Move a few fields from sudoers_user_contect to sudoers_context.

They are not really specific to the user or user-specified.

plugins/sudoers/audit.c

@@ -360,7 +360,7 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type,
 	ret = false;
 
     if (!ISSET(ctx->mode, MODE_POLICY_INTERCEPTED))
-	uuid_str = ctx->user.uuid_str;
+	uuid_str = ctx->uuid_str;
 
     audit_to_eventlog(ctx, &evlog, command_info, run_argv, run_envp, uuid_str);
     if (!log_allowed(ctx, &evlog) && !def_ignore_logfile_errors)

plugins/sudoers/iolog_path_escapes.c

@@ -46,7 +46,7 @@ fill_seq(char *str, size_t strsize, void *v)
     debug_decl(fill_seq, SUDOERS_DEBUG_UTIL);
 
     if (sessid[0] == '\0') {
-	if (!iolog_nextid(ctx->user.iolog_dir, sessid))
+	if (!iolog_nextid(ctx->iolog_dir, sessid))
 	    debug_return_size_t((size_t)-1);
     }
 

plugins/sudoers/logging.c

@@ -259,7 +259,7 @@ log_reject(const struct sudoers_context *ctx, const char *message,
     debug_decl(log_reject, SUDOERS_DEBUG_LOGGING);
 
     if (!ISSET(ctx->mode, MODE_POLICY_INTERCEPTED))
-	uuid_str = ctx->user.uuid_str;
+	uuid_str = ctx->uuid_str;
 
     if (mailit) {
 	SET(evl_flags, EVLOG_MAIL);
@@ -615,7 +615,7 @@ log_exit_status(const struct sudoers_context *ctx, int status)
 	    ret = false;
 	    goto done;
 	}
-	sudo_timespecsub(&run_time, &ctx->user.submit_time, &run_time);
+	sudo_timespecsub(&run_time, &ctx->submit_time, &run_time);
 
         if (WIFEXITED(status)) {
 	    exit_value = WEXITSTATUS(status);
@@ -636,7 +636,7 @@ log_exit_status(const struct sudoers_context *ctx, int status)
 	sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
 
 	sudoers_to_eventlog(ctx, &evlog, ctx->runas.cmnd_saved,
-	    ctx->runas.argv_saved, env_get(), ctx->user.uuid_str);
+	    ctx->runas.argv_saved, env_get(), ctx->uuid_str);
 	if (def_mail_always) {
 	    SET(evl_flags, EVLOG_MAIL);
 	    if (!def_log_exit_status)
@@ -740,7 +740,7 @@ vlog_warning(const struct sudoers_context *ctx, unsigned int flags,
 		SET(evl_flags, EVLOG_MAIL_ONLY);
 	}
 	sudoers_to_eventlog(ctx, &evlog, ctx->runas.cmnd, ctx->runas.argv,
-	    env_get(), ctx->user.uuid_str);
+	    env_get(), ctx->uuid_str);
 	if (!eventlog_alert(&evlog, evl_flags, &now, message, errstr))
 	    ret = false;
 	if (!log_server_alert(ctx, &evlog, &now, message, errstr))
@@ -860,7 +860,7 @@ mail_parse_errors(const struct sudoers_context *ctx)
 	goto done;
     }
     sudoers_to_eventlog(ctx, &evlog, ctx->runas.cmnd, ctx->runas.argv,
-	env_get(), ctx->user.uuid_str);
+	env_get(), ctx->uuid_str);
 
