xref: /freebsd/usr.sbin/pw/pw_log.c (revision d439598dd0d341b0c0b77151ba904e09c42f8421)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (C) 1996
5  *	David L. Nugent.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY DAVID L. NUGENT AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL DAVID L. NUGENT OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include <ctype.h>
30 #include <err.h>
31 #include <fcntl.h>
32 #include <string.h>
33 #include <stdarg.h>
34 
35 #include "pw.h"
36 
37 static FILE	*logfile = NULL;
38 
39 void
40 pw_log(struct userconf * cnf, int mode, int which, char const * fmt,...)
41 {
42 	va_list		argp;
43 	time_t		now;
44 	const char	*cp, *name;
45 	struct tm	*t;
46 	int		fd, i, rlen;
47 	char		nfmt[256], sname[32];
48 
49 	if (cnf->logfile == NULL || cnf->logfile[0] == '\0') {
50 		return;
51 	}
52 
53 	if (logfile == NULL) {
54 		/* With umask==0 we need to control file access modes on create */
55 		fd = open(cnf->logfile, O_WRONLY | O_CREAT | O_APPEND, 0600);
56 		if (fd == -1) {
57 			return;
58 		}
59 		logfile = fdopen(fd, "a");
60 		if (logfile == NULL) {
61 			return;
62 		}
63 	}
64 
65 	if ((name = getenv("LOGNAME")) == NULL &&
66 	    (name = getenv("USER")) == NULL) {
67 		strcpy(sname, "unknown");
68 	} else {
69 		/*
70 		 * Since "name" will be embedded in a printf-like format,
71 		 * we must sanitize it:
72 		 *
73 		 *    Limit its length so other information in the message
74 		 *    is not truncated
75 		 *
76 		 *    Squeeze out embedded whitespace for the benefit of
77 		 *    log file parsers
78 		 *
79 		 *    Escape embedded % characters with another %
80 		 */
81 		for (i = 0, cp = name;
82 		    *cp != '\0' && i < (int)sizeof(sname) - 1; cp++) {
83 			if (*cp == '%') {
84 				if (i < (int)sizeof(sname) - 2) {
85 					sname[i++] = '%';
86 					sname[i++] = '%';
87 				} else {
88 					break;
89 				}
90 			} else if (!isspace(*cp)) {
91 				sname[i++] = *cp;
92 			} /* else do nothing */
93 		}
94 		if (i == 0) {
95 			strcpy(sname, "unknown");
96 		} else {
97 			sname[i] = '\0';
98 		}
99 	}
100 	now = time(NULL);
101 	t = localtime(&now);
102 	/* ISO 8601 International Standard Date format */
103 	strftime(nfmt, sizeof nfmt, "%Y-%m-%d %T ", t);
104 	rlen = sizeof(nfmt) - strlen(nfmt);
105 	if (rlen <= 0 || snprintf(nfmt + strlen(nfmt), rlen,
106 	    "[%s:%s%s] %s\n", sname, Which[which], Modes[mode],
107 	    fmt) >= rlen) {
108 		warnx("log format overflow, user name=%s", sname);
109 	} else {
110 		va_start(argp, fmt);
111 		vfprintf(logfile, nfmt, argp);
112 		va_end(argp);
113 		fflush(logfile);
114 	}
115 }
116