isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move digest code into libutil

Browse Source
This commit is contained in:
Todd C. Miller
2018-05-24 21:04:07 -06:00
parent 1cd472c051
commit 154a5f59a9
24 changed files with 1821 additions and 1369 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
MANIFEST
View File

@@ -70,6 +70,7 @@ include/compat/stdbool.h
include/sudo_compat.h
include/sudo_conf.h
include/sudo_debug.h
include/sudo_digest.h
include/sudo_dso.h
include/sudo_event.h
include/sudo_fatal.h
@@ -86,6 +87,9 @@ install-sh
lib/util/Makefile.in
lib/util/aix.c
lib/util/closefrom.c
lib/util/digest.c
lib/util/digest_gcrypt.c
lib/util/digest_openssl.c
lib/util/event.c
lib/util/event_poll.c
lib/util/event_select.c
@@ -280,8 +284,6 @@ plugins/sudoers/env.c
plugins/sudoers/env_pattern.c
plugins/sudoers/file.c
plugins/sudoers/filedigest.c
plugins/sudoers/filedigest_gcrypt.c
plugins/sudoers/filedigest_openssl.c
plugins/sudoers/find_path.c
plugins/sudoers/fmtsudoers.c
plugins/sudoers/gc.c

10
configure vendored
View File

@@ -723,7 +723,7 @@ vardir
rundir
iolog_dir
devsearch
FILEDIGEST
DIGEST
exampledir
TMPFILES_D
COMPAT_EXP
@@ -3116,7 +3116,7 @@ secure_path="not set"
pam_session=on
pam_login_service=sudo
PLUGINDIR=/usr/local/libexec/sudo
FILEDIGEST=filedigest.lo
DIGEST=digest.lo
devsearch="/dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev"
#
# End initial values for man page substitution
@@ -6415,7 +6415,7 @@ if test "${enable_openssl+set}" = set; then :
enableval=$enable_openssl; case $enableval in
no) ;;
*) LIBMD="-lcrypto"
FILEDIGEST=filedigest_openssl.lo
DIGEST=digest_openssl.lo
if test "$enableval" != "yes"; then
if ${CPPFLAGS+:} false; then :
@@ -6529,7 +6529,7 @@ if test "${enable_gcrypt+set}" = set; then :
enableval=$enable_gcrypt; case $enableval in
no) ;;
*) LIBMD="-lgcrypt"
FILEDIGEST=filedigest_gcrypt.lo
DIGEST=digest_gcrypt.lo
if test "$enableval" != "yes"; then
if ${CPPFLAGS+:} false; then :
@@ -20752,7 +20752,7 @@ fi
fi
# Look for sha2 functions if not using openssl
if test "$FILEDIGEST" = "filedigest.lo"; then
if test "$DIGEST" = "digest.lo"; then
FOUND_SHA2=no
ac_fn_c_check_header_mongrel "$LINENO" "sha2.h" "ac_cv_header_sha2_h" "$ac_includes_default"
if test "x$ac_cv_header_sha2_h" = xyes; then :

10
configure.ac
View File

@@ -96,7 +96,7 @@ AC_SUBST([RC_LINK])
AC_SUBST([COMPAT_EXP])
AC_SUBST([TMPFILES_D])
AC_SUBST([exampledir])
AC_SUBST([FILEDIGEST])
AC_SUBST([DIGEST])
AC_SUBST([devsearch])
dnl
dnl Variables that get substituted in docs (not overridden by environment)
@@ -185,7 +185,7 @@ secure_path="not set"
pam_session=on
pam_login_service=sudo
PLUGINDIR=/usr/local/libexec/sudo
FILEDIGEST=filedigest.lo
DIGEST=digest.lo
devsearch="/dev/pts:/dev/vt:/dev/term:/dev/zcons:/dev/pty:/dev"
#
# End initial values for man page substitution
@@ -1468,7 +1468,7 @@ AC_ARG_ENABLE(openssl,
[ case $enableval in
no) ;;
*) LIBMD="-lcrypto"
FILEDIGEST=filedigest_openssl.lo
DIGEST=digest_openssl.lo
if test "$enableval" != "yes"; then
AX_APPEND_FLAG([-I${enableval}/include], [CPPFLAGS])
SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${enableval}/lib])
@@ -1482,7 +1482,7 @@ AC_ARG_ENABLE(gcrypt,
[ case $enableval in
no) ;;
*) LIBMD="-lgcrypt"
FILEDIGEST=filedigest_gcrypt.lo
DIGEST=digest_gcrypt.lo
if test "$enableval" != "yes"; then
AX_APPEND_FLAG([-I${enableval}/include], [CPPFLAGS])
SUDO_APPEND_LIBPATH(SUDOERS_LDFLAGS, [${enableval}/lib])
@@ -2773,7 +2773,7 @@ AC_CHECK_MEMBER([struct stat.st_mtim], [AC_DEFINE(HAVE_ST_MTIM)]
[AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
[AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
# Look for sha2 functions if not using openssl
if test "$FILEDIGEST" = "filedigest.lo"; then
if test "$DIGEST" = "digest.lo"; then
FOUND_SHA2=no
AC_CHECK_HEADER([sha2.h], [
FOUND_SHA2=yes

44
include/sudo_digest.h Normal file
View File

@@ -0,0 +1,44 @@
/*
* Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef SUDO_DIGEST_H
#define SUDO_DIGEST_H
/* Digest types. */
#define SUDO_DIGEST_SHA224 0
#define SUDO_DIGEST_SHA256 1
#define SUDO_DIGEST_SHA384 2
#define SUDO_DIGEST_SHA512 3
#define SUDO_DIGEST_INVALID 4
struct sudo_digest;
/* Public functions. */
__dso_public struct sudo_digest *sudo_digest_alloc_v1(int digest_type);
__dso_public void sudo_digest_free_v1(struct sudo_digest *dig);
__dso_public void sudo_digest_reset_v1(struct sudo_digest *dig);
__dso_public int sudo_digest_getlen_v1(int digest_type);
__dso_public void sudo_digest_update_v1(struct sudo_digest *dig, const void *data, size_t len);
__dso_public void sudo_digest_final_v1(struct sudo_digest *dig, unsigned char *md);
#define sudo_digest_alloc(_a) sudo_digest_alloc_v1((_a))
#define sudo_digest_free(_a) sudo_digest_free_v1((_a))
#define sudo_digest_reset(_a) sudo_digest_reset_v1((_a))
#define sudo_digest_getlen(_a) sudo_digest_getlen_v1((_a))
#define sudo_digest_update(_a, _b, _c) sudo_digest_update_v1((_a), (_b), (_c))
#define sudo_digest_final(_a, _b) sudo_digest_final_v1((_a), (_b))
#endif /* SUDO_DIGEST_H */

23
lib/util/Makefile.in
View File

@@ -1,5 +1,5 @@
#
# Copyright (c) 2011-2017 Todd C. Miller <Todd.Miller@sudo.ws>
# Copyright (c) 2011-2018 Todd C. Miller <Todd.Miller@sudo.ws>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@@ -108,7 +108,7 @@ DEVEL = @DEVEL@
SHELL = @SHELL@
LTOBJS = event.lo fatal.lo key_val.lo gethostname.lo gettime.lo \
LTOBJS = @DIGEST@ event.lo fatal.lo key_val.lo gethostname.lo gettime.lo \
gidlist.lo lbuf.lo locking.lo parseln.lo progname.lo secure_path.lo \
setgroups.lo strsplit.lo strtobool.lo strtoid.lo strtomode.lo \
sudo_conf.lo sudo_debug.lo sudo_dso.lo term.lo ttyname_dev.lo \
@@ -155,9 +155,9 @@ $(shlib_opt): $(shlib_exp)
libsudo_util.la: $(LTOBJS) @LT_LDDEP@
case "$(LT_LDFLAGS)" in \
*-no-install*) \
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(LDFLAGS) $(LT_LDFLAGS) $(LTOBJS) @LIBINTL@ @LIBDL@ @LIBRT@;; \
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(LDFLAGS) $(LT_LDFLAGS) $(LTOBJS) @LIBINTL@ @LIBMD@ @LIBDL@ @LIBRT@;; \
*) \
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(LDFLAGS) $(ASAN_LDFLAGS) $(SSP_LDFLAGS) $(LT_LDFLAGS) $(LTOBJS) -version-info $(SHLIB_VERSION) -rpath $(libexecdir)/sudo @LT_DEP_LIBS@ @LIBINTL@ @LIBDL@ @LIBRT@;; \
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(LDFLAGS) $(ASAN_LDFLAGS) $(SSP_LDFLAGS) $(LT_LDFLAGS) $(LTOBJS) -version-info $(SHLIB_VERSION) -rpath $(libexecdir)/sudo @LT_DEP_LIBS@ @LIBINTL@ @LIBMD@ @LIBDL@ @LIBRT@;; \
esac
siglist.c: mksiglist
@@ -366,6 +366,21 @@ conf_test.lo: $(srcdir)/regress/sudo_conf/conf_test.c \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/sudo_conf/conf_test.c
digest.lo: $(srcdir)/digest.c $(incdir)/compat/sha2.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_digest.h \
$(incdir)/sudo_queue.h $(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/digest.c
digest_gcrypt.lo: $(srcdir)/digest_gcrypt.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_digest.h $(incdir)/sudo_queue.h \
$(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/digest_gcrypt.c
digest_openssl.lo: $(srcdir)/digest_openssl.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_digest.h $(incdir)/sudo_queue.h \
$(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/digest_openssl.c
event.lo: $(srcdir)/event.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(top_builddir)/config.h

