===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sudo/Attic/logging.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- src/usr.bin/sudo/Attic/logging.c	2001/08/23 21:45:03	1.4
+++ src/usr.bin/sudo/Attic/logging.c	2002/01/03 03:49:16	1.5
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994-1996,1998-1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1994-1996,1998-2001 Todd C. Miller <Todd.Miller@courtesan.com>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -34,32 +34,38 @@
 
 #include "config.h"
 
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
 #include <stdio.h>
 #ifdef STDC_HEADERS
-#include <stdlib.h>
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+#  include <stdlib.h>
+# endif
 #endif /* STDC_HEADERS */
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif /* HAVE_UNISTD_H */
 #ifdef HAVE_STRING_H
-#include <string.h>
+# include <string.h>
+#else
+# ifdef HAVE_STRINGS_H
+#  include <strings.h>
+# endif
 #endif /* HAVE_STRING_H */
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
 #include <pwd.h>
 #include <signal.h>
 #include <time.h>
 #include <errno.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/stat.h>
-#include <sys/wait.h>
 
 #include "sudo.h"
 
 #ifndef lint
-static const char rcsid[] = "$Sudo: logging.c,v 1.140 2000/03/13 16:05:05 millert Exp $";
+static const char rcsid[] = "$Sudo: logging.c,v 1.151 2001/12/14 23:33:38 millert Exp $";
 #endif /* lint */
 
 static void do_syslog		__P((int, char *));
@@ -67,33 +73,60 @@
 static void send_mail		__P((char *));
 static void mail_auth		__P((int, char *));
 static char *get_timestr	__P((void));
+static void mysyslog		__P((int, const char *, ...));
 
-#ifdef BROKEN_SYSLOG
-# define MAXSYSLOGTRIES	16	/* num of retries for broken syslogs */
-# define SYSLOG		syslog_wrapper
+#define MAXSYSLOGTRIES	16	/* num of retries for broken syslogs */
 
-static void syslog_wrapper	__P((int, char *, char *, char *));
-
 /*
- * Some versions of syslog(3) don't guarantee success and return
- * an int (notably HP-UX < 10.0).  So, if at first we don't succeed,
- * try, try again...
+ * We do an openlog(3)/closelog(3) for each message because some
+ * authentication methods (notably PAM) use syslog(3) for their
+ * own nefarious purposes and may call openlog(3) and closelog(3).
+ * Note that because we don't want to assume that all systems have
+ * vsyslog(3) (HP-UX doesn't) "%m" will not be expanded.
+ * Sadly this is a maze of #ifdefs.
  */
 static void
-syslog_wrapper(pri, fmt, ap)
+#ifdef __STDC__
+mysyslog(int pri, const char *fmt, ...)
+#else
+mysyslog(pri, fmt, va_alist)
     int pri;
     const char *fmt;
-    va_list ap;
+    va_dcl
+#endif
 {
+#ifdef BROKEN_SYSLOG
     int i;
+#endif
+    char buf[MAXSYSLOGLEN+1];
+    va_list ap;
 
+#ifdef __STDC__
+    va_start(ap, fmt);
+#else
+    va_start(ap);
+#endif
+#ifdef LOG_NFACILITIES
+    openlog(Argv[0], 0, def_ival(I_LOGFAC));
+#else
+    openlog(Argv[0], 0);
+#endif
+    vsnprintf(buf, sizeof(buf), fmt, ap);
+#ifdef BROKEN_SYSLOG
+    /*
+     * Some versions of syslog(3) don't guarantee success and return
+     * an int (notably HP-UX < 10.0).  So, if at first we don't succeed,
+     * try, try again...
+     */
     for (i = 0; i < MAXSYSLOGTRIES; i++)
-	if (vsyslog(pri, fmt, ap) == 0)
+	if (syslog(pri, "%s", buf) == 0)
 	    break;
-}
 #else
-# define SYSLOG		syslog
+    syslog(pri, "%s", buf);
 #endif /* BROKEN_SYSLOG */
+    va_end(ap);
+    closelog();
+}
 
 /*
  * Log a message to syslog, pre-pending the username and splitting the
@@ -129,9 +162,9 @@
 	    *tmp = '\0';
 
 	    if (count == 0)
-		SYSLOG(pri, "%8.8s : %s", user_name, p);
+		mysyslog(pri, "%8.8s : %s", user_name, p);
 	    else
-		SYSLOG(pri, "%8.8s : (command continued) %s", user_name, p);
+		mysyslog(pri, "%8.8s : (command continued) %s", user_name, p);
 
