plugins/sudoers/sudoers.h
plugins/sudoers/sudoers.in
plugins/sudoers/sudoers2ldif
+plugins/sudoers/sudoers_debug.c
plugins/sudoers/sudoers_version.h
plugins/sudoers/sudoreplay.c
plugins/sudoers/testsudoers.c
struct sudo_conf_debug_file_list;
/*
- * The priority and subsystem are encoded in a single 32-bit value.
- * The lower 4 bits are the priority and the top 26 bits are the subsystem.
- * This allows for 16 priorities and a very large number of subsystems.
- * Bit 5 is used as a flag to specify whether to log the errno value.
- * Bit 6 specifies whether to log the function, file and line number data.
+ * The priority, instance and subsystem are encoded in a single 32-bit value.
+ * The first byte holds the priority and flags:
+ * nybble one is priority, nybble two is flags (errno or lineno).
+ * The second byte is for the instance index (way more than we need).
+ * The upper two bytes are the subsystem.
+ * This allows for 16 priorities, 3 flags, 256 instances, 65535 subsystems.
*/
/*
#define SUDO_DEBUG_TRACE 7 /* log function enter/exit */
#define SUDO_DEBUG_DEBUG 8 /* very verbose debugging */
-/*
- * Sudo debug subsystems.
- * This includes subsystems in the sudoers plugin.
- * Note: order must match sudo_debug_subsystems[]
- */
-#define SUDO_DEBUG_MAIN ( 1<<6) /* sudo main() */
-#define SUDO_DEBUG_ARGS ( 2<<6) /* command line argument processing */
-#define SUDO_DEBUG_EXEC ( 3<<6) /* command execution */
-#define SUDO_DEBUG_PTY ( 4<<6) /* pseudo-tty */
-#define SUDO_DEBUG_UTMP ( 5<<6) /* utmp file ops */
-#define SUDO_DEBUG_CONV ( 6<<6) /* user conversation */
-#define SUDO_DEBUG_PCOMM ( 7<<6) /* plugin communications */
-#define SUDO_DEBUG_UTIL ( 8<<6) /* utility functions */
-#define SUDO_DEBUG_NETIF ( 9<<6) /* network interface functions */
-#define SUDO_DEBUG_AUDIT (10<<6) /* audit */
-#define SUDO_DEBUG_EDIT (11<<6) /* sudoedit */
-#define SUDO_DEBUG_SELINUX (12<<6) /* selinux */
-#define SUDO_DEBUG_LDAP (13<<6) /* sudoers LDAP */
-#define SUDO_DEBUG_MATCH (14<<6) /* sudoers matching */
-#define SUDO_DEBUG_PARSER (15<<6) /* sudoers parser */
-#define SUDO_DEBUG_ALIAS (16<<6) /* sudoers alias functions */
-#define SUDO_DEBUG_DEFAULTS (17<<6) /* sudoers defaults settings */
-#define SUDO_DEBUG_AUTH (18<<6) /* authentication functions */
-#define SUDO_DEBUG_ENV (19<<6) /* environment handling */
-#define SUDO_DEBUG_LOGGING (20<<6) /* logging functions */
-#define SUDO_DEBUG_NSS (21<<6) /* network service switch */
-#define SUDO_DEBUG_RBTREE (22<<6) /* red-black tree functions */
-#define SUDO_DEBUG_PERMS (23<<6) /* uid/gid swapping functions */
-#define SUDO_DEBUG_PLUGIN (24<<6) /* main plugin functions */
-#define SUDO_DEBUG_HOOKS (25<<6) /* hook functions */
-#define SUDO_DEBUG_SSSD (26<<6) /* sudoers SSSD */
-#define SUDO_DEBUG_EVENT (27<<6) /* event handling */
-#define SUDO_DEBUG_ALL 0xfff0 /* all subsystems */
-
/* Flag to include string version of errno in debug info. */
#define SUDO_DEBUG_ERRNO (1<<4)
/* Flag to include function, file and line number in debug info. */
#define SUDO_DEBUG_LINENO (1<<5)
-/* Extract priority and convert to an index. */
-#define SUDO_DEBUG_PRI(n) (((n) & 0xf) - 1)
-
-/* Extract subsystem and convert to an index. */
-#define SUDO_DEBUG_SUBSYS(n) (((n) >> 6) - 1)
+/*
+ * Sudo debug subsystems.
+ * This includes subsystems in the sudoers plugin.
+ * Note: order must match sudo_debug_subsystems[]
+ */
+#define SUDO_DEBUG_MAIN ( 1<<16) /* sudo main() */
+#define SUDO_DEBUG_ARGS ( 2<<16) /* command line argument processing */
+#define SUDO_DEBUG_EXEC ( 3<<16) /* command execution */
+#define SUDO_DEBUG_PTY ( 4<<16) /* pseudo-tty */
+#define SUDO_DEBUG_UTMP ( 5<<16) /* utmp file ops */
+#define SUDO_DEBUG_CONV ( 6<<16) /* user conversation */
+#define SUDO_DEBUG_PCOMM ( 7<<16) /* plugin communications */
+#define SUDO_DEBUG_UTIL ( 8<<16) /* utility functions */
+#define SUDO_DEBUG_NETIF ( 9<<16) /* network interface functions */
+#define SUDO_DEBUG_AUDIT (10<<16) /* audit */
+#define SUDO_DEBUG_EDIT (11<<16) /* sudoedit */
+#define SUDO_DEBUG_SELINUX (12<<16) /* selinux */
+#define SUDO_DEBUG_LDAP (13<<16) /* sudoers LDAP */
+#define SUDO_DEBUG_MATCH (14<<16) /* sudoers matching */
+#define SUDO_DEBUG_PARSER (15<<16) /* sudoers parser */
+#define SUDO_DEBUG_ALIAS (16<<16) /* sudoers alias functions */
+#define SUDO_DEBUG_DEFAULTS (17<<16) /* sudoers defaults settings */
+#define SUDO_DEBUG_AUTH (18<<16) /* authentication functions */
+#define SUDO_DEBUG_ENV (19<<16) /* environment handling */
+#define SUDO_DEBUG_LOGGING (20<<16) /* logging functions */
+#define SUDO_DEBUG_NSS (21<<16) /* network service switch */
+#define SUDO_DEBUG_RBTREE (22<<16) /* red-black tree functions */
+#define SUDO_DEBUG_PERMS (23<<16) /* uid/gid swapping functions */
+#define SUDO_DEBUG_PLUGIN (24<<16) /* main plugin functions */
+#define SUDO_DEBUG_HOOKS (25<<16) /* hook functions */
+#define SUDO_DEBUG_SSSD (26<<16) /* sudoers SSSD */
+#define SUDO_DEBUG_EVENT (27<<16) /* event handling */
+#define SUDO_DEBUG_ALL 0xffff0000 /* all subsystems */
+
+/* Initializer for instance index to indicate that debugging is not setup. */
+#define SUDO_DEBUG_INSTANCE_INITIALIZER SUDO_DEBUG_MKINSTANCE(-1)
+
+/* The 'default' instance logs to the currently selected debug instance. */
+#define SUDO_DEBUG_INSTANCE_DEFAULT SUDO_DEBUG_MKINSTANCE(-2)
+
+/* Extract priority number and convert to an index. */
+#define SUDO_DEBUG_PRI(n) (((n) & 0x0f) - 1)
+
+/* Extract instance number and convert to an index. */
+#define SUDO_DEBUG_INSTANCE(n) ((((n) & 0xff00) >> 8) - 2)
+#define SUDO_DEBUG_MKINSTANCE(n) (((n) + 2) << 8)
+
+/* Extract subsystem number and convert to an index. */
+#define SUDO_DEBUG_SUBSYS(n) (((n) >> 16) - 1)
/*
* Wrapper for sudo_debug_enter() that declares __func__ as needed
* and sets sudo_debug_subsys for sudo_debug_exit().
*/
#ifdef HAVE___FUNC__
-# define debug_decl(funcname, subsys) \
- const int sudo_debug_subsys = (subsys); \
+# define debug_decl(funcname, subsys, instance) \
+ const int sudo_debug_subsys = (subsys)|(instance); \
sudo_debug_enter(__func__, __FILE__, __LINE__, sudo_debug_subsys);
#else
-# define debug_decl(funcname, subsys) \
- const int sudo_debug_subsys = (subsys); \
+# define debug_decl(funcname, subsys, instance) \
+ const int sudo_debug_subsys = (subsys)|(instance); \
const char __func__[] = #funcname; \
sudo_debug_enter(__func__, __FILE__, __LINE__, sudo_debug_subsys);
#endif
#define sudo_debug_execve(pri, path, argv, envp) \
sudo_debug_execve2((pri)|sudo_debug_subsys, (path), (argv), (envp))
-#define sudo_debug_write(str, len, errnum) \
- sudo_debug_write2(NULL, NULL, 0, (str), (len), (errnum))
+#define sudo_debug_write(fd, str, len, errnum) \
+ sudo_debug_write2(fd, NULL, NULL, 0, (str), (len), (errnum))
+__dso_public int sudo_debug_deregister(int instance_id);
__dso_public void sudo_debug_enter(const char *func, const char *file, int line, int subsys);
__dso_public void sudo_debug_execve2(int level, const char *path, char *const argv[], char *const envp[]);
__dso_public void sudo_debug_exit(const char *func, const char *file, int line, int subsys);
+__dso_public void sudo_debug_exit_bool(const char *func, const char *file, int line, int subsys, int rval);
__dso_public void sudo_debug_exit_int(const char *func, const char *file, int line, int subsys, int rval);
__dso_public void sudo_debug_exit_long(const char *func, const char *file, int line, int subsys, long rval);
+__dso_public void sudo_debug_exit_ptr(const char *func, const char *file, int line, int subsys, const void *rval);
__dso_public void sudo_debug_exit_size_t(const char *func, const char *file, int line, int subsys, size_t rval);
-__dso_public void sudo_debug_exit_bool(const char *func, const char *file, int line, int subsys, int rval);
__dso_public void sudo_debug_exit_str(const char *func, const char *file, int line, int subsys, const char *rval);
__dso_public void sudo_debug_exit_str_masked(const char *func, const char *file, int line, int subsys, const char *rval);
-__dso_public void sudo_debug_exit_ptr(const char *func, const char *file, int line, int subsys, const void *rval);
-__dso_public int sudo_debug_fd_get(void);
-__dso_public int sudo_debug_fd_set(int fd);
-__dso_public int sudo_debug_init(const char *debugfile, const char *settings);
-__dso_public void sudo_debug_printf_nvm(int pri, const char *fmt, ...) __printf0like(2, 3);
+__dso_public pid_t sudo_debug_fork(void);
+__dso_public int sudo_debug_get_default_instance(void);
+__dso_public int sudo_debug_get_fds(fd_set **fdsetp);
+__dso_public int sudo_debug_get_instance(const char *program);
__dso_public void sudo_debug_printf2(const char *func, const char *file, int line, int level, const char *fmt, ...) __printf0like(5, 6);
+__dso_public void sudo_debug_printf_nvm(int pri, const char *fmt, ...) __printf0like(2, 3);
+__dso_public int sudo_debug_register(const char *program, const char *const subsystems[], int num_subsystems, struct sudo_conf_debug_file_list *debug_files);
+__dso_public int sudo_debug_set_default_instance(int inst);
+__dso_public void sudo_debug_update_fd(int ofd, int nfd);
__dso_public void sudo_debug_vprintf2(const char *func, const char *file, int line, int level, const char *fmt, va_list ap) __printf0like(5, 0);
-__dso_public void sudo_debug_write2(const char *func, const char *file, int line, const char *str, int len, int errno_val);
-__dso_public pid_t sudo_debug_fork(void);
+__dso_public void sudo_debug_write2(int fd, const char *func, const char *file, int line, const char *str, int len, int errnum);
#endif /* _SUDO_DEBUG_H */
static int
aix_getlimit(char *user, char *lim, int *valp)
{
- debug_decl(aix_getlimit, SUDO_DEBUG_UTIL)
+ debug_decl(aix_getlimit, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (getuserattr(user, lim, valp, SEC_INT) != 0)
debug_return_int(-1);
struct rlimit64 rlim;
int val;
size_t n;
- debug_decl(aix_setlimits, SUDO_DEBUG_UTIL)
+ debug_decl(aix_setlimits, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (setuserdb(S_READ) != 0) {
sudo_warn(U_("unable to open userdb"));
aix_setauthdb_v1(char *user)
{
char *registry;
- debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL)
+ debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (user != NULL) {
if (setuserdb(S_READ) != 0) {
int
aix_restoreauthdb_v1(void)
{
- debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL)
+ debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (setauthdb(NULL, NULL) != 0) {
sudo_warn(U_("unable to restore registry"));
{
char *info;
int len;
- debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL)
+ debug_decl(aix_setauthdb, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/* set usrinfo, like login(1) does */
len = sudo_easprintf(&info, "NAME=%s%cLOGIN=%s%cLOGNAME=%s%cTTY=%s%c",
sudo_ev_base_alloc_v1(void)
{
struct sudo_event_base *base;
- debug_decl(sudo_ev_base_alloc, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_base_alloc, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
base = sudo_ecalloc(1, sizeof(*base));
TAILQ_INIT(&base->events);
sudo_ev_base_free_v1(struct sudo_event_base *base)
{
struct sudo_event *ev, *next;
- debug_decl(sudo_ev_base_free, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_base_free, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Remove any existing events before freeing the base. */
TAILQ_FOREACH_SAFE(ev, &base->events, entries, next) {
sudo_ev_alloc_v1(int fd, short events, sudo_ev_callback_t callback, void *closure)
{
struct sudo_event *ev;
- debug_decl(sudo_ev_alloc, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_alloc, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* XXX - sanity check events value */
void
sudo_ev_free_v1(struct sudo_event *ev)
{
- debug_decl(sudo_ev_free, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_free, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Make sure ev is not in use before freeing it. */
if (ISSET(ev->flags, SUDO_EVQ_INSERTED))
sudo_ev_add_v1(struct sudo_event_base *base, struct sudo_event *ev,
struct timeval *timo, bool tohead)
{
- debug_decl(sudo_ev_add, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_add, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* If no base specified, use existing one. */
if (base == NULL) {
int
sudo_ev_del_v1(struct sudo_event_base *base, struct sudo_event *ev)
{
- debug_decl(sudo_ev_del, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_del, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Make sure event is really in the queue. */
if (!ISSET(ev->flags, SUDO_EVQ_INSERTED)) {
struct timeval now;
struct sudo_event *ev;
int nready, rc = 0;
- debug_decl(sudo_ev_loop, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_loop, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/*
* If sudo_ev_loopexit() was called when events were not running
void
sudo_ev_loopexit_v1(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_loopexit, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_loopexit, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* SUDO_EVBASE_LOOPBREAK trumps SUDO_EVBASE_LOOPEXIT */
if (!ISSET(base->flags, SUDO_EVBASE_LOOPBREAK)) {
/* SUDO_EVBASE_LOOPEXIT trumps SUDO_EVBASE_LOOPCONT */
void
sudo_ev_loopbreak_v1(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_loopbreak, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_loopbreak, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* SUDO_EVBASE_LOOPBREAK trumps SUDO_EVBASE_LOOP{CONT,EXIT,ONCE}. */
CLR(base->flags, (SUDO_EVBASE_LOOPCONT|SUDO_EVBASE_LOOPEXIT|SUDO_EVBASE_LOOPONCE));
SET(base->flags, SUDO_EVBASE_LOOPBREAK);
void
sudo_ev_loopcontinue_v1(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_loopcontinue, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_loopcontinue, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* SUDO_EVBASE_LOOP{BREAK,EXIT} trumps SUDO_EVBASE_LOOPCONT */
if (!ISSET(base->flags, SUDO_EVBASE_LOOPONCE|SUDO_EVBASE_LOOPBREAK)) {
SET(base->flags, SUDO_EVBASE_LOOPCONT);
bool
sudo_ev_got_exit_v1(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_got_exit, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_got_exit, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
debug_return_bool(ISSET(base->flags, SUDO_EVBASE_GOT_EXIT));
}
bool
sudo_ev_got_break_v1(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_got_break, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_got_break, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
debug_return_bool(ISSET(base->flags, SUDO_EVBASE_GOT_BREAK));
}
sudo_ev_get_timeleft_v1(struct sudo_event *ev, struct timeval *tv)
{
struct timeval now;
- debug_decl(sudo_ev_get_timeleft, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_get_timeleft, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
if (!ISSET(ev->flags, SUDO_EVQ_TIMEOUTS)) {
sudo_timevalclear(tv);
sudo_ev_base_alloc_impl(struct sudo_event_base *base)
{
int i;
- debug_decl(sudo_ev_base_alloc_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_base_alloc_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
base->pfd_high = -1;
base->pfd_max = 32;
void
sudo_ev_base_free_impl(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_base_free_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_base_free_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
sudo_efree(base->pfds);
debug_return;
}
sudo_ev_add_impl(struct sudo_event_base *base, struct sudo_event *ev)
{
struct pollfd *pfd;
- debug_decl(sudo_ev_add_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_add_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* If out of space in pfds array, realloc. */
if (base->pfd_free == base->pfd_max) {
int
sudo_ev_del_impl(struct sudo_event_base *base, struct sudo_event *ev)
{
- debug_decl(sudo_ev_del_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_del_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Mark pfd entry unused, add to free list and adjust high slot. */
base->pfds[ev->pfd_idx].fd = -1;
struct sudo_event *ev;
int nready, timeout;
struct timeval now;
- debug_decl(sudo_ev_scan_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_scan_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
if ((ev = TAILQ_FIRST(&base->timeouts)) != NULL) {
struct timeval *timo = &ev->timeout;
/*
- * Copyright (c) 2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2013-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
int
sudo_ev_base_alloc_impl(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_base_alloc_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_base_alloc_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
base->maxfd = NFDBITS - 1;
base->readfds_in = sudo_ecalloc(1, sizeof(fd_mask));
void
sudo_ev_base_free_impl(struct sudo_event_base *base)
{
- debug_decl(sudo_ev_base_free_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_base_free_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
sudo_efree(base->readfds_in);
sudo_efree(base->writefds_in);
sudo_efree(base->readfds_out);
int
sudo_ev_add_impl(struct sudo_event_base *base, struct sudo_event *ev)
{
- debug_decl(sudo_ev_add_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_add_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* If out of space in fd sets, realloc. */
if (ev->fd > base->maxfd) {
int
sudo_ev_del_impl(struct sudo_event_base *base, struct sudo_event *ev)
{
- debug_decl(sudo_ev_del_impl, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_del_impl, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Remove from readfds and writefds and adjust high fd. */
if (ISSET(ev->events, SUDO_EV_READ)) {
struct sudo_event *ev;
size_t setsize;
int nready;
- debug_decl(sudo_ev_loop, SUDO_DEBUG_EVENT)
+ debug_decl(sudo_ev_loop, SUDO_DEBUG_EVENT, SUDO_DEBUG_INSTANCE_DEFAULT)
if ((ev = TAILQ_FIRST(&base->timeouts)) != NULL) {
gettimeofday(&now, NULL);
const char *cp = gidstr;
const char *errstr;
char *ep;
- debug_decl(sudo_parse_gids, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_parse_gids, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Count groups. */
if (*cp != '\0') {
/*
- * Copyright (c) 2010-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2010-2012, 2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
size_t key_len = strlen(key);
size_t val_len = strlen(val);
char *cp, *str;
- debug_decl(sudo_new_key_val, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_new_key_val, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
cp = str = malloc(key_len + 1 + val_len + 1);
if (str != NULL) {
sudo_lbuf_init_v1(struct sudo_lbuf *lbuf, sudo_lbuf_output_t output,
int indent, const char *continuation, int cols)
{
- debug_decl(sudo_lbuf_init, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lbuf_init, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
lbuf->output = output;
lbuf->continuation = continuation;
void
sudo_lbuf_destroy_v1(struct sudo_lbuf *lbuf)
{
- debug_decl(sudo_lbuf_destroy, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lbuf_destroy, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
sudo_efree(lbuf->buf);
lbuf->buf = NULL;
va_list ap;
int len;
char *cp, *s;
- debug_decl(sudo_lbuf_append_quoted, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lbuf_append_quoted, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
va_start(ap, fmt);
while (*fmt != '\0') {
va_list ap;
int len;
char *s;
- debug_decl(sudo_lbuf_append, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lbuf_append, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
va_start(ap, fmt);
while (*fmt != '\0') {
{
char *cp, save;
int i, have, contlen;
- debug_decl(sudo_lbuf_println, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lbuf_println, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
contlen = lbuf->continuation ? strlen(lbuf->continuation) : 0;
{
char *cp, *ep;
int len;
- debug_decl(sudo_lbuf_print, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lbuf_print, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (lbuf->buf == NULL || lbuf->len == 0)
goto done;
sudo_lock_file_v1(int fd, int lockit)
{
int op = 0;
- debug_decl(sudo_lock_file, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lock_file, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
switch (lockit) {
case SUDO_LOCK:
sudo_lock_file_v1(int fd, int lockit)
{
int op = 0;
- debug_decl(sudo_lock_file, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lock_file, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
switch (lockit) {
case SUDO_LOCK:
#ifdef F_SETLK
int func;
struct flock lock;
- debug_decl(sudo_lock_file, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_lock_file, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
lock.l_start = 0;
lock.l_len = 0;
ssize_t len;
char *cp, *line = NULL;
bool continued;
- debug_decl(sudo_parseln, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_parseln, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
do {
continued = false;
/*
- * Copyright (c) 2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2012, 2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
{
struct stat sb;
int rval = SUDO_PATH_MISSING;
- debug_decl(sudo_secure_path, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_secure_path, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (path != NULL && stat(path, &sb) == 0) {
if ((sb.st_mode & _S_IFMT) != type) {
/*
- * Copyright (c) 2011-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2011-2012, 2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
sudo_setgroups_v1(int ngids, const GETGROUPS_T *gids)
{
int maxgids, rval;
- debug_decl(sudo_setgroups, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_setgroups, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
rval = setgroups(ngids, (GETGROUPS_T *)gids);
if (rval == -1 && errno == EINVAL) {
int
sudo_strtobool_v1(const char *str)
{
- debug_decl(sudo_strtobool, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_strtobool, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
switch (*str) {
case '0':
char *ep;
id_t rval = 0;
bool valid = false;
- debug_decl(sudo_strtoid, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_strtoid, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/* skip leading space so we can pick up the sign, if any */
while (isspace((unsigned char)*p))
{
char *ep;
long lval;
- debug_decl(sudo_strtomode, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_strtomode, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
errno = 0;
lval = strtol(cp, &ep, 8);
struct plugin_info *plugin_info;
const char *progname;
size_t prognamelen;
- debug_decl(main, SUDO_DEBUG_UTIL)
+ int instance;
+ debug_decl(main, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
progname = getprogname();
prognamelen = strlen(progname);
if (prognamelen > 4 && strcmp(progname + 4, "edit") == 0)
prognamelen -= 4;
TAILQ_FOREACH(debug_spec, &sudo_conf_data.debugging, entries) {
- /* XXX - only uses last matching Debug entry */
if (strncmp(debug_spec->progname, progname, prognamelen) == 0 &&
debug_spec->progname[prognamelen] == '\0') {
- sudo_debug_init(TAILQ_LAST(&debug_spec->debug_files, sudo_conf_debug_file_list)->debug_file, TAILQ_LAST(&debug_spec->debug_files, sudo_conf_debug_file_list)->debug_flags);
+ /*
+ * Register debug instance for the main program, making it
+ * the default instance if one is not already set.
+ */
+ instance = sudo_debug_register(progname, NULL, 0,
+ &debug_spec->debug_files);
+ if (sudo_debug_get_default_instance() == SUDO_DEBUG_INSTANCE_INITIALIZER)
+ sudo_debug_set_default_instance(instance);
sudo_debug_enter(__func__, __FILE__, __LINE__, sudo_debug_subsys);
continue;
}
{
struct sudo_conf_setting *path_spec, *next;
unsigned int i;
- debug_decl(sudo_conf_set_paths, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_conf_set_paths, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/*
* Store matching paths in sudo_conf_data.path_table.
sudo_efree(path_spec->name);
sudo_efree(path_spec);
}
- TAILQ_INIT(&sudo_conf_data.paths);
debug_return;
}
{
struct sudo_conf_setting *setting, *next;
struct sudo_conf_var_table *var;
- debug_decl(sudo_conf_set_variables, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_conf_set_variables, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
TAILQ_FOREACH_SAFE(setting, &sudo_conf_data.settings, entries, next) {
+ TAILQ_REMOVE(&sudo_conf_data.settings, setting, entries);
for (var = sudo_conf_var_table; var->name != NULL; var++) {
if (strcmp(setting->name, var->name) == 0) {
if (var->setter(setting->value, conf_file, setting->lineno)) {
sudo_efree(setting->value);
sudo_efree(setting);
}
- TAILQ_INIT(&sudo_conf_data.settings);
debug_return;
}
#include <config.h>
+#include <sys/param.h> /* for howmany() on Linux */
+#ifdef HAVE_SYS_SYSMACROS_H
+# include <sys/sysmacros.h> /* for howmany() on Solaris */
+#endif
+#ifdef HAVE_SYS_SELECT_H
+# include <sys/select.h>
+#endif /* HAVE_SYS_SELECT_H */
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/uio.h>
};
/* Note: this must match the order in sudo_debug.h */
-static const char *const sudo_debug_subsystems[] = {
+/* XXX - remove sudoers-specific bits */
+static const char *const sudo_debug_default_subsystems[] = {
"main",
"args",
"exec",
NULL
};
-#define NUM_SUBSYSTEMS (sizeof(sudo_debug_subsystems) / sizeof(sudo_debug_subsystems[0]) - 1)
+#define NUM_SUBSYSTEMS (sizeof(sudo_debug_default_subsystems) / sizeof(sudo_debug_default_subsystems[0]) - 1)
+
+/*
+ * For multiple programs/plugins there is a per-program instance
+ * and one or more outputs (files).
+ */
+struct sudo_debug_output {
+ SLIST_ENTRY(sudo_debug_output) entries;
+ char *filename;
+ int *settings;
+ int fd;
+};
+SLIST_HEAD(sudo_debug_output_list, sudo_debug_output);
+struct sudo_debug_instance {
+ char *program;
+ const char *const *subsystems;
+ int num_subsystems;
+ struct sudo_debug_output_list outputs;
+};
+
+/* Support up to 10 instances. */
+#define SUDO_DEBUG_INSTANCE_MAX 10
+static struct sudo_debug_instance *sudo_debug_instances[SUDO_DEBUG_INSTANCE_MAX];
+static int sudo_debug_num_instances;
-static int sudo_debug_settings[NUM_SUBSYSTEMS];
-static int sudo_debug_fd = -1;
-static bool sudo_debug_initialized;
static char sudo_debug_pidstr[(((sizeof(int) * 8) + 2) / 3) + 3];
static size_t sudo_debug_pidlen;
-static const int num_subsystems = NUM_SUBSYSTEMS;
+
+static fd_set sudo_debug_fdset; /* XXX - make dynamic */
+static int sudo_debug_max_fd = -1;
+
+/* Default instance index to use for common utility functions. */
+static int sudo_debug_default_instance = -1;
/*
- * Parse settings string from sudo.conf and open debugfile.
- * Returns 1 on success, 0 if cannot open debugfile.
- * Unsupported subsystems and priorities are silently ignored.
+ * Create a new output file for the specified debug instance.