170
lib/util/digest.c Normal file
View File

@@ -0,0 +1,170 @@
/*
* Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <config.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
#if defined(HAVE_STDINT_H)
# include <stdint.h>
#elif defined(HAVE_INTTYPES_H)
# include <inttypes.h>
#endif
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include "sudo_compat.h"
#include "sudo_debug.h"
#include "sudo_digest.h"
#ifdef HAVE_SHA224UPDATE
# include <sha2.h>
#else
# include "compat/sha2.h"
#endif
static struct digest_function {
const unsigned int digest_len;
void (*init)(SHA2_CTX *);
#ifdef SHA2_VOID_PTR
void (*update)(SHA2_CTX *, const void *, size_t);
void (*final)(void *, SHA2_CTX *);
#else
void (*update)(SHA2_CTX *, const unsigned char *, size_t);
void (*final)(unsigned char *, SHA2_CTX *);
#endif
} digest_functions[] = {
{
SHA224_DIGEST_LENGTH,
SHA224Init,
SHA224Update,
SHA224Final
}, {
SHA256_DIGEST_LENGTH,
SHA256Init,
SHA256Update,
SHA256Final
}, {
SHA384_DIGEST_LENGTH,
SHA384Init,
SHA384Update,
SHA384Final
}, {
SHA512_DIGEST_LENGTH,
SHA512Init,
SHA512Update,
SHA512Final
}, {
0
}
};
struct sudo_digest {
struct digest_function *func;
SHA2_CTX ctx;
};
struct sudo_digest *
sudo_digest_alloc_v1(int digest_type)
{
debug_decl(sudo_digest_alloc, SUDO_DEBUG_UTIL)
struct digest_function *func = NULL;
struct sudo_digest *dig;
int i;
for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i) {
func = &digest_functions[i];
break;
}
}
if (func == NULL) {
errno = EINVAL;
debug_return_ptr(NULL);
}
if ((dig = malloc(sizeof(*dig))) == NULL)
debug_return_ptr(NULL);
func->init(&dig->ctx);
dig->func = func;
debug_return_ptr(dig);
}
void
sudo_digest_free_v1(struct sudo_digest *dig)
{
debug_decl(sudo_digest_free, SUDO_DEBUG_UTIL)
free(dig);
debug_return;
}
void
sudo_digest_reset_v1(struct sudo_digest *dig)
{
debug_decl(sudo_digest_reset, SUDO_DEBUG_UTIL)
dig->func->init(&dig->ctx);
debug_return;
}
int
sudo_digest_getlen_v1(int digest_type)
{
debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL)
int i;
for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i)
debug_return_int(digest_functions[i].digest_len);
}
debug_return_int(-1);
}
void
sudo_digest_update_v1(struct sudo_digest *dig, const void *data, size_t len)
{
debug_decl(sudo_digest_update, SUDO_DEBUG_UTIL)
dig->func->update(&dig->ctx, data, len);
debug_return;
}
void
sudo_digest_final_v1(struct sudo_digest *dig, unsigned char *md)
{
debug_decl(sudo_digest_final, SUDO_DEBUG_UTIL)
dig->func->final(md, &dig->ctx);
debug_return;
}

150
lib/util/digest_gcrypt.c Normal file
View File

@@ -0,0 +1,150 @@
/*
* Copyright (c) 2017-2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <config.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <gcrypt.h>
#include "sudo_compat.h"
#include "sudo_debug.h"
#include "sudo_digest.h"
struct sudo_digest {
int gcry_digest_type;
unsigned int digest_len;
gcry_md_hd_t ctx;
};
/* Map sudo digest type to gcrypt digest type. */
static int
sudo_digest_type_to_gcry(int digest_type)
{
switch (digest_type) {
case SUDO_DIGEST_SHA224:
return GCRY_MD_SHA224;
break;
case SUDO_DIGEST_SHA256:
return GCRY_MD_SHA256;
break;
case SUDO_DIGEST_SHA384:
return GCRY_MD_SHA384;
break;
case SUDO_DIGEST_SHA512:
return GCRY_MD_SHA512;
break;
default:
return -1;
}
}
struct sudo_digest *
sudo_digest_alloc_v1(int digest_type)
{
debug_decl(sudo_digest_alloc, SUDO_DEBUG_UTIL)
struct sudo_digest *dig;
int gcry_digest_type;
gcry_digest_type = sudo_digest_type_to_gcry(digest_type);
if (gcry_digest_type == -1) {
errno = EINVAL;
debug_return_ptr(NULL);
}
if ((dig = malloc(sizeof(*dig))) == NULL)
debug_return_ptr(NULL);
dig->gcry_digest_type = gcry_digest_type;
dig->digest_len = gcry_md_get_algo_dlen(gcry_digest_type);
if (gcry_md_open(&dig->ctx, gcry_digest_type, 0) != 0) {
free(dig);
debug_return_ptr(NULL);
}
debug_return_ptr(dig);
}
void
sudo_digest_free_v1(struct sudo_digest *dig)
{
debug_decl(sudo_digest_free, SUDO_DEBUG_UTIL)
if (dig != NULL) {
gcry_md_close(dig->ctx);
free(dig);
}
debug_return;
}
void
sudo_digest_reset_v1(struct sudo_digest *dig)
{
debug_decl(sudo_digest_reset, SUDO_DEBUG_UTIL)
gcry_md_reset(dig->ctx);
debug_return;
}
int
sudo_digest_getlen_v1(int digest_type)
{
debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL)
int gcry_digest_type;
gcry_digest_type = sudo_digest_type_to_gcry(digest_type);
if (gcry_digest_type == -1)
debug_return_int(-1);
debug_return_int(gcry_md_get_algo_dlen(gcry_digest_type));
}
void
sudo_digest_update_v1(struct sudo_digest *dig, const void *data, size_t len)
{
debug_decl(sudo_digest_update, SUDO_DEBUG_UTIL)
gcry_md_write(dig->ctx, data, len);
debug_return;
}
void
sudo_digest_final_v1(struct sudo_digest *dig, unsigned char *md)
{
debug_decl(sudo_digest_final, SUDO_DEBUG_UTIL)
gcry_md_final(dig->ctx);
memcpy(md, gcry_md_read(dig->ctx, 0), dig->digest_len);
debug_return;
}

122
plugins/sudoers/filedigest_openssl.c → lib/util/digest_openssl.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2013-2017 Todd C. Miller <Todd.Miller@sudo.ws>
* Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -34,7 +34,9 @@
#include <openssl/sha.h>
#include "sudoers.h"
#include "sudo_compat.h"
#include "sudo_debug.h"
#include "sudo_digest.h"
union ANY_CTX {
SHA256_CTX sha256;
@@ -72,17 +74,18 @@ static struct digest_function {
}
};
unsigned char *
sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len)
{
struct digest_function *func = NULL;
unsigned char *file_digest = NULL;
unsigned char buf[32 * 1024];
size_t nread;
struct sudo_digest {
struct digest_function *func;
union ANY_CTX ctx;
int i, fd2;
FILE *fp = NULL;
debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL)
};
struct sudo_digest *
sudo_digest_alloc_v1(int digest_type)
{
debug_decl(sudo_digest_alloc, SUDO_DEBUG_UTIL)
struct digest_function *func = NULL;
struct sudo_digest *dig;
int i;
for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i) {
@@ -91,42 +94,67 @@ sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len)
}
}
if (func == NULL) {
sudo_warnx(U_("unsupported digest type %d for %s"), digest_type, file);
goto bad;
errno = EINVAL;
debug_return_ptr(NULL);
}
if ((fd2 = dup(fd)) == -1) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to dup %s: %s",
file, strerror(errno));
goto bad;
}
if ((fp = fdopen(fd2, "r")) == NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to fdopen %s: %s",
file, strerror(errno));
close(fd2);
goto bad;
}
if ((file_digest = malloc(func->digest_len)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
}
if ((dig = malloc(sizeof(*dig))) == NULL)
debug_return_ptr(NULL);
func->init(&dig->ctx);
dig->func = func;
func->init(&ctx);
while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
func->update(&ctx, buf, nread);
}
if (ferror(fp)) {
sudo_warnx(U_("%s: read error"), file);
goto bad;
}
func->final(file_digest, &ctx);
fclose(fp);
*digest_len = func->digest_len;
debug_return_ptr(file_digest);
bad:
free(file_digest);
if (fp != NULL)
fclose(fp);
debug_return_ptr(NULL);
debug_return_ptr(dig);
}
void
sudo_digest_free_v1(struct sudo_digest *dig)
{
debug_decl(sudo_digest_free, SUDO_DEBUG_UTIL)
free(dig);
debug_return;
}
void
sudo_digest_reset_v1(struct sudo_digest *dig)
{
debug_decl(sudo_digest_reset, SUDO_DEBUG_UTIL)
dig->func->init(&dig->ctx);
debug_return;
}
int
sudo_digest_getlen_v1(int digest_type)
{
debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL)
int i;
for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i)
debug_return_int(digest_functions[i].digest_len);
}
debug_return_int(-1);
}
void
sudo_digest_update_v1(struct sudo_digest *dig, const void *data, size_t len)
{
debug_decl(sudo_digest_update, SUDO_DEBUG_UTIL)
dig->func->update(&dig->ctx, data, len);
debug_return;
}
void
sudo_digest_final_v1(struct sudo_digest *dig, unsigned char *md)
{
debug_decl(sudo_digest_final, SUDO_DEBUG_UTIL)
dig->func->final(md, &dig->ctx);
debug_return;
}