 	    *tmp = save;			/* restore saved character */
 
@@ -140,9 +173,9 @@
 		;
 	} else {
 	    if (count == 0)
-		SYSLOG(pri, "%8.8s : %s", user_name, p);
+		mysyslog(pri, "%8.8s : %s", user_name, p);
 	    else
-		SYSLOG(pri, "%8.8s : (command continued) %s", user_name, p);
+		mysyslog(pri, "%8.8s : (command continued) %s", user_name, p);
 	}
     }
 }
@@ -155,7 +188,7 @@
     char *beg, *oldend, *end;
     FILE *fp;
     mode_t oldmask;
-    int maxlen = def_ival(I_LOGLEN);
+    int maxlen = def_ival(I_LOGLINELEN);
 
     oldmask = umask(077);
     fp = fopen(def_str(I_LOGFILE), "a");
@@ -171,7 +204,7 @@
 	send_mail(full_line);
 	free(full_line);
     } else {
-	if (def_ival(I_LOGLEN) == 0) {
+	if (def_ival(I_LOGLINELEN) == 0) {
 	    /* Don't pretty-print long log file lines (hard to grep) */
 	    if (def_flag(I_LOG_HOST))
 		(void) fprintf(fp, "%s : %s : HOST=%s : %s\n", get_timestr(),
@@ -299,7 +332,7 @@
     /*
      * Log via syslog and/or a file.
      */
-    if (def_str(I_LOGFACSTR))
+    if (def_str(I_SYSLOG))
 	do_syslog(pri, logline);
     if (def_str(I_LOGFILE))
 	do_logfile(logline);
@@ -380,14 +413,14 @@
     /*
      * Log to syslog and/or a file.
      */
-    if (def_str(I_LOGFACSTR))
+    if (def_str(I_SYSLOG))
 	do_syslog(def_ival(I_BADPRI), logline);
     if (def_str(I_LOGFILE))
 	do_logfile(logline);
 
-    free(logline);
-    if (message != logline)
-	free(message);
+    free(message);
+    if (logline != message)
+	free(logline);
 
     if (!(flags & NO_EXIT))
 	exit(1);
@@ -405,23 +438,15 @@
     FILE *mail;
     char *p;
     int pfd[2], pid, status;
-#ifdef POSIX_SIGNALS
     sigset_t set, oset;
-#else
-    int omask;
-#endif /* POSIX_SIGNALS */
 
     /* Just return if mailer is disabled. */
     if (!def_str(I_MAILERPATH) || !def_str(I_MAILTO))
 	return;
 
-#ifdef POSIX_SIGNALS
     (void) sigemptyset(&set);
     (void) sigaddset(&set, SIGCHLD);
     (void) sigprocmask(SIG_BLOCK, &set, &oset);
-#else
-    omask = sigblock(sigmask(SIGCHLD));
-#endif /* POSIX_SIGNALS */
 
     if (pipe(pfd) == -1) {
 	(void) fprintf(stderr, "%s: cannot open pipe: %s\n",
@@ -442,10 +467,12 @@
 		char *mpath, *mflags;
 		int i;
 
-		/* Child. */
+		/* Child, set stdin to output side of the pipe */
+		if (pfd[0] != STDIN_FILENO) {
+		    (void) dup2(pfd[0], STDIN_FILENO);
+		    (void) close(pfd[0]);
+		}
 		(void) close(pfd[1]);
-		(void) dup2(pfd[0], STDIN_FILENO);
-		(void) close(pfd[0]);
 
 		/* Build up an argv based the mailer path and flags */
 		mflags = estrdup(def_str(I_MAILERFLAGS));
@@ -463,6 +490,9 @@
 		}
 		argv[i] = NULL;
 
+		/* Close password file so we don't leak the fd. */
+		endpwent();
+
 		/* Run mailer as root so user cannot kill it. */
 		set_perms(PERM_ROOT, 0);
 		execv(mpath, argv);
@@ -471,8 +501,8 @@
 	    break;
     }
 
-    mail = fdopen(pfd[1], "w");
     (void) close(pfd[0]);
+    mail = fdopen(pfd[1], "w");
 
     /* Pipes are all setup, send message via sendmail. */
     (void) fprintf(mail, "To: %s\nFrom: %s\nSubject: ",
@@ -502,11 +532,7 @@
 #ifdef sudo_waitpid
     (void) sudo_waitpid(pid, &status, WNOHANG);
 #endif
-#ifdef POSIX_SIGNALS
     (void) sigprocmask(SIG_SETMASK, &oset, NULL);
-#else
-    (void) sigsetmask(omask);
-#endif /* POSIX_SIGNALS */
 }
 
 /*
@@ -525,11 +551,11 @@
 	    VALIDATE_ERROR|VALIDATE_OK|FLAG_NO_USER|FLAG_NO_HOST|VALIDATE_NOT_OK;
     else {
 	mail_mask = VALIDATE_ERROR;
-	if (def_flag(I_MAIL_NOUSER))
+	if (def_flag(I_MAIL_NO_USER))
 	    mail_mask |= FLAG_NO_USER;
-	if (def_flag(I_MAIL_NOHOST))
+	if (def_flag(I_MAIL_NO_HOST))
 	    mail_mask |= FLAG_NO_HOST;
-	if (def_flag(I_MAIL_NOPERMS))
+	if (def_flag(I_MAIL_NO_PERMS))
 	    mail_mask |= VALIDATE_NOT_OK;
     }
 
@@ -552,9 +578,6 @@
 #else
     (void) wait(&status);
 #endif
-#ifndef POSIX_SIGNALS
-    (void) signal(SIGCHLD, reapchild);
-#endif /* POSIX_SIGNALS */
     errno = serrno;
 }