_logline(int flags, const char *message, const char *errstr,
|
|
strlcat(line, " ; ", len) >= len)
|
|
goto toobig;
|
|
}
|
|
- if (evlog->submithost != NULL && !evl_conf.omit_hostname) {
|
|
+ if (evlog->submithost != NULL && !evl_conf->omit_hostname) {
|
|
if (strlcat(line, LL_HOST_STR, len) >= len ||
|
|
strlcat(line, evlog->submithost, len) >= len ||
|
|
strlcat(line, " ; ", len) >= len)
|
|
@@ -331,8 +303,9 @@ closefrom_nodebug(int lowfd)
|
|
static void __attribute__((__noreturn__))
|
|
exec_mailer(int pipein)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
char *last, *mflags, *p, *argv[MAX_MAILFLAGS + 1];
|
|
- const char *mpath = evl_conf.mailerpath;
|
|
+ const char *mpath = evl_conf->mailerpath;
|
|
int i;
|
|
char * const root_envp[] = {
|
|
"HOME=/",
|
|
@@ -356,7 +329,7 @@ exec_mailer(int pipein)
|
|
}
|
|
|
|
/* Build up an argv based on the mailer path and flags */
|
|
- if ((mflags = strdup(evl_conf.mailerflags)) == NULL) {
|
|
+ if ((mflags = strdup(evl_conf->mailerflags)) == NULL) {
|
|
syslog(LOG_ERR, _("unable to allocate memory")); // -V618
|
|
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
|
|
_exit(127);
|
|
@@ -379,14 +352,14 @@ exec_mailer(int pipein)
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to change uid to %u",
|
|
ROOT_UID);
|
|
}
|
|
- if (evl_conf.mailuid != ROOT_UID) {
|
|
- if (setuid(evl_conf.mailuid) != 0) {
|
|
+ if (evl_conf->mailuid != ROOT_UID) {
|
|
+ if (setuid(evl_conf->mailuid) != 0) {
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR, "unable to change uid to %u",
|
|
- (unsigned int)evl_conf.mailuid);
|
|
+ (unsigned int)evl_conf->mailuid);
|
|
}
|
|
}
|
|
sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
|
|
- if (evl_conf.mailuid == ROOT_UID)
|
|
+ if (evl_conf->mailuid == ROOT_UID)
|
|
execve(mpath, argv, root_envp);
|
|
else
|
|
execv(mpath, argv);
|
|
@@ -400,7 +373,8 @@ exec_mailer(int pipein)
|
|
static bool
|
|
send_mail(const struct eventlog *evlog, const char *fmt, ...)
|
|
{
|
|
- const char *cp, *timefmt = evl_conf.time_fmt;
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
+ const char *cp, *timefmt = evl_conf->time_fmt;
|
|
char timebuf[1024];
|
|
struct tm *tm;
|
|
time_t now;
|
|
@@ -415,11 +389,11 @@ send_mail(const struct eventlog *evlog, const char *fmt, ...)
|
|
debug_decl(send_mail, SUDO_DEBUG_UTIL);
|
|
|
|
/* If mailer is disabled just return. */
|
|
- if (evl_conf.mailerpath == NULL || evl_conf.mailto == NULL)
|
|
+ if (evl_conf->mailerpath == NULL || evl_conf->mailto == NULL)
|
|
debug_return_bool(true);
|
|
|
|
/* Make sure the mailer exists and is a regular file. */
|
|
- if (stat(evl_conf.mailerpath, &sb) != 0 || !S_ISREG(sb.st_mode))
|
|
+ if (stat(evl_conf->mailerpath, &sb) != 0 || !S_ISREG(sb.st_mode))
|
|
debug_return_bool(false);
|
|
|
|
time(&now);
|
|
@@ -516,11 +490,11 @@ send_mail(const struct eventlog *evlog, const char *fmt, ...)