6
lib/util/util.exp.in
View File

@@ -37,6 +37,12 @@ sudo_debug_set_active_instance_v1
sudo_debug_update_fd_v1
sudo_debug_vprintf2_v1
sudo_debug_write2_v1
sudo_digest_alloc_v1
sudo_digest_final_v1
sudo_digest_free_v1
sudo_digest_getlen_v1
sudo_digest_reset_v1
sudo_digest_update_v1
sudo_dso_findsym_v1
sudo_dso_load_v1
sudo_dso_preload_table_v1

2
mkdep.pl
View File

@@ -82,7 +82,7 @@ sub mkdep {
$makefile =~ s:\@SUDOERS_OBJS\@:bsm_audit.lo linux_audit.lo ldap.lo ldap_util.lo ldap_conf.lo solaris_audit.lo sssd.lo:;
# XXX - fill in AUTH_OBJS from contents of the auth dir instead
$makefile =~ s:\@AUTH_OBJS\@:afs.lo aix_auth.lo bsdauth.lo dce.lo fwtk.lo getspwuid.lo kerb5.lo pam.lo passwd.lo rfc1938.lo secureware.lo securid5.lo sia.lo:;
$makefile =~ s:\@FILEDIGEST\@:filedigest.lo filedigest_openssl.lo filedigest_gcrypt.lo:;
$makefile =~ s:\@DIGEST\@:digest.lo digest_openssl.lo digest_gcrypt.lo:;
$makefile =~ s:\@LTLIBOBJS\@:closefrom.lo fnmatch.lo getaddrinfo.lo getcwd.lo getgrouplist.lo getline.lo getopt_long.lo glob.lo inet_ntop_lo inet_pton.lo isblank.lo memrchr.lo memset_s.lo mksiglist.lo mksigname.lo mktemp.lo nanosleep.lo pw_dup.lo reallocarray.lo sha2.lo sig2str.lo siglist.lo signame.lo snprintf.lo strlcat.lo strlcpy.lo strndup.lo strnlen.lo strsignal.lo strtonum.lo utimens.lo vsyslog.lo pipe2.lo:;
# Parse OBJS lines