*/
-int sudo_debug_init(const char *debugfile, const char *settings)
+static struct sudo_debug_output *
+sudo_debug_new_output(struct sudo_debug_instance *instance,
+ struct sudo_debug_file *debug_file)
{
char *buf, *cp, *subsys, *pri;
+ struct sudo_debug_output *output;
int i, j;
- /* Make sure we are not already initialized. */
- if (sudo_debug_initialized)
- return 1;
-
- /* A debug file name is required. */
- if (debugfile == NULL)
- return 1;
+ /* Create new output for the instance. */
+ /* XXX - reuse fd for existing filename? */
+ output = sudo_emalloc(sizeof(*output));
+ output->settings = sudo_emallocarray(instance->num_subsystems, sizeof(int));
+ output->filename = sudo_estrdup(debug_file->debug_file);
+ output->fd = -1;
/* Init per-subsystems settings to -1 since 0 is a valid priority. */
- for (i = 0; i < num_subsystems; i++)
- sudo_debug_settings[i] = -1;
+ for (i = 0; i < instance->num_subsystems; i++)
+ output->settings[i] = -1;
/* Open debug file. */
- if (sudo_debug_fd != -1)
- close(sudo_debug_fd);
- sudo_debug_fd = open(debugfile, O_WRONLY|O_APPEND, S_IRUSR|S_IWUSR);
- if (sudo_debug_fd == -1) {
+ output->fd = open(output->filename, O_WRONLY|O_APPEND, S_IRUSR|S_IWUSR);
+ if (output->fd == -1) {
/* Create debug file as needed and set group ownership. */
if (errno == ENOENT) {
- sudo_debug_fd = open(debugfile, O_WRONLY|O_APPEND|O_CREAT,
+ output->fd = open(output->filename, O_WRONLY|O_APPEND|O_CREAT,
S_IRUSR|S_IWUSR);
}
- if (sudo_debug_fd == -1)
- return 0;
- ignore_result(fchown(sudo_debug_fd, (uid_t)-1, 0));
+ if (output->fd == -1)
+ return NULL;
+ ignore_result(fchown(output->fd, (uid_t)-1, 0));
+ }
+ (void)fcntl(output->fd, F_SETFD, FD_CLOEXEC);
+ /* XXX - realloc sudo_debug_fdset as needed (or use other bitmap). */
+ if (output->fd < FD_SETSIZE) {
+ FD_SET(output->fd, &sudo_debug_fdset);
+ if (output->fd > sudo_debug_max_fd)
+ sudo_debug_max_fd = output->fd;
}
- (void)fcntl(sudo_debug_fd, F_SETFD, FD_CLOEXEC);
- sudo_debug_initialized = true;
-
- /* Stash the pid string so we only have to format it once. */
- (void)snprintf(sudo_debug_pidstr, sizeof(sudo_debug_pidstr), "[%d] ",
- (int)getpid());
- sudo_debug_pidlen = strlen(sudo_debug_pidstr);
- /* Parse settings string. */
- if ((buf = strdup(settings)) == NULL)
- return 0;
+ /* Parse Debug conf string. */
+ if ((buf = strdup(debug_file->debug_flags)) == NULL) {
+ /* XXX - free output on error or make non-destructive */
+ return NULL;
+ }
for ((cp = strtok(buf, ",")); cp != NULL; (cp = strtok(NULL, ","))) {
/* Should be in the form subsys@pri. */
subsys = cp;
/* Look up priority and subsystem, fill in sudo_debug_settings[]. */
for (i = 0; sudo_debug_priorities[i] != NULL; i++) {
if (strcasecmp(pri, sudo_debug_priorities[i]) == 0) {
- for (j = 0; sudo_debug_subsystems[j] != NULL; j++) {
+ for (j = 0; instance->subsystems[j] != NULL; j++) {
if (strcasecmp(subsys, "all") == 0) {
- sudo_debug_settings[j] = i;
+ output->settings[j] = i;
continue;
}
- if (strcasecmp(subsys, sudo_debug_subsystems[j]) == 0) {
- sudo_debug_settings[j] = i;
+ if (strcasecmp(subsys, instance->subsystems[j]) == 0) {
+ output->settings[j] = i;
break;
}
}
}
free(buf);
- return 1;
+ return output;
+}
+
+/*
+ * Register a program/plugin with the debug framework,
+ * parses settings string from sudo.conf and opens debugfile.
+ * If subsystem names are specified they override the default values.
+ * NOTE: subsystems must not be freed by caller unless deregistered.
+ * Returns instance index on success or -1 if cannot open debugfile.
+ */
+int
+sudo_debug_register(const char *program, const char *const subsystems[],
+ int num_subsystems, struct sudo_conf_debug_file_list *debug_files)
+{
+ struct sudo_debug_instance *instance = NULL;
+ struct sudo_debug_output *output;
+ struct sudo_debug_file *debug_file;
+ int idx, free_idx = -1;
+
+ if (debug_files == NULL || num_subsystems < 0)
+ return -1;
+
+ /* Use default subsystem names if none are provided. */
+ if (subsystems == NULL || num_subsystems == 0) {
+ subsystems = sudo_debug_default_subsystems;
+ num_subsystems = NUM_SUBSYSTEMS;
+ }
+
+ /* Search for existing instance. */
+ for (idx = 0; idx < sudo_debug_num_instances; idx++) {
+ if (sudo_debug_instances[idx] == NULL) {
+ free_idx = idx;
+ continue;
+ }
+ if (sudo_debug_instances[idx]->subsystems == subsystems &&
+ strcmp(sudo_debug_instances[idx]->program, program) == 0) {
+ instance = sudo_debug_instances[idx];
+ break;
+ }
+ }
+
+ if (instance == NULL) {
+ if (free_idx != -1)
+ idx = free_idx;
+ if (idx == SUDO_DEBUG_INSTANCE_MAX) {
+ /* XXX - realloc? */
+ sudo_warnx_nodebug("too many debug instances (max %d)", SUDO_DEBUG_INSTANCE_MAX);
+ return -1;
+ }
+ if (idx != sudo_debug_num_instances && idx != free_idx) {
+ sudo_warnx_nodebug("%s: instance number mismatch: expected %d, got %u", __func__, idx, sudo_debug_num_instances);
+ return -1;
+ }
+ instance = sudo_emalloc(sizeof(*instance));
+ instance->program = sudo_estrdup(program);
+ instance->subsystems = subsystems;
+ instance->num_subsystems = num_subsystems;
+ SLIST_INIT(&instance->outputs);
+ sudo_debug_instances[idx] = instance;
+ if (idx == sudo_debug_num_instances)
+ sudo_debug_num_instances++;
+ }
+
+ TAILQ_FOREACH(debug_file, debug_files, entries) {
+ output = sudo_debug_new_output(instance, debug_file);
+ if (output != NULL)
+ SLIST_INSERT_HEAD(&instance->outputs, output, entries);
+ }
+
+ /* Stash the pid string so we only have to format it once. */
+ if (sudo_debug_pidlen == 0) {
+ (void)snprintf(sudo_debug_pidstr, sizeof(sudo_debug_pidstr), "[%d] ",
+ (int)getpid());
+ sudo_debug_pidlen = strlen(sudo_debug_pidstr);
+ }
+
+ /* Convert index to instance. */
+ return SUDO_DEBUG_MKINSTANCE(idx);
+}
+
+/*
+ * De-register the specified instance from the debug subsystem
+ * and free up any associated data structures.
+ */
+int
+sudo_debug_deregister(int instance_id)
+{
+ struct sudo_debug_instance *instance;
+ struct sudo_debug_output *output, *next;
+ int idx;
+
+ idx = SUDO_DEBUG_INSTANCE(instance_id);
+ if (idx < 0 || idx >= sudo_debug_num_instances) {
+ sudo_warnx_nodebug("%s: invalid instance number %d, max %u",
+ __func__, idx + 1, sudo_debug_num_instances);
+ return -1;
+ }
+ /* Reset default instance as needed. */
+ if (sudo_debug_default_instance == idx)
+ sudo_debug_default_instance = -1;
+
+ instance = sudo_debug_instances[idx];
+ if (instance == NULL)
+ return -1; /* already deregistered */
+
+ /* Free up instance data, note that subsystems[] is owned by caller. */
+ sudo_debug_instances[idx] = NULL;
+ SLIST_FOREACH_SAFE(output, &instance->outputs, entries, next) {
+ close(output->fd);
+ sudo_efree(output->filename);
+ sudo_efree(output->settings);
+ sudo_efree(output);
+ }
+ sudo_efree(instance->program);
+ sudo_efree(instance);
+
+ if (idx == sudo_debug_num_instances - 1)
+ sudo_debug_num_instances--;
+
+ return 0;
+}
+
+int
+sudo_debug_get_instance(const char *program)
+{
+ size_t proglen;
+ int idx;
+
+ /* Treat "sudoedit" as an alias for "sudo". */
+ proglen = strlen(program);
+ if (proglen > 4 && strcmp(program + proglen - 4, "edit") == 0)
+ proglen -= 4;
+
+ for (idx = 0; idx < sudo_debug_num_instances; idx++) {
+ if (sudo_debug_instances[idx] == NULL)
+ continue;
+ if (strncmp(sudo_debug_instances[idx]->program, program, proglen) == 0
+ && sudo_debug_instances[idx]->program[proglen] == '\0')
+ return SUDO_DEBUG_MKINSTANCE(idx);
+ }
+ return SUDO_DEBUG_INSTANCE_INITIALIZER;
+}
+
+int
+sudo_debug_set_output_fd(int level, int ofd, int nfd)
+{
+ struct sudo_debug_instance *instance;
+ struct sudo_debug_output *output;
+ int idx;
+
+ idx = SUDO_DEBUG_INSTANCE(level);
+ if (idx < 0 || idx >= sudo_debug_num_instances) {
+ sudo_warnx_nodebug("%s: invalid instance number %d, max %u",
+ __func__, idx + 1, sudo_debug_num_instances);
+ return -1;
+ }
+
+ instance = sudo_debug_instances[idx];
+ SLIST_FOREACH(output, &instance->outputs, entries) {
+ if (output->fd == ofd)
+ output->fd = nfd;
+ }
+ return 0;
}
pid_t
}
void
-sudo_debug_write2(const char *func, const char *file, int lineno,
+sudo_debug_write2(int fd, const char *func, const char *file, int lineno,
const char *str, int len, int errnum)
{
char *timestr, numbuf[(((sizeof(int) * 8) + 2) / 3) + 2];
iov[0].iov_len = 16;
/* Write message in a single syscall */
- ignore_result(writev(sudo_debug_fd, iov, iovcnt));
+ ignore_result(writev(fd, iov, iovcnt));
}
void
sudo_debug_vprintf2(const char *func, const char *file, int lineno, int level,
const char *fmt, va_list ap)
{
- int pri, subsys;
+ int buflen, idx, pri, subsys, saved_errno = errno;
+ char static_buf[1024], *buf = static_buf;
+ struct sudo_debug_instance *instance;
+ struct sudo_debug_output *output;
+ va_list ap2;
- if (!sudo_debug_initialized)
- return;
+ if (sudo_debug_num_instances == 0)
+ goto out;
- /* Extract pri and subsystem from level. */
+ /* Extract instance index, priority and subsystem from level. */
+ idx = SUDO_DEBUG_INSTANCE(level);
pri = SUDO_DEBUG_PRI(level);
subsys = SUDO_DEBUG_SUBSYS(level);
- /* Make sure we want debug info at this level. */
- if (subsys < num_subsystems && sudo_debug_settings[subsys] >= pri) {
- char static_buf[1024], *buf = static_buf;
- int buflen, saved_errno = errno;
- va_list ap2;
-
- va_copy(ap2, ap);
- buflen = fmt ? vsnprintf(static_buf, sizeof(static_buf), fmt, ap) : 0;
- if (buflen >= (int)sizeof(static_buf)) {
- /* Not enough room in static buf, allocate dynamically. */
- buflen = vasprintf(&buf, fmt, ap2);
+ /* Find matching instance. */
+ if (idx < 0) {
+ /* Check for default instance, else we are not initialized. */
+ if (sudo_debug_default_instance < 0 ||
+ SUDO_DEBUG_MKINSTANCE(idx) != SUDO_DEBUG_INSTANCE_DEFAULT) {
+ goto out;
}
- if (buflen != -1) {
- int errcode = ISSET(level, SUDO_DEBUG_ERRNO) ? saved_errno : 0;
- if (ISSET(level, SUDO_DEBUG_LINENO))
- sudo_debug_write2(func, file, lineno, buf, buflen, errcode);
- else
- sudo_debug_write2(NULL, NULL, 0, buf, buflen, errcode);
- if (buf != static_buf)
- free(buf);
+ idx = sudo_debug_default_instance;
+ } else if (idx >= sudo_debug_num_instances) {
+ sudo_warnx_nodebug("%s: invalid instance number %d, max %u",
+ __func__, idx + 1, sudo_debug_num_instances);
+ goto out;
+ }
+ instance = sudo_debug_instances[idx];
+ if (instance == NULL) {
+ sudo_warnx_nodebug("%s: unregistered instance index %d", __func__, idx);
+ goto out;
+ }
+
+ SLIST_FOREACH(output, &instance->outputs, entries) {
+ /* Make sure we want debug info at this level. */
+ if (subsys < instance->num_subsystems && output->settings[subsys] >= pri) {
+ va_copy(ap2, ap);
+ buflen = fmt ? vsnprintf(static_buf, sizeof(static_buf), fmt, ap) : 0;
+ if (buflen >= (int)sizeof(static_buf)) {
+ /* Not enough room in static buf, allocate dynamically. */
+ buflen = vasprintf(&buf, fmt, ap2);
+ }
+ if (buflen != -1) {
+ int errcode = ISSET(level, SUDO_DEBUG_ERRNO) ? saved_errno : 0;
+ if (ISSET(level, SUDO_DEBUG_LINENO))
+ sudo_debug_write2(output->fd, func, file, lineno, buf, buflen, errcode);
+ else
+ sudo_debug_write2(output->fd, NULL, NULL, 0, buf, buflen, errcode);
+ if (buf != static_buf) {
+ sudo_efree(buf);
+ buf = static_buf;
+ }
+ }
+ va_end(ap2);
}
- va_end(ap2);
- errno = saved_errno;
}
+out:
+ errno = saved_errno;
}
#ifdef NO_VARIADIC_MACROS
va_end(ap);
}
+#define EXEC_PREFIX "exec "
+
void
sudo_debug_execve2(int level, const char *path, char *const argv[], char *const envp[])
{
+ int buflen, idx, pri, subsys, saved_errno = errno;
+ struct sudo_debug_instance *instance;
+ struct sudo_debug_output *output;
char * const *av;
char *buf, *cp;
- int buflen, pri, subsys, log_envp = 0;
size_t plen;
- if (!sudo_debug_initialized)
- return;
+ if (sudo_debug_num_instances == 0)
+ goto out;
- /* Extract pri and subsystem from level. */
+ /* Extract instance index, priority and subsystem from level. */
+ idx = SUDO_DEBUG_INSTANCE(level);
pri = SUDO_DEBUG_PRI(level);
subsys = SUDO_DEBUG_SUBSYS(level);
- /* Make sure we want debug info at this level. */
- if (subsys >= num_subsystems || sudo_debug_settings[subsys] < pri)
- return;
+ /* Find matching instance. */
+ if (idx < 0) {
+ /* Check for default instance, else we are not initialized. */
+ if (sudo_debug_default_instance < 0 ||
+ SUDO_DEBUG_MKINSTANCE(idx) != SUDO_DEBUG_INSTANCE_DEFAULT) {
+ goto out;
+ }
+ idx = sudo_debug_default_instance;
+ } else if (idx >= sudo_debug_num_instances) {
+ sudo_warnx_nodebug("%s: invalid instance number %d, max %u",
+ __func__, idx + 1, sudo_debug_num_instances);
+ goto out;
+ }
+ instance = sudo_debug_instances[idx];
+ if (instance == NULL) {
+ sudo_warnx_nodebug("%s: unregistered instance index %d", __func__, idx);
+ goto out;
+ }
+ if (subsys >= instance->num_subsystems)
+ goto out;
- /* Log envp for debug level "debug". */
- if (sudo_debug_settings[subsys] >= SUDO_DEBUG_DEBUG - 1 && envp[0] != NULL)
- log_envp = 1;
+ /* XXX - use static buffer if possible */
+ SLIST_FOREACH(output, &instance->outputs, entries) {
+ bool log_envp = false;
-#define EXEC_PREFIX "exec "
+ /* Make sure we want debug info at this level. */
+ if (output->settings[subsys] < pri)
+ continue;
- /* Alloc and build up buffer. */
- plen = strlen(path);
- buflen = sizeof(EXEC_PREFIX) -1 + plen;
- if (argv[0] != NULL) {
- buflen += sizeof(" []") - 1;
- for (av = argv; *av; av++)
- buflen += strlen(*av) + 1;
- buflen--;
- }
- if (log_envp) {
- buflen += sizeof(" []") - 1;
- for (av = envp; *av; av++)
- buflen += strlen(*av) + 1;
- buflen--;
- }
- buf = malloc(buflen + 1);
- if (buf == NULL)
- return;
-
- /* Copy prefix and command. */
- memcpy(buf, EXEC_PREFIX, sizeof(EXEC_PREFIX) - 1);
- cp = buf + sizeof(EXEC_PREFIX) - 1;
- memcpy(cp, path, plen);
- cp += plen;
-
- /* Copy argv. */
- if (argv[0] != NULL) {
- *cp++ = ' ';
- *cp++ = '[';
- for (av = argv; *av; av++) {
- size_t avlen = strlen(*av);
- memcpy(cp, *av, avlen);
- cp += avlen;
+ /* Log envp for debug level "debug". */
+ if (output->settings[subsys] >= SUDO_DEBUG_DEBUG - 1 && envp[0] != NULL)
+ log_envp = true;
+
+ /* Alloc and build up buffer. */
+ plen = strlen(path);
+ buflen = sizeof(EXEC_PREFIX) -1 + plen;
+ if (argv[0] != NULL) {
+ buflen += sizeof(" []") - 1;
+ for (av = argv; *av; av++)
+ buflen += strlen(*av) + 1;
+ buflen--;
+ }
+ if (log_envp) {
+ buflen += sizeof(" []") - 1;
+ for (av = envp; *av; av++)
+ buflen += strlen(*av) + 1;
+ buflen--;
+ }
+ buf = malloc(buflen + 1);
+ if (buf == NULL)
+ goto out;
+
+ /* Copy prefix and command. */
+ memcpy(buf, EXEC_PREFIX, sizeof(EXEC_PREFIX) - 1);
+ cp = buf + sizeof(EXEC_PREFIX) - 1;
+ memcpy(cp, path, plen);
+ cp += plen;
+
+ /* Copy argv. */
+ if (argv[0] != NULL) {
*cp++ = ' ';
+ *cp++ = '[';
+ for (av = argv; *av; av++) {
+ size_t avlen = strlen(*av);
+ memcpy(cp, *av, avlen);
+ cp += avlen;
+ *cp++ = ' ';
+ }
+ cp[-1] = ']';
}
- cp[-1] = ']';
- }
- if (log_envp) {
- *cp++ = ' ';
- *cp++ = '[';
- for (av = envp; *av; av++) {
- size_t avlen = strlen(*av);
- memcpy(cp, *av, avlen);
- cp += avlen;
+ if (log_envp) {
*cp++ = ' ';
+ *cp++ = '[';
+ for (av = envp; *av; av++) {
+ size_t avlen = strlen(*av);
+ memcpy(cp, *av, avlen);
+ cp += avlen;
+ *cp++ = ' ';
+ }
+ cp[-1] = ']';
}
- cp[-1] = ']';
- }
- *cp = '\0';
+ *cp = '\0';
- sudo_debug_write(buf, buflen, 0);
- free(buf);
+ sudo_debug_write(output->fd, buf, buflen, 0);
+ free(buf);
+ }
+out:
+ errno = saved_errno;
}
/*
- * Getter for the debug descriptor.
+ * Returns the default instance or SUDO_DEBUG_INSTANCE_INITIALIZER
+ * if no default instance is set.
*/
int
-sudo_debug_fd_get(void)
+sudo_debug_get_default_instance(void)
{
- return sudo_debug_fd;
+ return SUDO_DEBUG_MKINSTANCE(sudo_debug_default_instance);
}
/*
- * Setter for the debug descriptor.
+ * Sets a new default instance, returning the old one.
+ * Note that the old instance may be SUDO_DEBUG_INSTANCE_INITIALIZER
+ * of this is the only instance.
*/
int
-sudo_debug_fd_set(int fd)
+sudo_debug_set_default_instance(int inst)
{
- if (sudo_debug_fd != -1 && fd != sudo_debug_fd) {
- if (dup2(sudo_debug_fd, fd) == -1)
- return -1;
- (void)fcntl(fd, F_SETFD, FD_CLOEXEC);
- close(sudo_debug_fd);
- sudo_debug_fd = fd;
+ const int idx = SUDO_DEBUG_INSTANCE(inst);
+ const int old_idx = sudo_debug_default_instance;
+
+ if (idx >= -1 && idx < sudo_debug_num_instances)
+ sudo_debug_default_instance = idx;
+ return SUDO_DEBUG_MKINSTANCE(old_idx);
+}
+
+/*
+ * Replace the ofd with nfd in all outputs if present.
+ * Also updates sudo_debug_fdset.
+ */
+void
+sudo_debug_update_fd(int ofd, int nfd)
+{
+ int idx;
+
+ if (ofd <= sudo_debug_max_fd && FD_ISSET(ofd, &sudo_debug_fdset)) {
+ /* Update sudo_debug_fdset. */
+ FD_CLR(ofd, &sudo_debug_fdset);
+ FD_SET(nfd, &sudo_debug_fdset);
+
+ /* Update the outputs. */
+ for (idx = 0; idx < sudo_debug_num_instances; idx++) {
+ struct sudo_debug_instance *instance;
+ struct sudo_debug_output *output;
+
+ instance = sudo_debug_instances[idx];
+ if (instance == NULL)
+ continue;
+ SLIST_FOREACH(output, &instance->outputs, entries) {
+ if (output->fd == ofd)
+ output->fd = nfd;
+ }
+ }
}
- return sudo_debug_fd;
+}
+
+/*
+ * Returns the highest debug output fd or -1 if no debug files open.
+ * Fills in fdsetp with the value of sudo_debug_fdset.
+ */
+int
+sudo_debug_get_fds(fd_set **fdsetp)
+{
+ *fdsetp = &sudo_debug_fdset;
+ return sudo_debug_max_fd;
}
bool
sudo_term_restore_v1(int fd, bool flush)
{
- debug_decl(term_restore, SUDO_DEBUG_UTIL)
+ debug_decl(term_restore, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (changed) {
const int flags = flush ? (TCSASOFT|TCSAFLUSH) : (TCSASOFT|TCSADRAIN);
bool
sudo_term_noecho_v1(int fd)
{
- debug_decl(term_noecho, SUDO_DEBUG_UTIL)
+ debug_decl(term_noecho, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
again:
if (!changed && tcgetattr(fd, &oterm) != 0)
sudo_term_raw_v1(int fd, int isig)
{
struct termios term;
- debug_decl(term_raw, SUDO_DEBUG_UTIL)
+ debug_decl(term_raw, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
again:
if (!changed && tcgetattr(fd, &oterm) != 0)
bool
sudo_term_cbreak_v1(int fd)
{
- debug_decl(term_cbreak, SUDO_DEBUG_UTIL)
+ debug_decl(term_cbreak, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
again:
if (!changed && tcgetattr(fd, &oterm) != 0)
sudo_term_copy_v1(int src, int dst)
{
struct termios tt;
- debug_decl(term_copy, SUDO_DEBUG_UTIL)
+ debug_decl(term_copy, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
again:
if (tcgetattr(src, &tt) != 0)
/*
- * Copyright (c) 2010-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2010-2012, 2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
get_ttysize_ioctl(int *rowp, int *colp)
{
struct winsize wsize;
- debug_decl(get_ttysize_ioctl, SUDO_DEBUG_EXEC)
+ debug_decl(get_ttysize_ioctl, SUDO_DEBUG_EXEC, SUDO_DEBUG_INSTANCE_DEFAULT)
if (ioctl(STDERR_FILENO, TIOCGWINSZ, &wsize) == 0 &&
wsize.ws_row != 0 && wsize.ws_col != 0) {
void
sudo_get_ttysize_v1(int *rowp, int *colp)
{
- debug_decl(sudo_get_ttysize, SUDO_DEBUG_EXEC)
+ debug_decl(sudo_get_ttysize, SUDO_DEBUG_EXEC, SUDO_DEBUG_INSTANCE_DEFAULT)
if (get_ttysize_ioctl(rowp, colp) == -1) {
char *p;
sudo_conf_probe_interfaces_v1
sudo_conf_read_v1
sudo_conf_sesh_path_v1
+sudo_debug_deregister
sudo_debug_enter
sudo_debug_execve2
sudo_debug_exit
sudo_debug_exit_size_t
sudo_debug_exit_str
sudo_debug_exit_str_masked
-sudo_debug_fd_get
-sudo_debug_fd_set
sudo_debug_fork
-sudo_debug_init
+sudo_debug_get_default_instance
+sudo_debug_get_fds
+sudo_debug_get_instance
sudo_debug_printf2
+sudo_debug_register
+sudo_debug_set_default_instance
+sudo_debug_update_fd
sudo_debug_vprintf2
sudo_debug_write2
sudo_dso_findsym_v1
LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo hexchar.lo \
gram.lo match.lo match_addr.lo pwutil.lo pwutil_impl.lo \
- redblack.lo timestr.lo toke.lo toke_util.lo
+ redblack.lo sudoers_debug.lo timestr.lo toke.lo \
+ toke_util.lo
SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo env.lo find_path.lo \
goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
TEST_OBJS = group_plugin.o interfaces.o locale.o net_ifs.o \
sudo_printf.o testsudoers.o tsgetgrpw.o
-CHECK_ADDR_OBJS = check_addr.o interfaces.o locale.o match_addr.o sudo_printf.o
+CHECK_ADDR_OBJS = check_addr.o interfaces.o locale.o match_addr.o \
+ sudoers_debug.o sudo_printf.o
-CHECK_BASE64_OBJS = check_base64.o base64.o locale.o
+CHECK_BASE64_OBJS = check_base64.o base64.o locale.o sudoers_debug.o
CHECK_DIGEST_OBJS = check_digest.o locale.o
-CHECK_FILL_OBJS = check_fill.o hexchar.o locale.o toke_util.o
+CHECK_FILL_OBJS = check_fill.o hexchar.o locale.o toke_util.o sudoers_debug.o
-CHECK_HEXCHAR_OBJS = check_hexchar.o hexchar.o locale.o
+CHECK_HEXCHAR_OBJS = check_hexchar.o hexchar.o locale.o sudoers_debug.o
CHECK_IOLOG_PATH_OBJS = check_iolog_path.o iolog_path.o locale.o \
- pwutil.o pwutil_impl.o redblack.o
+ pwutil.o pwutil_impl.o redblack.o sudoers_debug.o
CHECK_SYMBOLS_OBJS = check_symbols.o locale.o
-CHECK_WRAP_OBJS = check_wrap.o locale.o logwrap.o
+CHECK_WRAP_OBJS = check_wrap.o locale.o logwrap.o sudoers_debug.o
VERSION = @PACKAGE_VERSION@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
$(srcdir)/redblack.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/alias.c
-audit.lo: $(srcdir)/audit.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
- $(incdir)/sudo_debug.h $(incdir)/sudo_gettext.h \
- $(incdir)/sudo_queue.h $(srcdir)/bsm_audit.h $(srcdir)/linux_audit.h \
- $(srcdir)/logging.h $(srcdir)/solaris_audit.h $(top_builddir)/config.h
+audit.lo: $(srcdir)/audit.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+ $(incdir)/sudo_alloc.h $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/bsm_audit.h \
+ $(srcdir)/defaults.h $(srcdir)/linux_audit.h $(srcdir)/logging.h \
+ $(srcdir)/solaris_audit.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+ $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/audit.c
-base64.lo: $(srcdir)/base64.c $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
- $(incdir)/sudo_queue.h $(top_builddir)/config.h
+base64.lo: $(srcdir)/base64.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
+ $(incdir)/sudo_alloc.h $(incdir)/sudo_compat.h \
+ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+ $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/base64.c
base64.o: base64.lo
-boottime.lo: $(srcdir)/boottime.c $(incdir)/compat/stdbool.h \
- $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
- $(incdir)/sudo_queue.h $(top_builddir)/config.h
+boottime.lo: $(srcdir)/boottime.c $(devdir)/def_data.h \
+ $(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+ $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/boottime.c
bsdauth.lo: $(authdir)/bsdauth.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/group_plugin.c
group_plugin.o: group_plugin.lo
-hexchar.lo: $(srcdir)/hexchar.c $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
- $(incdir)/sudo_queue.h $(top_builddir)/config.h
+hexchar.lo: $(srcdir)/hexchar.c $(devdir)/def_data.h \
+ $(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+ $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/hexchar.c
hexchar.o: hexchar.lo
interfaces.lo: $(srcdir)/interfaces.c $(devdir)/def_data.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/pwutil_impl.c
pwutil_impl.o: pwutil_impl.lo
-redblack.lo: $(srcdir)/redblack.c $(incdir)/sudo_alloc.h \
- $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
- $(incdir)/sudo_queue.h $(srcdir)/redblack.h \
- $(top_builddir)/config.h
+redblack.lo: $(srcdir)/redblack.c $(devdir)/def_data.h \
+ $(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+ $(srcdir)/logging.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
+ $(srcdir)/sudoers.h $(top_builddir)/config.h \
+ $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/redblack.c
redblack.o: redblack.lo
rfc1938.lo: $(authdir)/rfc1938.c $(devdir)/def_data.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudoers.c
+sudoers_debug.lo: $(srcdir)/sudoers_debug.c $(devdir)/def_data.h \
+ $(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+ $(srcdir)/defaults.h $(srcdir)/logging.h \
+ $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+ $(top_builddir)/config.h $(top_builddir)/pathnames.h
+ $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudoers_debug.c
+sudoers_debug.o: sudoers_debug.lo
sudoreplay.o: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \
$(incdir)/compat/stdbool.h $(incdir)/compat/timespec.h \
$(incdir)/sudo_alloc.h $(incdir)/sudo_compat.h \
/*
- * Copyright (c) 2004-2005, 2007-2013
+ * Copyright (c) 2004-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
const struct alias *a1 = (const struct alias *)v1;
const struct alias *a2 = (const struct alias *)v2;
int res;
- debug_decl(alias_compare, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_compare, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
if (v1 == NULL)
res = -1;
struct alias key;
struct rbnode *node;
struct alias *a = NULL;
- debug_decl(alias_get, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_get, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
key.name = name;
key.type = type;
void
alias_put(struct alias *a)
{
- debug_decl(alias_put, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_put, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
a->used = false;
debug_return;
}
{
static char errbuf[512];
struct alias *a;
- debug_decl(alias_add, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_add, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
a = sudo_ecalloc(1, sizeof(*a));
a->name = name;
void
alias_apply(int (*func)(void *, void *), void *cookie)
{
- debug_decl(alias_apply, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_apply, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
rbapply(aliases, func, cookie, inorder);
bool
no_aliases(void)
{
- debug_decl(no_aliases, SUDO_DEBUG_ALIAS)
+ debug_decl(no_aliases, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
debug_return_bool(rbisempty(aliases));
}
struct member *m;
struct sudo_command *c;
void *next;
- debug_decl(alias_free, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_free, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
sudo_efree(a->name);
TAILQ_FOREACH_SAFE(m, &a->members, entries, next) {
{
struct rbnode *node;
struct alias key;
- debug_decl(alias_remove, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_remove, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
key.name = name;
key.type = type;
void
init_aliases(void)
{
- debug_decl(init_aliases, SUDO_DEBUG_ALIAS)
+ debug_decl(init_aliases, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
if (aliases != NULL)
rbdestroy(aliases, alias_free);
# include <stdlib.h>
# endif
#endif /* STDC_HEADERS */
-#ifdef HAVE_STDBOOL_H
-# include <stdbool.h>
-#else
-# include "compat/stdbool.h"
-#endif /* HAVE_STDBOOL_H */
-#include <stdarg.h>
-
-#define DEFAULT_TEXT_DOMAIN "sudoers"
-#include "sudo_gettext.h" /* must be included before sudo_compat.h */
-#include "sudo_compat.h"
-#include "logging.h"
-#include "sudo_debug.h"
+#include "sudoers.h"
#ifdef HAVE_BSM_AUDIT
# include "bsm_audit.h"
audit_success(int argc, char *argv[])
{
int rc = 0;
- debug_decl(audit_success, SUDO_DEBUG_AUDIT)
+ debug_decl(audit_success, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
if (argv != NULL) {
#ifdef HAVE_BSM_AUDIT
audit_failure(int argc, char *argv[], char const *const fmt, ...)