|
|
|
|
/* Pipes are all setup, send message. */
|
|
(void) fprintf(mail, "To: %s\nFrom: %s\nAuto-Submitted: %s\nSubject: ",
|
|
- evl_conf.mailto,
|
|
- evl_conf.mailfrom ? evl_conf.mailfrom :
|
|
+ evl_conf->mailto,
|
|
+ evl_conf->mailfrom ? evl_conf->mailfrom :
|
|
(evlog ? evlog->submituser : "root"),
|
|
"auto-generated");
|
|
- for (cp = _(evl_conf.mailsub); *cp; cp++) {
|
|
+ for (cp = _(evl_conf->mailsub); *cp; cp++) {
|
|
/* Expand escapes in the subject */
|
|
if (*cp == '%' && *(cp+1) != '%') {
|
|
switch (*(++cp)) {
|
|
@@ -576,7 +550,8 @@ static bool
|
|
json_add_timestamp(struct json_container *json, const char *name,
|
|
const struct timespec *ts)
|
|
{
|
|
- const char *timefmt = evl_conf.time_fmt;
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
+ const char *timefmt = evl_conf->time_fmt;
|
|
struct json_value json_value;
|
|
time_t secs = ts->tv_sec;
|
|
char timebuf[1024];
|
|
@@ -880,12 +855,13 @@ bad:
|
|
static bool
|
|
do_syslog_sudo(int pri, char *logline, const struct eventlog *evlog)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
size_t len, maxlen;
|
|
char *p, *tmp, save;
|
|
const char *fmt;
|
|
debug_decl(do_syslog_sudo, SUDO_DEBUG_UTIL);
|
|
|
|
- evl_conf.open_log(EVLOG_SYSLOG, NULL);
|
|
+ evl_conf->open_log(EVLOG_SYSLOG, NULL);
|
|
|
|
if (evlog == NULL) {
|
|
/* Not a command, just log it as-is. */
|
|
@@ -897,7 +873,7 @@ do_syslog_sudo(int pri, char *logline, const struct eventlog *evlog)
|
|
* Log the full line, breaking into multiple syslog(3) calls if necessary
|
|
*/
|
|
fmt = _("%8s : %s");
|
|
- maxlen = evl_conf.syslog_maxlen -
|
|
+ maxlen = evl_conf->syslog_maxlen -
|
|
(strlen(fmt) - 5 + strlen(evlog->submituser));
|
|
for (p = logline; *p != '\0'; ) {
|
|
len = strlen(p);
|
|
@@ -926,11 +902,11 @@ do_syslog_sudo(int pri, char *logline, const struct eventlog *evlog)
|
|
p += len;
|
|
}
|
|
fmt = _("%8s : (command continued) %s");
|
|
- maxlen = evl_conf.syslog_maxlen -
|
|
+ maxlen = evl_conf->syslog_maxlen -
|
|
(strlen(fmt) - 5 + strlen(evlog->submituser));
|
|
}
|
|
done:
|
|
- evl_conf.close_log(EVLOG_SYSLOG, NULL);
|
|
+ evl_conf->close_log(EVLOG_SYSLOG, NULL);
|
|
|
|
debug_return_bool(true);
|
|
}
|
|
@@ -941,6 +917,7 @@ do_syslog_json(int pri, int event_type, const char *reason,
|
|
const struct timespec *event_time,
|
|
eventlog_json_callback_t info_cb, void *info)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
char *json_str;
|
|
debug_decl(do_syslog_json, SUDO_DEBUG_UTIL);
|
|
|
|
@@ -951,10 +928,10 @@ do_syslog_json(int pri, int event_type, const char *reason,
|
|
debug_return_bool(false);
|
|
|
|
/* Syslog it in a sudo object with a @cee: prefix. */
|
|
- /* TODO: use evl_conf.syslog_maxlen to break up long messages. */
|
|
- evl_conf.open_log(EVLOG_SYSLOG, NULL);
|
|
+ /* TODO: use evl_conf->syslog_maxlen to break up long messages. */
|
|
+ evl_conf->open_log(EVLOG_SYSLOG, NULL);
|
|
syslog(pri, "@cee:{\"sudo\":{%s}}", json_str);
|
|
- evl_conf.close_log(EVLOG_SYSLOG, NULL);
|
|
+ evl_conf->close_log(EVLOG_SYSLOG, NULL);
|
|
free(json_str);
|
|
debug_return_bool(true);
|
|
}
|
|
@@ -967,13 +944,14 @@ do_syslog(int event_type, int flags, const char *reason, const char *errstr,
|
|
const struct eventlog *evlog, const struct timespec *event_time,
|
|