353
plugins/sudoers/Makefile.in
View File

@@ -54,11 +54,11 @@ INSTALL_BACKUP = @INSTALL_BACKUP@
LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la
LIBS = $(LT_LIBS)
NET_LIBS = @NET_LIBS@
SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBMD@
SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@
REPLAY_LIBS = @REPLAY_LIBS@ @ZLIB@
VISUDO_LIBS = $(NET_LIBS) @LIBMD@
CVTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@
TESTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@
VISUDO_LIBS = $(NET_LIBS)
CVTSUDOERS_LIBS = $(NET_LIBS)
TESTSUDOERS_LIBS = $(NET_LIBS)
# C preprocessor defines
CPPDEFS = -DLIBDIR=\"$(libdir)\" -DLOCALEDIR=\"$(localedir)\" \
@@ -148,7 +148,7 @@ TEST_PROGS = check_addr check_base64 check_digest check_env_pattern \
AUTH_OBJS = sudo_auth.lo @AUTH_OBJS@
LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo digestname.lo \
@FILEDIGEST@ gentime.lo gmtoff.lo gram.lo hexchar.lo \
filedigest.lo gentime.lo gmtoff.lo gram.lo hexchar.lo \
match.lo match_addr.lo pwutil.lo pwutil_impl.lo \
rcstr.lo redblack.lo sudoers_debug.lo timeout.lo \
timestr.lo toke.lo toke_util.lo
@@ -178,7 +178,7 @@ CHECK_ADDR_OBJS = check_addr.o interfaces.o match_addr.o sudoers_debug.o \
CHECK_BASE64_OBJS = check_base64.o base64.o sudoers_debug.o
CHECK_DIGEST_OBJS = check_digest.o @FILEDIGEST@ digestname.o sudoers_debug.o
CHECK_DIGEST_OBJS = check_digest.o filedigest.o digestname.o sudoers_debug.o
CHECK_ENV_MATCH_OBJS = check_env_pattern.o env_pattern.o sudoers_debug.o
@@ -259,7 +259,7 @@ check_base64: $(CHECK_BASE64_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_BASE64_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
check_digest: $(CHECK_DIGEST_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_DIGEST_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @LIBMD@
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_DIGEST_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
check_env_pattern: $(CHECK_ENV_MATCH_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CHECK_ENV_MATCH_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
@@ -569,9 +569,9 @@ afs.lo: $(authdir)/afs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/afs.c
aix_auth.lo: $(authdir)/aix_auth.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -579,7 +579,7 @@ aix_auth.lo: $(authdir)/aix_auth.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/aix_auth.c
@@ -597,8 +597,8 @@ audit.lo: $(srcdir)/audit.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/bsm_audit.h $(srcdir)/defaults.h $(srcdir)/linux_audit.h \
$(srcdir)/logging.h $(srcdir)/solaris_audit.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/solaris_audit.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/audit.c
base64.lo: $(srcdir)/base64.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
@@ -606,9 +606,9 @@ base64.lo: $(srcdir)/base64.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/base64.c
base64.o: base64.lo
boottime.lo: $(srcdir)/boottime.c $(devdir)/def_data.h \
@@ -617,7 +617,7 @@ boottime.lo: $(srcdir)/boottime.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/boottime.c
@@ -627,8 +627,9 @@ bsdauth.lo: $(authdir)/bsdauth.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/bsdauth.c
bsm_audit.lo: $(srcdir)/bsm_audit.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -636,17 +637,18 @@ bsm_audit.lo: $(srcdir)/bsm_audit.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/bsm_audit.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/bsm_audit.c
check.lo: $(srcdir)/check.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/check.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/check.c
check_addr.o: $(srcdir)/regress/parser/check_addr.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -665,8 +667,9 @@ check_base64.o: $(srcdir)/regress/parser/check_base64.c \
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_base64.c
check_digest.o: $(srcdir)/regress/parser/check_digest.c \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/parse.h $(top_builddir)/config.h
$(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/parse.h \
$(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/parser/check_digest.c
check_env_pattern.o: $(srcdir)/regress/env_match/check_env_pattern.c \
$(devdir)/def_data.h $(incdir)/compat/stdbool.h \
@@ -675,9 +678,9 @@ check_env_pattern.o: $(srcdir)/regress/env_match/check_env_pattern.c \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/env_match/check_env_pattern.c
check_fill.o: $(srcdir)/regress/parser/check_fill.c $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -702,7 +705,7 @@ check_iolog_path.o: $(srcdir)/regress/iolog_path/check_iolog_path.c \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/iolog_path/check_iolog_path.c
@@ -764,7 +767,7 @@ cvtsudoers_pwutil.o: $(srcdir)/cvtsudoers_pwutil.c $(devdir)/def_data.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/cvtsudoers.h \
$(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/pwutil.h $(srcdir)/sudo_nss.h \
$(srcdir)/parse.h $(srcdir)/pwutil.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers_pwutil.c
@@ -772,9 +775,9 @@ dce.lo: $(authdir)/dce.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/dce.c
defaults.lo: $(srcdir)/defaults.c $(devdir)/def_data.c $(devdir)/def_data.h \
$(devdir)/gram.h $(incdir)/compat/stdbool.h \
@@ -788,8 +791,9 @@ defaults.lo: $(srcdir)/defaults.c $(devdir)/def_data.c $(devdir)/def_data.h \
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/defaults.c
digestname.lo: $(srcdir)/digestname.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_queue.h $(srcdir)/parse.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h
$(incdir)/sudo_digest.h $(incdir)/sudo_queue.h \
$(srcdir)/parse.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/digestname.c
digestname.o: digestname.lo
editor.lo: $(srcdir)/editor.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
@@ -797,18 +801,18 @@ editor.lo: $(srcdir)/editor.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/editor.c
editor.o: editor.lo
env.lo: $(srcdir)/env.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env.c
env_pattern.lo: $(srcdir)/env_pattern.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -816,15 +820,24 @@ env_pattern.lo: $(srcdir)/env_pattern.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env_pattern.c
env_pattern.o: env_pattern.lo
file.lo: $(srcdir)/file.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/file.c
filedigest.lo: $(srcdir)/filedigest.c $(devdir)/def_data.h \
$(incdir)/compat/sha2.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
@@ -832,35 +845,14 @@ filedigest.lo: $(srcdir)/filedigest.c $(devdir)/def_data.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/filedigest.c
filedigest_gcrypt.lo: $(srcdir)/filedigest_gcrypt.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/filedigest_gcrypt.c
filedigest_openssl.lo: $(srcdir)/filedigest_openssl.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/filedigest_openssl.c
filedigest.o: filedigest.lo
find_path.lo: $(srcdir)/find_path.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/find_path.c
@@ -881,16 +873,16 @@ fwtk.lo: $(authdir)/fwtk.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/fwtk.c
gc.lo: $(srcdir)/gc.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/gc.c
gentime.lo: $(srcdir)/gentime.c $(incdir)/compat/stdbool.h \
@@ -907,7 +899,7 @@ getspwuid.lo: $(srcdir)/getspwuid.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/getspwuid.c
@@ -923,18 +915,19 @@ goodpath.lo: $(srcdir)/goodpath.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/goodpath.c
goodpath.o: goodpath.lo
gram.lo: $(devdir)/gram.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(srcdir)/toke.h $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(srcdir)/toke.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(devdir)/gram.c
group_plugin.lo: $(srcdir)/group_plugin.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -942,9 +935,10 @@ group_plugin.lo: $(srcdir)/group_plugin.c $(devdir)/def_data.h \
$(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/group_plugin.c
group_plugin.o: group_plugin.lo
hexchar.lo: $(srcdir)/hexchar.c $(devdir)/def_data.h \
@@ -953,8 +947,9 @@ hexchar.lo: $(srcdir)/hexchar.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/hexchar.c
hexchar.o: hexchar.lo
interfaces.lo: $(srcdir)/interfaces.c $(devdir)/def_data.h \
@@ -963,9 +958,10 @@ interfaces.lo: $(srcdir)/interfaces.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/interfaces.c
interfaces.o: interfaces.lo
iolog.lo: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
@@ -973,8 +969,9 @@ iolog.lo: $(srcdir)/iolog.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/iolog.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog.c
iolog_path.lo: $(srcdir)/iolog_path.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -982,7 +979,7 @@ iolog_path.lo: $(srcdir)/iolog_path.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/iolog_path.c
@@ -991,8 +988,8 @@ kerb5.lo: $(authdir)/kerb5.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/kerb5.c
ldap.lo: $(srcdir)/ldap.c $(devdir)/def_data.h $(devdir)/gram.h \
@@ -1020,13 +1017,14 @@ ldap_conf.lo: $(srcdir)/ldap_conf.c $(devdir)/def_data.h \
ldap_util.lo: $(srcdir)/ldap_util.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(incdir)/sudo_digest.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_ldap.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/ldap_util.c
ldap_util.o: ldap_util.lo
linux_audit.lo: $(srcdir)/linux_audit.c $(devdir)/def_data.h \
@@ -1035,7 +1033,7 @@ linux_audit.lo: $(srcdir)/linux_audit.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/linux_audit.h $(srcdir)/logging.h \
$(srcdir)/linux_audit.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
@@ -1053,8 +1051,9 @@ logging.lo: $(srcdir)/logging.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/logging.c
logwrap.lo: $(srcdir)/logwrap.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1062,8 +1061,9 @@ logwrap.lo: $(srcdir)/logwrap.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/logwrap.c
logwrap.o: logwrap.lo
match.lo: $(srcdir)/match.c $(devdir)/def_data.h $(devdir)/gram.h \
@@ -1082,9 +1082,10 @@ match_addr.lo: $(srcdir)/match_addr.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/interfaces.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/match_addr.c
match_addr.o: match_addr.lo
mkdir_parents.lo: $(srcdir)/mkdir_parents.c $(devdir)/def_data.h \
@@ -1093,9 +1094,9 @@ mkdir_parents.lo: $(srcdir)/mkdir_parents.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/mkdir_parents.c
net_ifs.o: $(top_srcdir)/src/net_ifs.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
@@ -1107,19 +1108,10 @@ pam.lo: $(authdir)/pam.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/pam.c
file.lo: $(srcdir)/file.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/file.c
parse.lo: $(srcdir)/parse.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
@@ -1134,9 +1126,9 @@ passwd.lo: $(authdir)/passwd.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/passwd.c
policy.lo: $(srcdir)/policy.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
@@ -1153,18 +1145,19 @@ prompt.lo: $(srcdir)/prompt.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/prompt.c
pwutil.lo: $(srcdir)/pwutil.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/pwutil.h $(srcdir)/redblack.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/pwutil.h \
$(srcdir)/redblack.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/pwutil.c
pwutil.o: pwutil.lo
pwutil_impl.lo: $(srcdir)/pwutil_impl.c $(devdir)/def_data.h \
@@ -1173,17 +1166,17 @@ pwutil_impl.lo: $(srcdir)/pwutil_impl.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/pwutil.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/pwutil.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/pwutil_impl.c
pwutil_impl.o: pwutil_impl.lo
rcstr.lo: $(srcdir)/rcstr.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/rcstr.c
redblack.lo: $(srcdir)/redblack.c $(devdir)/def_data.h \
@@ -1192,9 +1185,9 @@ redblack.lo: $(srcdir)/redblack.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/redblack.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/redblack.c
redblack.o: redblack.lo
rfc1938.lo: $(authdir)/rfc1938.c $(devdir)/def_data.h \
@@ -1203,8 +1196,9 @@ rfc1938.lo: $(authdir)/rfc1938.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/rfc1938.c
secureware.lo: $(authdir)/secureware.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1212,7 +1206,7 @@ secureware.lo: $(authdir)/secureware.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/secureware.c
@@ -1222,7 +1216,7 @@ securid5.lo: $(authdir)/securid5.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/securid5.c
@@ -1232,7 +1226,7 @@ set_perms.lo: $(srcdir)/set_perms.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/set_perms.c
@@ -1240,9 +1234,9 @@ sia.lo: $(authdir)/sia.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/sia.c
solaris_audit.lo: $(srcdir)/solaris_audit.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1250,10 +1244,10 @@ solaris_audit.lo: $(srcdir)/solaris_audit.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/solaris_audit.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/solaris_audit.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/solaris_audit.c
sssd.lo: $(srcdir)/sssd.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1271,9 +1265,9 @@ starttime.lo: $(srcdir)/starttime.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/check.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/starttime.c
starttime.o: starttime.lo
stubs.o: $(srcdir)/stubs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
@@ -1281,8 +1275,9 @@ stubs.o: $(srcdir)/stubs.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/stubs.c
sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1291,11 +1286,10 @@ sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/ins_2001.h \
$(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \
$(srcdir)/ins_goons.h $(srcdir)/insults.h $(srcdir)/logging.h \
$(srcdir)/ins_python.h $(srcdir)/insults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/ins_goons.h $(srcdir)/ins_python.h $(srcdir)/insults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/sudo_auth.c
sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1303,9 +1297,9 @@ sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudo_nss.c
sudo_printf.o: $(srcdir)/sudo_printf.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
@@ -1319,9 +1313,9 @@ sudoers.lo: $(srcdir)/sudoers.c $(devdir)/def_data.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/auth/sudo_auth.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoers.c
sudoers_debug.lo: $(srcdir)/sudoers_debug.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1329,9 +1323,9 @@ sudoers_debug.lo: $(srcdir)/sudoers_debug.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudoers_debug.c
sudoers_debug.o: sudoers_debug.lo
sudoreplay.o: $(srcdir)/sudoreplay.c $(incdir)/compat/getopt.h \
@@ -1365,17 +1359,17 @@ timestamp.lo: $(srcdir)/timestamp.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/check.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/timestamp.c
timestr.lo: $(srcdir)/timestr.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_queue.h $(srcdir)/parse.h $(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/timestr.c
toke.lo: $(devdir)/toke.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/sha2.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_digest.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
@@ -1398,8 +1392,9 @@ tsdump.o: $(srcdir)/tsdump.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/check.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/tsdump.c
tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
@@ -1407,7 +1402,7 @@ tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(devdir)/def_data.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(srcdir)/tsgetgrpw.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/tsgetgrpw.c

1
plugins/sudoers/digestname.c
View File

@@ -20,6 +20,7 @@
#include <stdio.h>
#include "sudo_compat.h"
#include "sudo_digest.h"
#include "sudoers_debug.h"
#include "parse.h"

