Remove unused FLAG_USER auth flag. We have no auth methods that
require that authentication be run as the invoking user.
This commit is contained in:
Todd C. Miller
@@ -33,9 +33,6 @@ The variables in the struct are as follows:
|
||||
initialized in the "init" or "setup" routines.
|
||||
|
||||
Possible values of sudo_auth.flags:
|
||||
FLAG_USER Whether or not the auth functions should run with
|
||||
the euid of the invoking user instead of 0.
|
||||
|
||||
FLAG_DISABLED Set if an "init" or "setup" function fails.
|
||||
|
||||
FLAG_STANDALONE If set, this indicates that the method must
|
||||
|
||||
@@ -129,15 +129,8 @@ sudo_auth_init(struct passwd *pw)
|
||||
/* Initialize auth methods and unconfigure the method if necessary. */
|
||||
for (auth = auth_switch; auth->name; auth++) {
|
||||
if (auth->init && !IS_DISABLED(auth)) {
|
||||
if (NEEDS_USER(auth))
|
||||
set_perms(PERM_USER);
|
||||
|
||||
status = (auth->init)(pw, auth);
|
||||
|
||||
if (NEEDS_USER(auth))
|
||||
restore_perms();
|
||||
|
||||
/* Disable if it failed to init unless there was a fatal error. */
|
||||
status = (auth->init)(pw, auth);
|
||||
if (status == AUTH_FAILURE)
|
||||
SET(auth->flags, FLAG_DISABLED);
|
||||
else if (status == AUTH_FATAL)
|
||||
@@ -161,14 +154,7 @@ sudo_auth_cleanup(struct passwd *pw)
|
||||
/* Call cleanup routines. */
|
||||
for (auth = auth_switch; auth->name; auth++) {
|
||||
if (auth->cleanup && !IS_DISABLED(auth)) {
|
||||
if (NEEDS_USER(auth))
|
||||
set_perms(PERM_USER);
|
||||
|
||||
status = (auth->cleanup)(pw, auth);
|
||||
|
||||
if (NEEDS_USER(auth))
|
||||
restore_perms();
|
||||
|
||||
if (status == AUTH_FATAL)
|
||||
break; /* assume error msg already printed */
|
||||
}
|
||||
@@ -212,14 +198,7 @@ verify_user(struct passwd *pw, char *prompt, int validated)
|
||||
/* Do any per-method setup and unconfigure the method if needed */
|
||||
for (auth = auth_switch; auth->name; auth++) {
|
||||
if (auth->setup && !IS_DISABLED(auth)) {
|
||||
if (NEEDS_USER(auth))
|
||||
set_perms(PERM_USER);
|
||||
|
||||
status = (auth->setup)(pw, &prompt, auth);
|
||||
|
||||
if (NEEDS_USER(auth))
|
||||
restore_perms();
|
||||
|
||||
if (status == AUTH_FAILURE)
|
||||
SET(auth->flags, FLAG_DISABLED);
|
||||
else if (status == AUTH_FATAL)
|
||||
@@ -242,14 +221,7 @@ verify_user(struct passwd *pw, char *prompt, int validated)
|
||||
if (IS_DISABLED(auth))
|
||||
continue;
|
||||
|
||||
if (NEEDS_USER(auth))
|
||||
set_perms(PERM_USER);
|
||||
|
||||
success = auth->status = (auth->verify)(pw, p, auth);
|
||||
|
||||
if (NEEDS_USER(auth))
|
||||
restore_perms();
|
||||
|
||||
if (auth->status != AUTH_FAILURE)
|
||||
goto done;
|
||||
}
|
||||
|
||||
@@ -37,13 +37,11 @@ typedef struct sudo_auth {
|
||||
} sudo_auth;
|
||||
|
||||
/* Values for sudo_auth.flags. */
|
||||
#define FLAG_USER 0x01 /* functions must run as the user, not root */
|
||||
#define FLAG_DISABLED 0x02 /* method disabled */
|
||||
#define FLAG_STANDALONE 0x04 /* standalone auth method */
|
||||
#define FLAG_ONEANDONLY 0x08 /* one and only auth method */
|
||||
|
||||
/* Shortcuts for using the flags above. */
|
||||
#define NEEDS_USER(x) ((x)->flags & FLAG_USER)
|
||||
#define IS_DISABLED(x) ((x)->flags & FLAG_DISABLED)
|
||||
#define IS_STANDALONE(x) ((x)->flags & FLAG_STANDALONE)
|
||||
#define IS_ONEANDONLY(x) ((x)->flags & FLAG_ONEANDONLY)
|
||||
|
||||
Reference in New Issue
Block a user