eventlog_json_callback_t info_cb, void *info)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
char *logline = NULL;
|
|
bool ret = false;
|
|
int pri;
|
|
debug_decl(do_syslog, SUDO_DEBUG_UTIL);
|
|
|
|
/* Sudo format logs and mailed logs use the same log line format. */
|
|
- if (evl_conf.format == EVLOG_SUDO || ISSET(flags, EVLOG_MAIL)) {
|
|
+ if (evl_conf->format == EVLOG_SUDO || ISSET(flags, EVLOG_MAIL)) {
|
|
logline = new_logline(flags, reason, errstr, evlog);
|
|
if (logline == NULL)
|
|
debug_return_bool(false);
|
|
@@ -992,13 +970,13 @@ do_syslog(int event_type, int flags, const char *reason, const char *errstr,
|
|
|
|
switch (event_type) {
|
|
case EVLOG_ACCEPT:
|
|
- pri = evl_conf.syslog_acceptpri;
|
|
+ pri = evl_conf->syslog_acceptpri;
|
|
break;
|
|
case EVLOG_REJECT:
|
|
- pri = evl_conf.syslog_rejectpri;
|
|
+ pri = evl_conf->syslog_rejectpri;
|
|
break;
|
|
case EVLOG_ALERT:
|
|
- pri = evl_conf.syslog_alertpri;
|
|
+ pri = evl_conf->syslog_alertpri;
|
|
break;
|
|
default:
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
|
@@ -1012,7 +990,7 @@ do_syslog(int event_type, int flags, const char *reason, const char *errstr,
|
|
debug_return_bool(true);
|
|
}
|
|
|
|
- switch (evl_conf.format) {
|
|
+ switch (evl_conf->format) {
|
|
case EVLOG_SUDO:
|
|
ret = do_syslog_sudo(pri, logline, evlog);
|
|
break;
|
|
@@ -1022,7 +1000,7 @@ do_syslog(int event_type, int flags, const char *reason, const char *errstr,
|
|
break;
|
|
default:
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
|
- "unexpected eventlog format %d", evl_conf.format);
|
|
+ "unexpected eventlog format %d", evl_conf->format);
|
|
break;
|
|
}
|
|
free(logline);
|
|
@@ -1034,9 +1012,10 @@ static bool
|
|
do_logfile_sudo(const char *logline, const struct eventlog *evlog,
|
|
const struct timespec *event_time)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
char *full_line, timebuf[8192], *timestr = NULL;
|
|
- const char *timefmt = evl_conf.time_fmt;
|
|
- const char *logfile = evl_conf.logpath;
|
|
+ const char *timefmt = evl_conf->time_fmt;
|
|
+ const char *logfile = evl_conf->logpath;
|
|
time_t tv_sec = event_time->tv_sec;
|
|
struct tm *timeptr;
|
|
bool ret = false;
|
|
@@ -1044,7 +1023,7 @@ do_logfile_sudo(const char *logline, const struct eventlog *evlog,
|
|
int len;
|
|
debug_decl(do_logfile_sudo, SUDO_DEBUG_UTIL);
|
|
|
|
- if ((fp = evl_conf.open_log(EVLOG_FILE, logfile)) == NULL)
|
|
+ if ((fp = evl_conf->open_log(EVLOG_FILE, logfile)) == NULL)
|
|
debug_return_bool(false);
|
|
|
|
if (!sudo_lock_file(fileno(fp), SUDO_LOCK)) {
|
|
@@ -1067,7 +1046,7 @@ do_logfile_sudo(const char *logline, const struct eventlog *evlog,
|
|
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
|
goto done;
|
|
}
|
|
- eventlog_writeln(fp, full_line, len, evl_conf.file_maxlen);
|
|
+ eventlog_writeln(fp, full_line, len, evl_conf->file_maxlen);
|
|
(void)fflush(fp);
|
|
if (ferror(fp)) {
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
|
|
@@ -1078,7 +1057,7 @@ do_logfile_sudo(const char *logline, const struct eventlog *evlog,
|
|
|
|
done:
|
|
(void)sudo_lock_file(fileno(fp), SUDO_UNLOCK);
|
|
- evl_conf.close_log(EVLOG_FILE, fp);
|
|
+ evl_conf->close_log(EVLOG_FILE, fp);
|
|
debug_return_bool(ret);
|
|
}
|
|
|
|
@@ -1087,14 +1066,15 @@ do_logfile_json(int event_type, const char *reason, const char *errstr,
