diff options
| -rw-r--r-- | include/sudo_eventlog.h | 1 | ||||
| -rw-r--r-- | lib/eventlog/eventlog.c | 50 | ||||
| -rw-r--r-- | plugins/sudoers/logging.c | 48 |
3 files changed, 63 insertions, 36 deletions
diff --git a/include/sudo_eventlog.h b/include/sudo_eventlog.h index 55feee5d2..0e30ec495 100644 --- a/include/sudo_eventlog.h +++ b/include/sudo_eventlog.h @@ -133,6 +133,7 @@ typedef bool (*eventlog_json_callback_t)(struct json_container *, void *); bool eventlog_accept(const struct eventlog *evlog, int flags, eventlog_json_callback_t info_cb, void *info); bool eventlog_exit(const struct eventlog *evlog, int flags); bool eventlog_alert(const struct eventlog *evlog, int flags, struct timespec *alert_time, const char *reason, const char *errstr); +bool eventlog_mail(const struct eventlog *evlog, int flags, struct timespec *event_time, const char *reason, const char *errstr, char * const extra[]); bool eventlog_reject(const struct eventlog *evlog, int flags, const char *reason, eventlog_json_callback_t info_cb, void *info); bool eventlog_store_json(struct json_container *jsonc, const struct eventlog *evlog); bool eventlog_store_sudo(int event_type, const struct eventlog *evlog, struct sudo_lbuf *lbuf); diff --git a/lib/eventlog/eventlog.c b/lib/eventlog/eventlog.c index e5a3f7676..cb6054132 100644 --- a/lib/eventlog/eventlog.c +++ b/lib/eventlog/eventlog.c @@ -1259,7 +1259,7 @@ eventlog_accept(const struct eventlog *evlog, int flags, const int log_type = evl_conf->type; struct eventlog_args args = { NULL }; bool ret = true; - debug_decl(log_accept, SUDO_DEBUG_UTIL); + debug_decl(eventlog_accept, SUDO_DEBUG_UTIL); args.event_time = &evlog->submit_time; args.json_info_cb = info_cb; @@ -1286,7 +1286,7 @@ eventlog_reject(const struct eventlog *evlog, int flags, const char *reason, const int log_type = evl_conf->type; struct eventlog_args args = { NULL }; bool ret = true; - debug_decl(log_reject, SUDO_DEBUG_UTIL); + debug_decl(eventlog_reject, SUDO_DEBUG_UTIL); args.reason = reason; args.event_time = &evlog->submit_time; @@ -1314,7 +1314,7 @@ eventlog_alert(const struct eventlog *evlog, int flags, const int log_type = evl_conf->type; struct eventlog_args args = { NULL }; bool ret = true; - debug_decl(log_alert, SUDO_DEBUG_UTIL); + debug_decl(eventlog_alert, SUDO_DEBUG_UTIL); args.reason = reason; args.errstr = errstr; @@ -1334,6 +1334,50 @@ eventlog_alert(const struct eventlog *evlog, int flags, } bool +eventlog_mail(const struct eventlog *evlog, int flags, + struct timespec *event_time, const char *reason, const char *errstr, + char * const extra[]) +{ + struct eventlog_args args = { NULL }; + struct sudo_lbuf lbuf; + bool ret = false; + debug_decl(eventlog_mail, SUDO_DEBUG_UTIL); + + args.reason = reason; + args.errstr = errstr; + args.event_time = event_time; + + sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0); + if (!new_logline(EVLOG_ALERT, flags, &args, evlog, &lbuf)) + goto done; + + if (extra != NULL) { + /* Each extra message is written on its own line. */ + while (*extra != NULL) { + sudo_lbuf_append(&lbuf, "\n"); + sudo_lbuf_append_esc(&lbuf, LBUF_ESC_CNTRL, "%s", *extra); + if (sudo_lbuf_error(&lbuf)) { + sudo_debug_printf( + SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, + "unable to format mail message"); + goto done; + } + extra++; + } + } + + ret = send_mail(evlog, lbuf.buf); + if (!ret) { + sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, + "unable to mail log line"); + } + +done: + sudo_lbuf_destroy(&lbuf); + debug_return_bool(ret); +} + +bool eventlog_exit(const struct eventlog *evlog, int flags) { const struct eventlog_config *evl_conf = eventlog_getconf(); diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 9644ca9c1..d427064c3 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -780,13 +780,13 @@ gai_log_warning(int flags, int errnum, const char *fmt, ...) bool mail_parse_errors(void) { - const int evl_flags = EVLOG_MAIL|EVLOG_MAIL_ONLY|EVLOG_RAW; + const int evl_flags = EVLOG_RAW; struct parse_error *pe; struct eventlog evlog; - char *cp, *mailbody = NULL; + char **errors = NULL; struct timespec now; - size_t len, n; - bool ret; + bool ret = false; + size_t n; debug_decl(mail_parse_errors, SUDOERS_DEBUG_LOGGING); if (STAILQ_EMPTY(&parse_error_list)) @@ -794,50 +794,32 @@ mail_parse_errors(void) if (sudo_gettime_real(&now) == -1) { sudo_warn("%s", U_("unable to get time of day")); - ret = false; goto done; } sudoers_to_eventlog(&evlog, safe_cmnd, NewArgv, env_get(), sudo_user.uuid_str); - len = strlen(_("problem parsing sudoers")) + 1; + /* Convert parse_error_list to a string vector. */ + n = 0; STAILQ_FOREACH(pe, &parse_error_list, entries) { - len += strlen(_(pe->errstr)) + 1; + n++; } - mailbody = malloc(len); - if (mailbody == NULL) { + errors = reallocarray(NULL, n + 1, sizeof(char *)); + if (errors == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - ret = false; goto done; } - cp = mailbody; - - n = strlcpy(cp, _("problem parsing sudoers"), len); - if (n >= len) { - sudo_warnx(U_("internal error, %s overflow"), __func__); - ret = false; - goto done; - } - cp += n; - len -= n; - + n = 0; STAILQ_FOREACH(pe, &parse_error_list, entries) { - n = snprintf(cp, len, "\n%s", _(pe->errstr)); - if (n >= len) { - sudo_warnx(U_("internal error, %s overflow"), __func__); - ret = false; - goto done; - } - cp += n; - len -= n; + errors[n++] = _(pe->errstr); } + errors[n] = NULL; - ret = eventlog_alert(&evlog, evl_flags, &now, mailbody, NULL); - if (!log_server_alert(&evlog, &now, mailbody, NULL)) - ret = false; + ret = eventlog_mail(&evlog, evl_flags, &now, _("problem parsing sudoers"), + NULL, errors); done: - free(mailbody); + free(errors); while ((pe = STAILQ_FIRST(&parse_error_list)) != NULL) { STAILQ_REMOVE_HEAD(&parse_error_list, entries); free(pe->errstr); |