Annotation of embedaddon/sudo/common/sudo_debug.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (c) 2011 Todd C. Miller <Todd.Miller@courtesan.com>
! 3: *
! 4: * Permission to use, copy, modify, and distribute this software for any
! 5: * purpose with or without fee is hereby granted, provided that the above
! 6: * copyright notice and this permission notice appear in all copies.
! 7: *
! 8: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
! 9: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
! 10: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
! 11: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
! 12: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
! 13: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
! 14: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
! 15: */
! 16:
! 17: #include <config.h>
! 18:
! 19: #include <sys/types.h>
! 20: #include <sys/param.h>
! 21: #include <sys/stat.h>
! 22: #include <sys/uio.h>
! 23: #include <stdio.h>
! 24: #ifdef STDC_HEADERS
! 25: # include <stdlib.h>
! 26: # include <stddef.h>
! 27: #else
! 28: # ifdef HAVE_STDLIB_H
! 29: # include <stdlib.h>
! 30: # endif
! 31: #endif /* STDC_HEADERS */
! 32: #ifdef HAVE_STDBOOL_H
! 33: # include <stdbool.h>
! 34: #else
! 35: # include "compat/stdbool.h"
! 36: #endif
! 37: #ifdef HAVE_STRING_H
! 38: # include <string.h>
! 39: #endif /* HAVE_STRING_H */
! 40: #ifdef HAVE_STRINGS_H
! 41: # include <strings.h>
! 42: #endif /* HAVE_STRINGS_H */
! 43: #ifdef HAVE_UNISTD_H
! 44: # include <unistd.h>
! 45: #endif /* HAVE_UNISTD_H */
! 46: #include <ctype.h>
! 47: #include <errno.h>
! 48: #include <fcntl.h>
! 49: #include <time.h>
! 50:
! 51: #include "missing.h"
! 52: #include "alloc.h"
! 53: #include "error.h"
! 54: #include "gettext.h"
! 55: #include "sudo_plugin.h"
! 56: #include "sudo_debug.h"
! 57:
! 58: /*
! 59: * The debug priorities and subsystems are currently hard-coded.
! 60: * In the future we might consider allowing plugins to register their
! 61: * own subsystems and provide direct access to the debugging API.
! 62: */
! 63:
! 64: /* Note: this must match the order in sudo_debug.h */
! 65: const char *const sudo_debug_priorities[] = {
! 66: "crit",
! 67: "err",
! 68: "warn",
! 69: "notice",
! 70: "diag",
! 71: "info",
! 72: "trace",
! 73: "debug",
! 74: NULL
! 75: };
! 76:
! 77: /* Note: this must match the order in sudo_debug.h */
! 78: const char *const sudo_debug_subsystems[] = {
! 79: "main",
! 80: "args",
! 81: "exec",
! 82: "pty",
! 83: "utmp",
! 84: "conv",
! 85: "pcomm",
! 86: "util",
! 87: "netif",
! 88: "audit",
! 89: "edit",
! 90: "selinux",
! 91: "ldap",
! 92: "match",
! 93: "parser",
! 94: "alias",
! 95: "defaults",
! 96: "auth",
! 97: "env",
! 98: "logging",
! 99: "nss",
! 100: "rbtree",
! 101: "perms",
! 102: "plugin",
! 103: "hooks",
! 104: NULL
! 105: };
! 106:
! 107: #define NUM_SUBSYSTEMS (sizeof(sudo_debug_subsystems) / sizeof(sudo_debug_subsystems[0]) - 1)
! 108:
! 109: /* Values for sudo_debug_mode */
! 110: #define SUDO_DEBUG_MODE_DISABLED 0
! 111: #define SUDO_DEBUG_MODE_FILE 1
! 112: #define SUDO_DEBUG_MODE_CONV 2
! 113:
! 114: static int sudo_debug_settings[NUM_SUBSYSTEMS];
! 115: static int sudo_debug_fd = -1;
! 116: static int sudo_debug_mode;
! 117: static char sudo_debug_pidstr[(((sizeof(int) * 8) + 2) / 3) + 3];
! 118: static size_t sudo_debug_pidlen;
! 119:
! 120: extern sudo_conv_t sudo_conv;
! 121:
! 122: /*
! 123: * Parse settings string from sudo.conf and open debugfile.
! 124: * Returns 1 on success, 0 if cannot open debugfile.
