1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

// Copyright 2018 Square Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//    http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
// implied. See the License for the specific language governing
// permissions and limitations under the License.

//! The collection of `Error` types used by this library.

// TODO: use error types as directly defined by sudo_plugin(8).

// TODO: remove when error_chain is updated to compile cleanly
#![allow(bare_trait_objects)]
#![allow(renamed_and_removed_lints)]
#![allow(single_use_lifetimes)]
#![allow(variant_size_differences)]

use crate::version::Version;

use std::fmt;

use sudo_plugin_sys as sys;
use libc::c_int;
use error_chain::*;

pub use error_chain::bail;

/// The list of supported facilities to communicate with the end-user.
#[derive(Clone, Copy, Debug)]
pub enum IoFacility {
    /// A printf-style function that can be used for one-way communication
    /// with the invoking user.
    PluginPrintf,

    /// A more complicated facility that enables two-way communication
    /// with the invoking user.
    Conversation,
}

impl fmt::Display for IoFacility {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match *self {
            IoFacility::PluginPrintf => write!(f, "plugin_printf"),
            IoFacility::Conversation => write!(f, "conversation"),
        }
    }
}

error_chain! {
    errors {
        /// An error which can be returned when the requsested plugin API
        /// version is incompatible with the version implemented by this
        /// library.
        UnsupportedApiVersion(cur: Version) {
            description("sudo doesn't support the minimum plugin API version required by this plugin"),
            display("sudo called this plugin with an API version of {}, but a minimum of {} is required", cur, Version::minimum()),
        }

        /// An error which can be returned when there's a general error
        /// when initiailizing the plugin.
        Uninitialized {
            description("the plugin failed to initialize"),
            display("the plugin failed to initialize"),
        }

        /// An error which can be returned if the user is not authorized
        /// to invoke sudo with the provided command and/or options.
        Unauthorized {
            description("command unauthorized"),
            display("command unauthorized"),
        }
    }
}

/// A trait that is implemented by all Error types in this library, which
/// allows any error to be converted to its corresponding integer error
/// code as understood by the sudo plugin API.
///
/// The sudo plugin API understands the following error codes:
///
/// *  1: Success
/// *  0: Failure
/// * -1: General error
/// * -2: Usage error
pub trait AsSudoPluginRetval {
    /// Converts the error to its corresponding integer error code for
    /// the I/O plugin `open` function.
    fn as_sudo_io_plugin_open_retval(&self) -> c_int;

    /// Converts the error to its corresponding integer error code for
    /// the I/O plugin `log_*` suite of functions.
    fn as_sudo_io_plugin_log_retval(&self) -> c_int;
}

impl<T, E: AsSudoPluginRetval> AsSudoPluginRetval for ::std::result::Result<T, E> {
    fn as_sudo_io_plugin_open_retval(&self) -> c_int {
        match *self {
            Ok(_)      => sys::SUDO_PLUGIN_OPEN_SUCCESS,
            Err(ref e) => e.as_sudo_io_plugin_open_retval(),
        }
    }

    fn as_sudo_io_plugin_log_retval(&self) -> c_int {
        match *self {
            Ok(_)      => sys::SUDO_PLUGIN_OPEN_SUCCESS,
            Err(ref e) => e.as_sudo_io_plugin_log_retval(),
        }
    }
}

impl AsSudoPluginRetval for Error {
    fn as_sudo_io_plugin_open_retval(&self) -> c_int {
        match *self {
            Error(ErrorKind::Unauthorized, _) => sys::SUDO_PLUGIN_OPEN_GENERAL_ERROR,
            Error(_, _)                       => sys::SUDO_PLUGIN_OPEN_FAILURE,
        }
    }

    fn as_sudo_io_plugin_log_retval(&self) -> c_int {
        match *self {
            Error(ErrorKind::Unauthorized, _) => sys::SUDO_PLUGIN_OPEN_FAILURE,
            Error(_, _)                       => sys::SUDO_PLUGIN_OPEN_GENERAL_ERROR,
        }
    }
}