76
plugins/sudoers/filedigest.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2013-2017 Todd C. Miller <Todd.Miller@sudo.ws>
* Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -38,72 +38,30 @@
#include <errno.h>
#include "sudoers.h"
#ifdef HAVE_SHA224UPDATE
# include <sha2.h>
#else
# include "compat/sha2.h"
#endif
static struct digest_function {
const unsigned int digest_len;
void (*init)(SHA2_CTX *);
#ifdef SHA2_VOID_PTR
void (*update)(SHA2_CTX *, const void *, size_t);
void (*final)(void *, SHA2_CTX *);
#else
void (*update)(SHA2_CTX *, const unsigned char *, size_t);
void (*final)(unsigned char *, SHA2_CTX *);
#endif
} digest_functions[] = {
{
SHA224_DIGEST_LENGTH,
SHA224Init,
SHA224Update,
SHA224Final
}, {
SHA256_DIGEST_LENGTH,
SHA256Init,
SHA256Update,
SHA256Final
}, {
SHA384_DIGEST_LENGTH,
SHA384Init,
SHA384Update,
SHA384Final
}, {
SHA512_DIGEST_LENGTH,
SHA512Init,
SHA512Update,
SHA512Final
}, {
0
}
};
#include "sudo_digest.h"
unsigned char *
sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len)
{
struct digest_function *func = NULL;
unsigned char *file_digest = NULL;
unsigned char buf[32 * 1024];
size_t nread;
SHA2_CTX ctx;
int i, fd2;
struct sudo_digest *dig = NULL;
FILE *fp = NULL;
size_t nread;
int fd2;
debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL)
for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i) {
func = &digest_functions[i];
break;
}
}
if (func == NULL) {
*digest_len = sudo_digest_getlen(digest_type);
if (*digest_len == (size_t)-1) {
sudo_warnx(U_("unsupported digest type %d for %s"), digest_type, file);
goto bad;
}
if ((dig = sudo_digest_alloc(digest_type)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
}
if ((fd2 = dup(fd)) == -1) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to dup %s: %s",
file, strerror(errno));
@@ -115,25 +73,25 @@ sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len)
close(fd2);
goto bad;
}
if ((file_digest = malloc(func->digest_len)) == NULL) {
if ((file_digest = malloc(*digest_len)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
}
func->init(&ctx);
while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
func->update(&ctx, buf, nread);
sudo_digest_update(dig, buf, nread);
}
if (ferror(fp)) {
sudo_warnx(U_("%s: read error"), file);
goto bad;
}
func->final(file_digest, &ctx);
sudo_digest_final(dig, file_digest);
sudo_digest_free(dig);
fclose(fp);
*digest_len = func->digest_len;
debug_return_ptr(file_digest);
bad:
sudo_digest_free(dig);
free(file_digest);
if (fp != NULL)
fclose(fp);

112
plugins/sudoers/filedigest_gcrypt.c
View File

@@ -1,112 +0,0 @@
/*
* Copyright (c) 2017 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <config.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <gcrypt.h>
#include "sudoers.h"
unsigned char *
sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_lenp)
{
unsigned char *file_digest = NULL;
unsigned char buf[32 * 1024];
int fd2, gcry_digest_type;
size_t digest_len, nread;
gcry_error_t error;
gcry_md_hd_t ctx;
FILE *fp = NULL;
debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL)
switch (digest_type) {
case SUDO_DIGEST_SHA224:
gcry_digest_type = GCRY_MD_SHA224;
break;
case SUDO_DIGEST_SHA256:
gcry_digest_type = GCRY_MD_SHA256;
break;
case SUDO_DIGEST_SHA384:
gcry_digest_type = GCRY_MD_SHA384;
break;
case SUDO_DIGEST_SHA512:
gcry_digest_type = GCRY_MD_SHA512;
break;
default:
sudo_warnx(U_("unsupported digest type %d for %s"), digest_type, file);
debug_return_ptr(NULL);
}
error = gcry_md_open(&ctx, gcry_digest_type, 0);
if (error != 0) {
sudo_warnx(U_("%s: %s"), digest_type_to_name(digest_type),
gcry_strerror(error));
goto bad;
}
digest_len = gcry_md_get_algo_dlen(gcry_digest_type);
if ((fd2 = dup(fd)) == -1) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to dup %s: %s",
file, strerror(errno));
goto bad;
}
if ((fp = fdopen(fd2, "r")) == NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to fdopen %s: %s",
file, strerror(errno));
close(fd2);
goto bad;
}
if ((file_digest = malloc(digest_len)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
}
while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
gcry_md_write(ctx, buf, nread);
}
if (ferror(fp)) {
sudo_warnx(U_("%s: read error"), file);
goto bad;
}
gcry_md_final(ctx);
fclose(fp);
memcpy(file_digest, gcry_md_read(ctx, 0), digest_len);
*digest_lenp = digest_len;
debug_return_ptr(file_digest);
bad:
free(file_digest);
gcry_md_close(ctx);
if (fp != NULL)
fclose(fp);
debug_return_ptr(NULL);
}