|
|
const struct eventlog *evlog, const struct timespec *event_time,
|
|
eventlog_json_callback_t info_cb, void *info)
|
|
{
|
|
- const char *logfile = evl_conf.logpath;
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
+ const char *logfile = evl_conf->logpath;
|
|
struct stat sb;
|
|
char *json_str;
|
|
int ret = false;
|
|
FILE *fp;
|
|
debug_decl(do_logfile_json, SUDO_DEBUG_UTIL);
|
|
|
|
- if ((fp = evl_conf.open_log(EVLOG_FILE, logfile)) == NULL)
|
|
+ if ((fp = evl_conf->open_log(EVLOG_FILE, logfile)) == NULL)
|
|
debug_return_bool(false);
|
|
|
|
json_str = format_json(event_type, reason, errstr, evlog, event_time,
|
|
@@ -1135,7 +1115,7 @@ do_logfile_json(int event_type, const char *reason, const char *errstr,
|
|
done:
|
|
free(json_str);
|
|
(void)sudo_lock_file(fileno(fp), SUDO_UNLOCK);
|
|
- evl_conf.close_log(EVLOG_FILE, fp);
|
|
+ evl_conf->close_log(EVLOG_FILE, fp);
|
|
debug_return_bool(ret);
|
|
}
|
|
|
|
@@ -1144,12 +1124,13 @@ do_logfile(int event_type, int flags, const char *reason, const char *errstr,
|
|
const struct eventlog *evlog, const struct timespec *event_time,
|
|
eventlog_json_callback_t info_cb, void *info)
|
|
{
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
bool ret = false;
|
|
char *logline = NULL;
|
|
debug_decl(do_logfile, SUDO_DEBUG_UTIL);
|
|
|
|
/* Sudo format logs and mailed logs use the same log line format. */
|
|
- if (evl_conf.format == EVLOG_SUDO || ISSET(flags, EVLOG_MAIL)) {
|
|
+ if (evl_conf->format == EVLOG_SUDO || ISSET(flags, EVLOG_MAIL)) {
|
|
logline = new_logline(flags, reason, errstr, evlog);
|
|
if (logline == NULL)
|
|
debug_return_bool(false);
|
|
@@ -1166,7 +1147,7 @@ do_logfile(int event_type, int flags, const char *reason, const char *errstr,
|
|
}
|
|
}
|
|
|
|
- switch (evl_conf.format) {
|
|
+ switch (evl_conf->format) {
|
|
case EVLOG_SUDO:
|
|
ret = do_logfile_sudo(logline ? logline : reason, evlog, event_time);
|
|
break;
|
|
@@ -1176,7 +1157,7 @@ do_logfile(int event_type, int flags, const char *reason, const char *errstr,
|
|
break;
|
|
default:
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
|
- "unexpected eventlog format %d", evl_conf.format);
|
|
+ "unexpected eventlog format %d", evl_conf->format);
|
|
break;
|
|
}
|
|
free(logline);
|
|
@@ -1188,7 +1169,8 @@ bool
|
|
eventlog_accept(const struct eventlog *evlog, int flags,
|
|
eventlog_json_callback_t info_cb, void *info)
|
|
{
|
|
- const int log_type = evl_conf.type;
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
+ const int log_type = evl_conf->type;
|
|
bool ret = true;
|
|
debug_decl(log_accept, SUDO_DEBUG_UTIL);
|
|
|
|
@@ -1214,7 +1196,8 @@ bool
|
|
eventlog_reject(const struct eventlog *evlog, int flags, const char *reason,
|
|
eventlog_json_callback_t info_cb, void *info)
|
|
{
|
|
- const int log_type = evl_conf.type;
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
+ const int log_type = evl_conf->type;
|
|
bool ret = true;
|
|
debug_decl(log_reject, SUDO_DEBUG_UTIL);
|
|
|
|
@@ -1237,7 +1220,8 @@ bool
|
|
eventlog_alert(const struct eventlog *evlog, int flags,
|
|
struct timespec *alert_time, const char *reason, const char *errstr)
|
|
{
|
|
- const int log_type = evl_conf.type;
|
|
+ const struct eventlog_config *evl_conf = eventlog_getconf();