{
int rc = 0;
- debug_decl(audit_success, SUDO_DEBUG_AUDIT)
+ debug_decl(audit_success, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
#if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT)
if (argv != NULL) {
/*
- * Copyright (c) 1999, 2001-2005, 2007, 2010-2012
+ * Copyright (c) 1999, 2001-2005, 2007, 2010-2012, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
{
struct ktc_encryptionKey afs_key;
struct ktc_token afs_token;
- debug_decl(sudo_afs_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_afs_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Try to just check the password */
ka_StringToKey(pass, NULL, &afs_key);
/*
- * Copyright (c) 1999-2005, 2007-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
char *pass, *message = NULL;
int result = 1, reenter = 0;
int rval = AUTH_SUCCESS;
- debug_decl(sudo_aix_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_aix_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
do {
pass = auth_getpass(prompt, def_passwd_timeout * 60,
int
sudo_aix_cleanup(struct passwd *pw, sudo_auth *auth)
{
- debug_decl(sudo_aix_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_aix_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Unset AUTHSTATE as it may not be correct for the runas user. */
if (sudo_unsetenv("AUTHSTATE") == -1)
bsdauth_init(struct passwd *pw, sudo_auth *auth)
{
static struct bsdauth_state state;
- debug_decl(bsdauth_init, SUDO_DEBUG_AUTH)
+ debug_decl(bsdauth_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Get login class based on auth user, which may not be invoking user. */
if (pw->pw_class && *pw->pw_class)
int authok = 0;
sigaction_t sa, osa;
auth_session_t *as = ((struct bsdauth_state *) auth->data)->as;
- debug_decl(bsdauth_verify, SUDO_DEBUG_AUTH)
+ debug_decl(bsdauth_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* save old signal handler */
sigemptyset(&sa.sa_mask);
bsdauth_cleanup(struct passwd *pw, sudo_auth *auth)
{
struct bsdauth_state *state = auth->data;
- debug_decl(bsdauth_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(bsdauth_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (state != NULL) {
auth_close(state->as);
/*
- * Copyright (c) 1996, 1998-2005, 2010-2012
+ * Copyright (c) 1996, 1998-2005, 2010-2012, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
boolean32 reset_passwd;
sec_login_auth_src_t auth_src;
error_status_t status;
- debug_decl(sudo_dce_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_dce_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/*
* Create the local context of the DCE principal necessary
{
int error_stat;
unsigned char error_string[dce_c_error_string_len];
- debug_decl(check_dce_status, SUDO_DEBUG_AUTH)
+ debug_decl(check_dce_status, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (input_status == rpc_s_ok)
debug_return_bool(0);
/*
- * Copyright (c) 1999-2005, 2008, 2010-2013
+ * Copyright (c) 1999-2005, 2008, 2010-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
{
static Cfg *confp; /* Configuration entry struct */
char resp[128]; /* Response from the server */
- debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
sudo_warnx(U_("unable to read fwtk config"));
char buf[SUDO_CONV_REPL_MAX + 12]; /* General prupose buffer */
char resp[128]; /* Response from the server */
int error;
- debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Send username to authentication server. */
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
int
sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth)
{
- debug_decl(sudo_fwtk_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_fwtk_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
auth_close();
debug_return_int(AUTH_SUCCESS);
sudo_krb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{
static char *krb5_prompt;
- debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (krb5_prompt == NULL) {
krb5_context sudo_context;
krb5_context sudo_context;
krb5_error_code error;
char cache_name[64], *pname = pw->pw_name;
- debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
krb5_principal princ;
krb5_ccache ccache;
krb5_error_code error;
- debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
krb5_ccache ccache;
krb5_error_code error;
krb5_get_init_creds_opt *opts = NULL;
- debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
krb5_context sudo_context;
krb5_principal princ;
krb5_ccache ccache;
- debug_decl(sudo_krb5_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_krb5_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
krb5_error_code error;
krb5_principal server;
krb5_verify_init_creds_opt vopt;
- debug_decl(verify_krb_v5_tgt, SUDO_DEBUG_AUTH)
+ debug_decl(verify_krb_v5_tgt, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/*
* Get the server principal for the local host.
{
static struct pam_conv pam_conv;
static int pam_status;
- debug_decl(sudo_pam_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_pam_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Initial PAM setup */
auth->data = (void *) &pam_status;
{
const char *s;
int *pam_status = (int *) auth->data;
- debug_decl(sudo_pam_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_pam_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
def_prompt = prompt; /* for converse */
sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth)
{
int *pam_status = (int *) auth->data;
- debug_decl(sudo_pam_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_pam_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* If successful, we can't close the session until sudo_pam_end_session() */
if (*pam_status != PAM_SUCCESS || auth->end_session == NULL) {
{
int status = AUTH_SUCCESS;
int *pam_status = (int *) auth->data;
- debug_decl(sudo_pam_begin_session, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_pam_begin_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/*
* If there is no valid user we cannot open a PAM session.
sudo_pam_end_session(struct passwd *pw, sudo_auth *auth)
{
int status = AUTH_SUCCESS;
- debug_decl(sudo_pam_end_session, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_pam_end_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (pamh != NULL) {
/*
char *pass;
int n, type;
int ret = PAM_AUTH_ERR;
- debug_decl(converse, SUDO_DEBUG_AUTH)
+ debug_decl(converse, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if ((*response = calloc(num_msg, sizeof(struct pam_response))) == NULL)
debug_return_int(PAM_SYSTEM_ERR);
/*
- * Copyright (c) 1999-2005, 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2010-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
int
sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
{
- debug_decl(sudo_passwd_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_passwd_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
#ifdef HAVE_SKEYACCESS
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
char *pw_epasswd = auth->data;
size_t pw_len;
int matched = 0;
- debug_decl(sudo_passwd_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_passwd_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
pw_len = strlen(pw_epasswd);
sudo_auth *auth;
{
char *pw_epasswd = auth->data;
- debug_decl(sudo_passwd_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_passwd_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (pw_epasswd != NULL) {
memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));
/*
- * Copyright (c) 1994-1996, 1998-2005, 2010-2012
+ * Copyright (c) 1994-1996, 1998-2005, 2010-2012, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
static char *orig_prompt = NULL, *new_prompt = NULL;
static int op_len, np_size;
static struct RFC1938 rfc1938;
- debug_decl(sudo_rfc1938_setup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_rfc1938_setup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Stash a pointer to the rfc1938 struct if we have not initialized */
if (!auth->data)
int
sudo_rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
- debug_decl(sudo_rfc1938_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_rfc1938_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
debug_return_int(AUTH_SUCCESS);
/*
- * Copyright (c) 1998-2005, 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1998-2005, 2010-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
{
#ifdef __alpha
extern int crypt_type;
- debug_decl(sudo_secureware_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_secureware_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (crypt_type == INT_MAX)
debug_return_int(AUTH_FAILURE); /* no shadow */
#else
- debug_decl(secureware_init, SUDO_DEBUG_AUTH)
+ debug_decl(secureware_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
#endif
sudo_setspent();
auth->data = sudo_getepw(pw);
{
char *pw_epasswd = auth->data;
char *epass = NULL;
- debug_decl(sudo_secureware_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_secureware_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
#ifdef __alpha
{
extern int crypt_type;
sudo_auth *auth;
{
char *pw_epasswd = auth->data;
- debug_decl(sudo_secureware_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_secureware_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (pw_epasswd != NULL) {
memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));
/*
- * Copyright (c) 1999-2005, 2007, 2010-2012
+ * Copyright (c) 1999-2005, 2007, 2010-2012, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2002 Michael Stroucken <michael@stroucken.org>
*
sudo_securid_init(struct passwd *pw, sudo_auth *auth)
{
static SDI_HANDLE sd_dat; /* SecurID handle */
- debug_decl(sudo_securid_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_securid_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
auth->data = (void *) &sd_dat; /* For method-specific data */
{
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
int retval;
- debug_decl(sudo_securid_setup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_securid_setup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) {
{
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
int rval;
- debug_decl(sudo_securid_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_securid_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
pass = auth_getpass("Enter your PASSCODE: ",
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF);
{
int rval;
sigset_t mask, omask;
- debug_decl(sudo_collect, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_collect, SUDO_DEBUG_AUTH, sudoers_debug_instance)
switch (rendition) {
case SIAFORM:
{
SIAENTITY *siah = NULL;
int i;
- debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Rebuild argv for sia_ses_init() */
sudo_argc = NewArgc + 1;
sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
{
SIAENTITY *siah = (SIAENTITY *) auth->data;
- debug_decl(sudo_sia_verify, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_sia_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
def_prompt = prompt; /* for sudo_collect */
sudo_sia_cleanup(struct passwd *pw, sudo_auth *auth)
{
SIAENTITY *siah = (SIAENTITY *) auth->data;
- debug_decl(sudo_sia_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_sia_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
(void) sia_ses_release(&siah);
sudo_efree(sudo_argv);
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
- debug_decl(sudo_auth_init, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_auth_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (auth_switch[0].name == NULL)
debug_return_int(0);
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
- debug_decl(sudo_auth_cleanup, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_auth_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Call cleanup routines. */
for (auth = auth_switch; auth->name; auth++) {
pass_warn(void)
{
const char *warning = def_badpass_message;
- debug_decl(pass_warn, SUDO_DEBUG_AUTH)
+ debug_decl(pass_warn, SUDO_DEBUG_AUTH, sudoers_debug_instance)
#ifdef INSULT
if (def_insults)
sudo_auth *auth;
sigset_t mask, omask;
sigaction_t sa, saved_sigtstp;
- debug_decl(verify_user, SUDO_DEBUG_AUTH)
+ debug_decl(verify_user, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Make sure we have at least one auth method. */
if (auth_switch[0].name == NULL) {
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
- debug_decl(sudo_auth_begin_session, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_auth_begin_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
for (auth = auth_switch; auth->name; auth++) {
if (auth->begin_session && !IS_DISABLED(auth)) {
{
sudo_auth *auth;
bool needed = false;
- debug_decl(sudo_auth_needs_end_session, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_auth_needs_end_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
for (auth = auth_switch; auth->name; auth++) {
if (auth->end_session && !IS_DISABLED(auth)) {
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
- debug_decl(sudo_auth_end_session, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_auth_end_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
for (auth = auth_switch; auth->name; auth++) {
if (auth->end_session && !IS_DISABLED(auth)) {
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
sigset_t mask, omask;
- debug_decl(auth_getpass, SUDO_DEBUG_AUTH)
+ debug_decl(auth_getpass, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Mask user input if pwfeedback set and echo is off. */
if (type == SUDO_CONV_PROMPT_ECHO_OFF && def_pwfeedback)
dump_auth_methods(void)
{
sudo_auth *auth;
- debug_decl(dump_auth_methods, SUDO_DEBUG_AUTH)
+ debug_decl(dump_auth_methods, SUDO_DEBUG_AUTH, sudoers_debug_instance)
sudo_printf(SUDO_CONV_INFO_MSG, _("Authentication methods:"));
for (auth = auth_switch; auth->name; auth++)
/*
- * Copyright (c) 2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2013-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
# include <strings.h>
#endif /* HAVE_STRINGS_H */
-#include "sudo_compat.h"
-#include "sudo_debug.h"
+#include "sudoers.h"
/*
* Decode a NUL-terminated string in base64 format and store the
unsigned char ch[4];
char *pos;
int i;
- debug_decl(base64_decode, SUDO_DEBUG_MATCH)
+ debug_decl(base64_decode, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/*
* Convert from base64 to binary. Each base64 char holds 6 bits of data
/*
- * Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
# endif
#endif /* !__linux__ */
-#include "sudo_compat.h"
-#include "sudo_debug.h"
+#include "sudoers.h"
/*
* Fill in a struct timeval with the time the system booted.
bool found = false;
ssize_t len;
FILE *fp;
- debug_decl(get_boottime, SUDO_DEBUG_UTIL)
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/* read btime from /proc/stat */
fp = fopen("/proc/stat", "r");
{
size_t size;
int mib[2];
- debug_decl(get_boottime, SUDO_DEBUG_UTIL)
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL, sudoers_debug_instance)
mib[0] = CTL_KERN;
mib[1] = KERN_BOOTTIME;
#elif defined(HAVE_GETUTXID)
-int
+bool
get_boottime(struct timeval *tv)
{
struct utmpx *ut, key;
- debug_decl(get_boottime, SUDO_DEBUG_UTIL)
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL, sudoers_debug_instance)
memset(&key, 0, sizeof(key));
key.ut_type = BOOT_TIME;
#elif defined(HAVE_GETUTID)
-int
+bool
get_boottime(struct timeval *tv)
{
struct utmp *ut, key;
- debug_decl(get_boottime, SUDO_DEBUG_UTIL)
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL, sudoers_debug_instance)
memset(&key, 0, sizeof(key));
key.ut_type = BOOT_TIME;
#else
-int
+bool
get_boottime(struct timeval *tv)
{
- debug_decl(get_boottime, SUDO_DEBUG_UTIL)
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_bool(false);
}
#endif
auditinfo_addr_t ainfo_addr;
struct au_mask *mask;
int rc;
- debug_decl(audit_sudo_selected, SUDO_DEBUG_AUDIT)
+ debug_decl(audit_sudo_selected, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
if (errno == ENOSYS) {
long au_cond;
int aufd, selected;
pid_t pid;
- debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT)
+ debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
/*
* If we are not auditing, don't cut an audit record; just return.
au_id_t auid;
pid_t pid;
int aufd;
- debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT)
+ debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
/*
* If we are not auditing, don't cut an audit record; just return.
check_user_interactive(int validated, int mode, struct passwd *auth_pw)
{
int status, rval = true;
- debug_decl(check_user_interactive, SUDO_DEBUG_AUTH)
+ debug_decl(check_user_interactive, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Always need a password when -k was specified with the command. */
if (ISSET(mode, MODE_IGNORE_TICKET))
{
struct passwd *auth_pw;
int rval = -1;
- debug_decl(check_user, SUDO_DEBUG_AUTH)
+ debug_decl(check_user, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/*
* Init authentication system regardless of whether we need a password.
ssize_t nread;
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
- debug_decl(lecture, SUDO_DEBUG_AUTH)
+ debug_decl(lecture, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (def_lecture == never ||
(def_lecture == once && already_lectured(status)))
user_is_exempt(void)
{
bool rval = false;
- debug_decl(user_is_exempt, SUDO_DEBUG_AUTH)
+ debug_decl(user_is_exempt, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (def_exempt_group)
rval = user_in_group(sudo_user.pw, def_exempt_group);
get_authpw(int mode)
{
struct passwd *pw = NULL;
- debug_decl(get_authpw, SUDO_DEBUG_AUTH)
+ debug_decl(get_authpw, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
/* In list mode we always prompt for the user's password. */
struct list_member *item;
struct def_values *def;
char *desc;
- debug_decl(dump_defaults, SUDO_DEBUG_DEFAULTS)
+ debug_decl(dump_defaults, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
for (cur = sudo_defs_table; cur->name; cur++) {
if (cur->desc) {
{
struct sudo_defs_types *cur;
int num;
- debug_decl(set_default, SUDO_DEBUG_DEFAULTS)
+ debug_decl(set_default, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
for (cur = sudo_defs_table, num = 0; cur->name; cur++, num++) {
if (strcmp(var, cur->name) == 0)
{
static int firsttime = 1;
struct sudo_defs_types *def;
- debug_decl(init_defaults, SUDO_DEBUG_DEFAULTS)
+ debug_decl(init_defaults, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
/* Clear any old settings. */
if (!firsttime) {
{
struct defaults *def;
bool rc = true;
- debug_decl(update_defaults, SUDO_DEBUG_DEFAULTS)
+ debug_decl(update_defaults, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
TAILQ_FOREACH(def, &defaults, entries) {
switch (def->type) {
struct sudo_defs_types *cur;
struct defaults *def;
bool rc = true;
- debug_decl(check_defaults, SUDO_DEBUG_DEFAULTS)
+ debug_decl(check_defaults, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
TAILQ_FOREACH(def, &defaults, entries) {
switch (def->type) {
{
const char *errstr;
int i;
- debug_decl(store_int, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_int, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == false) {
def->sd_un.ival = 0;
{
const char *errstr;
unsigned int u;
- debug_decl(store_uint, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_uint, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == false) {
def->sd_un.uival = 0;
{
char *endp;
double d;
- debug_decl(store_float, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_float, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == false) {
def->sd_un.fval = 0.0;
store_tuple(char *val, struct sudo_defs_types *def, int op)
{
struct def_values *v;
- debug_decl(store_tuple, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_tuple, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
/*
* Look up tuple value by name to find enum def_tuple value.
static bool
store_str(char *val, struct sudo_defs_types *def, int op)
{
- debug_decl(store_str, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_str, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
sudo_efree(def->sd_un.str);
if (op == false)
store_list(char *str, struct sudo_defs_types *def, int op)
{
char *start, *end;
- debug_decl(store_list, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_list, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
/* Remove all old members. */
if (op == false || op == true)
store_syslogfac(char *val, struct sudo_defs_types *def, int op)
{
struct strmap *fac;
- debug_decl(store_syslogfac, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_syslogfac, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == false) {
def->sd_un.ival = false;
{
#ifdef LOG_NFACILITIES
struct strmap *fac;
- debug_decl(logfac2str, SUDO_DEBUG_DEFAULTS)
+ debug_decl(logfac2str, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
for (fac = facilities; fac->name && fac->num != n; fac++)
;
store_syslogpri(char *val, struct sudo_defs_types *def, int op)
{
struct strmap *pri;
- debug_decl(store_syslogpri, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_syslogpri, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == false || !val)
debug_return_bool(false);
logpri2str(int n)
{
struct strmap *pri;
- debug_decl(logpri2str, SUDO_DEBUG_DEFAULTS)
+ debug_decl(logpri2str, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
for (pri = priorities; pri->name && pri->num != n; pri++)
;
{
mode_t mode;
const char *errstr;
- debug_decl(store_mode, SUDO_DEBUG_DEFAULTS)
+ debug_decl(store_mode, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == false) {
def->sd_un.mode = 0777;
list_op(char *val, size_t len, struct sudo_defs_types *def, enum list_ops op)
{
struct list_member *cur, *prev = NULL;
- debug_decl(list_op, SUDO_DEBUG_DEFAULTS)
+ debug_decl(list_op, SUDO_DEBUG_DEFAULTS, sudoers_debug_instance)
if (op == freeall) {
while ((cur = SLIST_FIRST(&def->sd_un.list)) != NULL) {
{
char * const *ep;
size_t len;
- debug_decl(env_init, SUDO_DEBUG_ENV)
+ debug_decl(env_init, SUDO_DEBUG_ENV, sudoers_debug_instance)
if (envp == NULL) {
/* Reset to initial state but keep a pointer to what we allocated. */
sudo_putenv(char *str, bool dupcheck, bool overwrite)
{
int rval;
- debug_decl(sudo_putenv, SUDO_DEBUG_ENV)
+ debug_decl(sudo_putenv, SUDO_DEBUG_ENV, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_putenv: %s", str);
char *estring;
size_t esize;
int rval = -1;
- debug_decl(sudo_setenv2, SUDO_DEBUG_ENV)
+ debug_decl(sudo_setenv2, SUDO_DEBUG_ENV, sudoers_debug_instance)
esize = strlen(var) + 1 + strlen(val) + 1;
estring = sudo_emalloc(esize);
sudo_unsetenv(const char *name)
{
int rval;
- debug_decl(sudo_unsetenv, SUDO_DEBUG_ENV)
+ debug_decl(sudo_unsetenv, SUDO_DEBUG_ENV, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_unsetenv: %s", name);
sudo_getenv(const char *name)
{
char *val;
- debug_decl(sudo_getenv, SUDO_DEBUG_ENV)
+ debug_decl(sudo_getenv, SUDO_DEBUG_ENV, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_getenv: %s", name);
{
struct list_member *cur;
bool match = false;
- debug_decl(matches_env_list, SUDO_DEBUG_ENV)
+ debug_decl(matches_env_list, SUDO_DEBUG_ENV, sudoers_debug_instance)
SLIST_FOREACH(cur, list, entries) {
size_t sep_pos, len = strlen(cur->value);
matches_env_delete(const char *var)
{
bool full_match; /* unused */
- debug_decl(matches_env_delete, SUDO_DEBUG_ENV)
+ debug_decl(matches_env_delete, SUDO_DEBUG_ENV, sudoers_debug_instance)
/* Skip anything listed in env_delete. */
debug_return_bool(matches_env_list(var, &def_env_delete, &full_match));
matches_env_check(const char *var, bool *full_match)
{
int keepit = -1;
- debug_decl(matches_env_check, SUDO_DEBUG_ENV)
+ debug_decl(matches_env_check, SUDO_DEBUG_ENV, sudoers_debug_instance)
/* Skip anything listed in env_check that includes '/' or '%'. */
if (matches_env_list(var, &def_env_check, full_match)) {
matches_env_keep(const char *var, bool *full_match)
{
bool keepit = false;
- debug_decl(matches_env_keep, SUDO_DEBUG_ENV)
+ debug_decl(matches_env_keep, SUDO_DEBUG_ENV, sudoers_debug_instance)
/* Preserve SHELL variable for "sudo -s". */
if (ISSET(sudo_mode, MODE_SHELL) && strncmp(var, "SHELL=", 6) == 0) {
const char *cp;
int delete_it;
bool full_match = false;
- debug_decl(env_should_delete, SUDO_DEBUG_ENV);
+ debug_decl(env_should_delete, SUDO_DEBUG_ENV, sudoers_debug_instance);
/* Skip variables with values beginning with () (bash functions) */
if ((cp = strchr(var, '=')) != NULL) {
int keepit;
bool full_match = false;
const char *cp;
- debug_decl(env_should_keep, SUDO_DEBUG_ENV)
+ debug_decl(env_should_keep, SUDO_DEBUG_ENV, sudoers_debug_instance)
keepit = matches_env_check(var, &full_match);
if (keepit == -1)
{
char * const *ep;
bool rval = true;
- debug_decl(env_merge, SUDO_DEBUG_ENV)
+ debug_decl(env_merge, SUDO_DEBUG_ENV, sudoers_debug_instance)
for (ep = envp; *ep != NULL; ep++) {
/* XXX - avoid checking value here, should only check name */
char idbuf[MAX_UID_T_LEN + 1];
unsigned int didvar;
bool reset_home = false;
- debug_decl(rebuild_env, SUDO_DEBUG_ENV)
+ debug_decl(rebuild_env, SUDO_DEBUG_ENV, sudoers_debug_instance)
/*
* Either clean out the environment or reset to a safe default.