229
plugins/sudoers/gram.c
View File

@@ -84,6 +84,7 @@
#include <errno.h>
#include "sudoers.h"
#include "sudo_digest.h"
#include "toke.h"
/* If we last saw a newline the entry is on the preceding line. */
@@ -108,8 +109,8 @@ static bool add_defaults(int, struct member *, struct defaults *);
static bool add_userspec(struct member *, struct privilege *);
static struct defaults *new_default(char *, char *, short);
static struct member *new_member(char *, int);
static struct sudo_digest *new_digest(int, char *);
#line 76 "gram.y"
static struct command_digest *new_digest(int, char *);
#line 77 "gram.y"
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
@@ -118,7 +119,7 @@ typedef union {
struct member *member;
struct runascontainer *runas;
struct privilege *privilege;
struct sudo_digest *digest;
struct command_digest *digest;
struct sudo_command command;
struct command_options options;
struct cmndtag tag;
@@ -126,7 +127,7 @@ typedef union {
int tok;
} YYSTYPE;
#endif /* YYSTYPE_DEFINED */
#line 129 "gram.c"
#line 130 "gram.c"
#define COMMAND 257
#define ALIAS 258
#define DEFVAR 259
@@ -666,7 +667,7 @@ short *yysslim;
YYSTYPE *yyvs;
unsigned int yystacksize;
int yyparse(void);
#line 898 "gram.y"
#line 899 "gram.y"
void
sudoerserror(const char *s)
{
@@ -739,28 +740,28 @@ new_member(char *name, int type)
debug_return_ptr(m);
}
static struct sudo_digest *
static struct command_digest *
new_digest(int digest_type, char *digest_str)
{
struct sudo_digest *dig;
struct command_digest *digest;
debug_decl(new_digest, SUDOERS_DEBUG_PARSER)
if ((dig = malloc(sizeof(*dig))) == NULL) {
if ((digest = malloc(sizeof(*digest))) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
debug_return_ptr(NULL);
}
dig->digest_type = digest_type;
dig->digest_str = digest_str;
if (dig->digest_str == NULL) {
digest->digest_type = digest_type;
digest->digest_str = digest_str;
if (digest->digest_str == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
free(dig);
dig = NULL;
free(digest);
digest = NULL;
}
debug_return_ptr(dig);
debug_return_ptr(digest);
}
/*
@@ -1062,7 +1063,7 @@ init_options(struct command_options *opts)
opts->limitprivs = NULL;
#endif
}
#line 1013 "gram.c"
#line 1014 "gram.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
@@ -1271,23 +1272,23 @@ yyreduce:
switch (yyn)
{
case 1:
#line 174 "gram.y"
#line 175 "gram.y"
{ ; }
break;
case 5:
#line 182 "gram.y"
#line 183 "gram.y"
{
;
}
break;
case 6:
#line 185 "gram.y"
#line 186 "gram.y"
{
yyerrok;
}
break;
case 7:
#line 188 "gram.y"
#line 189 "gram.y"
{
if (!add_userspec(yyvsp[-1].member, yyvsp[0].privilege)) {
sudoerserror(N_("unable to allocate memory"));
@@ -1296,73 +1297,73 @@ case 7:
}
break;
case 8:
#line 194 "gram.y"
#line 195 "gram.y"
{
;
}
break;
case 9:
#line 197 "gram.y"
#line 198 "gram.y"
{
;
}
break;
case 10:
#line 200 "gram.y"
#line 201 "gram.y"
{
;
}
break;
case 11:
#line 203 "gram.y"
#line 204 "gram.y"
{
;
}
break;
case 12:
#line 206 "gram.y"
#line 207 "gram.y"
{
if (!add_defaults(DEFAULTS, NULL, yyvsp[0].defaults))
YYERROR;
}
break;
case 13:
#line 210 "gram.y"
#line 211 "gram.y"
{
if (!add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults))
YYERROR;
}
break;
case 14:
#line 214 "gram.y"
#line 215 "gram.y"
{
if (!add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults))
YYERROR;
}
break;
case 15:
#line 218 "gram.y"
#line 219 "gram.y"
{
if (!add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults))
YYERROR;
}
break;
case 16:
#line 222 "gram.y"
#line 223 "gram.y"
{
if (!add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults))
YYERROR;
}
break;
case 18:
#line 229 "gram.y"
#line 230 "gram.y"
{
HLTQ_CONCAT(yyvsp[-2].defaults, yyvsp[0].defaults, entries);
yyval.defaults = yyvsp[-2].defaults;
}
break;
case 19:
#line 235 "gram.y"
#line 236 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, true);
if (yyval.defaults == NULL) {
@@ -1372,7 +1373,7 @@ case 19:
}
break;
case 20:
#line 242 "gram.y"
#line 243 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, false);
if (yyval.defaults == NULL) {
@@ -1382,7 +1383,7 @@ case 20:
}
break;
case 21:
#line 249 "gram.y"
#line 250 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true);
if (yyval.defaults == NULL) {
@@ -1392,7 +1393,7 @@ case 21:
}
break;
case 22:
#line 256 "gram.y"
#line 257 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
if (yyval.defaults == NULL) {
@@ -1402,7 +1403,7 @@ case 22:
}
break;
case 23:
#line 263 "gram.y"
#line 264 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
if (yyval.defaults == NULL) {
@@ -1412,14 +1413,14 @@ case 23:
}
break;
case 25:
#line 273 "gram.y"
#line 274 "gram.y"
{
HLTQ_CONCAT(yyvsp[-2].privilege, yyvsp[0].privilege, entries);
yyval.privilege = yyvsp[-2].privilege;
}
break;
case 26:
#line 279 "gram.y"
#line 280 "gram.y"
{
struct privilege *p = calloc(1, sizeof(*p));
if (p == NULL) {
@@ -1434,21 +1435,21 @@ case 26:
}
break;
case 27:
#line 293 "gram.y"
#line 294 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 28:
#line 297 "gram.y"
#line 298 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 29:
#line 303 "gram.y"
#line 304 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
if (yyval.member == NULL) {
@@ -1458,7 +1459,7 @@ case 29:
}
break;
case 30:
#line 310 "gram.y"
#line 311 "gram.y"
{
yyval.member = new_member(NULL, ALL);
if (yyval.member == NULL) {
@@ -1468,7 +1469,7 @@ case 30:
}
break;
case 31:
#line 317 "gram.y"
#line 318 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
if (yyval.member == NULL) {
@@ -1478,7 +1479,7 @@ case 31:
}
break;
case 32:
#line 324 "gram.y"
#line 325 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NTWKADDR);
if (yyval.member == NULL) {
@@ -1488,7 +1489,7 @@ case 32:
}
break;
case 33:
#line 331 "gram.y"
#line 332 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
if (yyval.member == NULL) {
@@ -1498,7 +1499,7 @@ case 33:
}
break;
case 35:
#line 341 "gram.y"
#line 342 "gram.y"
{
struct cmndspec *prev;
prev = HLTQ_LAST(yyvsp[-2].cmndspec, cmndspec, entries);
@@ -1552,7 +1553,7 @@ case 35:
}
break;
case 36:
#line 394 "gram.y"
#line 395 "gram.y"
{
struct cmndspec *cs = calloc(1, sizeof(*cs));
if (cs == NULL) {
@@ -1604,7 +1605,7 @@ case 36:
}
break;
case 37:
#line 445 "gram.y"
#line 446 "gram.y"
{
yyval.digest = new_digest(SUDO_DIGEST_SHA224, yyvsp[0].string);
if (yyval.digest == NULL) {
@@ -1614,7 +1615,7 @@ case 37:
}
break;
case 38:
#line 452 "gram.y"
#line 453 "gram.y"
{
yyval.digest = new_digest(SUDO_DIGEST_SHA256, yyvsp[0].string);
if (yyval.digest == NULL) {
@@ -1624,7 +1625,7 @@ case 38:
}
break;
case 39:
#line 459 "gram.y"
#line 460 "gram.y"
{
yyval.digest = new_digest(SUDO_DIGEST_SHA384, yyvsp[0].string);
if (yyval.digest == NULL) {
@@ -1634,7 +1635,7 @@ case 39:
}
break;
case 40:
#line 466 "gram.y"
#line 467 "gram.y"
{
yyval.digest = new_digest(SUDO_DIGEST_SHA512, yyvsp[0].string);
if (yyval.digest == NULL) {
@@ -1644,13 +1645,13 @@ case 40:
}
break;
case 41:
#line 475 "gram.y"
#line 476 "gram.y"
{
yyval.member = yyvsp[0].member;
}
break;
case 42:
#line 478 "gram.y"
#line 479 "gram.y"
{
if (yyvsp[0].member->type != COMMAND) {
sudoerserror(N_("a digest requires a path name"));
@@ -1662,75 +1663,75 @@ case 42:
}
break;
case 43:
#line 489 "gram.y"
#line 490 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 44:
#line 493 "gram.y"
#line 494 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 45:
#line 499 "gram.y"
#line 500 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 46:
#line 504 "gram.y"
#line 505 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 47:
#line 508 "gram.y"
#line 509 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 48:
#line 513 "gram.y"
#line 514 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 49:
#line 518 "gram.y"
#line 519 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 50:
#line 523 "gram.y"
#line 524 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 51:
#line 527 "gram.y"
#line 528 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 52:
#line 532 "gram.y"
#line 533 "gram.y"
{
yyval.runas = NULL;
}
break;
case 53:
#line 535 "gram.y"
#line 536 "gram.y"
{
yyval.runas = yyvsp[-1].runas;
}
break;
case 54:
#line 540 "gram.y"
#line 541 "gram.y"
{
yyval.runas = calloc(1, sizeof(struct runascontainer));
if (yyval.runas != NULL) {
@@ -1748,7 +1749,7 @@ case 54:
}
break;
case 55:
#line 555 "gram.y"
#line 556 "gram.y"
{
yyval.runas = calloc(1, sizeof(struct runascontainer));
if (yyval.runas == NULL) {
@@ -1760,7 +1761,7 @@ case 55:
}
break;
case 56:
#line 564 "gram.y"
#line 565 "gram.y"
{
yyval.runas = calloc(1, sizeof(struct runascontainer));
if (yyval.runas == NULL) {
@@ -1772,7 +1773,7 @@ case 56:
}
break;
case 57:
#line 573 "gram.y"
#line 574 "gram.y"
{
yyval.runas = calloc(1, sizeof(struct runascontainer));
if (yyval.runas == NULL) {
@@ -1784,7 +1785,7 @@ case 57:
}
break;
case 58:
#line 582 "gram.y"
#line 583 "gram.y"
{
yyval.runas = calloc(1, sizeof(struct runascontainer));
if (yyval.runas != NULL) {
@@ -1802,13 +1803,13 @@ case 58:
}
break;
case 59:
#line 599 "gram.y"
#line 600 "gram.y"
{
init_options(&yyval.options);
}
break;
case 60:
#line 602 "gram.y"
#line 603 "gram.y"
{
yyval.options.notbefore = parse_gentime(yyvsp[0].string);
free(yyvsp[0].string);
@@ -1819,7 +1820,7 @@ case 60:
}
break;
case 61:
#line 610 "gram.y"
#line 611 "gram.y"
{
yyval.options.notafter = parse_gentime(yyvsp[0].string);
free(yyvsp[0].string);
@@ -1830,7 +1831,7 @@ case 61:
}
break;
case 62:
#line 618 "gram.y"
#line 619 "gram.y"
{
yyval.options.timeout = parse_timeout(yyvsp[0].string);
free(yyvsp[0].string);
@@ -1844,7 +1845,7 @@ case 62:
}
break;
case 63:
#line 629 "gram.y"
#line 630 "gram.y"
{
#ifdef HAVE_SELINUX
free(yyval.options.role);
@@ -1853,7 +1854,7 @@ case 63:
}
break;
case 64:
#line 635 "gram.y"
#line 636 "gram.y"
{
#ifdef HAVE_SELINUX
free(yyval.options.type);
@@ -1862,7 +1863,7 @@ case 64:
}
break;
case 65:
#line 641 "gram.y"
#line 642 "gram.y"
{
#ifdef HAVE_PRIV_SET
free(yyval.options.privs);
@@ -1871,7 +1872,7 @@ case 65:
}
break;
case 66:
#line 647 "gram.y"
#line 648 "gram.y"
{
#ifdef HAVE_PRIV_SET
free(yyval.options.limitprivs);
@@ -1880,97 +1881,97 @@ case 66:
}
break;
case 67:
#line 655 "gram.y"
#line 656 "gram.y"
{
TAGS_INIT(yyval.tag);
}
break;
case 68:
#line 658 "gram.y"
#line 659 "gram.y"
{
yyval.tag.nopasswd = true;
}
break;
case 69:
#line 661 "gram.y"
#line 662 "gram.y"
{
yyval.tag.nopasswd = false;
}
break;
case 70:
#line 664 "gram.y"
#line 665 "gram.y"
{
yyval.tag.noexec = true;
}
break;
case 71:
#line 667 "gram.y"
#line 668 "gram.y"
{
yyval.tag.noexec = false;
}
break;
case 72:
#line 670 "gram.y"
#line 671 "gram.y"
{
yyval.tag.setenv = true;
}
break;
case 73:
#line 673 "gram.y"
#line 674 "gram.y"
{
yyval.tag.setenv = false;
}
break;
case 74:
#line 676 "gram.y"
#line 677 "gram.y"
{
yyval.tag.log_input = true;
}
break;
case 75:
#line 679 "gram.y"
#line 680 "gram.y"
{
yyval.tag.log_input = false;
}
break;
case 76:
#line 682 "gram.y"
#line 683 "gram.y"
{
yyval.tag.log_output = true;
}
break;
case 77:
#line 685 "gram.y"
#line 686 "gram.y"
{
yyval.tag.log_output = false;
}
break;
case 78:
#line 688 "gram.y"
#line 689 "gram.y"
{
yyval.tag.follow = true;
}
break;
case 79:
#line 691 "gram.y"
#line 692 "gram.y"
{
yyval.tag.follow = false;
}
break;
case 80:
#line 694 "gram.y"
#line 695 "gram.y"
{
yyval.tag.send_mail = true;
}
break;
case 81:
#line 697 "gram.y"
#line 698 "gram.y"
{
yyval.tag.send_mail = false;
}
break;
case 82:
#line 702 "gram.y"
#line 703 "gram.y"
{
yyval.member = new_member(NULL, ALL);
if (yyval.member == NULL) {
@@ -1980,7 +1981,7 @@ case 82:
}
break;
case 83:
#line 709 "gram.y"
#line 710 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
if (yyval.member == NULL) {
@@ -1990,7 +1991,7 @@ case 83:
}
break;
case 84:
#line 716 "gram.y"
#line 717 "gram.y"
{
struct sudo_command *c = calloc(1, sizeof(*c));
if (c == NULL) {
@@ -2008,7 +2009,7 @@ case 84:
}
break;
case 87:
#line 737 "gram.y"
#line 738 "gram.y"
{
const char *s;
s = alias_add(yyvsp[-2].string, HOSTALIAS, sudoers, this_lineno, yyvsp[0].member);
@@ -2019,14 +2020,14 @@ case 87:
}
break;
case 89:
#line 748 "gram.y"
#line 749 "gram.y"
{
HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
yyval.member = yyvsp[-2].member;
}
break;
case 92:
#line 758 "gram.y"
#line 759 "gram.y"
{
const char *s;
s = alias_add(yyvsp[-2].string, CMNDALIAS, sudoers, this_lineno, yyvsp[0].member);
@@ -2037,14 +2038,14 @@ case 92:
}
break;
case 94:
#line 769 "gram.y"
#line 770 "gram.y"
{
HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
yyval.member = yyvsp[-2].member;
}
break;
case 97:
#line 779 "gram.y"
#line 780 "gram.y"
{
const char *s;
s = alias_add(yyvsp[-2].string, RUNASALIAS, sudoers, this_lineno, yyvsp[0].member);
@@ -2055,7 +2056,7 @@ case 97:
}
break;
case 100:
#line 793 "gram.y"
#line 794 "gram.y"
{
const char *s;
s = alias_add(yyvsp[-2].string, USERALIAS, sudoers, this_lineno, yyvsp[0].member);
@@ -2066,28 +2067,28 @@ case 100:
}
break;
case 102:
#line 804 "gram.y"
#line 805 "gram.y"
{
HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
yyval.member = yyvsp[-2].member;
}
break;
case 103:
#line 810 "gram.y"
#line 811 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 104:
#line 814 "gram.y"
#line 815 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 105:
#line 820 "gram.y"
#line 821 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
if (yyval.member == NULL) {
@@ -2097,7 +2098,7 @@ case 105:
}
break;
case 106:
#line 827 "gram.y"
#line 828 "gram.y"
{
yyval.member = new_member(NULL, ALL);
if (yyval.member == NULL) {
@@ -2107,7 +2108,7 @@ case 106:
}
break;
case 107:
#line 834 "gram.y"
#line 835 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
if (yyval.member == NULL) {
@@ -2117,7 +2118,7 @@ case 107:
}
break;
case 108:
#line 841 "gram.y"
#line 842 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, USERGROUP);
if (yyval.member == NULL) {
@@ -2127,7 +2128,7 @@ case 108:
}
break;
case 109:
#line 848 "gram.y"
#line 849 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
if (yyval.member == NULL) {
@@ -2137,28 +2138,28 @@ case 109:
}
break;
case 111:
#line 858 "gram.y"
#line 859 "gram.y"
{
HLTQ_CONCAT(yyvsp[-2].member, yyvsp[0].member, entries);
yyval.member = yyvsp[-2].member;
}
break;
case 112:
#line 864 "gram.y"
#line 865 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 113:
#line 868 "gram.y"
#line 869 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 114:
#line 874 "gram.y"
#line 875 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
if (yyval.member == NULL) {
@@ -2168,7 +2169,7 @@ case 114:
}
break;
case 115:
#line 881 "gram.y"
#line 882 "gram.y"
{
yyval.member = new_member(NULL, ALL);
if (yyval.member == NULL) {
@@ -2178,7 +2179,7 @@ case 115:
}
break;
case 116:
#line 888 "gram.y"
#line 889 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
if (yyval.member == NULL) {
@@ -2187,7 +2188,7 @@ case 116:
}
}
break;
#line 2138 "gram.c"
#line 2139 "gram.c"
}
yyssp -= yym;
yystate = *yyssp;