|
|
+ const int log_type = evl_conf->type;
|
|
bool ret = true;
|
|
debug_decl(log_alert, SUDO_DEBUG_UTIL);
|
|
|
|
@@ -1255,169 +1239,3 @@ eventlog_alert(const struct eventlog *evlog, int flags,
|
|
|
|
debug_return_bool(ret);
|
|
}
|
|
-
|
|
-static FILE *
|
|
-eventlog_stub_open_log(int type, const char *logfile)
|
|
-{
|
|
- debug_decl(eventlog_stub_open_log, SUDO_DEBUG_UTIL);
|
|
- sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
|
|
- "open_log not set, using stub");
|
|
- debug_return_ptr(NULL);
|
|
-}
|
|
-
|
|
-static void
|
|
-eventlog_stub_close_log(int type, FILE *fp)
|
|
-{
|
|
- debug_decl(eventlog_stub_close_log, SUDO_DEBUG_UTIL);
|
|
- sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
|
|
- "close_log not set, using stub");
|
|
- debug_return;
|
|
-}
|
|
-
|
|
-/*
|
|
- * Set eventlog config settings.
|
|
- */
|
|
-
|
|
-void
|
|
-eventlog_set_type(int type)
|
|
-{
|
|
- evl_conf.type = type;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_format(enum eventlog_format format)
|
|
-{
|
|
- evl_conf.format = format;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_syslog_acceptpri(int pri)
|
|
-{
|
|
- evl_conf.syslog_acceptpri = pri;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_syslog_rejectpri(int pri)
|
|
-{
|
|
- evl_conf.syslog_rejectpri = pri;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_syslog_alertpri(int pri)
|
|
-{
|
|
- evl_conf.syslog_alertpri = pri;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_syslog_maxlen(int len)
|
|
-{
|
|
- evl_conf.syslog_maxlen = len;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_file_maxlen(int len)
|
|
-{
|
|
- evl_conf.file_maxlen = len;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_mailuid(uid_t uid)
|
|
-{
|
|
- evl_conf.mailuid = uid;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_omit_hostname(bool omit_hostname)
|
|
-{
|
|
- evl_conf.omit_hostname = omit_hostname;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_logpath(const char *path)
|
|
-{
|
|
- evl_conf.logpath = path;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_time_fmt(const char *fmt)
|
|
-{
|
|
- evl_conf.time_fmt = fmt;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_mailerpath(const char *path)
|
|
-{
|
|
- evl_conf.mailerpath = path;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_mailerflags(const char *mflags)
|
|
-{
|
|
- evl_conf.mailerflags = mflags;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_mailfrom(const char *from_addr)
|
|
-{
|
|
- evl_conf.mailfrom = from_addr;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_mailto(const char *to_addr)
|
|
-{
|
|
- evl_conf.mailto = to_addr;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_mailsub(const char *subject)
|
|
-{
|
|
- evl_conf.mailsub = subject;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_open_log(FILE *(*fn)(int type, const char *))
|
|
-{
|
|
- evl_conf.open_log = fn;
|
|
-}
|
|
-
|
|
-void
|
|
-eventlog_set_close_log(void (*fn)(int type, FILE *))
|
|
-{
|
|
- evl_conf.close_log = fn;
|
|
-}
|
|
-
|
|
-bool
|
|
-eventlog_setconf(struct eventlog_config *conf)
|
|
-{
|
|
- debug_decl(eventlog_setconf, SUDO_DEBUG_UTIL);
|
|
-
|
|
- if (conf != NULL) {
|
|
- memcpy(&evl_conf, conf, sizeof(evl_conf));
|
|
- } else {
|
|
- memset(&evl_conf, 0, sizeof(evl_conf));