{
char * const *ep;
bool rval = true;
- debug_decl(insert_env_vars, SUDO_DEBUG_ENV)
+ debug_decl(insert_env_vars, SUDO_DEBUG_ENV, sudoers_debug_instance)
/* Add user-specified environment variables. */
if (envp != NULL) {
char *eq, *bad = NULL;
size_t len, blen = 0, bsize = 0;
bool okvar, rval = true;
- debug_decl(validate_env_vars, SUDO_DEBUG_ENV)
+ debug_decl(validate_env_vars, SUDO_DEBUG_ENV, sudoers_debug_instance)
if (env_vars == NULL)
debug_return_bool(true); /* nothing to do */
bool rval = true;
char *cp, *var, *val, *line = NULL;
size_t var_len, val_len, linesize = 0;
- debug_decl(read_env_file, SUDO_DEBUG_ENV)
+ debug_decl(read_env_file, SUDO_DEBUG_ENV, sudoers_debug_instance)
if ((fp = fopen(path, "r")) == NULL) {
if (errno != ENOENT)
/*
- * Copyright (c) 1996, 1998-2005, 2010-2013
+ * Copyright (c) 1996, 1998-2005, 2010-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
bool found = false; /* did we find the command? */
bool checkdot = false; /* check current dir? */
int len; /* length parameter */
- debug_decl(find_path, SUDO_DEBUG_UTIL)
+ debug_decl(find_path, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (strlen(infile) >= PATH_MAX) {
errno = ENAMETOOLONG;
/*
- * Copyright (c) 1996, 1998-2005, 2010-2012
+ * Copyright (c) 1996, 1998-2005, 2010-2012, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
sudo_getepw(const struct passwd *pw)
{
char *epw = NULL;
- debug_decl(sudo_getepw, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_getepw, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* If there is a function to check for shadow enabled, use it... */
#ifdef HAVE_ISCOMSEC
void
sudo_setspent(void)
{
- debug_decl(sudo_setspent, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_setspent, SUDO_DEBUG_AUTH, sudoers_debug_instance)
#ifdef HAVE_GETPRPWNAM
setprpwent();
void
sudo_endspent(void)
{
- debug_decl(sudo_endspent, SUDO_DEBUG_AUTH)
+ debug_decl(sudo_endspent, SUDO_DEBUG_AUTH, sudoers_debug_instance)
#ifdef HAVE_GETPRPWNAM
endprpwent();
/*
- * Copyright (c) 1996, 1998-2005, 2010-2012
+ * Copyright (c) 1996, 1998-2005, 2010-2012, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
{
struct stat sb;
bool rval = false;
- debug_decl(sudo_goodpath, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_goodpath, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (path != NULL && stat(path, &sb) == 0) {
/* Make sure path describes an executable regular file. */
void
sudoerserror(const char *s)
{
- debug_decl(sudoerserror, SUDO_DEBUG_PARSER)
+ debug_decl(sudoerserror, SUDO_DEBUG_PARSER, sudoers_debug_instance)
/* If we last saw a newline the error is on the preceding line. */
if (last_token == COMMENT)
new_default(char *var, char *val, int op)
{
struct defaults *d;
- debug_decl(new_default, SUDO_DEBUG_PARSER)
+ debug_decl(new_default, SUDO_DEBUG_PARSER, sudoers_debug_instance)
d = sudo_ecalloc(1, sizeof(struct defaults));
d->var = var;
new_member(char *name, int type)
{
struct member *m;
- debug_decl(new_member, SUDO_DEBUG_PARSER)
+ debug_decl(new_member, SUDO_DEBUG_PARSER, sudoers_debug_instance)
m = sudo_ecalloc(1, sizeof(struct member));
m->name = name;
new_digest(int digest_type, const char *digest_str)
{
struct sudo_digest *dig;
- debug_decl(new_digest, SUDO_DEBUG_PARSER)
+ debug_decl(new_digest, SUDO_DEBUG_PARSER, sudoers_debug_instance)
dig = sudo_emalloc(sizeof(*dig));
dig->digest_type = digest_type;
{
struct defaults *d;
struct member_list *binding;
- debug_decl(add_defaults, SUDO_DEBUG_PARSER)
+ debug_decl(add_defaults, SUDO_DEBUG_PARSER, sudoers_debug_instance)
if (defs != NULL) {
/*
add_userspec(struct member *members, struct privilege *privs)
{
struct userspec *u;
- debug_decl(add_userspec, SUDO_DEBUG_PARSER)
+ debug_decl(add_userspec, SUDO_DEBUG_PARSER, sudoers_debug_instance)
u = sudo_ecalloc(1, sizeof(*u));
HLTQ_TO_TAILQ(&u->users, members, entries);
struct member_list *binding;
struct defaults *d, *d_next;
struct userspec *us, *us_next;
- debug_decl(init_parser, SUDO_DEBUG_PARSER)
+ debug_decl(init_parser, SUDO_DEBUG_PARSER, sudoers_debug_instance)
TAILQ_FOREACH_SAFE(us, &userspecs, entries, us_next) {
struct member *m, *m_next;
%{
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2013, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
void
sudoerserror(const char *s)
{
- debug_decl(sudoerserror, SUDO_DEBUG_PARSER)
+ debug_decl(sudoerserror, SUDO_DEBUG_PARSER, sudoers_debug_instance)
/* If we last saw a newline the error is on the preceding line. */
if (last_token == COMMENT)
new_default(char *var, char *val, int op)
{
struct defaults *d;
- debug_decl(new_default, SUDO_DEBUG_PARSER)
+ debug_decl(new_default, SUDO_DEBUG_PARSER, sudoers_debug_instance)
d = sudo_ecalloc(1, sizeof(struct defaults));
d->var = var;
new_member(char *name, int type)
{
struct member *m;
- debug_decl(new_member, SUDO_DEBUG_PARSER)
+ debug_decl(new_member, SUDO_DEBUG_PARSER, sudoers_debug_instance)
m = sudo_ecalloc(1, sizeof(struct member));
m->name = name;
new_digest(int digest_type, const char *digest_str)
{
struct sudo_digest *dig;
- debug_decl(new_digest, SUDO_DEBUG_PARSER)
+ debug_decl(new_digest, SUDO_DEBUG_PARSER, sudoers_debug_instance)
dig = sudo_emalloc(sizeof(*dig));
dig->digest_type = digest_type;
{
struct defaults *d;
struct member_list *binding;
- debug_decl(add_defaults, SUDO_DEBUG_PARSER)
+ debug_decl(add_defaults, SUDO_DEBUG_PARSER, sudoers_debug_instance)
if (defs != NULL) {
/*
add_userspec(struct member *members, struct privilege *privs)
{
struct userspec *u;
- debug_decl(add_userspec, SUDO_DEBUG_PARSER)
+ debug_decl(add_userspec, SUDO_DEBUG_PARSER, sudoers_debug_instance)
u = sudo_ecalloc(1, sizeof(*u));
HLTQ_TO_TAILQ(&u->users, members, entries);
struct member_list *binding;
struct defaults *d, *d_next;
struct userspec *us, *us_next;
- debug_decl(init_parser, SUDO_DEBUG_PARSER)
+ debug_decl(init_parser, SUDO_DEBUG_PARSER, sudoers_debug_instance)
TAILQ_FOREACH_SAFE(us, &userspecs, entries, us_next) {
struct member *m, *m_next;
char *args, path[PATH_MAX];
char **argv = NULL;
int len, rc = -1;
- debug_decl(group_plugin_load, SUDO_DEBUG_UTIL)
+ debug_decl(group_plugin_load, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/*
* Fill in .so path and split out args (if any).
void
group_plugin_unload(void)
{
- debug_decl(group_plugin_unload, SUDO_DEBUG_UTIL)
+ debug_decl(group_plugin_unload, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (group_plugin != NULL) {
(group_plugin->cleanup)();
group_plugin_query(const char *user, const char *group,
const struct passwd *pwd)
{
- debug_decl(group_plugin_query, SUDO_DEBUG_UTIL)
+ debug_decl(group_plugin_query, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (group_plugin == NULL)
debug_return_bool(false);
int
group_plugin_load(char *plugin_info)
{
- debug_decl(group_plugin_load, SUDO_DEBUG_UTIL)
+ debug_decl(group_plugin_load, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_bool(false);
}
void
group_plugin_unload(void)
{
- debug_decl(group_plugin_unload, SUDO_DEBUG_UTIL)
+ debug_decl(group_plugin_unload, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return;
}
group_plugin_query(const char *user, const char *group,
const struct passwd *pwd)
{
- debug_decl(group_plugin_query, SUDO_DEBUG_UTIL)
+ debug_decl(group_plugin_query, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_bool(false);
}
/*
- * Copyright (c) 2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2013-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
#include <sys/types.h>
#include <stdio.h>
-#include "sudo_compat.h"
-#include "sudo_debug.h"
+#include "sudoers.h"
/*
* Converts a two-byte hex string to decimal.
{
unsigned char result[2];
int i;
- debug_decl(hexchar, SUDO_DEBUG_UTIL)
+ debug_decl(hexchar, SUDO_DEBUG_UTIL, sudoers_debug_instance)
for (i = 0; i < 2; i++) {
switch (s[i]) {
/*
- * Copyright (c) 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2010-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
{
char *addrinfo, *addr, *mask;
struct interface *ifp;
- debug_decl(set_interfaces, SUDO_DEBUG_NETIF)
+ debug_decl(set_interfaces, SUDO_DEBUG_NETIF, sudoers_debug_instance)
addrinfo = sudo_estrdup(ai);
for (addr = strtok(addrinfo, " \t"); addr != NULL; addr = strtok(NULL, " \t")) {
dump_interfaces(const char *ai)
{
char *cp, *addrinfo;
- debug_decl(set_interfaces, SUDO_DEBUG_NETIF)
+ debug_decl(set_interfaces, SUDO_DEBUG_NETIF, sudoers_debug_instance)
addrinfo = sudo_estrdup(ai);
gid_t parent_gid = 0;
char *slash = path;
bool ok = true;
- debug_decl(io_mkdirs, SUDO_DEBUG_UTIL)
+ debug_decl(io_mkdirs, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/* Fast path: not a temporary and already exists. */
if (!is_temp && stat(path, &sb) == 0) {
{
const char *errstr;
unsigned int value;
- debug_decl(io_set_max_sessid, SUDO_DEBUG_UTIL)
+ debug_decl(io_set_max_sessid, SUDO_DEBUG_UTIL, sudoers_debug_instance)
value = strtonum(maxval, 0, SESSID_MAX, &errstr);
if (errstr != NULL) {
ssize_t nread;
char pathbuf[PATH_MAX];
static const char b36char[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
- debug_decl(io_nextid, SUDO_DEBUG_UTIL)
+ debug_decl(io_nextid, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/*
* Create I/O log directory if it doesn't already exist.
{
size_t len;
bool is_temp = false;
- debug_decl(mkdir_iopath, SUDO_DEBUG_UTIL)
+ debug_decl(mkdir_iopath, SUDO_DEBUG_UTIL, sudoers_debug_instance)
len = strlcpy(pathbuf, iolog_path, pathsize);
if (len >= pathsize) {
open_io_fd(char *pathbuf, size_t len, struct io_log_file *iol, bool docompress)
{
int fd;
- debug_decl(open_io_fd, SUDO_DEBUG_UTIL)
+ debug_decl(open_io_fd, SUDO_DEBUG_UTIL, sudoers_debug_instance)
pathbuf[len] = '\0';
strlcat(pathbuf, iol->suffix, PATH_MAX);
id_t id;
uid_t runas_uid = 0;
gid_t runas_gid = 0;
- debug_decl(iolog_deserialize_info, SUDO_DEBUG_UTIL)
+ debug_decl(iolog_deserialize_info, SUDO_DEBUG_UTIL, sudoers_debug_instance)
details->lines = 24;
details->cols = 80;
char * const *av;
FILE *fp;
int fd;
- debug_decl(write_info_log, SUDO_DEBUG_UTIL)
+ debug_decl(write_info_log, SUDO_DEBUG_UTIL, sudoers_debug_instance)
pathbuf[len] = '\0';
strlcat(pathbuf, "/log", PATH_MAX);
char * const user_info[], char * const command_info[],
int argc, char * const argv[], char * const user_env[], char * const args[])
{
+ struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
struct iolog_details details;
char pathbuf[PATH_MAX], sessid[7];
char *tofree = NULL;
+ char * const *cur;
+ const char *plugin_path = NULL;
size_t len;
- int i, rval = -1;
- debug_decl(sudoers_io_open, SUDO_DEBUG_PLUGIN)
+ int i, prev_instance, rval = -1;
+ debug_decl(sudoers_io_open, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
sudo_conv = conversation;
sudo_printf = plugin_printf;
if (argc == 0)
debug_return_bool(true);
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
+
memset(&details, 0, sizeof(details));
bindtextdomain("sudoers", LOCALEDIR);
sudo_setpwent();
sudo_setgrent();
+ /*
+ * Check for debug flags in settings list.
+ */
+ for (cur = settings; *cur != NULL; cur++) {
+ if (strncmp(*cur, "debug_flags=", sizeof("debug_flags=") - 1) == 0) {
+ sudoers_debug_parse_flags(&debug_files,
+ *cur + sizeof("debug_flags=") - 1);
+ continue;
+ }
+ if (strncmp(*cur, "plugin_path=", sizeof("plugin_path=") - 1) == 0) {
+ plugin_path = *cur + sizeof("plugin_path=") - 1;
+ continue;
+ }
+ }
+ sudoers_debug_register(&debug_files, plugin_path);
+
/*
* Pull iolog settings out of command_info.
*/
sudo_gr_delref(details.runas_gr);
sudo_endgrent();
+ sudo_debug_set_default_instance(prev_instance);
+
debug_return_bool(rval);
}
static void
sudoers_io_close(int exit_status, int error)
{
- int i;
- debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN)
+ int i, prev_instance;
+ debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
for (i = 0; i < IOFD_MAX; i++) {
if (io_log_files[i].fd.v == NULL)
#endif
fclose(io_log_files[i].fd.f);
}
+ sudo_debug_set_default_instance(prev_instance);
+
+ if (sudoers_debug_instance != SUDO_DEBUG_INSTANCE_INITIALIZER) {
+ sudo_debug_deregister(sudoers_debug_instance);
+ sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
+ }
+
debug_return;
}
static int
sudoers_io_version(int verbose)
{
- debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN)
+ int prev_instance;
+ debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n",
PACKAGE_VERSION);
+ sudo_debug_set_default_instance(prev_instance);
+
debug_return_bool(true);
}
sudoers_io_log(const char *buf, unsigned int len, int idx)
{
struct timeval now, delay;
- int rval = true;
- debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN)
+ int prev_instance, rval = true;
+ debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
gettimeofday(&now, NULL);
last_time.tv_sec = now.tv_sec;
last_time.tv_usec = now.tv_usec;
+ sudo_debug_set_default_instance(prev_instance);
+
debug_return_bool(rval);
}
/*
- * Copyright (c) 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2011-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
fill_seq(char *str, size_t strsize, char *logdir)
{
#ifdef SUDOERS_NO_SEQ
- debug_decl(fill_seq, SUDO_DEBUG_UTIL)
+ debug_decl(fill_seq, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_size_t(strlcpy(str, "%{seq}", strsize));
#else
static char sessid[7];
int len;
- debug_decl(fill_seq, SUDO_DEBUG_UTIL)
+ debug_decl(fill_seq, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (sessid[0] == '\0') {
if (!io_nextid(logdir, def_iolog_dir, sessid))
static size_t
fill_user(char *str, size_t strsize, char *unused)
{
- debug_decl(fill_user, SUDO_DEBUG_UTIL)
+ debug_decl(fill_user, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_size_t(strlcpy(str, user_name, strsize));
}
{
struct group *grp;
size_t len;
- debug_decl(fill_group, SUDO_DEBUG_UTIL)
+ debug_decl(fill_group, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if ((grp = sudo_getgrgid(user_gid)) != NULL) {
len = strlcpy(str, grp->gr_name, strsize);
static size_t
fill_runas_user(char *str, size_t strsize, char *unused)
{
- debug_decl(fill_runas_user, SUDO_DEBUG_UTIL)
+ debug_decl(fill_runas_user, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_size_t(strlcpy(str, runas_pw->pw_name, strsize));
}
{
struct group *grp;
size_t len;
- debug_decl(fill_runas_group, SUDO_DEBUG_UTIL)
+ debug_decl(fill_runas_group, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (runas_gr != NULL) {
len = strlcpy(str, runas_gr->gr_name, strsize);
static size_t
fill_hostname(char *str, size_t strsize, char *unused)
{
- debug_decl(fill_hostname, SUDO_DEBUG_UTIL)
+ debug_decl(fill_hostname, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_size_t(strlcpy(str, user_shost, strsize));
}
static size_t
fill_command(char *str, size_t strsize, char *unused)
{
- debug_decl(fill_command, SUDO_DEBUG_UTIL)
+ debug_decl(fill_command, SUDO_DEBUG_UTIL, sudoers_debug_instance)
debug_return_size_t(strlcpy(str, user_base, strsize));
}
struct path_escape *escapes = NULL;
int pass, oldlocale;
bool strfit;
- debug_decl(expand_iolog_path, SUDO_DEBUG_UTIL)
+ debug_decl(expand_iolog_path, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/* Expanded path must be <= PATH_MAX */
if (prefix != NULL)
char *host, *port, defport[13];
char hostbuf[LINE_MAX * 2];
int len;
- debug_decl(sudo_ldap_conf_add_ports, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_conf_add_ports, SUDO_DEBUG_LDAP, sudoers_debug_instance)
hostbuf[0] = '\0';
len = snprintf(defport, sizeof(defport), ":%d", ldap_conf.port);
char hostbuf[LINE_MAX];
int nldap = 0, nldaps = 0;
int rc = -1;
- debug_decl(sudo_ldap_parse_uri, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_parse_uri, SUDO_DEBUG_LDAP, sudoers_debug_instance)
hostbuf[0] = '\0';
STAILQ_FOREACH(entry, uri_list, entries) {
struct ldap_config_str *uri;
size_t len = 0;
char *buf, *cp;
- debug_decl(sudo_ldap_join_uri, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_join_uri, SUDO_DEBUG_LDAP, sudoers_debug_instance)
STAILQ_FOREACH(uri, uri_list, entries) {
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
{
LDAP *ld;
int rc = LDAP_CONNECT_ERROR;
- debug_decl(sudo_ldap_init, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_init, SUDO_DEBUG_LDAP, sudoers_debug_instance)
#ifdef HAVE_LDAPSSL_INIT
if (ldap_conf.ssl_mode != SUDO_LDAP_CLEAR) {
struct berval **bv, **p;
char *val;
int ret = false;
- debug_decl(sudo_ldap_check_non_unix_group, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_non_unix_group, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (!entry)
debug_return_bool(ret);
struct berval **bv, **p;
char *val;
bool ret = false;
- debug_decl(sudo_ldap_check_host, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_host, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (!entry)
debug_return_bool(ret);
struct berval **bv, **p;
char *val;
bool ret = false;
- debug_decl(sudo_ldap_check_runas_user, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_runas_user, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (!runas_pw)
debug_return_bool(UNSPEC);
struct berval **bv, **p;
char *val;
bool ret = false;
- debug_decl(sudo_ldap_check_runas_group, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_runas_group, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* runas_gr is only set if the user specified the -g flag */
if (!runas_gr)
sudo_ldap_check_runas(LDAP *ld, LDAPMessage *entry)
{
bool ret;
- debug_decl(sudo_ldap_check_runas, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_runas, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (!entry)
debug_return_bool(false);
{
char *ep, *cp = *cmnd;
int digest_type = SUDO_DIGEST_INVALID;
- debug_decl(sudo_ldap_check_command, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_command, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/*
* Check for and extract a digest prefix, e.g.
char *allowed_cmnd, *allowed_args, *val;
bool foundbang;
int ret = UNSPEC;
- debug_decl(sudo_ldap_check_command, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_command, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (!entry)
debug_return_bool(ret);
struct berval **bv, **p;
char ch, *var;
int ret = UNSPEC;
- debug_decl(sudo_ldap_check_bool, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_check_bool, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (entry == NULL)
debug_return_bool(ret);
{
struct berval **bv, **p;
char op, *var, *val;
- debug_decl(sudo_ldap_parse_options, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_parse_options, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (entry == NULL)
debug_return;
time_t now;
char timebuffer[sizeof("20120727121554.0Z")];
int bytes = 0;
- debug_decl(sudo_ldap_timefilter, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_timefilter, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Make sure we have a formatted timestamp for __now__. */
time(&now);
sudo_ldap_build_default_filter(void)
{
char *filt;
- debug_decl(sudo_ldap_build_default_filter, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_build_default_filter, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (ldap_conf.search_filter)
sudo_easprintf(&filt, "(&%s(cn=defaults))", ldap_conf.search_filter);
struct group_list *grlist;
size_t sz = 0;
int i;
- debug_decl(sudo_ldap_build_pass1, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_build_pass1, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* If there is a filter, allocate space for the global AND. */
if (ldap_conf.timed || ldap_conf.search_filter)
sudo_ldap_build_pass2(void)
{
char *filt, timebuffer[TIMEFILTER_LENGTH + 1];
- debug_decl(sudo_ldap_build_pass2, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_build_pass2, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Short circuit if no non-Unix group support. */
if (!def_use_netgroups && !def_group_plugin) {
{
unsigned char *result = NULL;
size_t len, reslen;
- debug_decl(sudo_ldap_decode_secret, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_decode_secret, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (strncasecmp(secret, "base64:", sizeof("base64:") - 1) == 0) {
/*
{
FILE *fp;
char buf[LINE_MAX];
- debug_decl(sudo_ldap_read_secret, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_read_secret, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if ((fp = fopen(path_ldap_secret, "r")) != NULL) {
if (fgets(buf, sizeof(buf), fp) != NULL) {
{
struct ldap_config_table *cur;
const char *errstr;
- debug_decl(sudo_ldap_parse_keyword, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_parse_keyword, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Look up keyword in config tables */
for (cur = table; cur->conf_str != NULL; cur++) {
sudo_krb5_ccname_path(const char *old_ccname)
{
const char *ccname = old_ccname;
- debug_decl(sudo_krb5_ccname_path, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_krb5_ccname_path, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Strip off leading FILE: or WRFILE: prefix. */
switch (ccname[0]) {
{
int fd = -1;
const char *ccname_path;
- debug_decl(sudo_check_krb5_ccname, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_check_krb5_ccname, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Strip off prefix to get path name. */
ccname_path = sudo_krb5_ccname_path(ccname);
FILE *fp;
char *cp, *keyword, *value, *line = NULL;
size_t linesize = 0;
- debug_decl(sudo_ldap_read_config, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_read_config, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* defaults */
ldap_conf.version = 3;
#ifdef HAVE_LDAP_STR2DN
char *dn, *rdn = NULL;
LDAPDN tmpDN;
- debug_decl(sudo_ldap_get_first_rdn, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_get_first_rdn, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if ((dn = ldap_get_dn(ld, entry)) == NULL)
debug_return_str(NULL);
debug_return_str(rdn);
#else
char *dn, **edn;
- debug_decl(sudo_ldap_get_first_rdn, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_get_first_rdn, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if ((dn = ldap_get_dn(ld, entry)) == NULL)
return NULL;
LDAPMessage *entry, *result;
char *prefix, *filt;
int rc, count = 0;
- debug_decl(sudo_ldap_display_defaults, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_display_defaults, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle == NULL || handle->ld == NULL)
goto done;
sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
struct sudo_lbuf *lbuf)
{
- debug_decl(sudo_ldap_display_bound_defaults, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_display_bound_defaults, SUDO_DEBUG_LDAP, sudoers_debug_instance)
debug_return_int(0);
}
{
struct berval **bv, **p;
int count = 0;
- debug_decl(sudo_ldap_display_entry_short, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_display_entry_short, SUDO_DEBUG_LDAP, sudoers_debug_instance)
sudo_lbuf_append(lbuf, " (");
struct berval **bv, **p;
char *rdn;
int count = 0;
- debug_decl(sudo_ldap_display_entry_long, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_display_entry_long, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* extract the dn, only show the first rdn */
rdn = sudo_ldap_get_first_rdn(ld, entry);
struct ldap_result *lres;
LDAPMessage *entry;
int i, count = 0;
- debug_decl(sudo_ldap_display_privs, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_display_privs, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle == NULL || handle->ld == NULL)
goto done;
LDAPMessage *entry;
bool found = false;
int i;
- debug_decl(sudo_ldap_display_cmnd, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_display_cmnd, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle == NULL || handle->ld == NULL)
goto done;
int rc = 0;
unsigned int junk;
static bool initialized;
- debug_decl(sudo_set_krb5_ccache_name, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_set_krb5_ccache_name, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (!initialized) {
sudo_gss_krb5_ccache_name =
ssize_t nread, nwritten = -1;
static char new_ccname[sizeof(_PATH_TMP) + sizeof("sudocc_XXXXXXXX") - 1];
char buf[10240], *ret = NULL;
- debug_decl(sudo_krb5_copy_cc_file, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_krb5_copy_cc_file, SUDO_DEBUG_LDAP, sudoers_debug_instance)
old_ccname = sudo_krb5_ccname_path(old_ccname);
if (old_ccname != NULL) {
char *auth_id = (char *)_auth_id;
sasl_interact_t *interact = (sasl_interact_t *)_interact;
int rc = LDAP_SUCCESS;
- debug_decl(sudo_ldap_sasl_interact, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_sasl_interact, SUDO_DEBUG_LDAP, sudoers_debug_instance)
for (; interact->id != SASL_CB_LIST_END; interact++) {
if (interact->id != SASL_CB_USER) {
struct ldap_config_table *cur;
int ival, rc, errors = 0;
char *sval;
- debug_decl(sudo_ldap_set_options_table, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_set_options_table, SUDO_DEBUG_LDAP, sudoers_debug_instance)
for (cur = table; cur->conf_str != NULL; cur++) {
if (cur->opt_val == -1)
sudo_ldap_set_options_global(void)
{
int rc;
- debug_decl(sudo_ldap_set_options_global, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_set_options_global, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Set ber options */
#ifdef LBER_OPT_DEBUG_LEVEL
sudo_ldap_set_options_conn(LDAP *ld)
{
int rc;
- debug_decl(sudo_ldap_set_options_conn, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_set_options_conn, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Parse per-connection LDAP options table. */
rc = sudo_ldap_set_options_table(ld, ldap_conf_conn);
sudo_ldap_result_alloc(void)
{
struct ldap_result *result;
- debug_decl(sudo_ldap_result_alloc, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_alloc, SUDO_DEBUG_LDAP, sudoers_debug_instance)
result = sudo_ecalloc(1, sizeof(*result));
STAILQ_INIT(&result->searches);
sudo_ldap_result_free(struct ldap_result *lres)
{
struct ldap_search_result *s;
- debug_decl(sudo_ldap_result_free, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_free, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (lres != NULL) {
if (lres->nentries) {
LDAPMessage *searchresult)
{
struct ldap_search_result *news;
- debug_decl(sudo_ldap_result_add_search, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_add_search, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Create new entry and add it to the end of the chain. */
news = sudo_ecalloc(1, sizeof(*news));
sudo_ldap_bind_s(LDAP *ld)
{
int rc;
- debug_decl(sudo_ldap_bind_s, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_bind_s, SUDO_DEBUG_LDAP, sudoers_debug_instance)
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
if (ldap_conf.rootuse_sasl == true ||
sigaction_t sa, saved_sa_pipe;
bool ldapnoinit = false;
struct sudo_ldap_handle *handle;
- debug_decl(sudo_ldap_open, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_open, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Ignore SIGPIPE if we cannot bind to the server. */
memset(&sa, 0, sizeof(sa));
LDAPMessage *entry, *result;
char *filt;
int rc;
- debug_decl(sudo_ldap_setdefs, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_setdefs, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle == NULL || handle->ld == NULL)
debug_return_int(-1);
LDAPMessage *entry;
int i, rc, setenv_implied;
struct ldap_result *lres = NULL;
- debug_decl(sudo_ldap_lookup, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_lookup, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle == NULL || handle->ld == NULL)
debug_return_int(ret);
{
const struct ldap_entry_wrapper *aw = a;
const struct ldap_entry_wrapper *bw = b;
- debug_decl(ldap_entry_compare, SUDO_DEBUG_LDAP)
+ debug_decl(ldap_entry_compare, SUDO_DEBUG_LDAP, sudoers_debug_instance)
debug_return_int(bw->order < aw->order ? -1 :
(bw->order > aw->order ? 1 : 0));
static struct ldap_search_result *
sudo_ldap_result_last_search(struct ldap_result *lres)
{
- debug_decl(sudo_ldap_result_last_search, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_last_search, SUDO_DEBUG_LDAP, sudoers_debug_instance)
debug_return_ptr(STAILQ_LAST(&lres->searches, ldap_search_result, entries));
}
struct berval **bv;
double order = 0.0;
char *ep;
- debug_decl(sudo_ldap_result_add_entry, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_add_entry, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/* Determine whether the entry has the sudoOrder attribute. */
last = sudo_ldap_result_last_search(lres);
sudo_ldap_result_free_nss(struct sudo_nss *nss)
{
struct sudo_ldap_handle *handle = nss->handle;
- debug_decl(sudo_ldap_result_free_nss, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_free_nss, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle->result != NULL) {
DPRINTF1("removing reusable search result");
LDAP *ld = handle->ld;
int pass, rc;
char *filt;
- debug_decl(sudo_ldap_result_get, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_result_get, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/*
* If we already have a cached result, return it so we don't have to
sudo_ldap_close(struct sudo_nss *nss)
{
struct sudo_ldap_handle *handle = nss->handle;
- debug_decl(sudo_ldap_close, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_ldap_close, SUDO_DEBUG_LDAP, sudoers_debug_instance)
if (handle != NULL) {
/* Free the result before unbinding; it may use the LDAP connection. */
linux_audit_open(void)
{
static int au_fd = -1;
- debug_decl(linux_audit_open, SUDO_DEBUG_AUDIT)
+ debug_decl(linux_audit_open, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
if (au_fd != -1)
debug_return_int(au_fd);
int au_fd, rc = -1;
char *command, *cp, **av;
size_t size, n;
- debug_decl(linux_audit_command, SUDO_DEBUG_AUDIT)
+ debug_decl(linux_audit_command, SUDO_DEBUG_AUDIT, sudoers_debug_instance)
/* Don't return an error if auditing is not configured. */
if ((au_fd = linux_audit_open()) < 0)
#endif
char buf[MAXSYSLOGLEN+1];
va_list ap;
- debug_decl(mysyslog, SUDO_DEBUG_LOGGING)
+ debug_decl(mysyslog, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
va_start(ap, fmt);
#ifdef LOG_NFACILITIES
char *p, *tmp, save;
const char *fmt;
int oldlocale;
- debug_decl(do_syslog, SUDO_DEBUG_LOGGING)
+ debug_decl(do_syslog, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
mode_t oldmask;
int oldlocale;
FILE *fp;
- debug_decl(do_logfile, SUDO_DEBUG_LOGGING)
+ debug_decl(do_logfile, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
char *logline;
int oldlocale;
bool uid_changed;
- debug_decl(log_denial, SUDO_DEBUG_LOGGING)
+ debug_decl(log_denial, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* Handle auditing first (audit_failure() handles the locale itself). */
if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST))
log_failure(int status, int flags)
{
bool inform_user = true;
- debug_decl(log_failure, SUDO_DEBUG_LOGGING)
+ debug_decl(log_failure, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* The user doesn't always get to see the log message (path info). */
if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) && def_path_info &&
log_auth_failure(int status, unsigned int tries)
{
int flags = 0;
- debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
+ debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* Handle auditing first. */
audit_failure(NewArgc, NewArgv, N_("authentication failure"));
char *logline;
int oldlocale;
bool uid_changed;
- debug_decl(log_allowed, SUDO_DEBUG_LOGGING)
+ debug_decl(log_allowed, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* Log and mail messages should be in the sudoers locale. */
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
char *logline, *message;
bool uid_changed;
va_list ap2;
- debug_decl(vlog_error, SUDO_DEBUG_LOGGING)
+ debug_decl(vlog_error, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* Need extra copy of ap for sudo_vwarn()/sudo_vwarnx() below. */
if (!ISSET(flags, SLOG_NO_STDERR))
log_warning(int flags, const char *fmt, ...)
