From: Todd C. Miller Date: Thu, 8 Nov 2012 20:37:43 +0000 (-0500) Subject: audit_failure() now calls gettext itself using the sudoers locale. X-Git-Tag: SUDO_1_8_7~1^2~353 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f454a852cbd8c5313164d2b995c812349d5c27e5;p=sudo audit_failure() now calls gettext itself using the sudoers locale. --- diff --git a/plugins/sudoers/audit.c b/plugins/sudoers/audit.c index e6baadb9b..fdd9acd07 100644 --- a/plugins/sudoers/audit.c +++ b/plugins/sudoers/audit.c @@ -65,12 +65,16 @@ void audit_failure(char *exec_args[], char const *const fmt, ...) { va_list ap; + int oldlocale; debug_decl(audit_success, SUDO_DEBUG_AUDIT) + /* Audit error messages should be in the sudoers locale. */ + sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); + if (exec_args != NULL) { va_start(ap, fmt); #ifdef HAVE_BSM_AUDIT - bsm_audit_failure(exec_args, fmt, ap); + bsm_audit_failure(exec_args, _(fmt), ap); #endif #ifdef HAVE_LINUX_AUDIT linux_audit_command(exec_args, 0); @@ -78,5 +82,7 @@ audit_failure(char *exec_args[], char const *const fmt, ...) va_end(ap); } + sudoers_setlocale(oldlocale, NULL); + debug_return; } diff --git a/plugins/sudoers/auth/sudo_auth.c b/plugins/sudoers/auth/sudo_auth.c index 6362ae459..79bb12543 100644 --- a/plugins/sudoers/auth/sudo_auth.c +++ b/plugins/sudoers/auth/sudo_auth.c @@ -117,7 +117,7 @@ sudo_auth_init(struct passwd *pw) /* Make sure we haven't mixed standalone and shared auth methods. */ standalone = IS_STANDALONE(&auth_switch[0]); if (standalone && auth_switch[1].name != NULL) { - audit_failure(NewArgv, "invalid authentication methods"); + audit_failure(NewArgv, N_("invalid authentication methods")); log_fatal(0, _("Invalid authentication methods compiled into sudo! " "You may mix standalone and non-standalone authentication.")); debug_return_int(-1); @@ -201,7 +201,7 @@ verify_user(struct passwd *pw, char *prompt, int validated) /* Make sure we have at least one auth method. */ /* XXX - check FLAG_DISABLED too */ if (auth_switch[0].name == NULL) { - audit_failure(NewArgv, "no authentication methods"); + audit_failure(NewArgv, N_("no authentication methods")); log_error(0, _("There are no authentication methods compiled into sudo! " "If you want to turn off authentication, use the " diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index c9e6dd58b..c52ee1c68 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -240,9 +240,9 @@ log_denial(int status, bool inform_user) /* Handle auditing first. */ if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST)) - audit_failure(NewArgv, _("No user or host")); + audit_failure(NewArgv, N_("No user or host")); else - audit_failure(NewArgv, _("validation failure")); + audit_failure(NewArgv, N_("validation failure")); /* Set error message. */ if (ISSET(status, FLAG_NO_USER)) @@ -334,7 +334,7 @@ log_auth_failure(int status, int tries) debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING) /* Handle auditing first. */ - audit_failure(NewArgv, _("authentication failure")); + audit_failure(NewArgv, N_("authentication failure")); /* * Do we need to send mail? diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index 5ab630499..88054ab88 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -349,7 +349,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], if (def_requiretty) { int fd = open(_PATH_TTY, O_RDWR|O_NOCTTY); if (fd == -1) { - audit_failure(NewArgv, _("no tty")); + audit_failure(NewArgv, N_("no tty")); warningx(_("sorry, you must have a tty to run sudo")); goto bad; } else @@ -400,11 +400,11 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], /* Finally tell the user if the command did not exist. */ if (cmnd_status == NOT_FOUND_DOT) { - audit_failure(NewArgv, _("command in current directory")); + audit_failure(NewArgv, N_("command in current directory")); warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd); goto bad; } else if (cmnd_status == NOT_FOUND) { - audit_failure(NewArgv, _("%s: command not found"), user_cmnd); + audit_failure(NewArgv, N_("%s: command not found"), user_cmnd); warningx(_("%s: command not found"), user_cmnd); goto bad; } @@ -1013,7 +1013,7 @@ find_editor(int nfiles, char **files, char ***argv_out) } while (ep != NULL && editor_path == NULL); } if (!editor_path) { - audit_failure(NewArgv, _("%s: command not found"), editor); + audit_failure(NewArgv, N_("%s: command not found"), editor); warningx(_("%s: command not found"), editor); } debug_return_str(editor_path);