isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move expand_prompt() into its own source file for easier unit testing.

Browse Source
This commit is contained in:
Todd C. Miller
2012-10-23 14:27:52 -04:00
parent 0a7af23038
commit 2b23d2b12c
5 changed files with 187 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
MANIFEST
View File

@@ -223,6 +223,7 @@ plugins/sudoers/po/vi.mo
plugins/sudoers/po/vi.po plugins/sudoers/po/vi.po
plugins/sudoers/po/zh_CN.mo plugins/sudoers/po/zh_CN.mo
plugins/sudoers/po/zh_CN.po plugins/sudoers/po/zh_CN.po
plugins/sudoers/prompt.c
plugins/sudoers/pwutil.c plugins/sudoers/pwutil.c
plugins/sudoers/pwutil.h plugins/sudoers/pwutil.h
plugins/sudoers/pwutil_impl.c plugins/sudoers/pwutil_impl.c

15
plugins/sudoers/Makefile.in
View File

@@ -127,10 +127,10 @@ LIBPARSESUDOERS_OBJS = alias.lo audit.lo defaults.lo gram.lo match.lo \
match_addr.lo pwutil.lo pwutil_impl.lo timestr.lo \ match_addr.lo pwutil.lo pwutil_impl.lo timestr.lo \
toke.lo toke_util.lo redblack.lo toke.lo toke_util.lo redblack.lo
SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo env.lo goodpath.lo \ SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo env.lo find_path.lo \
group_plugin.lo find_path.lo interfaces.lo logging.lo \ goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
logwrap.lo parse.lo set_perms.lo sudoers.lo sudo_nss.lo \ iolog_path.lo logging.lo logwrap.lo parse.lo prompt.lo \
timestamp.lo iolog.lo iolog_path.lo @SUDOERS_OBJS@ set_perms.lo sudo_nss.lo sudoers.lo timestamp.lo @SUDOERS_OBJS@
VISUDO_OBJS = visudo.o goodpath.o find_path.o error.o VISUDO_OBJS = visudo.o goodpath.o find_path.o error.o
@@ -671,6 +671,13 @@ plugin_error.lo: $(srcdir)/plugin_error.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
$(incdir)/sudo_plugin.h $(incdir)/gettext.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/plugin_error.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/plugin_error.c
prompt.lo: $(srcdir)/prompt.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/prompt.c
pwutil.lo: $(srcdir)/pwutil.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ pwutil.lo: $(srcdir)/pwutil.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \

129
plugins/sudoers/check.c
View File

@@ -50,7 +50,6 @@
#include "timestamp.h" #include "timestamp.h"
#include "check.h" #include "check.h"
static char *expand_prompt(char *, char *, char *);
static bool display_lecture(int); static bool display_lecture(int);
static struct passwd *get_authpw(void); static struct passwd *get_authpw(void);
@@ -182,134 +181,6 @@ display_lecture(int status)
debug_return_int(true); debug_return_int(true);
} }
/*
* Expand %h and %u escapes in the prompt and pass back the dynamically
* allocated result. Returns the same string if there are no escapes.
*/
static char *
expand_prompt(char *old_prompt, char *user, char *host)
{
size_t len, n;
int subst;
char *p, *np, *new_prompt, *endp;
debug_decl(expand_prompt, SUDO_DEBUG_AUTH)
/* How much space do we need to malloc for the prompt? */
subst = 0;
for (p = old_prompt, len = strlen(old_prompt); *p; p++) {
if (p[0] =='%') {
switch (p[1]) {
case 'h':
p++;
len += strlen(user_shost) - 2;
subst = 1;
break;
case 'H':
p++;
len += strlen(user_host) - 2;
subst = 1;
break;
case 'p':
p++;
if (def_rootpw)
len += 2;
else if (def_targetpw || def_runaspw)
len += strlen(runas_pw->pw_name) - 2;
else
len += strlen(user_name) - 2;
subst = 1;
break;
case 'u':
p++;
len += strlen(user_name) - 2;
subst = 1;
break;
case 'U':
p++;
len += strlen(runas_pw->pw_name) - 2;
subst = 1;
break;
case '%':
p++;
len--;
subst = 1;
break;
default:
break;
}
}
}
if (subst) {
new_prompt = emalloc(++len);
endp = new_prompt + len;
for (p = old_prompt, np = new_prompt; *p; p++) {
if (p[0] =='%') {
switch (p[1]) {
case 'h':
p++;
n = strlcpy(np, user_shost, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'H':
p++;
n = strlcpy(np, user_host, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'p':
p++;
if (def_rootpw)
n = strlcpy(np, "root", np - endp);
else if (def_targetpw || def_runaspw)
n = strlcpy(np, runas_pw->pw_name, np - endp);
else
n = strlcpy(np, user_name, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'u':
p++;
n = strlcpy(np, user_name, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'U':
p++;
n = strlcpy(np, runas_pw->pw_name, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case '%':
/* convert %% -> % */
p++;
break;
default:
/* no conversion */
break;
}
}
*np++ = *p;
if (np >= endp)
goto oflow;
}
*np = '\0';
} else
new_prompt = old_prompt;
debug_return_str(new_prompt);
oflow:
/* We pre-allocate enough space, so this should never happen. */
errorx(1, _("internal error, %s overflow"), "expand_prompt()");
}
/* /*
* Checks if the user is exempt from supplying a password. * Checks if the user is exempt from supplying a password.
*/ */