{
va_list ap;
- debug_decl(log_error, SUDO_DEBUG_LOGGING)
+ debug_decl(log_error, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* Log the error. */
va_start(ap, fmt);
log_warningx(int flags, const char *fmt, ...)
{
va_list ap;
- debug_decl(log_error, SUDO_DEBUG_LOGGING)
+ debug_decl(log_error, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* Log the error. */
va_start(ap, fmt);
NULL
};
#endif /* NO_ROOT_MAILER */
- debug_decl(send_mail, SUDO_DEBUG_LOGGING)
+ debug_decl(send_mail, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/* If mailer is disabled just return. */
if (!def_mailerpath || !def_mailto)
static int
should_mail(int status)
{
- debug_decl(should_mail, SUDO_DEBUG_LOGGING)
+ debug_decl(should_mail, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
debug_return_bool(def_mail_always || ISSET(status, VALIDATE_ERROR) ||
(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
#endif
const char *tsid = NULL;
size_t len = 0;
- debug_decl(new_logline, SUDO_DEBUG_LOGGING)
+ debug_decl(new_logline, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
#ifndef SUDOERS_NO_SEQ
/* A TSID may be a sudoers-style session ID or a free-form string. */
/*
- * Copyright (c) 2011 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2011, 2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
char *indent = "";
char *beg = line;
char *end;
- debug_decl(writeln_wrap, SUDO_DEBUG_LOGGING)
+ debug_decl(writeln_wrap, SUDO_DEBUG_LOGGING, sudoers_debug_instance)
/*
* Print out line with word wrap around maxlen characters.
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
struct member *m;
struct alias *a;
int rval, matched = UNSPEC;
- debug_decl(userlist_matches, SUDO_DEBUG_MATCH)
+ debug_decl(userlist_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
TAILQ_FOREACH_REVERSE(m, list, member_list, entries) {
switch (m->type) {
int rval;
int user_matched = UNSPEC;
int group_matched = UNSPEC;
- debug_decl(runaslist_matches, SUDO_DEBUG_MATCH)
+ debug_decl(runaslist_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
if (runas_pw != NULL) {
/* If no runas user or runas group listed in sudoers, use default. */
struct member *m;
struct alias *a;
int rval, matched = UNSPEC;
- debug_decl(hostlist_matches, SUDO_DEBUG_MATCH)
+ debug_decl(hostlist_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
TAILQ_FOREACH_REVERSE(m, list, member_list, entries) {
switch (m->type) {
{
struct member *m;
int matched = UNSPEC;
- debug_decl(cmndlist_matches, SUDO_DEBUG_MATCH)
+ debug_decl(cmndlist_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
TAILQ_FOREACH_REVERSE(m, list, member_list, entries) {
matched = cmnd_matches(m);
struct alias *a;
struct sudo_command *c;
int rval, matched = UNSPEC;
- debug_decl(cmnd_matches, SUDO_DEBUG_MATCH)
+ debug_decl(cmnd_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
switch (m->type) {
case ALL:
command_args_match(const char *sudoers_cmnd, const char *sudoers_args)
{
int flags = 0;
- debug_decl(command_args_match, SUDO_DEBUG_MATCH)
+ debug_decl(command_args_match, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/*
* If no args specified in sudoers, any user args are allowed.
command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest)
{
bool rc = false;
- debug_decl(command_matches, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/* Check for pseudo-commands */
if (sudoers_cmnd[0] != '/') {
static bool
command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args)
{
- debug_decl(command_matches_fnmatch, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches_fnmatch, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/*
* Return true if fnmatch(3) succeeds AND
size_t dlen;
char **ap, *base, *cp;
glob_t gl;
- debug_decl(command_matches_glob, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches_glob, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/*
* First check to see if we can avoid the call to glob(3).
command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest)
{
size_t dlen;
- debug_decl(command_matches_normal, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches_normal, SUDO_DEBUG_MATCH, sudoers_debug_instance)
dlen = strlen(sudoers_cmnd);
FILE *fp;
unsigned int i;
int h;
- debug_decl(digest_matches, SUDO_DEBUG_MATCH)
+ debug_decl(digest_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
for (i = 0; digest_functions[i].digest_name != NULL; i++) {
if (sd->digest_type == i) {
struct stat sudoers_stat;
const char *base;
size_t dlen;
- debug_decl(command_matches_normal, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches_normal, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/* If it ends in '/' it is a directory spec. */
dlen = strlen(sudoers_cmnd);
static bool
command_matches_dir(const char *sudoers_dir, size_t dlen)
{
- debug_decl(command_matches_dir, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches_dir, SUDO_DEBUG_MATCH, sudoers_debug_instance)
debug_return_bool(strncmp(user_cmnd, sudoers_dir, dlen) == 0);
}
#else /* !SUDOERS_NAME_MATCH */
struct dirent *dent;
char buf[PATH_MAX];
DIR *dirp;
- debug_decl(command_matches_dir, SUDO_DEBUG_MATCH)
+ debug_decl(command_matches_dir, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/*
* Grot through directory entries, looking for user_base.
{
const char *host;
bool rc;
- debug_decl(hostname_matches, SUDO_DEBUG_MATCH)
+ debug_decl(hostname_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
host = strchr(pattern, '.') != NULL ? lhost : shost;
if (has_meta(pattern)) {
const char *errstr;
uid_t uid;
bool rc;
- debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
+ debug_decl(userpw_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
if (pw != NULL && *sudoers_user == '#') {
uid = (uid_t) sudo_strtoid(sudoers_user + 1, NULL, NULL, &errstr);
const char *errstr;
gid_t gid;
bool rc;
- debug_decl(group_matches, SUDO_DEBUG_MATCH)
+ debug_decl(group_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
if (*sudoers_group == '#') {
gid = (gid_t) sudo_strtoid(sudoers_group + 1, NULL, NULL, &errstr);
{
int matched = false;
struct passwd *pw0 = NULL;
- debug_decl(usergr_matches, SUDO_DEBUG_MATCH)
+ debug_decl(usergr_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/* make sure we have a valid usergroup, sudo style */
if (*group++ != '%') {
static int initialized;
#endif
bool rc = false;
- debug_decl(netgr_matches, SUDO_DEBUG_MATCH)
+ debug_decl(netgr_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
if (!def_use_netgroups) {
sudo_debug_printf(SUDO_DEBUG_INFO, "netgroups are disabled");
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
unsigned int j;
#endif
unsigned int family;
- debug_decl(addr_matches_if, SUDO_DEBUG_MATCH)
+ debug_decl(addr_matches_if, SUDO_DEBUG_MATCH, sudoers_debug_instance)
#ifdef HAVE_STRUCT_IN6_ADDR
if (inet_pton(AF_INET6, n, &addr.ip6) == 1) {
#endif
unsigned int family;
const char *errstr;
- debug_decl(addr_matches_if, SUDO_DEBUG_MATCH)
+ debug_decl(addr_matches_if, SUDO_DEBUG_MATCH, sudoers_debug_instance)
#ifdef HAVE_STRUCT_IN6_ADDR
if (inet_pton(AF_INET6, n, &addr.ip6) == 1)
{
char *m;
bool rc;
- debug_decl(addr_matches, SUDO_DEBUG_MATCH)
+ debug_decl(addr_matches, SUDO_DEBUG_MATCH, sudoers_debug_instance)
/* If there's an explicit netmask, use it. */
if ((m = strchr(n, '/'))) {
int
sudo_file_open(struct sudo_nss *nss)
{
- debug_decl(sudo_file_open, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_open, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (def_ignore_local_sudoers)
debug_return_int(-1);
int
sudo_file_close(struct sudo_nss *nss)
{
- debug_decl(sudo_file_close, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_close, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* Free parser data structures and close sudoers file. */
init_parser(NULL, false);
int
sudo_file_parse(struct sudo_nss *nss)
{
- debug_decl(sudo_file_close, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_close, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (nss->handle == NULL)
debug_return_int(-1);
int
sudo_file_setdefs(struct sudo_nss *nss)
{
- debug_decl(sudo_file_setdefs, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_setdefs, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (nss->handle == NULL)
debug_return_int(-1);
struct privilege *priv;
struct userspec *us;
struct member *matching_user;
- debug_decl(sudo_file_lookup, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_lookup, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (nss->handle == NULL)
debug_return_int(validated);
sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags,
struct sudo_lbuf *lbuf)
{
- debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS, sudoers_debug_instance)
#ifdef HAVE_PRIV_SET
if (cs->privs)
struct privilege *priv;
struct cmndtag tags;
int nfound = 0;
- debug_decl(sudo_file_display_priv_short, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_display_priv_short, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* gcc -Wuninitialized false positive */
tags.noexec = UNSPEC;
struct member *m;
struct privilege *priv;
int nfound = 0, olen;
- debug_decl(sudo_file_display_priv_long, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_display_priv_long, SUDO_DEBUG_NSS, sudoers_debug_instance)
TAILQ_FOREACH(priv, &us->privileges, entries) {
if (hostlist_matches(&priv->hostlist) != ALLOW)
{
struct userspec *us;
int nfound = 0;
- debug_decl(sudo_file_display_priv, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_display_priv, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (nss->handle == NULL)
goto done;
struct defaults *d;
char *prefix;
int nfound = 0;
- debug_decl(sudo_file_display_defaults, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_display_defaults, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (nss->handle == NULL)
goto done;
struct sudo_lbuf *lbuf)
{
int nfound = 0;
- debug_decl(sudo_file_display_bound_defaults, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_display_bound_defaults, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* XXX - should only print ones that match what the user can do. */
nfound += display_bound_defaults(DEFAULTS_RUNAS, lbuf);
struct member *m;
char *dsep;
int atype, nfound = 0;
- debug_decl(display_bound_defaults, SUDO_DEBUG_NSS)
+ debug_decl(display_bound_defaults, SUDO_DEBUG_NSS, sudoers_debug_instance)
switch (dtype) {
case DEFAULTS_HOST:
struct userspec *us;
int rval = 1;
int host_match, runas_match, cmnd_match;
- debug_decl(sudo_file_display_cmnd, SUDO_DEBUG_NSS)
+ debug_decl(sudo_file_display_cmnd, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (nss->handle == NULL)
goto done;
struct alias *a;
struct member *m;
struct sudo_command *c;
- debug_decl(_print_member, SUDO_DEBUG_NSS)
+ debug_decl(_print_member, SUDO_DEBUG_NSS, sudoers_debug_instance)
switch (type) {
case ALL:
char * const *cur;
const char *p, *errstr, *groups = NULL;
const char *remhost = NULL;
+ const char *plugin_path = NULL;
+ struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
int flags = 0;
- debug_decl(sudoers_policy_deserialize_info, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudoers_policy_deserialize_info, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
#define MATCHES(s, v) (strncmp(s, v, sizeof(v) - 1) == 0)
}
continue;
}
+ if (MATCHES(*cur, "debug_flags=")) {
+ sudoers_debug_parse_flags(&debug_files,
+ *cur + sizeof("debug_flags=") - 1);
+ continue;
+ }
if (MATCHES(*cur, "runas_user=")) {
*runas_user = *cur + sizeof("runas_user=") - 1;
sudo_user.flags |= RUNAS_USER_SPECIFIED;
remhost = *cur + sizeof("remote_host=") - 1;
continue;
}
+ if (MATCHES(*cur, "plugin_path=")) {
+ plugin_path = *cur + sizeof("plugin_path=") - 1;
+ continue;
+ }
}
for (cur = info->user_info; *cur != NULL; cur++) {
user_umask = umask(SUDO_UMASK);
umask(user_umask);
- /* Settings and user info debug. */
+ /* Setup debugging if indicated. */
+ sudoers_debug_register(&debug_files, plugin_path);
+
+ /* Dump settings and user info (XXX - plugin args) */
for (cur = info->settings; *cur != NULL; cur++)
sudo_debug_printf(SUDO_DEBUG_INFO, "settings: %s", *cur);
for (cur = info->user_info; *cur != NULL; cur++)
char **command_info;
int info_len = 0;
int rval = -1;
- debug_decl(sudoers_policy_exec_setup, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudoers_policy_exec_setup, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
/* Increase the length of command_info as needed, it is *not* checked. */
command_info = sudo_ecalloc(32, sizeof(char **));
char * const user_info[], char * const envp[], char * const args[])
{
struct sudoers_policy_open_info info;
- debug_decl(sudoers_policy_open, SUDO_DEBUG_PLUGIN)
+ int prev_instance, rval;
+ debug_decl(sudoers_policy_open, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
sudo_version = version;
sudo_conv = conversation;
if (sudo_version < SUDO_API_MKVERSION(1, 2))
args = NULL;
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
+
/* Call the sudoers init function. */
info.settings = settings;
info.user_info = user_info;
info.plugin_args = args;
- debug_return_bool(sudoers_policy_init(&info, envp));
+ rval = sudoers_policy_init(&info, envp);
+
+ sudo_debug_set_default_instance(prev_instance);
+ debug_return_bool(rval);
}
static void
sudoers_policy_close(int exit_status, int error_code)
{
- debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN)
+ int prev_instance;
+ debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
/* We do not currently log the exit status. */
if (error_code) {
}
sudo_efree(user_gids);
user_gids = NULL;
+ sudo_debug_set_default_instance(prev_instance);
+
+ if (sudoers_debug_instance != SUDO_DEBUG_INSTANCE_INITIALIZER) {
+ sudo_debug_deregister(sudoers_debug_instance);
+ sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
+ }
debug_return;
}
static int
sudoers_policy_init_session(struct passwd *pwd, char **user_env[])
{
- debug_decl(sudoers_policy_init_session, SUDO_DEBUG_PLUGIN)
+ int prev_instance, rval;
+ debug_decl(sudoers_policy_init_session, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
/* user_env is only specified for API version 1.2 and higher. */
if (sudo_version < SUDO_API_MKVERSION(1, 2))
user_env = NULL;
- debug_return_bool(sudo_auth_begin_session(pwd, user_env));
+ rval = sudo_auth_begin_session(pwd, user_env);
+ sudo_debug_set_default_instance(prev_instance);
+ debug_return_bool(rval);
}
static int
char **command_infop[], char **argv_out[], char **user_env_out[])
{
struct sudoers_exec_args exec_args;
- int rval;
- debug_decl(sudoers_policy_check, SUDO_DEBUG_PLUGIN)
+ int prev_instance, rval;
+ debug_decl(sudoers_policy_check, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
if (!ISSET(sudo_mode, MODE_EDIT))
SET(sudo_mode, MODE_RUN);
!sudo_auth_needs_end_session())
sudoers_policy.close = NULL;
}
+ sudo_debug_set_default_instance(prev_instance);
debug_return_bool(rval);
}
static int
sudoers_policy_validate(void)
{
- debug_decl(sudoers_policy_validate, SUDO_DEBUG_PLUGIN)
+ int prev_instance, rval;
+ debug_decl(sudoers_policy_validate, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
user_cmnd = "validate";
SET(sudo_mode, MODE_VALIDATE);
- debug_return_bool(sudoers_policy_main(0, NULL, I_VERIFYPW, NULL, NULL));
+ rval = sudoers_policy_main(0, NULL, I_VERIFYPW, NULL, NULL);
+ sudo_debug_set_default_instance(prev_instance);
+ debug_return_bool(rval);
}
static void
sudoers_policy_invalidate(int remove)
{
- debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN)
+ int prev_instance;
+ debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
user_cmnd = "kill";
remove_timestamp(remove);
sudoers_cleanup();
+ sudo_debug_set_default_instance(prev_instance);
debug_return;
}
sudoers_policy_list(int argc, char * const argv[], int verbose,
const char *list_user)
{
- int rval;
- debug_decl(sudoers_policy_list, SUDO_DEBUG_PLUGIN)
+ int prev_instance, rval = -1;
+ debug_decl(sudoers_policy_list, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
user_cmnd = "list";
if (argc)
list_pw = sudo_getpwnam(list_user);
if (list_pw == NULL) {
sudo_warnx(U_("unknown user: %s"), list_user);
- debug_return_bool(-1);
+ goto done;
}
}
rval = sudoers_policy_main(argc, argv, I_LISTPW, NULL, NULL);
list_pw = NULL;
}
+done:
+ sudo_debug_set_default_instance(prev_instance);
debug_return_bool(rval);
}
static int
sudoers_policy_version(int verbose)
{
- debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN)
+ int prev_instance;
+ debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"),
PACKAGE_VERSION);
sudo_printf(SUDO_CONV_INFO_MSG, "\n");
}
}
+ sudo_debug_set_default_instance(prev_instance);
debug_return_bool(true);
}
sudoers_policy_register_hooks(int version, int (*register_hook)(struct sudo_hook *hook))
{
struct sudo_hook hook;
+ int prev_instance;
+ debug_decl(sudoers_policy_register_hooks, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
+
+ prev_instance = sudo_debug_set_default_instance(sudoers_debug_instance);
memset(&hook, 0, sizeof(hook));
hook.hook_version = SUDO_HOOK_VERSION;
hook.hook_type = SUDO_HOOK_PUTENV;
hook.hook_fn = sudoers_hook_putenv;
register_hook(&hook);
+
+ sudo_debug_set_default_instance(prev_instance);
}
__dso_public struct policy_plugin sudoers_policy = {
/*
- * Copyright (c) 1993-1996,1998-2005, 2007-2013
+ * Copyright (c) 1993-1996,1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
int subst;
const char *p;
char *np, *new_prompt, *endp;
- debug_decl(expand_prompt, SUDO_DEBUG_AUTH)
+ debug_decl(expand_prompt, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* How much space do we need to malloc for the prompt? */
subst = 0;
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
void
sudo_pw_addref(struct passwd *pw)
{
- debug_decl(sudo_pw_addref, SUDO_DEBUG_NSS)
+ debug_decl(sudo_pw_addref, SUDO_DEBUG_NSS, sudoers_debug_instance)
ptr_to_item(pw)->refcnt++;
debug_return;
}
sudo_pw_delref_item(void *v)
{
struct cache_item *item = v;
- debug_decl(sudo_pw_delref_item, SUDO_DEBUG_NSS)
+ debug_decl(sudo_pw_delref_item, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (--item->refcnt == 0)
sudo_efree(item);
void
sudo_pw_delref(struct passwd *pw)
{
- debug_decl(sudo_pw_delref, SUDO_DEBUG_NSS)
+ debug_decl(sudo_pw_delref, SUDO_DEBUG_NSS, sudoers_debug_instance)
sudo_pw_delref_item(ptr_to_item(pw));
debug_return;
}
{
struct cache_item key, *item;
struct rbnode *node;
- debug_decl(sudo_getpwuid, SUDO_DEBUG_NSS)
+ debug_decl(sudo_getpwuid, SUDO_DEBUG_NSS, sudoers_debug_instance)
key.k.uid = uid;
if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
struct cache_item key, *item;
struct rbnode *node;
size_t len;
- debug_decl(sudo_getpwnam, SUDO_DEBUG_NSS)
+ debug_decl(sudo_getpwnam, SUDO_DEBUG_NSS, sudoers_debug_instance)
key.k.name = (char *) name;
if ((node = rbfind(pwcache_byname, &key)) != NULL) {
struct rbnode *node;
size_t len, name_len, home_len, shell_len;
int i;
- debug_decl(sudo_mkpwent, SUDO_DEBUG_NSS)
+ debug_decl(sudo_mkpwent, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* Optional arguments. */
if (home == NULL)
{
const char *errstr;
uid_t uid;
- debug_decl(sudo_fakepwnam, SUDO_DEBUG_NSS)
+ debug_decl(sudo_fakepwnam, SUDO_DEBUG_NSS, sudoers_debug_instance)
uid = (uid_t) sudo_strtoid(user + 1, NULL, NULL, &errstr);
if (errstr != NULL) {
void
sudo_setpwent(void)
{
- debug_decl(sudo_setpwent, SUDO_DEBUG_NSS)
+ debug_decl(sudo_setpwent, SUDO_DEBUG_NSS, sudoers_debug_instance)
setpwent();
if (pwcache_byuid == NULL)
void
sudo_freepwcache(void)
{
- debug_decl(sudo_freepwcache, SUDO_DEBUG_NSS)
+ debug_decl(sudo_freepwcache, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (pwcache_byuid != NULL) {
rbdestroy(pwcache_byuid, sudo_pw_delref_item);
void
sudo_endpwent(void)
{
- debug_decl(sudo_endpwent, SUDO_DEBUG_NSS)
+ debug_decl(sudo_endpwent, SUDO_DEBUG_NSS, sudoers_debug_instance)
endpwent();
sudo_freepwcache();
void
sudo_gr_addref(struct group *gr)
{
- debug_decl(sudo_gr_addref, SUDO_DEBUG_NSS)
+ debug_decl(sudo_gr_addref, SUDO_DEBUG_NSS, sudoers_debug_instance)
ptr_to_item(gr)->refcnt++;
debug_return;
}
sudo_gr_delref_item(void *v)
{
struct cache_item *item = v;
- debug_decl(sudo_gr_delref_item, SUDO_DEBUG_NSS)
+ debug_decl(sudo_gr_delref_item, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (--item->refcnt == 0)
sudo_efree(item);
void
sudo_gr_delref(struct group *gr)
{
- debug_decl(sudo_gr_delref, SUDO_DEBUG_NSS)
+ debug_decl(sudo_gr_delref, SUDO_DEBUG_NSS, sudoers_debug_instance)
sudo_gr_delref_item(ptr_to_item(gr));
debug_return;
}
{
struct cache_item key, *item;
struct rbnode *node;
- debug_decl(sudo_getgrgid, SUDO_DEBUG_NSS)
+ debug_decl(sudo_getgrgid, SUDO_DEBUG_NSS, sudoers_debug_instance)
key.k.gid = gid;
if ((node = rbfind(grcache_bygid, &key)) != NULL) {
struct cache_item key, *item;
struct rbnode *node;
size_t len;
- debug_decl(sudo_getgrnam, SUDO_DEBUG_NSS)
+ debug_decl(sudo_getgrnam, SUDO_DEBUG_NSS, sudoers_debug_instance)
key.k.name = (char *) name;
if ((node = rbfind(grcache_byname, &key)) != NULL) {
struct rbnode *node;
size_t len, name_len;
int i;
- debug_decl(sudo_fakegrnam, SUDO_DEBUG_NSS)
+ debug_decl(sudo_fakegrnam, SUDO_DEBUG_NSS, sudoers_debug_instance)
name_len = strlen(group);
len = sizeof(*gritem) + name_len + 1;
void
sudo_grlist_addref(struct group_list *grlist)
{
- debug_decl(sudo_gr_addref, SUDO_DEBUG_NSS)
+ debug_decl(sudo_gr_addref, SUDO_DEBUG_NSS, sudoers_debug_instance)
ptr_to_item(grlist)->refcnt++;
debug_return;
}
sudo_grlist_delref_item(void *v)
{
struct cache_item *item = v;
- debug_decl(sudo_gr_delref_item, SUDO_DEBUG_NSS)
+ debug_decl(sudo_gr_delref_item, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (--item->refcnt == 0)
sudo_efree(item);
void
sudo_grlist_delref(struct group_list *grlist)
{
- debug_decl(sudo_gr_delref, SUDO_DEBUG_NSS)
+ debug_decl(sudo_gr_delref, SUDO_DEBUG_NSS, sudoers_debug_instance)
sudo_grlist_delref_item(ptr_to_item(grlist));
debug_return;
}
void
sudo_setgrent(void)
{
- debug_decl(sudo_setgrent, SUDO_DEBUG_NSS)
+ debug_decl(sudo_setgrent, SUDO_DEBUG_NSS, sudoers_debug_instance)
setgrent();
if (grcache_bygid == NULL)
void
sudo_freegrcache(void)
{
- debug_decl(sudo_freegrcache, SUDO_DEBUG_NSS)
+ debug_decl(sudo_freegrcache, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (grcache_bygid != NULL) {
rbdestroy(grcache_bygid, sudo_gr_delref_item);
void
sudo_endgrent(void)
{
- debug_decl(sudo_endgrent, SUDO_DEBUG_NSS)
+ debug_decl(sudo_endgrent, SUDO_DEBUG_NSS, sudoers_debug_instance)
endgrent();
sudo_freegrcache();
struct cache_item key, *item;
struct rbnode *node;
size_t len;
- debug_decl(sudo_get_grlist, SUDO_DEBUG_NSS)
+ debug_decl(sudo_get_grlist, SUDO_DEBUG_NSS, sudoers_debug_instance)
key.k.name = pw->pw_name;
if ((node = rbfind(grlist_cache, &key)) != NULL) {
{
struct cache_item key, *item;
struct rbnode *node;
- debug_decl(sudo_set_grlist, SUDO_DEBUG_NSS)
+ debug_decl(sudo_set_grlist, SUDO_DEBUG_NSS, sudoers_debug_instance)
/*
* Cache group db entry if it doesn't already exist
const char *errstr;
int i;
bool matched = false;
- debug_decl(user_in_group, SUDO_DEBUG_NSS)
+ debug_decl(user_in_group, SUDO_DEBUG_NSS, sudoers_debug_instance)
if ((grlist = sudo_get_grlist(pw)) != NULL) {
/*
size_t nsize, psize, csize, gsize, dsize, ssize, total;
struct cache_item_pw *pwitem;
struct passwd *pw, *newpw;
- debug_decl(sudo_make_pwitem, SUDO_DEBUG_NSS)
+ debug_decl(sudo_make_pwitem, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* Look up by name or uid. */
pw = name ? getpwnam(name) : getpwuid(uid);
size_t nsize, psize, nmem, total, len;
struct cache_item_gr *gritem;
struct group *gr, *newgr;
- debug_decl(sudo_make_gritem, SUDO_DEBUG_NSS)
+ debug_decl(sudo_make_gritem, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* Look up by name or gid. */
gr = name ? getgrnam(name) : getgrgid(gid);
GETGROUPS_T *gids;
struct group *grp;
int i, ngids, groupname_len;
- debug_decl(sudo_make_grlist_item, SUDO_DEBUG_NSS)
+ debug_decl(sudo_make_grlist_item, SUDO_DEBUG_NSS, sudoers_debug_instance)
if (pw == sudo_user.pw && sudo_user.gids != NULL) {
gids = user_gids;
/*
- * Copyright (c) 2004-2005, 2007, 2009-2013
+ * Copyright (c) 2004-2005, 2007, 2009-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
# endif
#endif /* STDC_HEADERS */
-#include "sudo_compat.h"
-#include "sudo_alloc.h"
-#include "sudo_debug.h"
+#include "sudoers.h"
#include "redblack.h"
static void rbrepair(struct rbtree *, struct rbnode *);
rbcreate(int (*compar)(const void *, const void*))
{
struct rbtree *tree;
- debug_decl(rbcreate, SUDO_DEBUG_RBTREE)
+ debug_decl(rbcreate, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
tree = (struct rbtree *) sudo_emalloc(sizeof(*tree));
tree->compar = compar;
rotate_left(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *child;
- debug_decl(rotate_left, SUDO_DEBUG_RBTREE)
+ debug_decl(rotate_left, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
child = node->right;
node->right = child->left;
rotate_right(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *child;
- debug_decl(rotate_right, SUDO_DEBUG_RBTREE)
+ debug_decl(rotate_right, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
child = node->left;
node->left = child->right;
struct rbnode *node = rbfirst(tree);
struct rbnode *parent = rbroot(tree);
int res;
- debug_decl(rbinsert, SUDO_DEBUG_RBTREE)