     /* Convert parse_error_list to a string vector. */
     n = 0;
@@ -980,8 +980,8 @@ sudoers_to_eventlog(const struct sudoers_context *ctx, struct eventlog *evlog,
 	sudo_gr_delref(grp);
 
     memset(evlog, 0, sizeof(*evlog));
-    evlog->iolog_file = ctx->user.iolog_file;
-    evlog->iolog_path = ctx->user.iolog_path;
+    evlog->iolog_file = ctx->iolog_file;
+    evlog->iolog_path = ctx->iolog_path;
     evlog->command = cmnd ? (char *)cmnd : (argv ? argv[0] : NULL);
     evlog->cwd = ctx->user.cwd;
     if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) {
@@ -995,7 +995,7 @@ sudoers_to_eventlog(const struct sudoers_context *ctx, struct eventlog *evlog,
 	evlog->runcwd = ctx->user.cwd;
     }
     evlog->rungroup = ctx->runas.gr ? ctx->runas.gr->gr_name : ctx->runas.group;
-    evlog->source = ctx->user.source;
+    evlog->source = ctx->source;
     evlog->submithost = ctx->user.host;
     evlog->submituser = ctx->user.name;
     if (grp != NULL)
@@ -1004,7 +1004,7 @@ sudoers_to_eventlog(const struct sudoers_context *ctx, struct eventlog *evlog,
     evlog->argv = (char **)argv;
     evlog->env_add = (char **)ctx->user.env_vars;
     evlog->envp = (char **)envp;
-    evlog->submit_time = ctx->user.submit_time;
+    evlog->submit_time = ctx->submit_time;
     evlog->lines = ctx->user.lines;
     evlog->columns = ctx->user.cols;
     if (ctx->runas.pw != NULL) {
@@ -1030,7 +1030,7 @@ sudoers_to_eventlog(const struct sudoers_context *ctx, struct eventlog *evlog,
 	if (sudo_gettime_real(&now) == -1) {
 	    sudo_warn("%s", U_("unable to get time of day"));
 	} else {
-	    sudo_timespecsub(&now, &ctx->user.submit_time, &evlog->iolog_offset);
+	    sudo_timespecsub(&now, &ctx->submit_time, &evlog->iolog_offset);
 	}
     }
 

plugins/sudoers/policy.c

@@ -116,7 +116,7 @@ sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v,
     } \
 } while (0)
 
-    if (sudo_gettime_real(&ctx->user.submit_time) == -1) {
+    if (sudo_gettime_real(&ctx->submit_time) == -1) {
 	sudo_warn("%s", U_("unable to get time of day"));
 	goto bad;
     }
@@ -584,7 +584,7 @@ sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v,
 
     /* Create a UUID to store in the event log. */
     sudo_uuid_create(uuid);
-    if (sudo_uuid_to_string(uuid, ctx->user.uuid_str, sizeof(ctx->user.uuid_str)) == NULL) {
+    if (sudo_uuid_to_string(uuid, ctx->uuid_str, sizeof(ctx->uuid_str)) == NULL) {
 	sudo_warnx("%s", U_("unable to generate UUID"));
 	goto bad;
     }
@@ -984,8 +984,8 @@ sudoers_policy_store_result(struct sudoers_context *ctx, bool accepted,
         if ((command_info[info_len++] = sudo_new_key_val("rlimit_stack", def_rlimit_stack)) == NULL)
             goto oom;
     }
-    if (ctx->user.source != NULL) {
-	command_info[info_len] = sudo_new_key_val("source", ctx->user.source);
+    if (ctx->source != NULL) {
+	command_info[info_len] = sudo_new_key_val("source", ctx->source);
 	if (command_info[info_len++] == NULL)
 	    goto oom;
     }

plugins/sudoers/sudoers.c

@@ -280,7 +280,7 @@ sudoers_init(void *info, sudoers_logger_t logger, char * const envp[])
 /*
  * Expand I/O log dir and file into a full path.
  * Returns the full I/O log path prefixed with "iolog_path=".
- * Sets ctx->user.iolog_file as a side effect.
+ * Sets ctx->iolog_file and ctx->iolog_path as a side effect.
  */
 static char *
 format_iolog_path(struct sudoers_context *ctx)
@@ -296,10 +296,10 @@ format_iolog_path(struct sudoers_context *ctx)
     ok = expand_iolog_path(def_iolog_dir, dir, sizeof(dir),
 	&sudoers_iolog_path_escapes[1], ctx);
     if (ok) {
-	ctx->user.iolog_dir = dir;
+	ctx->iolog_dir = dir;
 	ok = expand_iolog_path(def_iolog_file, file, sizeof(file),
 	    &sudoers_iolog_path_escapes[0], ctx);
-	ctx->user.iolog_dir = NULL;
+	ctx->iolog_dir = NULL;
     }
     sudoers_setlocale(oldlocale, NULL);
     if (!ok)
@@ -311,8 +311,8 @@ format_iolog_path(struct sudoers_context *ctx)
     }
 