172
plugins/sudoers/prompt.c Normal file
View File

@@ -0,0 +1,172 @@
/*
* Copyright (c) 1993-1996,1998-2005, 2007-2012
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* Sponsored in part by the Defense Advanced Research Projects
* Agency (DARPA) and Air Force Research Laboratory, Air Force
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
*/
#include <config.h>
#include <sys/types.h>
#include <sys/param.h>
#include <stdio.h>
#ifdef STDC_HEADERS
# include <stdlib.h>
# include <stddef.h>
#else
# ifdef HAVE_STDLIB_H
# include <stdlib.h>
# endif
#endif /* STDC_HEADERS */
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
#include <pwd.h>
#include <grp.h>
#include "sudoers.h"
/*
* Expand %h and %u escapes in the prompt and pass back the dynamically
* allocated result. Returns the same string if there are no escapes.
*/
char *
expand_prompt(char *old_prompt, char *user, char *host)
{
size_t len, n;
int subst;
char *p, *np, *new_prompt, *endp;
debug_decl(expand_prompt, SUDO_DEBUG_AUTH)
/* How much space do we need to malloc for the prompt? */
subst = 0;
for (p = old_prompt, len = strlen(old_prompt); *p; p++) {
if (p[0] =='%') {
switch (p[1]) {
case 'h':
p++;
len += strlen(user_shost) - 2;
subst = 1;
break;
case 'H':
p++;
len += strlen(user_host) - 2;
subst = 1;
break;
case 'p':
p++;
if (def_rootpw)
len += 2;
else if (def_targetpw || def_runaspw)
len += strlen(runas_pw->pw_name) - 2;
else
len += strlen(user_name) - 2;
subst = 1;
break;
case 'u':
p++;
len += strlen(user_name) - 2;
subst = 1;
break;
case 'U':
p++;
len += strlen(runas_pw->pw_name) - 2;
subst = 1;
break;
case '%':
p++;
len--;
subst = 1;
break;
default:
break;
}
}
}
if (subst) {
new_prompt = emalloc(++len);
endp = new_prompt + len;
for (p = old_prompt, np = new_prompt; *p; p++) {
if (p[0] =='%') {
switch (p[1]) {
case 'h':
p++;
n = strlcpy(np, user_shost, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'H':
p++;
n = strlcpy(np, user_host, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'p':
p++;
if (def_rootpw)
n = strlcpy(np, "root", np - endp);
else if (def_targetpw || def_runaspw)
n = strlcpy(np, runas_pw->pw_name, np - endp);
else
n = strlcpy(np, user_name, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'u':
p++;
n = strlcpy(np, user_name, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case 'U':
p++;
n = strlcpy(np, runas_pw->pw_name, np - endp);
if (n >= np - endp)
goto oflow;
np += n;
continue;
case '%':
/* convert %% -> % */
p++;
break;
default:
/* no conversion */
break;
}
}
*np++ = *p;
if (np >= endp)
goto oflow;
}
*np = '\0';
} else
new_prompt = old_prompt;
debug_return_str(new_prompt);
oflow:
/* We pre-allocate enough space, so this should never happen. */
errorx(1, _("internal error, %s overflow"), "expand_prompt()");
}

4
plugins/sudoers/sudoers.h
View File

@@ -230,11 +230,13 @@ bool sudo_goodpath(const char *, struct stat *);
int find_path(char *, char **, struct stat *, char *, int); int find_path(char *, char **, struct stat *, char *, int);
/* check.c */ /* check.c */
int check_user(int, int); int check_user(int validate, int mode);
bool user_is_exempt(void); bool user_is_exempt(void);
char *expand_prompt(char *old_prompt, char *user, char *host);
/* timestamp.c */ /* timestamp.c */
void remove_timestamp(bool); void remove_timestamp(bool);
bool set_lectured(void);
/* sudo_auth.c */ /* sudo_auth.c */
int verify_user(struct passwd *pw, char *prompt, int validated); int verify_user(struct passwd *pw, char *prompt, int validated);