+ debug_decl(rbinsert, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
/* Find correct insertion point. */
while (node != rbnil(tree)) {
{
struct rbnode *node = rbfirst(tree);
int res;
- debug_decl(rbfind, SUDO_DEBUG_RBTREE)
+ debug_decl(rbfind, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
while (node != rbnil(tree)) {
if ((res = tree->compar(key, node->data)) == 0)
int (*func)(void *, void *), void *cookie, enum rbtraversal order)
{
int error;
- debug_decl(rbapply_node, SUDO_DEBUG_RBTREE)
+ debug_decl(rbapply_node, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
if (node != rbnil(tree)) {
if (order == preorder)
rbsuccessor(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *succ;
- debug_decl(rbsuccessor, SUDO_DEBUG_RBTREE)
+ debug_decl(rbsuccessor, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
if ((succ = node->right) != rbnil(tree)) {
while (succ->left != rbnil(tree))
static void
_rbdestroy(struct rbtree *tree, struct rbnode *node, void (*destroy)(void *))
{
- debug_decl(_rbdestroy, SUDO_DEBUG_RBTREE)
+ debug_decl(_rbdestroy, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
if (node != rbnil(tree)) {
_rbdestroy(tree, node->left, destroy);
_rbdestroy(tree, node->right, destroy);
void
rbdestroy(struct rbtree *tree, void (*destroy)(void *))
{
- debug_decl(rbdestroy, SUDO_DEBUG_RBTREE)
+ debug_decl(rbdestroy, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
_rbdestroy(tree, rbfirst(tree), destroy);
sudo_efree(tree);
debug_return;
{
struct rbnode *x, *y;
void *data = z->data;
- debug_decl(rbdelete, SUDO_DEBUG_RBTREE)
+ debug_decl(rbdelete, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
if (z->left == rbnil(tree) || z->right == rbnil(tree))
y = z;
rbrepair(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *sibling;
- debug_decl(rbrepair, SUDO_DEBUG_RBTREE)
+ debug_decl(rbrepair, SUDO_DEBUG_RBTREE, sudoers_debug_instance)
while (node->color == black && node != rbfirst(tree)) {
if (node == node->parent->left) {
/*
- * Copyright (c) 1994-1996,1998-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1994-1996,1998-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
bool
rewind_perms(void)
{
- debug_decl(rewind_perms, SUDO_DEBUG_PERMS)
+ debug_decl(rewind_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth != 0) {
while (perm_stack_depth > 1) {
struct perm_state *state, *ostate = NULL;
char errbuf[1024];
const char *errstr = errbuf;
- debug_decl(set_perms, SUDO_DEBUG_PERMS)
+ debug_decl(set_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth == PERM_STACK_MAX) {
errstr = N_("perm stack overflow");
restore_perms(void)
{
struct perm_state *state, *ostate;
- debug_decl(restore_perms, SUDO_DEBUG_PERMS)
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow"));
struct perm_state *state, *ostate = NULL;
char errbuf[1024];
const char *errstr = errbuf;
- debug_decl(set_perms, SUDO_DEBUG_PERMS)
+ debug_decl(set_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth == PERM_STACK_MAX) {
errstr = N_("perm stack overflow");
restore_perms(void)
{
struct perm_state *state, *ostate;
- debug_decl(restore_perms, SUDO_DEBUG_PERMS)
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow"));
struct perm_state *state, *ostate = NULL;
char errbuf[1024];
const char *errstr = errbuf;
- debug_decl(set_perms, SUDO_DEBUG_PERMS)
+ debug_decl(set_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth == PERM_STACK_MAX) {
errstr = N_("perm stack overflow");
restore_perms(void)
{
struct perm_state *state, *ostate;
- debug_decl(restore_perms, SUDO_DEBUG_PERMS)
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow"));
struct perm_state *state, *ostate = NULL;
char errbuf[1024];
const char *errstr = errbuf;
- debug_decl(set_perms, SUDO_DEBUG_PERMS)
+ debug_decl(set_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth == PERM_STACK_MAX) {
errstr = N_("perm stack overflow");
restore_perms(void)
{
struct perm_state *state, *ostate;
- debug_decl(restore_perms, SUDO_DEBUG_PERMS)
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow"));
struct perm_state *state, *ostate = NULL;
char errbuf[1024];
const char *errstr = errbuf;
- debug_decl(set_perms, SUDO_DEBUG_PERMS)
+ debug_decl(set_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth == PERM_STACK_MAX) {
errstr = N_("perm stack overflow");
restore_perms(void)
{
struct perm_state *state, *ostate;
- debug_decl(restore_perms, SUDO_DEBUG_PERMS)
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (perm_stack_depth < 2) {
sudo_warnx(U_("perm stack underflow"));
{
struct passwd *pw;
struct group_list *grlist;
- debug_decl(runas_setgroups, SUDO_DEBUG_PERMS)
+ debug_decl(runas_setgroups, SUDO_DEBUG_PERMS, sudoers_debug_instance)
if (def_preserve_groups) {
sudo_grlist_addref(user_group_list);
sudo_sss_attrcpy(struct sss_sudo_attr *dst, const struct sss_sudo_attr *src)
{
unsigned int i;
- debug_decl(sudo_sss_attrcpy, SUDO_DEBUG_SSSD)
+ debug_decl(sudo_sss_attrcpy, SUDO_DEBUG_SSSD, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_DEBUG, "dst=%p, src=%p", dst, src);
sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_emalloc: cnt=%d", src->num_values);
sudo_sss_rulecpy(struct sss_sudo_rule *dst, const struct sss_sudo_rule *src)
{
unsigned int i;
- debug_decl(sudo_sss_rulecpy, SUDO_DEBUG_SSSD)
+ debug_decl(sudo_sss_rulecpy, SUDO_DEBUG_SSSD, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_DEBUG, "dst=%p, src=%p", dst, src);
sudo_debug_printf(SUDO_DEBUG_INFO, "sudo_emalloc: cnt=%d", src->num_attrs);
struct sss_sudo_result *out_res;
unsigned int i, l;
int r;
- debug_decl(sudo_sss_filter_result, SUDO_DEBUG_SSSD)
+ debug_decl(sudo_sss_filter_result, SUDO_DEBUG_SSSD, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_DEBUG, "in_res=%p, count=%u, act=%s",
in_res, in_res ? in_res->num_rules : 0,
{
struct sudo_sss_handle *handle;
static const char path[] = _PATH_SSSD_LIB"/libsss_sudo.so";
- debug_decl(sudo_sss_open, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_open, SUDO_DEBUG_SSSD, sudoers_debug_instance);
/* Create a handle container. */
handle = sudo_emalloc(sizeof(struct sudo_sss_handle));
static int sudo_sss_close(struct sudo_nss *nss)
{
struct sudo_sss_handle *handle;
- debug_decl(sudo_sss_close, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_close, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (nss && nss->handle) {
handle = nss->handle;
// ok
static int sudo_sss_parse(struct sudo_nss *nss)
{
- debug_decl(sudo_sss_parse, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_parse, SUDO_DEBUG_SSSD, sudoers_debug_instance);
debug_return_int(0);
}
struct sss_sudo_rule *sss_rule;
uint32_t sss_error;
unsigned int i;
- debug_decl(sudo_sss_setdefs, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_setdefs, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (handle == NULL)
debug_return_int(-1);
static int sudo_sss_checkpw(struct sudo_nss *nss, struct passwd *pw)
{
struct sudo_sss_handle *handle = nss->handle;
- debug_decl(sudo_sss_checkpw, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_checkpw, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (pw->pw_name != handle->pw->pw_name ||
pw->pw_uid != handle->pw->pw_uid) {
char **val_array = NULL;
char *val;
int ret = false, i;
- debug_decl(sudo_sss_check_runas_user, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_check_runas_user, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (!runas_pw)
debug_return_int(UNSPEC);
char **val_array = NULL;
char *val;
int ret = false, i;
- debug_decl(sudo_sss_check_runas_group, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_check_runas_group, SUDO_DEBUG_SSSD, sudoers_debug_instance);
/* runas_gr is only set if the user specified the -g flag */
if (!runas_gr)
sudo_sss_check_runas(struct sudo_sss_handle *handle, struct sss_sudo_rule *rule)
{
bool ret;
- debug_decl(sudo_sss_check_runas, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_check_runas, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (rule == NULL)
debug_return_bool(false);
char **val_array, *val;
bool ret = false;
int i;
- debug_decl(sudo_sss_check_host, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_check_host, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (rule == NULL)
debug_return_bool(ret);
bool ret = false, netgroup_spec_found = false;
char **val_array, *val;
int i;
- debug_decl(sudo_sss_filter_user_netgroup, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_filter_user_netgroup, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (!handle || !rule)
debug_return_bool(ret);
struct sss_sudo_rule *rule, void *unused)
{
(void)unused;
- debug_decl(sudo_sss_result_filterp, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_result_filterp, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (sudo_sss_check_host(handle, rule) &&
sudo_sss_filter_user_netgroup(handle, rule))
struct sudo_sss_handle *handle = nss->handle;
struct sss_sudo_result *u_sss_result, *f_sss_result;
uint32_t sss_error = 0, ret;
- debug_decl(sudo_sss_result_get, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_result_get, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (sudo_sss_checkpw(nss, pw) != 0)
debug_return_ptr(NULL);
{
char ch, *var, **val_array = NULL;
int i, ret = UNSPEC;
- debug_decl(sudo_sss_check_bool, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_check_bool, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (rule == NULL)
debug_return_int(ret);
{
char *ep, *cp = *cmnd;
int digest_type = SUDO_DIGEST_INVALID;
- debug_decl(sudo_sss_check_command, SUDO_DEBUG_LDAP)
+ debug_decl(sudo_sss_check_command, SUDO_DEBUG_LDAP, sudoers_debug_instance)
/*
* Check for and extract a digest prefix, e.g.
bool foundbang;
unsigned int i;
struct sudo_digest digest, *allowed_digest = NULL;
- debug_decl(sudo_sss_check_command, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_check_command, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (rule == NULL)
debug_return_int(ret);
int i;
char op, *v, *val;
char **val_array = NULL;
- debug_decl(sudo_sss_parse_options, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_parse_options, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (rule == NULL)
debug_return;
struct sss_sudo_result *sss_result = NULL;
struct sss_sudo_rule *rule;
uint32_t i, state = 0;
- debug_decl(sudo_sss_lookup, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_lookup, SUDO_DEBUG_SSSD, sudoers_debug_instance);
/* Fetch list of sudoRole entries that match user and host. */
sss_result = sudo_sss_result_get(nss, sudo_user.pw, &state);
struct sss_sudo_rule *rule;
unsigned int i;
bool found = false;
- debug_decl(sudo_sss_display_cmnd, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_display_cmnd, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (handle == NULL)
goto done;
char *prefix, *val, **val_array = NULL;
unsigned int i, j;
int count = 0;
- debug_decl(sudo_sss_display_defaults, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_display_defaults, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (handle == NULL)
goto done;
sudo_sss_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct sudo_lbuf *lbuf)
{
- debug_decl(sudo_sss_display_bound_defaults, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_display_bound_defaults, SUDO_DEBUG_SSSD, sudoers_debug_instance);
debug_return_int(0);
}
{
char **val_array = NULL;
int count = 0, i;
- debug_decl(sudo_sss_display_entry_long, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_display_entry_long, SUDO_DEBUG_SSSD, sudoers_debug_instance);
/* get the RunAsUser Values from the entry */
sudo_lbuf_append(lbuf, " RunAsUsers: ");
{
char **val_array = NULL;
int count = 0, i;
- debug_decl(sudo_sss_display_entry_short, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_display_entry_short, SUDO_DEBUG_SSSD, sudoers_debug_instance);
sudo_lbuf_append(lbuf, " (");
struct sss_sudo_result *sss_result = NULL;
struct sss_sudo_rule *rule;
unsigned int i, count = 0;
- debug_decl(sudo_sss_display_privs, SUDO_DEBUG_SSSD);
+ debug_decl(sudo_sss_display_privs, SUDO_DEBUG_SSSD, sudoers_debug_instance);
if (handle == NULL)
debug_return_int(-1);
bool saw_files = false;
bool got_match = false;
static struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
- debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
+ debug_decl(sudo_read_nss, SUDO_DEBUG_NSS, sudoers_debug_instance)
if ((fp = fopen(_PATH_NSSWITCH_CONF, "r")) == NULL)
goto nomatch;
bool saw_ldap = false;
bool got_match = false;
static struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
- debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
+ debug_decl(sudo_read_nss, SUDO_DEBUG_NSS, sudoers_debug_instance)
if ((fp = fopen(_PATH_NETSVC_CONF, "r")) == NULL)
goto nomatch;
sudo_read_nss(void)
{
static struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
- debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
+ debug_decl(sudo_read_nss, SUDO_DEBUG_NSS, sudoers_debug_instance)
# ifdef HAVE_SSSD
TAILQ_INSERT_TAIL(&snl, &sudo_nss_sss, entries);
{
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
- debug_decl(output, SUDO_DEBUG_NSS)
+ debug_decl(output, SUDO_DEBUG_NSS, sudoers_debug_instance)
/* Call conversation function */
memset(&msg, 0, sizeof(msg));
struct sudo_lbuf defs, privs;
struct stat sb;
int cols, count, olen;
- debug_decl(display_privs, SUDO_DEBUG_NSS)
+ debug_decl(display_privs, SUDO_DEBUG_NSS, sudoers_debug_instance)
cols = sudo_user.cols;
if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode))
display_cmnd(struct sudo_nss_list *snl, struct passwd *pw)
{
struct sudo_nss *nss;
- debug_decl(display_cmnd, SUDO_DEBUG_NSS)
+ debug_decl(display_cmnd, SUDO_DEBUG_NSS, sudoers_debug_instance)
TAILQ_FOREACH(nss, snl, entries) {
if (nss->display_cmnd(nss, pw) == 0)
volatile int sources = 0;
struct sudo_nss *nss, *nss_next;
int rval = -1;
- debug_decl(sudoers_policy_init, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudoers_policy_init, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
bindtextdomain("sudoers", LOCALEDIR);
struct sudo_nss *nss;
int cmnd_status = -1, oldlocale, validated;
volatile int rval = true;
- debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
/* Is root even allowed to run sudo? */
if (user_uid == 0 && !def_root_sudo) {
{
char * const * ep;
bool unknown_user = false;
- debug_decl(init_vars, SUDO_DEBUG_PLUGIN)
+ debug_decl(init_vars, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
sudoers_initlocale(setlocale(LC_ALL, NULL), def_sudoers_locale);
{
int rval = FOUND;
char *path = user_path;
- debug_decl(set_cmnd, SUDO_DEBUG_PLUGIN)
+ debug_decl(set_cmnd, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
/* Allocate user_stat for find_path() and match functions. */
user_stat = sudo_ecalloc(1, sizeof(struct stat));
{
struct stat sb;
FILE *fp = NULL;
- debug_decl(open_sudoers, SUDO_DEBUG_PLUGIN)
+ debug_decl(open_sudoers, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
if (!set_perms(PERM_SUDOERS))
debug_return_ptr(NULL);
const int errflags = SLOG_RAW_MSG;
login_cap_t *lc;
bool rval = true;
- debug_decl(set_loginclass, SUDO_DEBUG_PLUGIN)
+ debug_decl(set_loginclass, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
if (!def_use_loginclass)
goto done;
{
struct addrinfo *res0, hint;
char *p;
- debug_decl(set_fqdn, SUDO_DEBUG_PLUGIN)
+ debug_decl(set_fqdn, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
memset(&hint, 0, sizeof(hint));
hint.ai_family = PF_UNSPEC;
set_runaspw(const char *user, bool quiet)
{
struct passwd *pw = NULL;
- debug_decl(set_runaspw, SUDO_DEBUG_PLUGIN)
+ debug_decl(set_runaspw, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
if (*user == '#') {
const char *errstr;
set_runasgr(const char *group, bool quiet)
{
struct group *gr = NULL;
- debug_decl(set_runasgr, SUDO_DEBUG_PLUGIN)
+ debug_decl(set_runasgr, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
if (*group == '#') {
const char *errstr;
sudoers_cleanup(void)
{
struct sudo_nss *nss;
- debug_decl(sudoers_cleanup, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudoers_cleanup, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
if (snl != NULL) {
TAILQ_FOREACH(nss, snl, entries) {
char *cp, **nargv, *editor, *editor_path = NULL;
int ac, i, nargc;
bool wasblank;
- debug_decl(resolve_editor, SUDO_DEBUG_PLUGIN)
+ debug_decl(resolve_editor, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
/* Note: editor becomes part of argv_out and is not freed. */
editor = sudo_emalloc(edlen + 1);
const char *cp, *ep, *editor;
char *editor_path = NULL, **ev, *ev0[4];
size_t len;
- debug_decl(find_editor, SUDO_DEBUG_PLUGIN)
+ debug_decl(find_editor, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
/*
* If any of SUDO_EDITOR, VISUAL or EDITOR are set, choose the first one.
struct stat statbuf;
char flagfile[PATH_MAX];
int fd, n;
- debug_decl(create_admin_success_flag, SUDO_DEBUG_PLUGIN)
+ debug_decl(create_admin_success_flag, SUDO_DEBUG_PLUGIN, sudoers_debug_instance)
/* Check whether the user is in the admin group. */
if (!user_in_group(sudo_user.pw, "admin"))
int sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], void *closure);
void sudoers_cleanup(void);
+/* sudoers_debug.c */
+void sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files, const char *entry);
+void sudoers_debug_register(struct sudo_conf_debug_file_list *debug_files, const char *plugin_path);
+extern int sudoers_debug_instance;
+
/* policy.c */
int sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group);
int sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v);
--- /dev/null
+/*
+ * Copyright (c) 2014 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#include <ctype.h>
+
+#include "sudoers.h"
+
+int sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
+
+/*
+ * Parse the "filename flags,..." debug_flags entry and insert a new
+ * sudo_debug_file struct into debug_files.
+ */
+void
+sudoers_debug_parse_flags(struct sudo_conf_debug_file_list *debug_files,
+ const char *entry)
+{
+ struct sudo_debug_file *debug_file;
+ const char *filename, *flags;
+ size_t namelen;
+
+ /* Already initialized? */
+ if (sudoers_debug_instance != SUDO_DEBUG_INSTANCE_INITIALIZER)
+ return;
+
+ /* Process new-style debug flags: filename flags,... */
+ filename = entry;
+ if (*filename != '/' || (flags = strpbrk(filename, " \t")) == NULL)
+ return;
+ namelen = (size_t)(flags - filename);
+ while (isblank((unsigned char)*flags))
+ flags++;
+ if (*flags == '\0')
+ return;
+
+ debug_file = sudo_emalloc(sizeof(*debug_file));
+ debug_file->debug_file = sudo_estrndup(filename, namelen);
+ debug_file->debug_flags = sudo_estrdup(flags);
+ TAILQ_INSERT_TAIL(debug_files, debug_file, entries);
+}
+
+/*
+ * Register the specified debug files and plugin_path with the
+ * debug subsystem.
+ */
+void
+sudoers_debug_register(struct sudo_conf_debug_file_list *debug_files,
+ const char *plugin_path)
+{
+ struct sudo_debug_file *debug_file, *debug_next;
+
+ /* Setup debugging if indicated. */
+ if (!TAILQ_EMPTY(debug_files)) {
+ if (plugin_path != NULL) {
+ sudoers_debug_instance =
+ sudo_debug_register(plugin_path, NULL, 0, debug_files);
+ }
+ TAILQ_FOREACH_SAFE(debug_file, debug_files, entries, debug_next) {
+ TAILQ_REMOVE(debug_files, debug_file, entries);
+ sudo_efree(debug_file->debug_file);
+ sudo_efree(debug_file->debug_flags);
+ sudo_efree(debug_file);
+ }
+ }
+}
char *cp, *ep, path[PATH_MAX];
struct log_info *li;
double max_wait = 0;
- debug_decl(main, SUDO_DEBUG_MAIN)
+ debug_decl(main, SUDO_DEBUG_MAIN, SUDO_DEBUG_INSTANCE_DEFAULT)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
{
char buf[LINE_MAX];
sigaction_t sa;
int idx;
- debug_decl(replay_session, SUDO_DEBUG_UTIL)
+ debug_decl(replay_session, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Restore tty settings if interupted. */
fflush(stdout);
static int
open_io_fd(char *path, int len, struct io_log_file *iol)
{
- debug_decl(open_io_fd, SUDO_DEBUG_UTIL)
+ debug_decl(open_io_fd, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (!iol->enabled)
debug_return_int(0);
ssize_t nwritten;
size_t count, remainder;
unsigned int i;
- debug_decl(write_output, SUDO_DEBUG_UTIL)
+ debug_decl(write_output, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
nwritten = writev(STDOUT_FILENO, wc->iov, wc->iovcnt);
switch (nwritten) {
bool or = false, not = false;
struct search_node *sn;
char type, **av;
- debug_decl(parse_expr, SUDO_DEBUG_UTIL)
+ debug_decl(parse_expr, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
for (av = argv; *av != NULL; av++) {
switch (av[0][0]) {
struct search_node *sn;
bool res, matched = last_match;
int rc;
- debug_decl(match_expr, SUDO_DEBUG_UTIL)
+ debug_decl(match_expr, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
STAILQ_FOREACH(sn, head, entries) {
switch (sn->type) {
const char *errstr;
size_t bufsize = 0, cwdsize = 0, cmdsize = 0;
struct log_info *li = NULL;
- debug_decl(parse_logfile, SUDO_DEBUG_UTIL)
+ debug_decl(parse_logfile, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
fp = fopen(logfile, "r");
if (fp == NULL) {
const char *timestr;
struct log_info *li;
int rval = -1;
- debug_decl(list_session, SUDO_DEBUG_UTIL)
+ debug_decl(list_session, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if ((li = parse_logfile(logfile)) == NULL)
goto done;
#else
const bool checked_type = false;
#endif
- debug_decl(find_sessions, SUDO_DEBUG_UTIL)
+ debug_decl(find_sessions, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
d = opendir(dir);
if (d == NULL)
const char *tty)
{
REGEX_T rebuf, *re = NULL;
- debug_decl(list_sessions, SUDO_DEBUG_UTIL)
+ debug_decl(list_sessions, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Parse search expression if present */
parse_expr(&search_expr, argv, false);
struct timeval tv, *timeout = NULL;
static bool paused = 0;
char ch;
- debug_decl(check_input, SUDO_DEBUG_UTIL)
+ debug_decl(check_input, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
if (ISSET(what, SUDO_EV_READ)) {
switch (read(fd, &ch, 1)) {
long l;
double d, fract = 0;
char *cp, *ep;
- debug_decl(parse_timing, SUDO_DEBUG_UTIL)
+ debug_decl(parse_timing, SUDO_DEBUG_UTIL, SUDO_DEBUG_INSTANCE_DEFAULT)
/* Parse index */
ul = strtoul(buf, &ep, 10);
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
*/
struct sudo_user sudo_user;
struct passwd *list_pw;
+int sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
static char *runas_group, *runas_user;
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
const char *errstr;
int match, host_match, runas_match, cmnd_match;
int ch, dflag, exitcode = 0;
- debug_decl(main, SUDO_DEBUG_MAIN)
+ debug_decl(main, SUDO_DEBUG_MAIN, sudoers_debug_instance)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
malloc_options = "AFGJPR";
set_runaspw(const char *user)
{
struct passwd *pw = NULL;
- debug_decl(set_runaspw, SUDO_DEBUG_UTIL)
+ debug_decl(set_runaspw, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (*user == '#') {
const char *errstr;
set_runasgr(const char *group)
{
struct group *gr = NULL;
- debug_decl(set_runasgr, SUDO_DEBUG_UTIL)
+ debug_decl(set_runasgr, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (*group == '#') {
const char *errstr;
struct stat sb;
FILE *fp = NULL;
char *sudoers_base;
- debug_decl(open_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(open_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
sudoers_base = strrchr(sudoers, '/');
if (sudoers_base != NULL)
print_member(struct member *m)
{
struct sudo_command *c;
- debug_decl(print_member, SUDO_DEBUG_UTIL)
+ debug_decl(print_member, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (m->negated)
putchar('!');
{
struct defaults *d;
struct member *m;
- debug_decl(print_defaults, SUDO_DEBUG_UTIL)
+ debug_decl(print_defaults, SUDO_DEBUG_UTIL, sudoers_debug_instance)
TAILQ_FOREACH(d, &defaults, entries) {
(void) fputs("Defaults", stdout);
struct alias *a = (struct alias *)v1;
struct member *m;
struct sudo_command *c;
- debug_decl(print_alias, SUDO_DEBUG_UTIL)
+ debug_decl(print_alias, SUDO_DEBUG_UTIL, sudoers_debug_instance)
switch (a->type) {
case HOSTALIAS:
struct cmndspec *cs;
struct member *m;
struct cmndtag tags;
- debug_decl(print_privilege, SUDO_DEBUG_UTIL)
+ debug_decl(print_privilege, SUDO_DEBUG_UTIL, sudoers_debug_instance)
TAILQ_FOREACH(m, &priv->hostlist, entries) {
if (m != TAILQ_FIRST(&priv->hostlist))
struct member *m;
struct userspec *us;
struct privilege *priv;
- debug_decl(print_userspecs, SUDO_DEBUG_UTIL)
+ debug_decl(print_userspecs, SUDO_DEBUG_UTIL, sudoers_debug_instance)
TAILQ_FOREACH(us, &userspecs, entries) {
TAILQ_FOREACH(m, &us->users, entries) {
void
dump_sudoers(void)
{
- debug_decl(dump_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(dump_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
print_defaults();
static bool
ts_match_record(struct timestamp_entry *key, struct timestamp_entry *entry)
{
- debug_decl(ts_match_record, SUDO_DEBUG_AUTH)
+ debug_decl(ts_match_record, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (entry->version != key->version)
debug_return_bool(false);
ts_find_record(int fd, struct timestamp_entry *key, struct timestamp_entry *entry)
{
struct timestamp_entry cur;
- debug_decl(ts_find_record, SUDO_DEBUG_AUTH)
+ debug_decl(ts_find_record, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/*
* Look for a matching record.