     /* Stash pointer to the I/O log for the event log. */
-    ctx->user.iolog_path = iolog_path + sizeof("iolog_path=") - 1;
-    ctx->user.iolog_file = ctx->user.iolog_path + 1 + strlen(dir);
+    ctx->iolog_path = iolog_path + sizeof("iolog_path=") - 1;
+    ctx->iolog_file = ctx->iolog_path + 1 + strlen(dir);
 
 done:
     debug_return_str(iolog_path);
@@ -393,15 +393,15 @@ sudoers_check_common(struct sudoers_context *ctx, int pwflag)
     }
 
     if (match_info.us != NULL && match_info.us->file != NULL) {
-	free(ctx->user.source);
+	free(ctx->source);
 	if (match_info.us->line != 0) {
-	    if (asprintf(&ctx->user.source, "%s:%d:%d", match_info.us->file,
+	    if (asprintf(&ctx->source, "%s:%d:%d", match_info.us->file,
 		    match_info.us->line, match_info.us->column) == -1)
-		ctx->user.source = NULL;
+		ctx->source = NULL;
 	} else {
-	    ctx->user.source = strdup(match_info.us->file);
+	    ctx->source = strdup(match_info.us->file);
 	}
-	if (ctx->user.source == NULL) {
+	if (ctx->source == NULL) {
 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
 	    goto done;
 	}

plugins/sudoers/sudoers.h

@@ -112,7 +112,6 @@ struct sudoers_plugin_settings {
  * Info pertaining to the invoking user.
  */
 struct sudoers_user_context {
-    struct timespec submit_time;
     struct passwd *pw;
     struct stat *cmnd_stat;
     char *cwd;
@@ -129,12 +128,8 @@ struct sudoers_user_context {
     char *cmnd_dir;
     char *cmnd_list;
     char *ccname;
-    char *source;
     struct gid_list *gid_list;
     char * const * env_vars;
-    char *iolog_file;
-    char *iolog_dir;
-    char *iolog_path;
     int   closefrom;
     int   lines;
     int   cols;
@@ -144,7 +139,6 @@ struct sudoers_user_context {
     uid_t gid;
     pid_t sid;
     pid_t tcpgid;
-    char uuid_str[37];
 };
 
 /*
@@ -193,8 +187,14 @@ struct sudoers_context {
     struct sudoers_plugin_settings settings;
     struct sudoers_user_context user;
     struct sudoers_runas_context runas;
+    struct timespec submit_time;
+    char *source;
+    char *iolog_file;
+    char *iolog_dir;
+    char *iolog_path;
     int sudoedit_nfiles;
     unsigned int mode;
+    char uuid_str[37];
 };
 
 /*

plugins/sudoers/sudoers_ctx_free.c

@@ -57,7 +57,6 @@ sudoers_ctx_free(struct sudoers_context *ctx)
     canon_path_free(ctx->user.cmnd_dir);
     free(ctx->user.cmnd_args);
     free(ctx->user.cmnd_list);
-    free(ctx->user.source);
     free(ctx->user.cmnd_stat);
 
     /* Free remaining references to password and group entries. */
@@ -86,6 +85,9 @@ sudoers_ctx_free(struct sudoers_context *ctx)
     free(ctx->runas.limitprivs);
 #endif
 
+    /* Free dynamic contents of ctx. */
+    free(ctx->source);
+
     memset(ctx, 0, sizeof(*ctx));
 
     debug_return;