1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (C) 1996
5 * David L. Nugent. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY DAVID L. NUGENT AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL DAVID L. NUGENT OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <ctype.h>
30 #include <err.h>
31 #include <fcntl.h>
32 #include <string.h>
33 #include <stdarg.h>
34
35 #include "pw.h"
36
37 static FILE *logfile = NULL;
38
39 void
pw_log(struct userconf * cnf,int mode,int which,char const * fmt,...)40 pw_log(struct userconf * cnf, int mode, int which, char const * fmt,...)
41 {
42 va_list argp;
43 time_t now;
44 const char *cp, *name;
45 struct tm *t;
46 int fd, i, rlen;
47 char nfmt[256], sname[32];
48
49 if (cnf->logfile == NULL || cnf->logfile[0] == '\0') {
50 return;
51 }
52
53 if (logfile == NULL) {
54 /* With umask==0 we need to control file access modes on create */
55 fd = open(cnf->logfile, O_WRONLY | O_CREAT | O_APPEND, 0600);
56 if (fd == -1) {
57 return;
58 }
59 logfile = fdopen(fd, "a");
60 if (logfile == NULL) {
61 return;
62 }
63 }
64
65 if ((name = getenv("LOGNAME")) == NULL &&
66 (name = getenv("USER")) == NULL) {
67 strcpy(sname, "unknown");
68 } else {
69 /*
70 * Since "name" will be embedded in a printf-like format,
71 * we must sanitize it:
72 *
73 * Limit its length so other information in the message
74 * is not truncated
75 *
76 * Squeeze out embedded whitespace for the benefit of
77 * log file parsers
78 *
79 * Escape embedded % characters with another %
80 */
81 for (i = 0, cp = name;
82 *cp != '\0' && i < (int)sizeof(sname) - 1; cp++) {
83 if (*cp == '%') {
84 if (i < (int)sizeof(sname) - 2) {
85 sname[i++] = '%';
86 sname[i++] = '%';
87 } else {
88 break;
89 }
90 } else if (!isspace(*cp)) {
91 sname[i++] = *cp;
92 } /* else do nothing */
93 }
94 if (i == 0) {
95 strcpy(sname, "unknown");
96 } else {
97 sname[i] = '\0';
98 }
99 }
100 now = time(NULL);
101 t = localtime(&now);
102 /* ISO 8601 International Standard Date format */
103 strftime(nfmt, sizeof nfmt, "%Y-%m-%d %T ", t);
104 rlen = sizeof(nfmt) - strlen(nfmt);
105 if (rlen <= 0 || snprintf(nfmt + strlen(nfmt), rlen,
106 "[%s:%s%s] %s\n", sname, Which[which], Modes[mode],
107 fmt) >= rlen) {
108 warnx("log format overflow, user name=%s", sname);
109 } else {
110 va_start(argp, fmt);
111 vfprintf(logfile, nfmt, argp);
112 va_end(argp);
113 fflush(logfile);
114 }
115 }
116