From 13e3eaad5fc77473920ddb44f31c5a1dd45ae294 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Thu, 24 Oct 2019 20:04:33 -0600
Subject: [PATCH] Simplify iolog_set_user and iolog_set_group

---
 include/sudo_iolog.h                          |  4 +--
 lib/iolog/iolog_fileio.c                      | 33 ++++++-------------
 logsrvd/logsrvd_conf.c                        | 22 +++++++------
 plugins/sudoers/iolog.c                       | 26 ++++++++-------
 .../regress/iolog_plugin/check_iolog_plugin.c |  2 +-
 5 files changed, 39 insertions(+), 48 deletions(-)

diff --git a/include/sudo_iolog.h b/include/sudo_iolog.h
index b49ed29f3..6ca120cc5 100644
--- a/include/sudo_iolog.h
+++ b/include/sudo_iolog.h
@@ -134,9 +134,9 @@ void iolog_rewind(struct iolog_file *iol);
 void iolog_set_compress(bool);
 void iolog_set_defaults(void);
 void iolog_set_flush(bool);
-void iolog_set_group(const struct group *gr);
+void iolog_set_gid(gid_t gid);
 void iolog_set_maxseq(unsigned int maxval);
 void iolog_set_mode(mode_t mode);
-void iolog_set_user(const struct passwd *pw);
+void iolog_set_owner(uid_t uid, uid_t gid);
 
 #endif /* SUDO_IOLOG_H */
diff --git a/lib/iolog/iolog_fileio.c b/lib/iolog/iolog_fileio.c
index f35302e89..781d59179 100644
--- a/lib/iolog/iolog_fileio.c
+++ b/lib/iolog/iolog_fileio.c
@@ -310,23 +310,16 @@ iolog_set_maxseq(unsigned int newval)
 }
 
 /*
- * Set iolog_uid (and iolog_gid if iolog_group not specified).
+ * Set iolog_uid (and iolog_gid if gid not explicitly set).
  */
 void
-iolog_set_user(const struct passwd *pw)
+iolog_set_owner(uid_t uid, gid_t gid)
 {
-    debug_decl(iolog_set_user, SUDO_DEBUG_UTIL)
+    debug_decl(iolog_set_owner, SUDO_DEBUG_UTIL)
 
-    if (pw != NULL) {
-	iolog_uid = pw->pw_uid;
-	if (!iolog_gid_set)
-	    iolog_gid = pw->pw_gid;
-    } else {
-	/* Reset to default. */
-	iolog_uid = ROOT_UID;
-	if (!iolog_gid_set)
-	    iolog_gid = ROOT_GID;
-    }
+    iolog_uid = uid;
+    if (!iolog_gid_set)
+	iolog_gid = gid;
 
     debug_return;
 }
@@ -335,18 +328,12 @@ iolog_set_user(const struct passwd *pw)
  * Set iolog_gid.
  */
 void
-iolog_set_group(const struct group *gr)
+iolog_set_gid(gid_t gid)
 {
-    debug_decl(iolog_set_group, SUDO_DEBUG_UTIL)
+    debug_decl(iolog_set_gid, SUDO_DEBUG_UTIL)
 
-    if (gr != NULL) {
-	iolog_gid = gr->gr_gid;
-	iolog_gid_set = true;
-    } else {
-	/* Reset to default. */
-	iolog_gid = ROOT_GID;
-	iolog_gid_set = false;
-    }
+    iolog_gid = gid;
+    iolog_gid_set = true;
 
     debug_return;
 }
diff --git a/logsrvd/logsrvd_conf.c b/logsrvd/logsrvd_conf.c
index 566baf8b9..467d34207 100644
--- a/logsrvd/logsrvd_conf.c
+++ b/logsrvd/logsrvd_conf.c
@@ -72,12 +72,13 @@ static struct logsrvd_config {
     struct logsrvd_config_iolog {
 	bool compress;
 	bool flush;
+	bool gid_set;
+	uid_t uid;
+	gid_t gid;
 	mode_t mode;
 	unsigned int maxseq;
 	char *iolog_dir;
 	char *iolog_file;
-	struct passwd user;
-	struct group group;
     } iolog;
     struct logsrvd_config_eventlog {
 	enum logsrvd_eventlog_type log_type;
@@ -237,8 +238,9 @@ cb_iolog_user(struct logsrvd_config *config, const char *user)
 	    "unknown user %s", user);
 	debug_return_bool(false);
     }
-    config->iolog.user.pw_uid = pw->pw_uid;
-    config->iolog.user.pw_gid = pw->pw_gid;
+    config->iolog.uid = pw->pw_uid;
+    if (!config->iolog.gid_set)
+	config->iolog.gid = pw->pw_gid;
 