struct timestamp_entry cur;
ssize_t nwritten;
off_t old_eof = (off_t)-1;
- debug_decl(ts_update_record, SUDO_DEBUG_AUTH)
+ debug_decl(ts_update_record, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* First try the hint if one is given. */
if (timestamp_hint != (off_t)-1) {
gid_t parent_gid = 0;
char *slash = path;
bool rval = false;
- debug_decl(ts_mkdirs, SUDO_DEBUG_AUTH)
+ debug_decl(ts_mkdirs, SUDO_DEBUG_AUTH, sudoers_debug_instance)
while ((slash = strchr(slash + 1, '/')) != NULL) {
*slash = '\0';
{
struct stat sb;
bool rval = false;
- debug_decl(ts_secure_dir, SUDO_DEBUG_AUTH)
+ debug_decl(ts_secure_dir, SUDO_DEBUG_AUTH, sudoers_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "checking %s", path);
switch (sudo_secure_dir(path, timestamp_uid, -1, &sb)) {
build_timestamp(struct passwd *pw)
{
int len;
- debug_decl(build_timestamp, SUDO_DEBUG_AUTH)
+ debug_decl(build_timestamp, SUDO_DEBUG_AUTH, sudoers_debug_instance)
len = snprintf(timestamp_file, sizeof(timestamp_file), "%s/%s",
def_timestampdir, user_name);
bool uid_changed = false;
bool rval = false;
int fd;
- debug_decl(update_timestamp, SUDO_DEBUG_AUTH)
+ debug_decl(update_timestamp, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Zero timeout means don't update the time stamp file. */
if (def_timestamp_timeout == 0)
int status = TS_ERROR; /* assume the worst */
struct stat sb;
int fd = -1;
- debug_decl(timestamp_status, SUDO_DEBUG_AUTH)
+ debug_decl(timestamp_status, SUDO_DEBUG_AUTH, sudoers_debug_instance)
/* Reset time stamp offset hint. */
timestamp_hint = (off_t)-1;
struct timestamp_entry entry;
bool uid_changed = false;
int fd = -1;
- debug_decl(remove_timestamp, SUDO_DEBUG_AUTH)
+ debug_decl(remove_timestamp, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (build_timestamp(NULL) == -1)
debug_return;
char status_file[PATH_MAX];
struct stat sb;
int len;
- debug_decl(already_lectured, SUDO_DEBUG_AUTH)
+ debug_decl(already_lectured, SUDO_DEBUG_AUTH, sudoers_debug_instance)
if (ts_secure_dir(def_lecture_status_dir, false, true)) {
len = snprintf(status_file, sizeof(status_file), "%s/%s",
char lecture_status[PATH_MAX];
bool uid_changed = false;
int len, fd = -1;
- debug_decl(set_lectured, SUDO_DEBUG_AUTH)
+ debug_decl(set_lectured, SUDO_DEBUG_AUTH, sudoers_debug_instance)
len = snprintf(lecture_status, sizeof(lecture_status), "%s/%s",
def_lecture_status_dir, user_name);
int max_paths = 32;
struct dirent *dent;
struct path_list **paths = NULL;
- debug_decl(read_dir_files, SUDO_DEBUG_PARSER)
+ debug_decl(read_dir_files, SUDO_DEBUG_PARSER, sudoers_debug_instance)
dir = opendir(dirpath);
if (dir == NULL) {
{
struct path_list **paths = NULL;
int count, i;
- debug_decl(switch_dir, SUDO_DEBUG_PARSER)
+ debug_decl(switch_dir, SUDO_DEBUG_PARSER, sudoers_debug_instance)
count = read_dir_files(dirpath, &paths);
if (count > 0) {
init_lexer(void)
{
struct path_list *pl;
- debug_decl(init_lexer, SUDO_DEBUG_PARSER)
+ debug_decl(init_lexer, SUDO_DEBUG_PARSER, sudoers_debug_instance)
while (idepth) {
idepth--;
{
struct path_list *pl;
FILE *fp;
- debug_decl(_push_include, SUDO_DEBUG_PARSER)
+ debug_decl(_push_include, SUDO_DEBUG_PARSER, sudoers_debug_instance)
/* push current state onto stack */
if (idepth >= istacksize) {
{
struct path_list *pl;
FILE *fp;
- debug_decl(pop_include, SUDO_DEBUG_PARSER)
+ debug_decl(pop_include, SUDO_DEBUG_PARSER, sudoers_debug_instance)
if (idepth == 0)
debug_return_bool(false);
char *cp, *ep, *path, *pp;
int dirlen = 0, len = 0, subst = 0;
size_t shost_len = 0;
- debug_decl(parse_include, SUDO_DEBUG_PARSER)
+ debug_decl(parse_include, SUDO_DEBUG_PARSER, sudoers_debug_instance)
/* Pull out path from #include line. */
cp = base + sizeof("#include");
int max_paths = 32;
struct dirent *dent;
struct path_list **paths = NULL;
- debug_decl(read_dir_files, SUDO_DEBUG_PARSER)
+ debug_decl(read_dir_files, SUDO_DEBUG_PARSER, sudoers_debug_instance)
dir = opendir(dirpath);
if (dir == NULL) {
{
struct path_list **paths = NULL;
int count, i;
- debug_decl(switch_dir, SUDO_DEBUG_PARSER)
+ debug_decl(switch_dir, SUDO_DEBUG_PARSER, sudoers_debug_instance)
count = read_dir_files(dirpath, &paths);
if (count > 0) {
init_lexer(void)
{
struct path_list *pl;
- debug_decl(init_lexer, SUDO_DEBUG_PARSER)
+ debug_decl(init_lexer, SUDO_DEBUG_PARSER, sudoers_debug_instance)
while (idepth) {
idepth--;
{
struct path_list *pl;
FILE *fp;
- debug_decl(_push_include, SUDO_DEBUG_PARSER)
+ debug_decl(_push_include, SUDO_DEBUG_PARSER, sudoers_debug_instance)
/* push current state onto stack */
if (idepth >= istacksize) {
{
struct path_list *pl;
FILE *fp;
- debug_decl(pop_include, SUDO_DEBUG_PARSER)
+ debug_decl(pop_include, SUDO_DEBUG_PARSER, sudoers_debug_instance)
if (idepth == 0)
debug_return_bool(false);
char *cp, *ep, *path, *pp;
int dirlen = 0, len = 0, subst = 0;
size_t shost_len = 0;
- debug_decl(parse_include, SUDO_DEBUG_PARSER)
+ debug_decl(parse_include, SUDO_DEBUG_PARSER, sudoers_debug_instance)
/* Pull out path from #include line. */
cp = base + sizeof("#include");
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
{
char *dst;
int h;
- debug_decl(fill_txt, SUDO_DEBUG_PARSER)
+ debug_decl(fill_txt, SUDO_DEBUG_PARSER, sudoers_debug_instance)
dst = olen ? realloc(sudoerslval.string, olen + len + 1) : malloc(len + 1);
if (dst == NULL) {
append(const char *src, int len)
{
int olen = 0;
- debug_decl(append, SUDO_DEBUG_PARSER)
+ debug_decl(append, SUDO_DEBUG_PARSER, sudoers_debug_instance)
if (sudoerslval.string != NULL)
olen = strlen(sudoerslval.string);
{
char *dst;
int i;
- debug_decl(fill_cmnd, SUDO_DEBUG_PARSER)
+ debug_decl(fill_cmnd, SUDO_DEBUG_PARSER, sudoers_debug_instance)
arg_len = arg_size = 0;
{
int new_len;
char *p;
- debug_decl(fill_args, SUDO_DEBUG_PARSER)
+ debug_decl(fill_args, SUDO_DEBUG_PARSER, sudoers_debug_instance)
if (sudoerslval.command.args == NULL) {
addspace = 0;
ipv6_valid(const char *s)
{
int nmatch = 0;
- debug_decl(ipv6_valid, SUDO_DEBUG_PARSER)
+ debug_decl(ipv6_valid, SUDO_DEBUG_PARSER, sudoers_debug_instance)
for (; *s != '\0'; s++) {
if (s[0] == ':' && s[1] == ':') {
*/
struct sudo_user sudo_user;
struct passwd *list_pw;
+int sudoers_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
static struct sudoersfile_list sudoerslist = TAILQ_HEAD_INITIALIZER(sudoerslist);
static struct rbtree *alias_freelist;
static bool checkonly;
int ch, exitcode = 0;
bool quiet, strict, oldperms;
const char *export_path;
- debug_decl(main, SUDO_DEBUG_MAIN)
+ debug_decl(main, SUDO_DEBUG_MAIN, sudoers_debug_instance)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
{
ssize_t nread; /* number of bytes read */
struct stat sb; /* stat buffer */
bool rval = false; /* return value */
- debug_decl(edit_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(edit_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (fstat(sp->fd, &sb) == -1)
sudo_fatal(U_("unable to stat %s"), sp->path);
struct sudoersfile *sp, *last;
FILE *fp;
int ch;
- debug_decl(reparse_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(reparse_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/*
* Parse the edited sudoers files and do sanity checking
{
struct stat sb;
bool rval = false;
- debug_decl(install_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(install_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (!sp->modified) {
/*
whatnow(void)
{
int choice, c;
- debug_decl(whatnow, SUDO_DEBUG_UTIL)
+ debug_decl(whatnow, SUDO_DEBUG_UTIL, sudoers_debug_instance)
for (;;) {
(void) fputs(_("What now? "), stdout);
setup_signals(void)
{
sigaction_t sa;
- debug_decl(setup_signals, SUDO_DEBUG_UTIL)
+ debug_decl(setup_signals, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/*
* Setup signal handlers to cleanup nicely.
{
int status;
pid_t pid, rv;
- debug_decl(run_command, SUDO_DEBUG_UTIL)
+ debug_decl(run_command, SUDO_DEBUG_UTIL, sudoers_debug_instance)
switch (pid = sudo_debug_fork()) {
case -1:
{
struct stat sb;
bool ok = true;
- debug_decl(check_owner, SUDO_DEBUG_UTIL)
+ debug_decl(check_owner, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (stat(path, &sb) == 0) {
if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID) {
check_syntax(char *sudoers_path, bool quiet, bool strict, bool oldperms)
{
bool ok = false;
- debug_decl(check_syntax, SUDO_DEBUG_UTIL)
+ debug_decl(check_syntax, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (strcmp(sudoers_path, "-") == 0) {
sudoersin = stdin;
struct sudoersfile *entry;
FILE *fp;
int open_flags;
- debug_decl(open_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(open_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (checkonly)
open_flags = O_RDONLY;
get_editor(char **args)
{
char *Editor, *EditorArgs, *EditorPath, *UserEditor, *UserEditorArgs;
- debug_decl(get_editor, SUDO_DEBUG_UTIL)
+ debug_decl(get_editor, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/*
* Check VISUAL and EDITOR environment variables to see which editor
get_args(char *cmnd)
{
char *args;
- debug_decl(get_args, SUDO_DEBUG_UTIL)
+ debug_decl(get_args, SUDO_DEBUG_UTIL, sudoers_debug_instance)
args = cmnd;
while (*args && !isblank((unsigned char) *args))
get_hostname(void)
{
char *p, thost[HOST_NAME_MAX + 1];
- debug_decl(get_hostname, SUDO_DEBUG_UTIL)
+ debug_decl(get_hostname, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (gethostname(thost, sizeof(thost)) != -1) {
thost[sizeof(thost) - 1] = '\0';
struct member *m;
struct alias *a;
bool rval = true;
- debug_decl(alias_remove_recursive, SUDO_DEBUG_ALIAS)
+ debug_decl(alias_remove_recursive, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
if ((a = alias_remove(name, type)) != NULL) {
TAILQ_FOREACH(m, &a->members, entries) {
struct member *m;
struct alias *a;
int errors = 0;
- debug_decl(check_alias, SUDO_DEBUG_ALIAS)
+ debug_decl(check_alias, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
if ((a = alias_get(name, type)) != NULL) {
/* check alias contents */
struct userspec *us;
struct defaults *d;
int atype, errors = 0;
- debug_decl(check_aliases, SUDO_DEBUG_ALIAS)
+ debug_decl(check_aliases, SUDO_DEBUG_ALIAS, sudoers_debug_instance)
alias_freelist = rbcreate(alias_compare);
print_pair_json(FILE *fp, const char *pre, const char *name,
const struct json_value *value, const char *post, int indent)
{
- debug_decl(print_pair_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_pair_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
print_indent(fp, indent);
printstr_json(FILE *fp, const char *pre, const char *str, const char *post,
int indent)
{
- debug_decl(printstr_json, SUDO_DEBUG_UTIL)
+ debug_decl(printstr_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
print_indent(fp, indent);
if (pre != NULL)
struct sudo_command *c = (struct sudo_command *)m->name;
struct json_value value;
const char *digest_name;
- debug_decl(print_command_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_command_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
printstr_json(fp, "{", NULL, NULL, indent);
if (m->negated || c->digest != NULL) {
const char *typestr;
const char *errstr;
id_t id;
- debug_decl(print_member_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_member_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/* Most of the time we print a string. */
value.type = JSON_STRING;
struct alias *a = v1;
struct json_alias_closure *closure = v2;
struct member *m;
- debug_decl(print_alias_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_alias_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (a->type != closure->alias_type)
debug_return_int(0);
print_binding_json(FILE *fp, struct member_list *binding, int type, int indent)
{
struct member *m;
- debug_decl(print_binding_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_binding_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (TAILQ_EMPTY(binding))
debug_return;
{
char savech, *start, *end = def->val;
struct json_value value;
- debug_decl(print_defaults_list_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_defaults_list_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
fprintf(fp, "%*s{\n", indent, "");
indent += 4;
struct json_value value;
struct defaults *def, *next;
int type;
- debug_decl(print_defaults_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_defaults_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (TAILQ_EMPTY(&defaults))
debug_return_bool(need_comma);
int indent, bool need_comma)
{
struct json_alias_closure closure;
- debug_decl(print_aliases_by_type_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_aliases_by_type_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
closure.fp = fp;
closure.indent = indent;
static bool
print_aliases_json(FILE *fp, int indent, bool need_comma)
{
- debug_decl(print_aliases_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_aliases_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
need_comma = print_aliases_by_type_json(fp, USERALIAS, "User_Aliases",
indent, need_comma);
struct json_value value;
struct member *m;
bool last_one;
- debug_decl(print_cmndspec_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_cmndspec_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/* Open Cmnd_Spec object. */
fprintf(fp, "%*s{\n", indent, "");
struct privilege *priv;
struct member *m;
struct cmndspec *cs, *next;
- debug_decl(print_userspec_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_userspec_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
/*
* Each userspec struct may contain multiple privileges for
print_userspecs_json(FILE *fp, int indent, bool need_comma)
{
struct userspec *us;
- debug_decl(print_userspecs_json, SUDO_DEBUG_UTIL)
+ debug_decl(print_userspecs_json, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (TAILQ_EMPTY(&userspecs))
debug_return_bool(need_comma);
bool ok = false, need_comma = false;
const int indent = 4;
FILE *export_fp = stdout;
- debug_decl(export_sudoers, SUDO_DEBUG_UTIL)
+ debug_decl(export_sudoers, SUDO_DEBUG_UTIL, sudoers_debug_instance)
if (strcmp(sudoers_path, "-") == 0) {
sudoersin = stdin;
# Autogenerated dependencies, do not modify
check_ttyname.o: $(srcdir)/regress/ttyname/check_ttyname.c \
$(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
- $(incdir)/sudo_compat.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
+ $(incdir)/sudo_fatal.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/ttyname/check_ttyname.c
conversation.o: $(srcdir)/conversation.c $(incdir)/compat/stdbool.h \
{
struct command_status cstat;
sigaction_t sa;
- debug_decl(fork_cmnd, SUDO_DEBUG_EXEC)
+ debug_decl(fork_cmnd, SUDO_DEBUG_EXEC, sudo_debug_instance)
ppgrp = getpgrp(); /* parent's process group */
exec_cmnd(struct command_details *details, struct command_status *cstat,
int errfd)
{
- debug_decl(exec_cmnd, SUDO_DEBUG_EXEC)
+ debug_decl(exec_cmnd, SUDO_DEBUG_EXEC, sudo_debug_instance)
restore_signals();
if (exec_setup(details, NULL, -1) == true) {
sudo_debug_execve(SUDO_DEBUG_INFO, details->command,
details->argv, details->envp);
if (details->closefrom >= 0) {
- /* Preserve debug fd and error pipe as needed. */
- int debug_fd = sudo_debug_fd_get();
- if (debug_fd != -1)
- add_preserved_fd(&details->preserved_fds, debug_fd);
+ int fd, maxfd;
+ fd_set *debug_fds;
+
+ /* Preserve debug fds and error pipe as needed. */
+ maxfd = sudo_debug_get_fds(&debug_fds);
+ for (fd = 0; fd <= maxfd; fd++) {
+ if (FD_ISSET(fd, debug_fds))
+ add_preserved_fd(&details->preserved_fds, fd);
+ }
if (errfd != -1)
add_preserved_fd(&details->preserved_fds, errfd);
{
struct exec_closure *ec = v;
ssize_t n;
- debug_decl(backchannel_cb, SUDO_DEBUG_EXEC)
+ debug_decl(backchannel_cb, SUDO_DEBUG_EXEC, sudo_debug_instance)
/* read child status */
n = recv(fd, ec->cstat, sizeof(struct command_status), MSG_WAITALL);
exec_event_setup(int backchannel, struct exec_closure *ec)
{
struct sudo_event_base *evbase;
- debug_decl(exec_event_setup, SUDO_DEBUG_EXEC)
+ debug_decl(exec_event_setup, SUDO_DEBUG_EXEC, sudo_debug_instance)
evbase = sudo_ev_base_alloc();
if (evbase == NULL)
sigaction_t sa;
pid_t child;
int sv[2];
- debug_decl(sudo_execute, SUDO_DEBUG_EXEC)
+ debug_decl(sudo_execute, SUDO_DEBUG_EXEC, sudo_debug_instance)
dispatch_pending_signals(cstat);
int signo, char *signame, struct command_status *cstat)
{
int rc = 1;
- debug_decl(dispatch_signal, SUDO_DEBUG_EXEC)
+ debug_decl(dispatch_signal, SUDO_DEBUG_EXEC, sudo_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: evbase %p, child: %d, signo %s(%d), cstat %p",
int signo, char *signame, struct command_status *cstat)
{
int rc = 1;
- debug_decl(dispatch_signal_pty, SUDO_DEBUG_EXEC)
+ debug_decl(dispatch_signal_pty, SUDO_DEBUG_EXEC, sudo_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO,
"%s: evbase %p, child: %d, signo %s(%d), cstat %p",
unsigned char signo;
ssize_t nread;
int rc = 0;
- debug_decl(signal_pipe_cb, SUDO_DEBUG_EXEC)
+ debug_decl(signal_pipe_cb, SUDO_DEBUG_EXEC, sudo_debug_instance)
do {
/* read signal pipe */
struct sigaction sa;
unsigned char signo = 0;
int rval = 0;
- debug_decl(dispatch_pending_signals, SUDO_DEBUG_EXEC)
+ debug_decl(dispatch_pending_signals, SUDO_DEBUG_EXEC, sudo_debug_instance)
for (;;) {
nread = read(signal_pipe[0], &signo, sizeof(signo));
struct sigforward *sigfwd;
struct command_status cstat;
ssize_t nsent;
- debug_decl(forward_signals, SUDO_DEBUG_EXEC)
+ debug_decl(forward_signals, SUDO_DEBUG_EXEC, sudo_debug_instance)
while (!TAILQ_EMPTY(&sigfwd_list)) {
sigfwd = TAILQ_FIRST(&sigfwd_list);
{
struct sigforward *sigfwd;
char signame[SIG2STR_MAX];
- debug_decl(schedule_signal, SUDO_DEBUG_EXEC)
+ debug_decl(schedule_signal, SUDO_DEBUG_EXEC, sudo_debug_instance)
if (signo == SIGCONT_FG)
strlcpy(signame, "CONT_FG", sizeof(signame));
pipe_nonblock(int fds[2])
{
int flags, rval;
- debug_decl(pipe_nonblock, SUDO_DEBUG_EXEC)
+ debug_decl(pipe_nonblock, SUDO_DEBUG_EXEC, sudo_debug_instance)
rval = pipe(fds);
if (rval != -1) {
bool enabled = false;
# endif
#endif /* _PATH_SUDO_NOEXEC */
- debug_decl(disable_execute, SUDO_DEBUG_UTIL)
+ debug_decl(disable_execute, SUDO_DEBUG_UTIL, sudo_debug_instance)
#ifdef HAVE_PRIV_SET
/* Solaris privileges, remove PRIV_PROC_EXEC post-execve. */
static void
pty_cleanup(void)
{
- debug_decl(cleanup, SUDO_DEBUG_EXEC);
+ debug_decl(cleanup, SUDO_DEBUG_EXEC, sudo_debug_instance);
if (!TAILQ_EMPTY(&io_plugins) && io_fds[SFD_USERTTY] != -1)
sudo_term_restore(io_fds[SFD_USERTTY], 0);
void
pty_setup(uid_t uid, const char *tty, const char *utmp_user)
{
- debug_decl(pty_setup, SUDO_DEBUG_EXEC);
+ debug_decl(pty_setup, SUDO_DEBUG_EXEC, sudo_debug_instance);
io_fds[SFD_USERTTY] = open(_PATH_TTY, O_RDWR|O_NOCTTY, 0);
if (io_fds[SFD_USERTTY] != -1) {
struct plugin_container *plugin;
sigset_t omask;
bool rval = true;
- debug_decl(log_ttyin, SUDO_DEBUG_EXEC);
+ debug_decl(log_ttyin, SUDO_DEBUG_EXEC, sudo_debug_instance);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
TAILQ_FOREACH(plugin, &io_plugins, entries) {
struct plugin_container *plugin;
sigset_t omask;
bool rval = true;
- debug_decl(log_stdin, SUDO_DEBUG_EXEC);
+ debug_decl(log_stdin, SUDO_DEBUG_EXEC, sudo_debug_instance);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
TAILQ_FOREACH(plugin, &io_plugins, entries) {
struct plugin_container *plugin;
sigset_t omask;
bool rval = true;
- debug_decl(log_ttyout, SUDO_DEBUG_EXEC);
+ debug_decl(log_ttyout, SUDO_DEBUG_EXEC, sudo_debug_instance);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
TAILQ_FOREACH(plugin, &io_plugins, entries) {
struct plugin_container *plugin;
sigset_t omask;
bool rval = true;
- debug_decl(log_stdout, SUDO_DEBUG_EXEC);
+ debug_decl(log_stdout, SUDO_DEBUG_EXEC, sudo_debug_instance);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
TAILQ_FOREACH(plugin, &io_plugins, entries) {
struct plugin_container *plugin;
sigset_t omask;
bool rval = true;
- debug_decl(log_stderr, SUDO_DEBUG_EXEC);
+ debug_decl(log_stderr, SUDO_DEBUG_EXEC, sudo_debug_instance);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
TAILQ_FOREACH(plugin, &io_plugins, entries) {
static void
check_foreground(void)
{
- debug_decl(check_foreground, SUDO_DEBUG_EXEC);
+ debug_decl(check_foreground, SUDO_DEBUG_EXEC, sudo_debug_instance);
if (io_fds[SFD_USERTTY] != -1) {
foreground = tcgetpgrp(io_fds[SFD_USERTTY]) == ppgrp;
char signame[SIG2STR_MAX];
sigaction_t sa, osa;
int n, rval = 0;
- debug_decl(suspend_parent, SUDO_DEBUG_EXEC);
+ debug_decl(suspend_parent, SUDO_DEBUG_EXEC, sudo_debug_instance);
switch (signo) {
case SIGTTOU:
void
terminate_command(pid_t pid, bool use_pgrp)
{
- debug_decl(terminate_command, SUDO_DEBUG_EXEC);
+ debug_decl(terminate_command, SUDO_DEBUG_EXEC, sudo_debug_instance);
/*
* Note that SIGCHLD will interrupt the sleep()
struct io_buffer *iob = v;
struct sudo_event_base *evbase;
int n;
- debug_decl(io_callback, SUDO_DEBUG_EXEC);
+ debug_decl(io_callback, SUDO_DEBUG_EXEC, sudo_debug_instance);
if (ISSET(what, SUDO_EV_READ)) {
evbase = sudo_ev_get_base(iob->revent);
{
int n;
struct io_buffer *iob;
- debug_decl(io_buf_new, SUDO_DEBUG_EXEC);
+ debug_decl(io_buf_new, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Set non-blocking mode. */
n = fcntl(rfd, F_GETFL, 0);
sigaction_t sa;
sigset_t mask;
pid_t child;
- debug_decl(fork_pty, SUDO_DEBUG_EXEC);
+ debug_decl(fork_pty, SUDO_DEBUG_EXEC, sudo_debug_instance);
ppgrp = getpgrp(); /* parent's pgrp, so child can signal us */
{
struct io_buffer *iob;
int n;
- debug_decl(pty_close, SUDO_DEBUG_EXEC);
+ debug_decl(pty_close, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Flush any remaining output (the plugin already got it) */
if (io_fds[SFD_USERTTY] != -1) {
add_io_events(struct sudo_event_base *evbase)
{
struct io_buffer *iob;
- debug_decl(add_io_events, SUDO_DEBUG_EXEC);
+ debug_decl(add_io_events, SUDO_DEBUG_EXEC, sudo_debug_instance);
/*
* Schedule all readers as long as the buffer is not full.