|
|
- }
|
|
-
|
|
- /* Apply default values where possible. */
|
|
- if (evl_conf.syslog_maxlen == 0)
|
|
- evl_conf.syslog_maxlen = MAXSYSLOGLEN;
|
|
- if (evl_conf.logpath == NULL)
|
|
- evl_conf.logpath = _PATH_SUDO_LOGFILE;
|
|
- if (evl_conf.time_fmt == NULL)
|
|
- evl_conf.time_fmt = "%h %e %T";
|
|
-#ifdef _PATH_SUDO_SENDMAIL
|
|
- if (evl_conf.mailerpath == NULL)
|
|
- evl_conf.mailerpath = _PATH_SUDO_SENDMAIL;
|
|
-#endif
|
|
- if (evl_conf.mailerflags == NULL)
|
|
- evl_conf.mailerflags = "-t";
|
|
- if (evl_conf.mailto == NULL)
|
|
- evl_conf.mailto = MAILTO;
|
|
- if (evl_conf.mailsub == NULL)
|
|
- evl_conf.mailsub = N_(MAILSUBJECT);
|
|
- if (evl_conf.open_log == NULL)
|
|
- evl_conf.open_log = eventlog_stub_open_log;
|
|
- if (evl_conf.close_log == NULL)
|
|
- evl_conf.close_log = eventlog_stub_close_log;
|
|
-
|
|
- debug_return_bool(true);
|
|
-}
|
|
diff --git a/lib/eventlog/eventlog_conf.c b/lib/eventlog/eventlog_conf.c
|
|
new file mode 100644
|
|
index 000000000..8ad03851f
|
|
--- /dev/null
|
|
+++ b/lib/eventlog/eventlog_conf.c
|
|
@@ -0,0 +1,226 @@
|
|
+/*
|
|
+ * SPDX-License-Identifier: ISC
|
|
+ *
|
|
+ * Copyright (c) 1994-1996, 1998-2020 Todd C. Miller <Todd.Miller@sudo.ws>
|
|
+ *
|
|
+ * Permission to use, copy, modify, and distribute this software for any
|
|
+ * purpose with or without fee is hereby granted, provided that the above
|
|
+ * copyright notice and this permission notice appear in all copies.
|
|
+ *
|
|
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
+ *
|
|
+ * Sponsored in part by the Defense Advanced Research Projects
|
|
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
|
|
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
|
+ */
|
|
+
|
|
+/*
|
|
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
|
|
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
|
|
+ */
|
|
+
|
|
+#include <config.h>
|
|
+
|
|
+#include <sys/types.h>
|
|
+#include <sys/socket.h>
|
|
+#include <sys/stat.h>
|
|
+#include <sys/wait.h>
|
|
+#include <netinet/in.h>
|
|
+
|
|
+#include <ctype.h>
|
|
+#include <errno.h>
|
|
+#include <fcntl.h>
|
|
+#include <grp.h>
|
|
+#include <locale.h>
|
|
+#include <pwd.h>
|
|
+#include <signal.h>
|
|
+#include <stdio.h>
|
|
+#include <stdlib.h>
|
|
+#include <string.h>
|
|
+#include <syslog.h>
|
|
+#include <time.h>
|
|
+#include <unistd.h>
|
|
+
|
|
+#include "pathnames.h"
|
|
+#include "sudo_compat.h"
|
|
+#include "sudo_debug.h"
|
|
+#include "sudo_eventlog.h"
|
|
+#include "sudo_fatal.h"
|
|
+#include "sudo_gettext.h"
|
|
+#include "sudo_json.h"
|
|
+#include "sudo_queue.h"
|
|
+#include "sudo_util.h"
|
|
+
|
|
+static FILE *eventlog_stub_open_log(int type, const char *logfile);
|
|
+static void eventlog_stub_close_log(int type, FILE *fp);
|
|
+
|
|
+/* Eventlog config settings (default values). */
|
|
+static struct eventlog_config evl_conf = {
|
|
+ EVLOG_NONE, /* type */
|
|
+ EVLOG_SUDO, /* format */
|
|
+ LOG_NOTICE, /* syslog_acceptpri */
|
|
+ LOG_ALERT, /* syslog_rejectpri */
|
|
+ LOG_ALERT, /* syslog_alertpri */
|
|
+ MAXSYSLOGLEN, /* syslog_maxlen */
|
|
+ 0, /* file_maxlen */
|
|
+ ROOT_UID, /* mailuid */
|
|
+ false, /* omit_hostname */
|
|
+ _PATH_SUDO_LOGFILE, /* logpath */
|
|
+ "%h %e %T", /* time_fmt */
|
|
+#ifdef _PATH_SUDO_SENDMAIL