     debug_return_bool(true);
 }
@@ -254,7 +256,8 @@ cb_iolog_group(struct logsrvd_config *config, const char *group)
 	    "unknown group %s", group);
 	debug_return_bool(false);
     }
-    config->iolog.group.gr_gid = gr->gr_gid;
+    config->iolog.gid = gr->gr_gid;
+    config->iolog.gid_set = true;
 
     debug_return_bool(true);
 }
@@ -707,9 +710,9 @@ logsrvd_conf_alloc(void)
 	goto bad;
     if (!cb_iolog_file(config, "%{seq}"))
 	goto bad;
-    config->iolog.user.pw_uid = ROOT_UID;
-    config->iolog.user.pw_gid = ROOT_GID;
-    config->iolog.group.gr_gid = ROOT_GID;
+    config->iolog.uid = ROOT_UID;
+    config->iolog.gid = ROOT_GID;
+    config->iolog.gid_set = false;
 
     /* Event log defaults */
     config->eventlog.log_type = EVLOG_SYSLOG;
@@ -761,8 +764,7 @@ logsrvd_conf_apply(struct logsrvd_config *config)
     iolog_set_defaults();
     iolog_set_compress(config->iolog.compress);
     iolog_set_flush(config->iolog.flush);
-    iolog_set_user(&config->iolog.user);
-    iolog_set_group(&config->iolog.group);
+    iolog_set_owner(config->iolog.uid, config->iolog.gid);
     iolog_set_mode(config->iolog.mode);
     iolog_set_maxseq(config->iolog.maxseq);
 
diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c
index e4cda49ff..2586d71c7 100644
--- a/plugins/sudoers/iolog.c
+++ b/plugins/sudoers/iolog.c
@@ -108,19 +108,20 @@ bool
 cb_iolog_user(const union sudo_defs_val *sd_un)
 {
     const char *name = sd_un->str;
-    struct passwd *pw = NULL;
+    struct passwd *pw;
     debug_decl(cb_iolog_user, SUDOERS_DEBUG_UTIL)
 
     /* NULL name means reset to default. */
-    if (name != NULL) {
+    if (name == NULL) {
+	iolog_set_owner(ROOT_UID, ROOT_GID);
+    } else {
 	if ((pw = sudo_getpwnam(name)) == NULL) {
 	    log_warningx(SLOG_SEND_MAIL, N_("unknown user: %s"), name);
 	    debug_return_bool(false);
 	}
-    }
-    iolog_set_user(pw);
-    if (pw != NULL)
+	iolog_set_owner(pw->pw_uid, pw->pw_gid);
 	sudo_pw_delref(pw);
+    }
 
     debug_return_bool(true);
 }
@@ -132,19 +133,20 @@ bool
 cb_iolog_group(const union sudo_defs_val *sd_un)
 {
     const char *name = sd_un->str;
-    struct group *gr = NULL;
+    struct group *gr;
     debug_decl(cb_iolog_group, SUDOERS_DEBUG_UTIL)
 
     /* NULL name means reset to default. */
-    if (name != NULL) {
+    if (name == NULL) {
+	iolog_set_gid(ROOT_GID);
+    } else {
 	if ((gr = sudo_getgrnam(name)) == NULL) {
 	    log_warningx(SLOG_SEND_MAIL, N_("unknown group: %s"), name);
 	    debug_return_bool(false);
 	}
-    }
-    iolog_set_group(gr);
-    if (gr != NULL)
+	iolog_set_gid(gr->gr_gid);
 	sudo_gr_delref(gr);
+    }
 
     debug_return_bool(true);
 }
@@ -299,7 +301,7 @@ iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
 		    sudo_debug_printf(SUDO_DEBUG_WARN, "%s: unknown group %s",
 			__func__, *cur + sizeof("iolog_group=") - 1);
 		} else {
-		    iolog_set_group(gr);
+		    iolog_set_gid(gr->gr_gid);
 		    sudo_gr_delref(gr);
 		}
 		continue;
@@ -311,7 +313,7 @@ iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
 		    sudo_debug_printf(SUDO_DEBUG_WARN, "%s: unknown user %s",
 			__func__, *cur + sizeof("iolog_user=") - 1);
 		} else {
-		    iolog_set_user(pw);
+		    iolog_set_owner(pw->pw_uid, pw->pw_gid);
 		    sudo_pw_delref(pw);
 		}
 		continue;
diff --git a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
index bb44b159e..372a5206a 100644
--- a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
+++ b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
@@ -367,7 +367,7 @@ main(int argc, char *argv[], char *envp[])
     sudo_user.pw = pw_dup(tpw);
 
     /* Set iolog uid/gid to invoking user. */
-    iolog_set_user(sudo_user.pw);
+    iolog_set_owner(sudo_user.pw->pw_uid, sudo_user.pw->pw_gid);
 
     test_endpoints(&tests, &errors, iolog_dir, envp);