Rename VALIDATE_OK -> VALIDATE_SUCCESS
Rename VALIDATE_NOT_OK -> VALIDATE_FAILURE
This commit is contained in:
Todd C. Miller
@@ -105,7 +105,7 @@ check_user_interactive(int validated, int mode, struct passwd *auth_pw)
|
||||
sudo_efree(prompt);
|
||||
}
|
||||
/* Only update timestamp if user was validated. */
|
||||
if (rval == true && ISSET(validated, VALIDATE_OK) &&
|
||||
if (rval == true && ISSET(validated, VALIDATE_SUCCESS) &&
|
||||
!ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
|
||||
update_timestamp(auth_pw);
|
||||
done:
|
||||
|
||||
@@ -2719,8 +2719,8 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
||||
}
|
||||
}
|
||||
if (matched || user_uid == 0) {
|
||||
SET(ret, VALIDATE_OK);
|
||||
CLR(ret, VALIDATE_NOT_OK);
|
||||
SET(ret, VALIDATE_SUCCESS);
|
||||
CLR(ret, VALIDATE_FAILURE);
|
||||
if (def_authenticate) {
|
||||
switch (pwcheck) {
|
||||
case always:
|
||||
@@ -2766,11 +2766,11 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
||||
if (user_type == NULL)
|
||||
user_type = def_type;
|
||||
#endif /* HAVE_SELINUX */
|
||||
SET(ret, VALIDATE_OK);
|
||||
CLR(ret, VALIDATE_NOT_OK);
|
||||
SET(ret, VALIDATE_SUCCESS);
|
||||
CLR(ret, VALIDATE_FAILURE);
|
||||
} else {
|
||||
SET(ret, VALIDATE_NOT_OK);
|
||||
CLR(ret, VALIDATE_OK);
|
||||
SET(ret, VALIDATE_FAILURE);
|
||||
CLR(ret, VALIDATE_SUCCESS);
|
||||
}
|
||||
break;
|
||||
}
|
||||
@@ -2781,7 +2781,7 @@ done:
|
||||
DPRINTF1("user_matches=%d", lres->user_matches);
|
||||
DPRINTF1("host_matches=%d", lres->host_matches);
|
||||
|
||||
if (!ISSET(ret, VALIDATE_OK)) {
|
||||
if (!ISSET(ret, VALIDATE_SUCCESS)) {
|
||||
/* No matching entries. */
|
||||
if (pwflag && list_pw == NULL)
|
||||
SET(ret, FLAG_NO_CHECK);
|
||||
|
||||
@@ -358,7 +358,7 @@ log_auth_failure(int status, unsigned int tries)
|
||||
* so if we are going to send an email about the denial, that takes
|
||||
* precedence.
|
||||
*/
|
||||
if (ISSET(status, VALIDATE_OK)) {
|
||||
if (ISSET(status, VALIDATE_SUCCESS)) {
|
||||
/* Command allowed, auth failed; do we need to send mail? */
|
||||
if (def_mail_badpass || def_mail_always)
|
||||
SET(flags, SLOG_SEND_MAIL);
|
||||
@@ -759,7 +759,7 @@ should_mail(int status)
|
||||
debug_return_bool(def_mail_always ||
|
||||
(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
|
||||
(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
|
||||
(def_mail_no_perms && !ISSET(status, VALIDATE_OK)));
|
||||
(def_mail_no_perms && !ISSET(status, VALIDATE_SUCCESS)));
|
||||
}
|
||||
|
||||
#define LL_TTY_STR "TTY="
|
||||
|
||||
@@ -201,9 +201,9 @@ sudo_file_lookup(struct sudo_nss *nss, int validated, int pwflag)
|
||||
}
|
||||
if (match == ALLOW || user_uid == 0) {
|
||||
/* User has an entry for this host. */
|
||||
SET(validated, VALIDATE_OK);
|
||||
SET(validated, VALIDATE_SUCCESS);
|
||||
} else if (match == DENY)
|
||||
SET(validated, VALIDATE_NOT_OK);
|
||||
SET(validated, VALIDATE_FAILURE);
|
||||
if (pwcheck == always && def_authenticate)
|
||||
SET(validated, FLAG_CHECK_USER);
|
||||
else if (pwcheck == never || nopass == true)
|
||||
@@ -267,8 +267,8 @@ sudo_file_lookup(struct sudo_nss *nss, int validated, int pwflag)
|
||||
}
|
||||
matched2:
|
||||
if (match == ALLOW) {
|
||||
SET(validated, VALIDATE_OK);
|
||||
CLR(validated, VALIDATE_NOT_OK);
|
||||
SET(validated, VALIDATE_SUCCESS);
|
||||
CLR(validated, VALIDATE_FAILURE);
|
||||
if (tags != NULL) {
|
||||
if (tags->nopasswd != UNSPEC)
|
||||
def_authenticate = !tags->nopasswd;
|
||||