! 125: * Unsupported subsystems and priorities are silently ignored.
! 126: */
! 127: int sudo_debug_init(const char *debugfile, const char *settings)
! 128: {
! 129: char *buf, *cp, *subsys, *pri;
! 130: int i, j;
! 131:
! 132: /* Init per-subsystems settings to -1 since 0 is a valid priority. */
! 133: for (i = 0; i < NUM_SUBSYSTEMS; i++)
! 134: sudo_debug_settings[i] = -1;
! 135:
! 136: /* Open debug file if specified. */
! 137: if (debugfile != NULL) {
! 138: if (sudo_debug_fd != -1)
! 139: close(sudo_debug_fd);
! 140: sudo_debug_fd = open(debugfile, O_WRONLY|O_APPEND|O_CREAT,
! 141: S_IRUSR|S_IWUSR);
! 142: if (sudo_debug_fd == -1)
! 143: return 0;
! 144: (void)fcntl(sudo_debug_fd, F_SETFD, FD_CLOEXEC);
! 145: sudo_debug_mode = SUDO_DEBUG_MODE_FILE;
! 146: } else {
! 147: /* Called from the plugin, no debug file. */
! 148: sudo_debug_mode = SUDO_DEBUG_MODE_CONV;
! 149: }
! 150:
! 151: /* Parse settings string. */
! 152: buf = estrdup(settings);
! 153: for ((cp = strtok(buf, ",")); cp != NULL; (cp = strtok(NULL, ","))) {
! 154: /* Should be in the form subsys@pri. */
! 155: subsys = cp;
! 156: if ((pri = strchr(cp, '@')) == NULL)
! 157: continue;
! 158: *pri++ = '\0';
! 159:
! 160: /* Look up priority and subsystem, fill in sudo_debug_settings[]. */
! 161: for (i = 0; sudo_debug_priorities[i] != NULL; i++) {
! 162: if (strcasecmp(pri, sudo_debug_priorities[i]) == 0) {
! 163: for (j = 0; sudo_debug_subsystems[j] != NULL; j++) {
! 164: if (strcasecmp(subsys, "all") == 0) {
! 165: sudo_debug_settings[j] = i;
! 166: continue;
! 167: }
! 168: if (strcasecmp(subsys, sudo_debug_subsystems[j]) == 0) {
! 169: sudo_debug_settings[j] = i;
! 170: break;
! 171: }
! 172: }
! 173: break;
! 174: }
! 175: }
! 176: }
! 177: efree(buf);
! 178:
! 179: (void)snprintf(sudo_debug_pidstr, sizeof(sudo_debug_pidstr), "[%d] ",
! 180: (int)getpid());
! 181: sudo_debug_pidlen = strlen(sudo_debug_pidstr);
! 182:
! 183: return 1;
! 184: }
! 185:
! 186: pid_t
! 187: sudo_debug_fork(void)
! 188: {
! 189: pid_t pid;
! 190:
! 191: if ((pid = fork()) == 0) {
! 192: (void)snprintf(sudo_debug_pidstr, sizeof(sudo_debug_pidstr), "[%d] ",
! 193: (int)getpid());
! 194: sudo_debug_pidlen = strlen(sudo_debug_pidstr);
! 195: }
! 196:
! 197: return pid;
! 198: }
! 199:
! 200: void
! 201: sudo_debug_enter(const char *func, const char *file, int line,
! 202: int subsys)
! 203: {
! 204: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 205: "-> %s @ %s:%d", func, file, line);
! 206: }
! 207:
! 208: void sudo_debug_exit(const char *func, const char *file, int line,
! 209: int subsys)
! 210: {
! 211: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 212: "<- %s @ %s:%d", func, file, line);
! 213: }
! 214:
! 215: void sudo_debug_exit_int(const char *func, const char *file, int line,
! 216: int subsys, int rval)
! 217: {
! 218: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 219: "<- %s @ %s:%d := %d", func, file, line, rval);
! 220: }
! 221:
! 222: void sudo_debug_exit_long(const char *func, const char *file, int line,
! 223: int subsys, long rval)
! 224: {
! 225: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 226: "<- %s @ %s:%d := %ld", func, file, line, rval);
! 227: }
! 228:
! 229: void sudo_debug_exit_size_t(const char *func, const char *file, int line,
! 230: int subsys, size_t rval)
! 231: {
! 232: /* XXX - should use %zu but our snprintf.c doesn't support it */
! 233: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 234: "<- %s @ %s:%d := %lu", func, file, line, (unsigned long)rval);
! 235: }
! 236:
! 237: /* We use int, not bool, here for functions that return -1 on error. */
! 238: void sudo_debug_exit_bool(const char *func, const char *file, int line,
! 239: int subsys, int rval)
! 240: {
! 241: if (rval == true || rval == false) {
! 242: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 243: "<- %s @ %s:%d := %s", func, file, line, rval ? "true" : "false");
! 244: } else {
! 245: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 246: "<- %s @ %s:%d := %d", func, file, line, rval);
! 247: }
! 248: }
! 249:
! 250: void sudo_debug_exit_str(const char *func, const char *file, int line,
! 251: int subsys, const char *rval)
! 252: {
! 253: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 254: "<- %s @ %s:%d := %s", func, file, line, rval ? rval : "(null)");
! 255: }
! 256:
! 257: void sudo_debug_exit_str_masked(const char *func, const char *file, int line,
! 258: int subsys, const char *rval)
! 259: {
! 260: static const char stars[] = "********************************************************************************";
! 261: int len = rval ? strlen(rval) : sizeof("(null)") - 1;
! 262:
! 263: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 264: "<- %s @ %s:%d := %.*s", func, file, line, len, rval ? stars : "(null)");
! 265: }
! 266:
! 267: void sudo_debug_exit_ptr(const char *func, const char *file, int line,
! 268: int subsys, const void *rval)
! 269: {
! 270: sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
! 271: "<- %s @ %s:%d := %p", func, file, line, rval);
! 272: }
! 273:
! 274: static void
! 275: sudo_debug_write_conv(const char *func, const char *file, int lineno,
! 276: const char *str, int len, int errno_val)
! 277: {
! 278: struct sudo_conv_message msg;
! 279: struct sudo_conv_reply repl;
! 280: char *buf = NULL;
! 281:
! 282: /* Call conversation function */
! 283: if (sudo_conv != NULL) {
! 284: /* Remove the newline at the end if appending extra info. */
! 285: if (str[len - 1] == '\n')
! 286: len--;
! 287:
! 288: if (func != NULL && file != NULL && lineno != 0) {
! 289: if (errno_val) {
! 290: easprintf(&buf, "%.*s: %s @ %s() %s:%d", len, str,
! 291: strerror(errno_val), func, file, lineno);
! 292: } else {
! 293: easprintf(&buf, "%.*s @ %s() %s:%d", len, str,
! 294: func, file, lineno);
! 295: }
! 296: str = buf;
! 297: } else if (errno_val) {
! 298: easprintf(&buf, "%.*s: %s", len, str, strerror(errno_val));
! 299: str = buf;
! 300: }
! 301: memset(&msg, 0, sizeof(msg));
! 302: memset(&repl, 0, sizeof(repl));
! 303: msg.msg_type = SUDO_CONV_DEBUG_MSG;
! 304: msg.msg = str;
! 305: sudo_conv(1, &msg, &repl);
! 306: if (buf != NULL)
! 307: efree(buf);
! 308: }
! 309: }
! 310:
! 311: static void
! 312: sudo_debug_write_file(const char *func, const char *file, int lineno,
! 313: const char *str, int len, int errno_val)
! 314: {
! 315: char *timestr, numbuf[(((sizeof(int) * 8) + 2) / 3) + 2];
! 316: time_t now;