2
plugins/sudoers/gram.h
View File

@@ -52,7 +52,7 @@ typedef union {
struct member *member;
struct runascontainer *runas;
struct privilege *privilege;
struct sudo_digest *digest;
struct command_digest *digest;
struct sudo_command command;
struct command_options options;
struct cmndtag tag;

23
plugins/sudoers/gram.y
View File

@@ -46,6 +46,7 @@
#include <errno.h>
#include "sudoers.h"
#include "sudo_digest.h"
#include "toke.h"
/* If we last saw a newline the entry is on the preceding line. */
@@ -70,7 +71,7 @@ static bool add_defaults(int, struct member *, struct defaults *);
static bool add_userspec(struct member *, struct privilege *);
static struct defaults *new_default(char *, char *, short);
static struct member *new_member(char *, int);
static struct sudo_digest *new_digest(int, char *);
static struct command_digest *new_digest(int, char *);
%}
%union {
@@ -79,7 +80,7 @@ static struct sudo_digest *new_digest(int, char *);
struct member *member;
struct runascontainer *runas;
struct privilege *privilege;
struct sudo_digest *digest;
struct command_digest *digest;
struct sudo_command command;
struct command_options options;
struct cmndtag tag;
@@ -967,28 +968,28 @@ new_member(char *name, int type)
debug_return_ptr(m);
}
static struct sudo_digest *
static struct command_digest *
new_digest(int digest_type, char *digest_str)
{
struct sudo_digest *dig;
struct command_digest *digest;
debug_decl(new_digest, SUDOERS_DEBUG_PARSER)
if ((dig = malloc(sizeof(*dig))) == NULL) {
if ((digest = malloc(sizeof(*digest))) == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
debug_return_ptr(NULL);
}
dig->digest_type = digest_type;
dig->digest_str = digest_str;
if (dig->digest_str == NULL) {
digest->digest_type = digest_type;
digest->digest_str = digest_str;
if (digest->digest_str == NULL) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"unable to allocate memory");
free(dig);
dig = NULL;
free(digest);
digest = NULL;
}
debug_return_ptr(dig);
debug_return_ptr(digest);
}
/*

9
plugins/sudoers/ldap_util.c
View File

@@ -37,6 +37,7 @@
#include "gram.h"
#include "sudo_lbuf.h"
#include "sudo_ldap.h"
#include "sudo_digest.h"
/*
* Returns true if the string pointed to by valp begins with an
@@ -489,7 +490,7 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
if (cmndspec->tags.setenv == UNSPEC)
cmndspec->tags.setenv = IMPLIED;
} else {
struct sudo_digest digest;
struct command_digest digest;
char *args;
m->type = COMMAND;
@@ -524,12 +525,12 @@ oom:
}
/*
* If a digest prefix is present, fills in struct sudo_digest
* If a digest prefix is present, fills in struct command_digest
* and returns a pointer to it, updating cmnd to point to the
* command after the digest.
*/
struct sudo_digest *
sudo_ldap_extract_digest(char **cmnd, struct sudo_digest *digest)
struct command_digest *
sudo_ldap_extract_digest(char **cmnd, struct command_digest *digest)
{
char *ep, *cp = *cmnd;
int digest_type = SUDO_DIGEST_INVALID;