@@ -282,8 +282,8 @@ sudo_file_lookup(struct sudo_nss *nss, int validated, int pwflag)
|
||||
def_log_output = tags->log_output;
|
||||
}
|
||||
} else if (match == DENY) {
|
||||
SET(validated, VALIDATE_NOT_OK);
|
||||
CLR(validated, VALIDATE_OK);
|
||||
SET(validated, VALIDATE_FAILURE);
|
||||
CLR(validated, VALIDATE_SUCCESS);
|
||||
if (tags != NULL && tags->nopasswd != UNSPEC)
|
||||
def_authenticate = !tags->nopasswd;
|
||||
}
|
||||
|
||||
@@ -1015,8 +1015,8 @@ sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
||||
}
|
||||
}
|
||||
if (matched || user_uid == 0) {
|
||||
SET(ret, VALIDATE_OK);
|
||||
CLR(ret, VALIDATE_NOT_OK);
|
||||
SET(ret, VALIDATE_SUCCESS);
|
||||
CLR(ret, VALIDATE_FAILURE);
|
||||
if (def_authenticate) {
|
||||
switch (pwcheck) {
|
||||
case always:
|
||||
@@ -1065,11 +1065,11 @@ sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
||||
if (user_type == NULL)
|
||||
user_type = def_type;
|
||||
#endif /* HAVE_SELINUX */
|
||||
SET(ret, VALIDATE_OK);
|
||||
CLR(ret, VALIDATE_NOT_OK);
|
||||
SET(ret, VALIDATE_SUCCESS);
|
||||
CLR(ret, VALIDATE_FAILURE);
|
||||
} else {
|
||||
SET(ret, VALIDATE_NOT_OK);
|
||||
CLR(ret, VALIDATE_OK);
|
||||
SET(ret, VALIDATE_FAILURE);
|
||||
CLR(ret, VALIDATE_SUCCESS);
|
||||
}
|
||||
break;
|
||||
}
|
||||
@@ -1078,7 +1078,7 @@ sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag)
|
||||
done:
|
||||
sudo_debug_printf(SUDO_DEBUG_DIAG, "Done with LDAP searches");
|
||||
|
||||
if (!ISSET(ret, VALIDATE_OK)) {
|
||||
if (!ISSET(ret, VALIDATE_SUCCESS)) {
|
||||
/* No matching entries. */
|
||||
if (pwflag && list_pw == NULL)
|
||||
SET(ret, FLAG_NO_CHECK);
|
||||
|
||||
@@ -160,6 +160,7 @@ sudoers_policy_init(void *info, char * const envp[])
|
||||
N_("problem with defaults entries"));
|
||||
}
|
||||
} else {
|
||||
/* XXX - used to send mail for sudoers parse errors. */
|
||||
TAILQ_REMOVE(snl, nss, entries);
|
||||
}
|
||||
}
|
||||
@@ -289,7 +290,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
TAILQ_FOREACH(nss, snl, entries) {
|
||||
validated = nss->lookup(nss, validated, pwflag);
|
||||
|
||||
if (ISSET(validated, VALIDATE_OK)) {
|
||||
if (ISSET(validated, VALIDATE_SUCCESS)) {
|
||||
/* Handle [SUCCESS=return] */
|
||||
if (nss->ret_if_found)
|
||||
break;
|
||||
@@ -368,7 +369,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
rval = check_user(validated, sudo_mode);
|
||||
if (rval != true) {
|
||||
/* Note: log_denial() calls audit for us. */
|
||||
if (!ISSET(validated, VALIDATE_OK))
|
||||
if (!ISSET(validated, VALIDATE_SUCCESS))
|
||||
log_denial(validated, false);
|
||||
goto done;
|
||||
}
|
||||
@@ -388,7 +389,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
}
|
||||
|
||||
/* If the user was not allowed to run the command we are done. */
|
||||
if (!ISSET(validated, VALIDATE_OK)) {
|
||||
if (!ISSET(validated, VALIDATE_SUCCESS)) {
|
||||
/* Note: log_failure() calls audit for us. */
|
||||
log_failure(validated, cmnd_status);
|
||||
goto bad;
|
||||
|
||||
@@ -113,9 +113,8 @@ struct sudo_user {
|
||||
* Return values for sudoers_lookup(), also used as arguments for log_auth()
|
||||
* Note: cannot use '0' as a value here.
|
||||
*/
|
||||
/* XXX - VALIDATE_SUCCESS and VALIDATE_FAILURE instead? */
|
||||
#define VALIDATE_OK 0x001
|
||||
#define VALIDATE_NOT_OK 0x002
|
||||
#define VALIDATE_SUCCESS 0x001
|
||||
#define VALIDATE_FAILURE 0x002
|
||||
#define FLAG_CHECK_USER 0x010
|
||||
#define FLAG_NO_USER 0x020
|
||||
#define FLAG_NO_HOST 0x040
|
||||
|
||||
Reference in New Issue
Block a user