From 6184eb9461fbd4b2b78ca2df1dae7bedd9feb8dd Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Sun, 30 Aug 2009 15:18:50 +0000
Subject: [PATCH] Log the session ID, if there is one.  Currently logs
 ID=XXXXXX, perhaps should be SESSIONID or SESSID.

---
 logging.c | 9 +++++++++
 script.c  | 4 ++++
 sudo.c    | 8 ++++----
 sudo.h    | 1 +
 4 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/logging.c b/logging.c
index 53cc650a5..aacdd8c90 100644
--- a/logging.c
+++ b/logging.c
@@ -658,6 +658,7 @@ get_timestr()
 #define	LL_GROUP_STR	"GROUP="
 #define	LL_ENV_STR	"ENV="
 #define	LL_CMND_STR	"COMMAND="
+#define	LL_ID_STR	"ID="
 
 /*
  * Allocate and fill in a new logline.
@@ -687,6 +688,8 @@ new_logline(message, serrno)
 	len += sizeof(LL_USER_STR) + 2 + strlen(runas_pw->pw_name);
     if (runas_gr != NULL)
 	len += sizeof(LL_GROUP_STR) + 2 + strlen(runas_gr->gr_name);
+    if (sudo_user.sessid[0] != '\0')
+	len += sizeof(LL_ID_STR) + 2 + strlen(sudo_user.sessid);
     if (sudo_user.env_vars != NULL) {
 	size_t evlen = 0;
 	struct list_member *cur;
@@ -740,6 +743,12 @@ new_logline(message, serrno)
 	    strlcat(line, " ; ", len) >= len)
 	    goto toobig;
     }
+    if (sudo_user.sessid[0] != '\0') {
+	if (strlcat(line, LL_ID_STR, len) >= len ||
+	    strlcat(line, sudo_user.sessid, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+    }
     if (evstr != NULL) {
 	if (strlcat(line, LL_ENV_STR, len) >= len ||
 	    strlcat(line, evstr, len) >= len ||
diff --git a/script.c b/script.c
index cfa9442db..b7ba121db 100644
--- a/script.c
+++ b/script.c
@@ -160,6 +160,10 @@ next_seq(pathbuf)
     buf[6] = '\n';
     len += sizeof("/00/00/00") - 1;
 
+    /* For logging purposes */
+    memcpy(sudo_user.sessid, buf, 6);
+    sudo_user.sessid[6] = '\0';
+
     /* Rewind and overwrite old seq file. */
     if (lseek(fd, 0, SEEK_SET) == (off_t)-1 || write(fd, buf, 7) != 7)
 	log_error(USE_ERRNO, "Can't write to %s", pathbuf);
diff --git a/sudo.c b/sudo.c
index a12462a7d..bcaab7d71 100644
--- a/sudo.c
+++ b/sudo.c
@@ -461,6 +461,10 @@ main(argc, argv, envp)
 		validate_env_vars(sudo_user.env_vars);
 	}
 
+	/* Open tty and session ID as needed */
+	if (def_script)
+	    script_setup();
+
 	log_allowed(validated);
 	if (ISSET(sudo_mode, MODE_CHECK))
 	    rc = display_cmnd(snl, list_pw ? list_pw : sudo_user.pw);
@@ -499,10 +503,6 @@ main(argc, argv, envp)
 	/* Must audit before uid change. */
 	audit_success(NewArgv);
 
-	/* Open tty as needed */
-	if (def_script)
-	    script_setup();
-
 	/* Become specified user or root if executing a command. */
 	if (ISSET(sudo_mode, MODE_RUN))
 	    set_perms(PERM_FULL_RUNAS);
diff --git a/sudo.h b/sudo.h
index 647854f6c..ecfe82f12 100644
--- a/sudo.h
+++ b/sudo.h
@@ -64,6 +64,7 @@ struct sudo_user {
     char *type;
 #endif
     char  cwd[PATH_MAX];
+    char  sessid[7];
 };
 
 /*