40
plugins/sudoers/match.c
View File

@@ -75,13 +75,13 @@
static struct member_list empty = TAILQ_HEAD_INITIALIZER(empty);
static bool command_matches_dir(const char *sudoers_dir, size_t dlen, const struct sudo_digest *digest);
static bool command_matches_dir(const char *sudoers_dir, size_t dlen, const struct command_digest *digest);
#ifndef SUDOERS_NAME_MATCH
static bool command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest);
static bool command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
#endif
static bool command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest);
static bool command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest);
static bool digest_matches(int fd, const char *file, const struct sudo_digest *sd);
static bool command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
static bool command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
static bool digest_matches(int fd, const char *file, const struct command_digest *digest);
/*
* Returns true if string 's' contains meta characters.
@@ -425,7 +425,7 @@ command_args_match(const char *sudoers_cmnd, const char *sudoers_args)
* otherwise, return true if user_cmnd names one of the inodes in path.
*/
bool
command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest)
command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest)
{
bool rc = false;
debug_decl(command_matches, SUDOERS_DEBUG_MATCH)
@@ -512,7 +512,7 @@ is_script(int fd)
* Returns false on error, else true.
*/
static bool
open_cmnd(const char *path, const struct sudo_digest *digest, int *fdp)
open_cmnd(const char *path, const struct command_digest *digest, int *fdp)
{
int fd = -1;
debug_decl(open_cmnd, SUDOERS_DEBUG_MATCH)
@@ -580,7 +580,7 @@ set_cmnd_fd(int fd)
static bool
command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args,
const struct sudo_digest *digest)
const struct command_digest *digest)
{
struct stat sb; /* XXX - unused */
int fd = -1;
@@ -621,7 +621,7 @@ bad:
#ifndef SUDOERS_NAME_MATCH
static bool
command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
const struct sudo_digest *digest)
const struct command_digest *digest)
{
struct stat sudoers_stat;
bool bad_digest = false;
@@ -751,7 +751,7 @@ done:
#ifdef SUDOERS_NAME_MATCH
static bool
command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest)
command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest)
{
size_t dlen;
debug_decl(command_matches_normal, SUDOERS_DEBUG_MATCH)
@@ -776,7 +776,7 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const
#else /* !SUDOERS_NAME_MATCH */
static bool
digest_matches(int fd, const char *file, const struct sudo_digest *sd)
digest_matches(int fd, const char *file, const struct command_digest *digest)
{
unsigned char *file_digest = NULL;
unsigned char *sudoers_digest = NULL;
@@ -784,7 +784,7 @@ digest_matches(int fd, const char *file, const struct sudo_digest *sd)
size_t digest_len;
debug_decl(digest_matches, SUDOERS_DEBUG_MATCH)
file_digest = sudo_filedigest(fd, file, sd->digest_type, &digest_len);
file_digest = sudo_filedigest(fd, file, digest->digest_type, &digest_len);
if (lseek(fd, (off_t)0, SEEK_SET) == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
"unable to rewind digest fd");
@@ -799,18 +799,18 @@ digest_matches(int fd, const char *file, const struct sudo_digest *sd)
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto done;
}
if (strlen(sd->digest_str) == digest_len * 2) {
if (strlen(digest->digest_str) == digest_len * 2) {
/* Convert ascii hex to binary. */
unsigned int i;
for (i = 0; i < digest_len; i++) {
const int h = hexchar(&sd->digest_str[i + i]);
const int h = hexchar(&digest->digest_str[i + i]);
if (h == -1)
goto bad_format;
sudoers_digest[i] = (unsigned char)h;
}
} else {
/* Convert base64 to binary. */
size_t len = base64_decode(sd->digest_str, sudoers_digest, digest_len);
size_t len = base64_decode(digest->digest_str, sudoers_digest, digest_len);
if (len != digest_len) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"incorrect length for digest, expected %zu, got %zu",
@@ -824,13 +824,13 @@ digest_matches(int fd, const char *file, const struct sudo_digest *sd)
} else {
sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
"%s digest mismatch for %s, expecting %s",
digest_type_to_name(sd->digest_type), file, sd->digest_str);
digest_type_to_name(digest->digest_type), file, digest->digest_str);
}
goto done;
bad_format:
sudo_warnx(U_("digest for %s (%s) is not in %s form"), file,
sd->digest_str, digest_type_to_name(sd->digest_type));
digest->digest_str, digest_type_to_name(digest->digest_type));
done:
free(sudoers_digest);
free(file_digest);
@@ -838,7 +838,7 @@ done:
}
static bool
command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest)
command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest)
{
struct stat sudoers_stat;
const char *base;
@@ -903,7 +903,7 @@ bad:
*/
static bool
command_matches_dir(const char *sudoers_dir, size_t dlen,
const struct sudo_digest *digest)
const struct command_digest *digest)
{
debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH)
/* XXX - check digest */
@@ -915,7 +915,7 @@ command_matches_dir(const char *sudoers_dir, size_t dlen,
*/
static bool
command_matches_dir(const char *sudoers_dir, size_t dlen,
const struct sudo_digest *digest)
const struct command_digest *digest)
{
struct stat sudoers_stat;
struct dirent *dent;

12
plugins/sudoers/parse.h
View File

@@ -77,13 +77,7 @@
((cs1)->runasuserlist != (cs2)->runasuserlist || \
(cs1)->runasgrouplist != (cs2)->runasgrouplist)
#define SUDO_DIGEST_SHA224 0
#define SUDO_DIGEST_SHA256 1
#define SUDO_DIGEST_SHA384 2
#define SUDO_DIGEST_SHA512 3
#define SUDO_DIGEST_INVALID 4
struct sudo_digest {
struct command_digest {
unsigned int digest_type;
char *digest_str;
};
@@ -95,7 +89,7 @@ struct sudo_digest {
struct sudo_command {
char *cmnd;
char *args;
struct sudo_digest *digest;
struct command_digest *digest;
};
/*
@@ -280,7 +274,7 @@ bool addr_matches(char *n);
/* match.c */
struct group;
struct passwd;
bool command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct sudo_digest *digest);
bool command_matches(const char *sudoers_cmnd, const char *sudoers_args, const struct command_digest *digest);
bool group_matches(const char *sudoers_group, const struct group *gr);
bool hostname_matches(const char *shost, const char *lhost, const char *pattern);
bool netgr_matches(const char *netgr, const char *lhost, const char *shost, const char *user);

1
plugins/sudoers/regress/parser/check_digest.c
View File

@@ -41,6 +41,7 @@
#include "sudo_compat.h"
#include "sudo_fatal.h"
#include "sudo_queue.h"
#include "sudo_digest.h"
#include "sudo_util.h"
#include "parse.h"

2
plugins/sudoers/sudo_ldap.h
View File

@@ -25,6 +25,6 @@ bool sudo_ldap_is_negated(char **valp);
bool sudo_ldap_add_default(const char *var, const char *val, int op, char *source, struct defaults_list *defs);
int sudo_ldap_parse_option(char *optstr, char **varp, char **valp);
struct privilege *sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers, void *runasgroups, void *cmnds, void *opts, const char *notbefore, const char *notafter, bool warnings, bool store_options, sudo_ldap_iter_t iter);
struct sudo_digest *sudo_ldap_extract_digest(char **cmnd, struct sudo_digest *digest);
struct command_digest *sudo_ldap_extract_digest(char **cmnd, struct command_digest *digest);
#endif /* SUDOERS_LDAP_H */

1742
plugins/sudoers/toke.c
View File

File diff suppressed because it is too large Load Diff

23
plugins/sudoers/toke.l
View File

@@ -47,14 +47,9 @@
#include "sudoers.h"
#include "toke.h"
#include <gram.h>
#include "sudo_digest.h"
#include "sudo_lbuf.h"
#ifdef HAVE_SHA224UPDATE
# include <sha2.h>
#else
# include "compat/sha2.h"
#endif
#if defined(HAVE_STRUCT_DIRENT_D_NAMLEN) && HAVE_STRUCT_DIRENT_D_NAMLEN
# define NAMLEN(dirent) (dirent)->d_namlen
#else
@@ -73,7 +68,7 @@ gid_t sudoers_gid = SUDOERS_GID;
static bool continued, sawspace;
static int prev_state;
static yy_size_t digest_len;
static int digest_type = -1;
static bool push_include_int(char *, bool);
static bool pop_include(void);
@@ -256,6 +251,8 @@ DEFVAR [a-z_]+
<WANTDIGEST>[[:xdigit:]]+ {
/* Only return DIGEST if the length is correct. */
yy_size_t digest_len =
sudo_digest_getlen(digest_type);
if ((yy_size_t)sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng))
yyterminate();
@@ -269,7 +266,8 @@ DEFVAR [a-z_]+
<WANTDIGEST>[A-Za-z0-9\+/=]+ {
/* Only return DIGEST if the length is correct. */
yy_size_t len;
yy_size_t len, digest_len =
sudo_digest_getlen(digest_type);
if (sudoerstext[sudoersleng - 1] == '=') {
/* use padding */
len = 4 * ((digest_len + 2) / 3);
@@ -597,28 +595,28 @@ ALL {
}
sha224 {
digest_len = SHA224_DIGEST_LENGTH;
digest_type = SUDO_DIGEST_SHA224;
BEGIN WANTDIGEST;
LEXTRACE("SHA224_TOK ");
LEXRETURN(SHA224_TOK);
}
sha256 {
digest_len = SHA256_DIGEST_LENGTH;
digest_type = SUDO_DIGEST_SHA256;
BEGIN WANTDIGEST;
LEXTRACE("SHA256_TOK ");
LEXRETURN(SHA256_TOK);
}
sha384 {
digest_len = SHA384_DIGEST_LENGTH;
digest_type = SUDO_DIGEST_SHA384;
BEGIN WANTDIGEST;
LEXTRACE("SHA384_TOK ");
LEXRETURN(SHA384_TOK);
}
sha512 {
digest_len = SHA512_DIGEST_LENGTH;
digest_type = SUDO_DIGEST_SHA512;
BEGIN WANTDIGEST;
LEXTRACE("SHA512_TOK ");
LEXRETURN(SHA512_TOK);
@@ -916,6 +914,7 @@ init_lexer(void)
keepopen = false;
sawspace = false;
continued = false;
digest_type = -1;
prev_state = INITIAL;
debug_return;