{
struct io_buffer *iob;
struct sudo_event_base *evbase;
- debug_decl(del_io_events, SUDO_DEBUG_EXEC);
+ debug_decl(del_io_events, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Remove iobufs from existing event base. */
SLIST_FOREACH(iob, &iobufs, entries) {
{
char signame[SIG2STR_MAX];
int status;
- debug_decl(deliver_signal, SUDO_DEBUG_EXEC);
+ debug_decl(deliver_signal, SUDO_DEBUG_EXEC, sudo_debug_instance);
if (signo == SIGCONT_FG)
strlcpy(signame, "CONT_FG", sizeof(signame));
send_status(int fd, struct command_status *cstat)
{
int n = -1;
- debug_decl(send_status, SUDO_DEBUG_EXEC);
+ debug_decl(send_status, SUDO_DEBUG_EXEC, sudo_debug_instance);
if (cstat->type != CMD_INVALID) {
sudo_debug_printf(SUDO_DEBUG_INFO,
bool alive = true;
int status;
pid_t pid;
- debug_decl(handle_sigchld, SUDO_DEBUG_EXEC);
+ debug_decl(handle_sigchld, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* read command status */
do {
struct monitor_closure *mc = v;
unsigned char signo;
ssize_t nread;
- debug_decl(mon_signal_pipe_cb, SUDO_DEBUG_EXEC);
+ debug_decl(mon_signal_pipe_cb, SUDO_DEBUG_EXEC, sudo_debug_instance);
nread = read(fd, &signo, sizeof(signo));
if (nread <= 0) {
{
struct monitor_closure *mc = v;
ssize_t n;
- debug_decl(mon_errpipe_cb, SUDO_DEBUG_EXEC);
+ debug_decl(mon_errpipe_cb, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* read errno or EOF from command pipe */
n = read(fd, mc->cstat, sizeof(struct command_status));
struct monitor_closure *mc = v;
struct command_status cstmp;
ssize_t n;
- debug_decl(mon_backchannel_cb, SUDO_DEBUG_EXEC);
+ debug_decl(mon_backchannel_cb, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* read command from backchannel, should be a signal */
n = recv(fd, &cstmp, sizeof(cstmp), MSG_WAITALL);
struct monitor_closure mc;
sigaction_t sa;
int errpipe[2], n;
- debug_decl(exec_monitor, SUDO_DEBUG_EXEC);
+ debug_decl(exec_monitor, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Close unused fds. */
if (io_fds[SFD_MASTER] != -1)
struct command_status *cstat, int errfd)
{
pid_t self = getpid();
- debug_decl(exec_pty, SUDO_DEBUG_EXEC);
+ debug_decl(exec_pty, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Register cleanup function */
sudo_fatal_callback_register(pty_cleanup);
#ifdef TIOCGWINSZ
struct winsize wsize;
pid_t pgrp;
- debug_decl(sync_ttysize, SUDO_DEBUG_EXEC);
+ debug_decl(sync_ttysize, SUDO_DEBUG_EXEC, sudo_debug_instance);
if (ioctl(src, TIOCGWINSZ, &wsize) == 0) {
ioctl(dst, TIOCSWINSZ, &wsize);
ev_free_by_fd(struct sudo_event_base *evbase, int fd)
{
struct io_buffer *iob;
- debug_decl(ev_free_by_fd, SUDO_DEBUG_EXEC);
+ debug_decl(ev_free_by_fd, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Deschedule any users of the fd and free up the events. */
SLIST_FOREACH(iob, &iobufs, entries) {
static int
safe_close(int fd)
{
- debug_decl(safe_close, SUDO_DEBUG_EXEC);
+ debug_decl(safe_close, SUDO_DEBUG_EXEC, sudo_debug_instance);
/* Avoid closing /dev/tty or std{in,out,err}. */
if (fd < 3 || fd == io_fds[SFD_USERTTY]) {
/*
- * Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2012, 2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
struct group *gr;
gid_t ttygid = -1;
int rval = 0;
- debug_decl(get_pty, SUDO_DEBUG_PTY)
+ debug_decl(get_pty, SUDO_DEBUG_PTY, sudo_debug_instance)
if ((gr = getgrnam("tty")) != NULL)
ttygid = gr->gr_gid;
{
char *line;
int rval = 0;
- debug_decl(get_pty, SUDO_DEBUG_PTY)
+ debug_decl(get_pty, SUDO_DEBUG_PTY, sudo_debug_instance)
/* IRIX-style dynamic ptys (may fork) */
line = _getpty(master, O_RDWR, S_IRUSR|S_IWUSR|S_IWGRP, 0);
{
char *line;
int rval = 0;
- debug_decl(get_pty, SUDO_DEBUG_PTY)
+ debug_decl(get_pty, SUDO_DEBUG_PTY, sudo_debug_instance)
*master = posix_openpt(O_RDWR|O_NOCTTY);
if (*master != -1) {
struct group *gr;
gid_t ttygid = -1;
int rval = 0;
- debug_decl(get_pty, SUDO_DEBUG_PTY)
+ debug_decl(get_pty, SUDO_DEBUG_PTY, sudo_debug_instance)
if ((gr = getgrnam("tty")) != NULL)
ttygid = gr->gr_gid;
int (*hook_fn)(), void *closure)
{
struct sudo_hook_entry *hook;
- debug_decl(register_hook_internal, SUDO_DEBUG_HOOKS)
+ debug_decl(register_hook_internal, SUDO_DEBUG_HOOKS, sudo_debug_instance)
hook = sudo_ecalloc(1, sizeof(*hook));
hook->u.generic_fn = hook_fn;
register_hook(struct sudo_hook *hook)
{
int rval = 0;
- debug_decl(register_hook, SUDO_DEBUG_HOOKS)
+ debug_decl(register_hook, SUDO_DEBUG_HOOKS, sudo_debug_instance)
if (SUDO_HOOK_VERSION_GET_MAJOR(hook->hook_version) != SUDO_HOOK_VERSION_MAJOR) {
/* Major versions must match. */
int (*hook_fn)(), void *closure)
{
struct sudo_hook_entry *hook, *prev = NULL;
- debug_decl(deregister_hook_internal, SUDO_DEBUG_HOOKS)
+ debug_decl(deregister_hook_internal, SUDO_DEBUG_HOOKS, sudo_debug_instance)
SLIST_FOREACH(hook, head, entries) {
if (hook->u.generic_fn == hook_fn && hook->closure == closure) {
deregister_hook(struct sudo_hook *hook)
{
int rval = 0;
- debug_decl(deregister_hook, SUDO_DEBUG_HOOKS)
+ debug_decl(deregister_hook, SUDO_DEBUG_HOOKS, sudo_debug_instance)
if (SUDO_HOOK_VERSION_GET_MAJOR(hook->hook_version) != SUDO_HOOK_VERSION_MAJOR) {
/* Major versions must match. */
size_t pathsize, struct stat *sb)
{
int status = -1;
- debug_decl(sudo_stat_plugin, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudo_stat_plugin, SUDO_DEBUG_PLUGIN, sudo_debug_instance)
if (info->path[0] == '/') {
if (strlcpy(fullpath, info->path, pathsize) >= pathsize) {
{
struct stat sb;
int rval = false;
- debug_decl(sudo_check_plugin, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudo_check_plugin, SUDO_DEBUG_PLUGIN, sudo_debug_instance)
if (sudo_stat_plugin(info, fullpath, pathsize, &sb) != 0) {
sudo_warnx(U_("error in %s, line %d while loading plugin `%s'"),
static bool
sudo_check_plugin(struct plugin_info *info, char *fullpath, size_t pathsize)
{
- debug_decl(sudo_check_plugin, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudo_check_plugin, SUDO_DEBUG_PLUGIN, sudo_debug_instance)
(void)strlcpy(fullpath, info->path, pathsize);
debug_return_bool(true);
}
char path[PATH_MAX];
bool rval = false;
void *handle;
- debug_decl(sudo_load_plugin, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudo_load_plugin, SUDO_DEBUG_PLUGIN, sudo_debug_instance)
/* Sanity check plugin and fill in path */
if (!sudo_check_plugin(info, path, sizeof(path)))
struct plugin_info_list *plugins;
struct plugin_info *info;
bool rval = false;
- debug_decl(sudo_load_plugins, SUDO_DEBUG_PLUGIN)
+ debug_decl(sudo_load_plugins, SUDO_DEBUG_PLUGIN, sudo_debug_instance)
/* Walk the plugin list from sudo.conf, if any. */
plugins = sudo_conf_plugins();
#endif
int ailen, len, num_interfaces = 0;
char *cp;
- debug_decl(get_net_ifs, SUDO_DEBUG_NETIF)
+ debug_decl(get_net_ifs, SUDO_DEBUG_NETIF, SUDO_DEBUG_INSTANCE_DEFAULT) /* XXX */
if (!sudo_conf_probe_interfaces() || getifaddrs(&ifaddrs) != 0)
debug_return_int(0);
#ifdef _ISC
struct strioctl strioctl;
#endif /* _ISC */
- debug_decl(get_net_ifs, SUDO_DEBUG_NETIF)
+ debug_decl(get_net_ifs, SUDO_DEBUG_NETIF, sudo_debug_instance)
if (!sudo_conf_probe_interfaces())
debug_return_int(0);
int
get_net_ifs(char **addrinfo)
{
- debug_decl(get_net_ifs, SUDO_DEBUG_NETIF)
+ debug_decl(get_net_ifs, SUDO_DEBUG_NETIF, sudo_debug_instance)
debug_return_int(0);
}
int proglen;
int nenv = 0;
int env_size = 32;
- debug_decl(parse_args, SUDO_DEBUG_ARGS)
+ debug_decl(parse_args, SUDO_DEBUG_ARGS, sudo_debug_instance)
env_add = sudo_emallocarray(env_size, sizeof(char *));
static void
usage_excl(int fatal)
{
- debug_decl(usage_excl, SUDO_DEBUG_ARGS)
+ debug_decl(usage_excl, SUDO_DEBUG_ARGS, sudo_debug_instance)
sudo_warnx(U_("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"));
usage(fatal);
struct sudo_lbuf lbuf;
const int indent = 30;
const char *pname = getprogname();
- debug_decl(help, SUDO_DEBUG_ARGS)
+ debug_decl(help, SUDO_DEBUG_ARGS, sudo_debug_instance)
sudo_lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols);
if (strcmp(pname, "sudoedit") == 0)
add_preserved_fd(struct preserved_fd_list *pfds, int fd)
{
struct preserved_fd *pfd, *pfd_new;
- debug_decl(add_preserved_fd, SUDO_DEBUG_UTIL)
+ debug_decl(add_preserved_fd, SUDO_DEBUG_UTIL, sudo_debug_instance)
pfd_new = sudo_emalloc(sizeof(*pfd));
pfd_new->lowfd = fd;
void
closefrom_except(int startfd, struct preserved_fd_list *pfds)
{
- int debug_fd, fd, lastfd = -1;
+ int fd, lastfd = -1;
struct preserved_fd *pfd, *pfd_next;
fd_set *fdsp;
- debug_decl(closefrom_except, SUDO_DEBUG_UTIL)
-
- debug_fd = sudo_debug_fd_get();
+ debug_decl(closefrom_except, SUDO_DEBUG_UTIL, sudo_debug_instance)
/* First, relocate preserved fds to be as contiguous as possible. */
TAILQ_FOREACH_REVERSE_SAFE(pfd, pfds, preserved_fd_list, entries, pfd_next) {
}
/* NOTE: still need to adjust lastfd below with unchanged lowfd. */
} else if (fd < pfd->highfd) {
- pfd->lowfd = fd;
- fd = pfd->highfd;
- if (fd == debug_fd)
- debug_fd = sudo_debug_fd_set(pfd->lowfd);
sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
"dup %d -> %d", pfd->highfd, pfd->lowfd);
+ sudo_debug_update_fd(pfd->highfd, pfd->lowfd);
+ pfd->lowfd = fd;
+ fd = pfd->highfd;
}
if (fd != -1)
(void) close(fd);
sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
"fcntl(%d, F_SETFD, %d)", pfd->highfd, pfd->flags);
}
- if (pfd->lowfd == debug_fd)
- debug_fd = sudo_debug_fd_set(pfd->highfd);
+ sudo_debug_update_fd(pfd->lowfd, pfd->highfd);
(void) close(pfd->lowfd);
pfd->lowfd = pfd->highfd;
}
const char *cp = fdstr;
long lval;
char *ep;
- debug_decl(parse_preserved_fds, SUDO_DEBUG_UTIL)
+ debug_decl(parse_preserved_fds, SUDO_DEBUG_UTIL, sudo_debug_instance)
do {
errno = 0;
#include <unistd.h>
#include <errno.h>
+#include "sudo_debug.h"
#include "sudo_compat.h"
#include "sudo_alloc.h"
#include "sudo_fatal.h"
__dso_public int main(int argc, char *argv[]);
+int sudo_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
extern char *get_process_ttyname(void);
int
{
int au_fd, rc = -1;
char *message;
- debug_decl(audit_role_change, SUDO_DEBUG_SELINUX)
+ debug_decl(audit_role_change, SUDO_DEBUG_SELINUX, sudo_debug_instance)
au_fd = audit_open();
if (au_fd == -1) {
{
int retval = 0;
security_context_t chk_tty_context = NULL;
- debug_decl(selinux_restore_tty, SUDO_DEBUG_SELINUX)
+ debug_decl(selinux_restore_tty, SUDO_DEBUG_SELINUX, sudo_debug_instance)
if (se_state.ttyfd == -1 || se_state.new_tty_context == NULL)
goto skip_relabel;
security_context_t tty_con = NULL;
security_context_t new_tty_con = NULL;
int fd;
- debug_decl(relabel_tty, SUDO_DEBUG_SELINUX)
+ debug_decl(relabel_tty, SUDO_DEBUG_SELINUX, sudo_debug_instance)
se_state.ttyfd = ptyfd;
security_context_t new_context = NULL;
context_t context = NULL;
char *typebuf = NULL;
- debug_decl(get_exec_context, SUDO_DEBUG_SELINUX)
+ debug_decl(get_exec_context, SUDO_DEBUG_SELINUX, sudo_debug_instance)
/* We must have a role, the type is optional (we can use the default). */
if (!role) {
int ptyfd)
{
int rval = -1;
- debug_decl(selinux_setup, SUDO_DEBUG_SELINUX)
+ debug_decl(selinux_setup, SUDO_DEBUG_SELINUX, sudo_debug_instance)
/* Store the caller's SID in old_context. */
if (getprevcon(&se_state.old_context)) {
char **nargv;
const char *sesh;
int argc, serrno;
- debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
+ debug_decl(selinux_execve, SUDO_DEBUG_SELINUX, sudo_debug_instance)
sesh = sudo_conf_sesh_path();
if (sesh == NULL) {
main(int argc, char *argv[], char *envp[])
{
int ret;
- debug_decl(main, SUDO_DEBUG_MAIN)
+ debug_decl(main, SUDO_DEBUG_MAIN, sudo_debug_instance, SUDO_DEBUG_INSTANCE_DEFAULT)
initprogname(argc > 0 ? argv[0] : "sesh");
/*
- * Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
save_signals(void)
{
struct signal_state *ss;
- debug_decl(save_signals, SUDO_DEBUG_MAIN)
+ debug_decl(save_signals, SUDO_DEBUG_MAIN, sudo_debug_instance)
for (ss = saved_signals; ss->signo != -1; ss++) {
if (sigaction(ss->signo, NULL, &ss->sa) != 0)
restore_signals(void)
{
struct signal_state *ss;
- debug_decl(restore_signals, SUDO_DEBUG_MAIN)
+ debug_decl(restore_signals, SUDO_DEBUG_MAIN, sudo_debug_instance)
for (ss = saved_signals; ss->signo != -1; ss++) {
if (ss->restore) {
{
struct sigaction sa;
struct signal_state *ss;
- debug_decl(init_signals, SUDO_DEBUG_MAIN)
+ debug_decl(init_signals, SUDO_DEBUG_MAIN, sudo_debug_instance)
/*
* We use a pipe to atomically handle signal notification within
{
struct signal_state *ss;
int rval;
- debug_decl(sudo_sigaction, SUDO_DEBUG_MAIN)
+ debug_decl(sudo_sigaction, SUDO_DEBUG_MAIN, sudo_debug_instance)
for (ss = saved_signals; ss->signo > 0; ss++) {
if (ss->signo == signo) {
struct project proj;
char buf[PROJECT_BUFSZ];
int errval;
- debug_decl(set_project, SUDO_DEBUG_UTIL)
+ debug_decl(set_project, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* Collect the default project for the user and settaskid
struct plugin_container_list io_plugins = TAILQ_HEAD_INITIALIZER(io_plugins);
struct user_details user_details;
const char *list_user; /* extern for parse_args.c */
+int sudo_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
static struct command_details command_details;
static int sudo_mode;
struct sudo_settings *settings;
struct plugin_container *plugin, *next;
sigset_t mask;
- debug_decl(main, SUDO_DEBUG_MAIN)
+ debug_decl(main, SUDO_DEBUG_MAIN, sudo_debug_instance)
os_init(argc, argv, envp);
/* Read sudo.conf. */
sudo_conf_read(NULL);
+ /* Set debug instance to use with sudo front end (if configured). */
+ sudo_debug_instance = sudo_debug_get_instance(getprogname());
+
/* Fill in user_info with user name, uid, cwd, etc. */
memset(&user_details, 0, sizeof(user_details));
user_info = get_user_info(&user_details);
fix_fds(void)
{
int miss[3], devnull = -1;
- debug_decl(fix_fds, SUDO_DEBUG_UTIL)
+ debug_decl(fix_fds, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* stdin, stdout and stderr must be open; set them to /dev/null
fill_group_list(struct user_details *ud, int system_maxgroups)
{
int tries, rval = -1;
- debug_decl(fill_group_list, SUDO_DEBUG_UTIL)
+ debug_decl(fill_group_list, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* If user specified a max number of groups, use it, otherwise keep
char *cp, *gid_list = NULL;
size_t glsize;
int i, len, maxgroups, group_source;
- debug_decl(get_user_groups, SUDO_DEBUG_UTIL)
+ debug_decl(get_user_groups, SUDO_DEBUG_UTIL, sudo_debug_instance)
#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
maxgroups = (int)sysconf(_SC_NGROUPS_MAX);
char *cp, **user_info, cwd[PATH_MAX], host[HOST_NAME_MAX + 1];
struct passwd *pw;
int fd, i = 0;
- debug_decl(get_user_info, SUDO_DEBUG_UTIL)
+ debug_decl(get_user_info, SUDO_DEBUG_UTIL, sudo_debug_instance)
/* XXX - bound check number of entries */
user_info = sudo_emallocarray(32, sizeof(char *));
id_t id;
char *cp;
const char *errstr;
- debug_decl(command_info_to_details, SUDO_DEBUG_PCOMM)
+ debug_decl(command_info_to_details, SUDO_DEBUG_PCOMM, sudo_debug_instance)
memset(details, 0, sizeof(*details));
details->closefrom = -1;
char pathbuf[PATH_MAX];
struct stat sb;
bool qualified;
- debug_decl(sudo_check_suid, SUDO_DEBUG_PCOMM)
+ debug_decl(sudo_check_suid, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (geteuid() != 0) {
/* Search for sudo binary in PATH if not fully qualified. */
{
#if defined(RLIMIT_CORE)
struct rlimit rl;
- debug_decl(disable_coredumps, SUDO_DEBUG_UTIL)
+ debug_decl(disable_coredumps, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* Turn off core dumps?
{
#ifdef __linux__
struct rlimit rl;
- debug_decl(unlimit_nproc, SUDO_DEBUG_UTIL)
+ debug_decl(unlimit_nproc, SUDO_DEBUG_UTIL, sudo_debug_instance)
(void) getrlimit(RLIMIT_NPROC, &nproclimit);
rl.rlim_cur = rl.rlim_max = RLIM_INFINITY;
restore_nproc(void)
{
#ifdef __linux__
- debug_decl(restore_nproc, SUDO_DEBUG_UTIL)
+ debug_decl(restore_nproc, SUDO_DEBUG_UTIL, sudo_debug_instance)
(void) setrlimit(RLIMIT_NPROC, &nproclimit);
exec_setup(struct command_details *details, const char *ptyname, int ptyfd)
{
bool rval = false;
- debug_decl(exec_setup, SUDO_DEBUG_EXEC)
+ debug_decl(exec_setup, SUDO_DEBUG_EXEC, sudo_debug_instance)
#ifdef HAVE_SELINUX
if (ISSET(details->flags, CD_RBAC_ENABLED)) {
struct plugin_container *plugin;
struct command_status cstat;
int exitcode = 1;
- debug_decl(run_command, SUDO_DEBUG_EXEC)
+ debug_decl(run_command, SUDO_DEBUG_EXEC, sudo_debug_instance)
cstat.type = CMD_INVALID;
cstat.val = 0;
struct sudo_debug_file *debug_file;
struct sudo_settings *setting;
char **plugin_settings;
- debug_decl(format_plugin_settings, SUDO_DEBUG_PCOMM)
+ debug_decl(format_plugin_settings, SUDO_DEBUG_PCOMM, sudo_debug_instance)
/* XXX - should use exact plugin_settings_size */
/* Determine sudo_settings array size (including plugin_path and NULL) */
{
char **plugin_settings;
int rval;
- debug_decl(policy_open, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_open, SUDO_DEBUG_PCOMM, sudo_debug_instance)
/* Convert struct sudo_settings to plugin_settings[] */
plugin_settings = format_plugin_settings(plugin, settings);
static void
policy_close(struct plugin_container *plugin, int exit_status, int error_code)
{
- debug_decl(policy_close, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_close, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.policy->close != NULL) {
plugin->u.policy->close(exit_status, error_code);
} else if (error_code) {
static int
policy_show_version(struct plugin_container *plugin, int verbose)
{
- debug_decl(policy_show_version, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_show_version, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.policy->show_version == NULL)
debug_return_bool(true);
debug_return_bool(plugin->u.policy->show_version(verbose));
char *env_add[], char **command_info[], char **argv_out[],
char **user_env_out[])
{
- debug_decl(policy_check, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_check, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.policy->check_policy == NULL) {
sudo_fatalx(U_("policy plugin %s is missing the `check_policy' method"),
plugin->name);
policy_list(struct plugin_container *plugin, int argc, char * const argv[],
int verbose, const char *list_user)
{
- debug_decl(policy_list, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_list, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.policy->list == NULL) {
sudo_warnx(U_("policy plugin %s does not support listing privileges"),
plugin->name);
static int
policy_validate(struct plugin_container *plugin)
{
- debug_decl(policy_validate, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_validate, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.policy->validate == NULL) {
sudo_warnx(U_("policy plugin %s does not support the -v option"),
plugin->name);
static void
policy_invalidate(struct plugin_container *plugin, int remove)
{
- debug_decl(policy_invalidate, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_invalidate, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.policy->invalidate == NULL) {
sudo_fatalx(U_("policy plugin %s does not support the -k/-K options"),
plugin->name);
policy_init_session(struct command_details *details)
{
int rval = true;
- debug_decl(policy_init_session, SUDO_DEBUG_PCOMM)
+ debug_decl(policy_init_session, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (policy_plugin.u.policy->init_session) {
/*
{
char **plugin_settings;
int rval;
- debug_decl(iolog_open, SUDO_DEBUG_PCOMM)
+ debug_decl(iolog_open, SUDO_DEBUG_PCOMM, sudo_debug_instance)
/* Convert struct sudo_settings to plugin_settings[] */
plugin_settings = format_plugin_settings(plugin, settings);
static void
iolog_close(struct plugin_container *plugin, int exit_status, int error_code)
{
- debug_decl(iolog_close, SUDO_DEBUG_PCOMM)
+ debug_decl(iolog_close, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.io->close != NULL)
plugin->u.io->close(exit_status, error_code);
debug_return;
static int
iolog_show_version(struct plugin_container *plugin, int verbose)
{
- debug_decl(iolog_show_version, SUDO_DEBUG_PCOMM)
+ debug_decl(iolog_show_version, SUDO_DEBUG_PCOMM, sudo_debug_instance)
if (plugin->u.io->show_version == NULL)
debug_return_bool(true);
debug_return_bool(plugin->u.io->show_version(verbose));
static void
iolog_unlink(struct plugin_container *plugin)
{
- debug_decl(iolog_unlink, SUDO_DEBUG_PCOMM)
+ debug_decl(iolog_unlink, SUDO_DEBUG_PCOMM, sudo_debug_instance)
/* Deregister hooks, if any. */
if (plugin->u.io->version >= SUDO_API_MKVERSION(1, 2)) {
/*
- * Copyright (c) 1993-1996, 1998-2005, 2007-2013
+ * Copyright (c) 1993-1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
int os_init_common(int argc, char *argv[], char *envp[]);
extern const char *list_user;
extern struct user_details user_details;
+extern int sudo_debug_instance;
/* sudo_edit.c */
int sudo_edit(struct command_details *details);
const char *tdir;
struct stat sb;
size_t len;
- debug_decl(set_tmpdir, SUDO_DEBUG_EDIT)
+ debug_decl(set_tmpdir, SUDO_DEBUG_EDIT, sudo_debug_instance)
if (stat(_PATH_VARTMP, &sb) == 0 && S_ISDIR(sb.st_mode)) {
tdir = _PATH_VARTMP;
switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups)
{
int serrno = errno;
- debug_decl(switch_user, SUDO_DEBUG_EDIT)
+ debug_decl(switch_user, SUDO_DEBUG_EDIT, sudo_debug_instance)
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"set uid:gid to %u:%u(%u)", euid, egid, ngroups ? groups[0] : egid);
{
const char *cp, *suff;
int tfd;
- debug_decl(sudo_edit_mktemp, SUDO_DEBUG_EDIT)
+ debug_decl(sudo_edit_mktemp, SUDO_DEBUG_EDIT, sudo_debug_instance)
if ((cp = strrchr(ofile, '/')) != NULL)
cp++;
ssize_t nwritten, nread;
struct timeval times[2];
struct stat sb;
- debug_decl(sudo_edit_create_tfiles, SUDO_DEBUG_EDIT)
+ debug_decl(sudo_edit_create_tfiles, SUDO_DEBUG_EDIT, sudo_debug_instance)
/*
* For each file specified by the user, make a temporary version
ssize_t nwritten, nread;
struct timeval tv;
struct stat sb;
- debug_decl(sudo_edit_copy_tfiles, SUDO_DEBUG_EDIT)
+ debug_decl(sudo_edit_copy_tfiles, SUDO_DEBUG_EDIT, sudo_debug_instance)
/* Copy contents of temp files to real ones. */
for (i = 0; i < nfiles; i++) {
int i, rc, sesh_nargs;
struct stat sb;
struct command_details saved_command_details;
- debug_decl(selinux_edit_create_tfiles, SUDO_DEBUG_EDIT);
+ debug_decl(selinux_edit_create_tfiles, SUDO_DEBUG_EDIT, sudo_debug_instance)
/* Prepare selinux stuff (setexeccon) */
if (selinux_setup(command_details->selinux_role,
struct command_details saved_command_details;
struct timeval tv;
struct stat sb;
- debug_decl(selinux_edit_copy_tfiles, SUDO_DEBUG_EDIT)
+ debug_decl(selinux_edit_copy_tfiles, SUDO_DEBUG_EDIT, sudo_debug_instance)
/* Prepare selinux stuff (setexeccon) */
if (selinux_setup(command_details->selinux_role,
int editor_argc = 0, nfiles = 0;
struct timeval times[2];
struct tempfile *tf = NULL;
- debug_decl(sudo_edit, SUDO_DEBUG_EDIT)
+ debug_decl(sudo_edit, SUDO_DEBUG_EDIT, sudo_debug_instance)
if (!set_tmpdir())
goto cleanup;
int
sudo_edit(struct command_details *command_details)
{
- debug_decl(sudo_edit, SUDO_DEBUG_EDIT)
+ debug_decl(sudo_edit, SUDO_DEBUG_EDIT, sudo_debug_instance)
debug_return_int(1);
}
/*
- * Copyright (c) 1996, 1998-2005, 2007-2013
+ * Copyright (c) 1996, 1998-2005, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
static const char *askpass;
static char buf[SUDO_CONV_REPL_MAX + 1];
int i, input, output, save_errno, neednl = 0, need_restart;
- debug_decl(tgetpass, SUDO_DEBUG_CONV)
+ debug_decl(tgetpass, SUDO_DEBUG_CONV, sudo_debug_instance)
(void) fflush(stdout);
sigaction_t sa, saved_sa_pipe;
int pfd[2];
pid_t pid;
- debug_decl(sudo_askpass, SUDO_DEBUG_CONV)
+ debug_decl(sudo_askpass, SUDO_DEBUG_CONV, sudo_debug_instance)
if (pipe(pfd) == -1)
sudo_fatal(U_("unable to create pipe"));
ssize_t nr = -1;
char *cp = buf;
char c = '\0';
- debug_decl(getln, SUDO_DEBUG_CONV)
+ debug_decl(getln, SUDO_DEBUG_CONV, sudo_debug_instance)
if (left == 0) {
errno = EINVAL;
tty_present(void)
{
int fd;
- debug_decl(tty_present, SUDO_DEBUG_UTIL)
+ debug_decl(tty_present, SUDO_DEBUG_UTIL, sudo_debug_instance)
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) != -1)
close(fd);
sudo_ttyname_dev(dev_t tdev)
{
char *dev, *tty = NULL;
- debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL, sudo_debug_instance)
/* Some versions of devname() return NULL on failure, others do not. */
dev = devname(tdev, S_IFCHR);
sudo_ttyname_dev(dev_t tdev)
{
char buf[TTYNAME_MAX], *tty;
- debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL, sudo_debug_instance)
tty = _ttyname_dev(tdev, buf, sizeof(buf));
struct dirent *dp;
struct stat sb;
unsigned int i;
- debug_decl(sudo_ttyname_scan, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_ttyname_scan, SUDO_DEBUG_UTIL, sudo_debug_instance)
if (dir[0] == '\0' || (d = opendir(dir)) == NULL)
goto done;
struct stat sb;
size_t len;
char buf[PATH_MAX], **sd, *devname, *tty = NULL;
- debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
+ debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* First check search_devs for common tty devices.
struct sudo_kinfo_proc *ki_proc = NULL;
size_t size = sizeof(*ki_proc);
int mib[6], rc;
- debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* Lookup controlling tty for this process via sysctl.
struct psinfo psinfo;
ssize_t nread;
int fd;
- debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL, sudo_debug_instance)
/* Try to determine the tty from pr_ttydev in /proc/pid/psinfo. */
snprintf(path, sizeof(path), "/proc/%u/psinfo", (unsigned int)getpid());
size_t linesize = 0;
ssize_t len;
FILE *fp;
- debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL, sudo_debug_instance)
/* Try to determine the tty from tty_nr in /proc/pid/stat. */
snprintf(path, sizeof(path), "/proc/%u/stat", (unsigned int)getpid());
struct pst_status pstat;
char *tty = NULL;
int rc;
- debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL, sudo_debug_instance)
/*
* Determine the tty from psdev in struct pst_status.
get_process_ttyname(void)
{
char *tty;
- debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL, sudo_debug_instance)
if ((tty = ttyname(STDIN_FILENO)) == NULL) {
if ((tty = ttyname(STDOUT_FILENO)) == NULL)
/*
- * Copyright (c) 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2011-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
{
const char *line = new->ut_line;
size_t idlen;
- debug_decl(utmp_setid, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_setid, SUDO_DEBUG_UTMP, sudo_debug_instance)
/* Skip over "tty" in the id if old entry did too. */
if (old != NULL) {
utmp_settime(sudo_utmp_t *ut)
{
struct timeval tv;
- debug_decl(utmp_settime, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_settime, SUDO_DEBUG_UTMP, sudo_debug_instance)
gettimeofday(&tv, NULL);
utmp_fill(const char *line, const char *user, sudo_utmp_t *ut_old,
sudo_utmp_t *ut_new)
{
- debug_decl(utmp_file, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_file, SUDO_DEBUG_UTMP, sudo_debug_instance)
if (ut_old == NULL) {
memset(ut_new, 0, sizeof(*ut_new));
{
sudo_utmp_t utbuf, *ut_old = NULL;
bool rval = false;
- debug_decl(utmp_login, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_login, SUDO_DEBUG_UTMP, sudo_debug_instance)
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(to_line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
{
bool rval = false;
sudo_utmp_t *ut, utbuf;
- debug_decl(utmp_logout, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_logout, SUDO_DEBUG_UTMP, sudo_debug_instance)
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
{
int slot = 1;
struct ttyent *tty;
- debug_decl(utmp_slot, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_slot, SUDO_DEBUG_UTMP, sudo_debug_instance)
setttyent();
while ((tty = getttyent()) != NULL) {
utmp_slot(const char *line, int ttyfd)
{
int sfd, slot;
- debug_decl(utmp_slot, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_slot, SUDO_DEBUG_UTMP, sudo_debug_instance)
/*
* Temporarily point stdin to the tty since ttyslot()
bool rval = false;
int slot;
FILE *fp;
- debug_decl(utmp_login, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_login, SUDO_DEBUG_UTMP, sudo_debug_instance)
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(to_line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
sudo_utmp_t utbuf;
bool rval = false;
FILE *fp;
- debug_decl(utmp_logout, SUDO_DEBUG_UTMP)
+ debug_decl(utmp_logout, SUDO_DEBUG_UTMP, sudo_debug_instance)
if ((fp = fopen(_PATH_UTMP, "r+")) == NULL)
debug_return_int(rval);
projects / sudo / commitdiff