! 317: struct iovec iov[12];
! 318: int iovcnt = 4;
! 319: bool need_newline = false;
! 320:
! 321: /* Prepend program name and pid with a trailing space. */
! 322: iov[1].iov_base = (char *)getprogname();
! 323: iov[1].iov_len = strlen(iov[1].iov_base);
! 324: iov[2].iov_base = sudo_debug_pidstr;
! 325: iov[2].iov_len = sudo_debug_pidlen;
! 326:
! 327: /* Add string along with newline if it doesn't have one. */
! 328: iov[3].iov_base = (char *)str;
! 329: iov[3].iov_len = len;
! 330: if (str[len - 1] != '\n')
! 331: need_newline = true;
! 332:
! 333: /* Append error string if errno is specified. */
! 334: if (errno_val) {
! 335: iov[iovcnt].iov_base = ": ";
! 336: iov[iovcnt].iov_len = 2;
! 337: iovcnt++;
! 338: iov[iovcnt].iov_base = strerror(errno_val);
! 339: iov[iovcnt].iov_len = strlen(iov[iovcnt].iov_base);
! 340: iovcnt++;
! 341:
! 342: /* Move newline to the end. */
! 343: if (!need_newline) {
! 344: need_newline = true;
! 345: iov[3].iov_len--;
! 346: }
! 347: }
! 348:
! 349: /* If function, file and lineno are specified, append them. */
! 350: if (func != NULL && file != NULL && lineno != 0) {
! 351: iov[iovcnt].iov_base = " @ ";
! 352: iov[iovcnt].iov_len = 3;
! 353: iovcnt++;
! 354:
! 355: iov[iovcnt].iov_base = (char *)func;
! 356: iov[iovcnt].iov_len = strlen(func);
! 357: iovcnt++;
! 358:
! 359: iov[iovcnt].iov_base = "() ";
! 360: iov[iovcnt].iov_len = 3;
! 361: iovcnt++;
! 362:
! 363: iov[iovcnt].iov_base = (char *)file;
! 364: iov[iovcnt].iov_len = strlen(file);
! 365: iovcnt++;
! 366:
! 367: (void)snprintf(numbuf, sizeof(numbuf), ":%d", lineno);
! 368: iov[iovcnt].iov_base = numbuf;
! 369: iov[iovcnt].iov_len = strlen(numbuf);
! 370: iovcnt++;
! 371:
! 372: /* Move newline to the end. */
! 373: if (!need_newline) {
! 374: need_newline = true;
! 375: iov[3].iov_len--;
! 376: }
! 377: }
! 378:
! 379: /* Append newline as needed. */
! 380: if (need_newline) {
! 381: /* force newline */
! 382: iov[iovcnt].iov_base = "\n";
! 383: iov[iovcnt].iov_len = 1;
! 384: iovcnt++;
! 385: }
! 386:
! 387: /* Do timestamp last due to ctime's static buffer. */
! 388: now = time(NULL);
! 389: timestr = ctime(&now) + 4;
! 390: timestr[15] = ' '; /* replace year with a space */
! 391: timestr[16] = '\0';
! 392: iov[0].iov_base = timestr;
! 393: iov[0].iov_len = 16;
! 394:
! 395: /* Write message in a single syscall */
! 396: ignore_result(writev(sudo_debug_fd, iov, iovcnt));
! 397: }
! 398:
! 399: void
! 400: sudo_debug_write2(const char *func, const char *file, int lineno,
! 401: const char *str, int len, int errno_val)
! 402: {
! 403: if (len <= 0)
! 404: return;
! 405:
! 406: switch (sudo_debug_mode) {
! 407: case SUDO_DEBUG_MODE_CONV:
! 408: sudo_debug_write_conv(func, file, lineno, str, len, errno_val);
! 409: break;
! 410: case SUDO_DEBUG_MODE_FILE:
! 411: sudo_debug_write_file(func, file, lineno, str, len, errno_val);
! 412: break;
! 413: }
! 414: }
! 415:
! 416: /* XXX - turn into a macro */
! 417: void
! 418: sudo_debug_write(const char *str, int len, int errno_val)
! 419: {
! 420: sudo_debug_write2(NULL, NULL, 0, str, len, errno_val);
! 421: }
! 422:
! 423: void
! 424: sudo_debug_printf2(const char *func, const char *file, int lineno, int level,
! 425: const char *fmt, ...)