|
|
+ _PATH_SUDO_SENDMAIL, /* mailerpath */
|
|
+#else
|
|
+ NULL, /* mailerpath (disabled) */
|
|
+#endif
|
|
+ "-t", /* mailerflags */
|
|
+ NULL, /* mailfrom */
|
|
+ MAILTO, /* mailto */
|
|
+ N_(MAILSUBJECT), /* mailsub */
|
|
+ eventlog_stub_open_log, /* open_log */
|
|
+ eventlog_stub_close_log /* close_log */
|
|
+};
|
|
+
|
|
+static FILE *
|
|
+eventlog_stub_open_log(int type, const char *logfile)
|
|
+{
|
|
+ debug_decl(eventlog_stub_open_log, SUDO_DEBUG_UTIL);
|
|
+ sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
|
|
+ "open_log not set, using stub");
|
|
+ debug_return_ptr(NULL);
|
|
+}
|
|
+
|
|
+static void
|
|
+eventlog_stub_close_log(int type, FILE *fp)
|
|
+{
|
|
+ debug_decl(eventlog_stub_close_log, SUDO_DEBUG_UTIL);
|
|
+ sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
|
|
+ "close_log not set, using stub");
|
|
+ debug_return;
|
|
+}
|
|
+
|
|
+/*
|
|
+ * eventlog config setters.
|
|
+ */
|
|
+
|
|
+void
|
|
+eventlog_set_type(int type)
|
|
+{
|
|
+ evl_conf.type = type;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_format(enum eventlog_format format)
|
|
+{
|
|
+ evl_conf.format = format;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_syslog_acceptpri(int pri)
|
|
+{
|
|
+ evl_conf.syslog_acceptpri = pri;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_syslog_rejectpri(int pri)
|
|
+{
|
|
+ evl_conf.syslog_rejectpri = pri;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_syslog_alertpri(int pri)
|
|
+{
|
|
+ evl_conf.syslog_alertpri = pri;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_syslog_maxlen(int len)
|
|
+{
|
|
+ evl_conf.syslog_maxlen = len;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_file_maxlen(int len)
|
|
+{
|
|
+ evl_conf.file_maxlen = len;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_mailuid(uid_t uid)
|
|
+{
|
|
+ evl_conf.mailuid = uid;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_omit_hostname(bool omit_hostname)
|
|
+{
|
|
+ evl_conf.omit_hostname = omit_hostname;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_logpath(const char *path)
|
|
+{
|
|
+ evl_conf.logpath = path;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_time_fmt(const char *fmt)
|
|
+{
|
|
+ evl_conf.time_fmt = fmt;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_mailerpath(const char *path)
|
|
+{
|
|
+ evl_conf.mailerpath = path;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_mailerflags(const char *mflags)
|
|
+{
|
|
+ evl_conf.mailerflags = mflags;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_mailfrom(const char *from_addr)
|
|
+{
|
|
+ evl_conf.mailfrom = from_addr;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_mailto(const char *to_addr)
|
|
+{
|
|
+ evl_conf.mailto = to_addr;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_mailsub(const char *subject)
|
|
+{
|
|
+ evl_conf.mailsub = subject;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_open_log(FILE *(*fn)(int type, const char *))
|
|
+{
|
|
+ evl_conf.open_log = fn;
|
|
+}
|
|
+
|
|
+void
|
|
+eventlog_set_close_log(void (*fn)(int type, FILE *))
|
|
+{
|
|
+ evl_conf.close_log = fn;
|
|
+}
|
|
+
|
|
+/*
|
|
+ * get eventlog config.
|
|
+ */
|
|
+const struct eventlog_config *
|
|
+eventlog_getconf(void)
|
|
+{
|
|
+ return &evl_conf;
|
|
+}
|
|
--
|
|
2.43.0
|
|
|