! 426: {
! 427: int buflen, pri, subsys, saved_errno = errno;
! 428: va_list ap;
! 429: char *buf;
! 430:
! 431: if (!sudo_debug_mode)
! 432: return;
! 433:
! 434: /* Extract pri and subsystem from level. */
! 435: pri = SUDO_DEBUG_PRI(level);
! 436: subsys = SUDO_DEBUG_SUBSYS(level);
! 437:
! 438: /* Make sure we want debug info at this level. */
! 439: if (subsys < NUM_SUBSYSTEMS && sudo_debug_settings[subsys] >= pri) {
! 440: va_start(ap, fmt);
! 441: buflen = vasprintf(&buf, fmt, ap);
! 442: va_end(ap);
! 443: if (buflen != -1) {
! 444: int errcode = ISSET(level, SUDO_DEBUG_ERRNO) ? saved_errno : 0;
! 445: if (ISSET(level, SUDO_DEBUG_LINENO))
! 446: sudo_debug_write2(func, file, lineno, buf, buflen, errcode);
! 447: else
! 448: sudo_debug_write2(NULL, NULL, 0, buf, buflen, errcode);
! 449: free(buf);
! 450: }
! 451: }
! 452:
! 453: errno = saved_errno;
! 454: }
! 455:
! 456: void
! 457: sudo_debug_execve2(int level, const char *path, char *const argv[], char *const envp[])
! 458: {
! 459: char * const *av;
! 460: char *buf, *cp;
! 461: int buflen, pri, subsys, log_envp = 0;
! 462: size_t plen;
! 463:
! 464: if (!sudo_debug_mode)
! 465: return;
! 466:
! 467: /* Extract pri and subsystem from level. */
! 468: pri = SUDO_DEBUG_PRI(level);
! 469: subsys = SUDO_DEBUG_SUBSYS(level);
! 470:
! 471: /* Make sure we want debug info at this level. */
! 472: if (subsys >= NUM_SUBSYSTEMS || sudo_debug_settings[subsys] < pri)
! 473: return;
! 474:
! 475: /* Log envp for debug level "debug". */
! 476: if (sudo_debug_settings[subsys] >= SUDO_DEBUG_DEBUG - 1 && envp[0] != NULL)
! 477: log_envp = 1;
! 478:
! 479: #define EXEC_PREFIX "exec "
! 480:
! 481: /* Alloc and build up buffer. */
! 482: plen = strlen(path);
! 483: buflen = sizeof(EXEC_PREFIX) -1 + plen;
! 484: if (argv[0] != NULL) {
! 485: buflen += sizeof(" []") - 1;
! 486: for (av = argv; *av; av++)
! 487: buflen += strlen(*av) + 1;
! 488: buflen--;
! 489: }
! 490: if (log_envp) {
! 491: buflen += sizeof(" []") - 1;
! 492: for (av = envp; *av; av++)
! 493: buflen += strlen(*av) + 1;
! 494: buflen--;
! 495: }
! 496: buf = malloc(buflen + 1);
! 497: if (buf == NULL)
! 498: return;
! 499:
! 500: /* Copy prefix and command. */
! 501: memcpy(buf, EXEC_PREFIX, sizeof(EXEC_PREFIX) - 1);
! 502: cp = buf + sizeof(EXEC_PREFIX) - 1;
! 503: memcpy(cp, path, plen);
! 504: cp += plen;
! 505:
! 506: /* Copy argv. */
! 507: if (argv[0] != NULL) {
! 508: *cp++ = ' ';
! 509: *cp++ = '[';
! 510: for (av = argv; *av; av++) {
! 511: size_t avlen = strlen(*av);
! 512: memcpy(cp, *av, avlen);
! 513: cp += avlen;
! 514: *cp++ = ' ';
! 515: }
! 516: cp[-1] = ']';
! 517: }
! 518:
! 519: if (log_envp) {
! 520: *cp++ = ' ';
! 521: *cp++ = '[';
! 522: for (av = envp; *av; av++) {
! 523: size_t avlen = strlen(*av);
! 524: memcpy(cp, *av, avlen);
! 525: cp += avlen;
! 526: *cp++ = ' ';
! 527: }
! 528: cp[-1] = ']';
! 529: }
! 530:
! 531: *cp = '\0';
! 532:
! 533: sudo_debug_write(buf, buflen, 0);
! 534: free(buf);
! 535: }
! 536:
! 537: /*
! 538: * Dup sudo_debug_fd to the specified value so we don't
! 539: * close it when calling closefrom().
! 540: */
! 541: int
! 542: sudo_debug_fd_set(int fd)
! 543: {
! 544: if (sudo_debug_fd != -1 && fd != sudo_debug_fd) {
! 545: if (dup2(sudo_debug_fd, fd) == -1)
! 546: return -1;
! 547: (void)fcntl(fd, F_SETFD, FD_CLOEXEC);
! 548: close(sudo_debug_fd);
! 549: sudo_debug_fd = fd;
! 550: }
! 551: return sudo_debug_fd;
! 552: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudo_debug.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / common