Move interface-related defines to interfaces.h so we don't have to include

<netinet/in.h> everywhere.

Makefile.in

@@ -110,8 +110,8 @@ TESTOBJS = interfaces.o testsudoers.o
 
 LIBOBJS = @LIBOBJS@ @ALLOCA@
 
-HDRS = sudo.h compat.h version.h insults.h \
-       ins_2001.h ins_classic.h ins_goons.h ins_csops.h sudo.tab.h
+HDRS = sudo.h compat.h version.h insults.h ins_2001.h ins_classic.h \
+       ins_goons.h ins_csops.h interfaces.h sudo.tab.h
 
 VERSION = 1.6
 
@@ -129,9 +129,9 @@ DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES COPYING HISTORY INSTALL \
 
 VERSIONFILES = emul/utime.h check.c compat.h config.h.in dce_pwent.c \
 	       find_path.c getspwuid.c getcwd.c goodpath.c ins_2001.h \
-	       ins_classic.h ins_csops.h ins_goons.h insults.h interfaces.c \
+	       ins_classic.h ins_csops.h ins_goons.h insults.h interfaces.h \
 	       logging.c parse.c parse.lex parse.yacc pathnames.h.in \
-	       putenv.c sudo.c sudo.h sudo_setenv.c testsudoers.c \
+	       putenv.c sudo.c sudo.h sudo_setenv.c testsudoers.c interfaces.c \
 	       tgetpass.c utime.c visudo.c secureware.c check_sia.c alloc.c
 
 all: $(PROGS)

check.c

@@ -50,7 +50,6 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/file.h>
-#include <netinet/in.h>
 #include <pwd.h>
 #include <grp.h>
 #ifdef HAVE_KERB4

check_sia.c

@@ -45,7 +45,6 @@
 #endif /* HAVE_STRINGS_H */
 #include <sys/param.h>
 #include <sys/types.h>
-#include <netinet/in.h>
 #include <pwd.h>
 #include <siad.h>
 

compat.h

@@ -86,29 +86,24 @@
 #endif /* S_IRWXU */
 
 /*
- * Some OS's may not have this.
+ * In case this is not defined in <sys/types.h> or <sys/select.h>
  */
 #ifndef howmany
 #define howmany(x, y)	(((x) + ((y) - 1)) / (y))
 #endif
 
 /*
- * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
- * but that caused problems with various alternate authentication
- * methods.  So, we just define our own and assume that it is >= the
- * system max.
+ * These should be defined in <unistd.h> but not everyone has them.
  */
-#define SUDO_PASS_MAX	256
-
-/*
- * Some OS's lack these
- */
-#ifndef UID_NO_CHANGE
-#  define UID_NO_CHANGE		((uid_t) -1)
-#endif /* UID_NO_CHANGE */
-#ifndef GID_NO_CHANGE
-#  define GID_NO_CHANGE		((gid_t) -1)
-#endif /* GID_NO_CHANGE */
+#ifndef STDIN_FILENO
+#  define	STDIN_FILENO	0
+#endif
+#ifndef STDOUT_FILENO
+#  define	STDOUT_FILENO	1
+#endif
+#ifndef STDERR_FILENO
+#  define	STDERR_FILENO	2
+#endif
 
 /*
  * Emulate seteuid() for AIX via setuidx() -- needed for some versions of AIX
@@ -125,9 +120,9 @@
  */
 #ifndef HAVE_SETEUID
 #  ifdef __hpux
-#    define seteuid(_EUID)	(setresuid(UID_NO_CHANGE, _EUID, UID_NO_CHANGE))
+#    define seteuid(_EUID)	(setresuid((uid_t) -1, _EUID, (uid_t) -1))
 #  else
-#    define seteuid(_EUID)	(setreuid(UID_NO_CHANGE, _EUID))
+#    define seteuid(_EUID)	(setreuid((uid_t) -1, _EUID))
 #  endif /* __hpux */
 #endif /* HAVE_SETEUID */
 

find_path.c

@@ -48,7 +48,6 @@
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/stat.h>
-#include <netinet/in.h>
 #include "sudo.h"
 
 #ifndef STDC_HEADERS

getspwuid.c

@@ -43,7 +43,6 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 #include <pwd.h>
 #ifdef HAVE_GETSPNAM
 #  include <shadow.h>

goodpath.c

@@ -45,7 +45,6 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 
 #include "sudo.h"
 

interfaces.c

@@ -70,20 +70,12 @@
 #include <net/if.h>
 
 #include "sudo.h"
-#include "version.h"
+#include "interfaces.h"
 
 #ifndef lint
 static const char rcsid[] = "$Sudo$";
 #endif /* lint */
 
-/*
- * Globals
- */
-struct interface *interfaces;
-int num_interfaces = 0;
-extern int Argc;
-extern char **Argv;
-
 
 #if defined(SIOCGIFCONF) && !defined(STUB_LOAD_INTERFACES)
 /**********************************************************************

interfaces.h

@@ -0,0 +1,48 @@
+/*
+ *  CU sudo version 1.6
+ *  Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 1, or (at your option)
+ *  any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ *  Please send bugs, changes, problems to sudo-bugs@courtesan.com
+ *
+ *  $Sudo$
+ */
+
+#ifndef _SUDO_INTERFACES_H
+#define _SUDO_INTERFACES_H
+
+/*
+ * IP address and netmask pairs for checking against local interfaces.
+ */
+struct interface {
+    struct in_addr addr;
+    struct in_addr netmask;
+};
+
+/*
+ * Prototypes for external functions.
+ */
+void load_interfaces	__P((void));
+
+/*
+ * Definitions for external variables.
+ */
+#ifndef MAIN
+extern struct interface *interfaces;
+extern int num_interfaces;
+#endif
+
+#endif /* _SUDO_INTERFACES_H */

lex.yy.c

@@ -571,7 +571,6 @@ char *yytext;
 #include <ctype.h>
 #include <sys/types.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 #include "sudo.h"
 #include "sudo.tab.h"
 

logging.c

@@ -53,7 +53,6 @@
 #include <sys/param.h>
 #include <sys/stat.h>
 #include <sys/wait.h>
-#include <netinet/in.h>
 
 #include "sudo.h"
 

parse.c

@@ -77,6 +77,7 @@
 #endif
 
 #include "sudo.h"
+#include "interfaces.h"
 
 #ifndef lint
 static const char rcsid[] = "$Sudo$";

parse.lex

@@ -43,7 +43,6 @@
 #include <ctype.h>
 #include <sys/types.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 #include "sudo.h"
 #include "sudo.tab.h"
 

parse.yacc

@@ -38,7 +38,6 @@
 #include <pwd.h>
 #include <sys/types.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 #ifdef HAVE_STRING_H
 #include <string.h>
 #endif /* HAVE_STRING_H */

secureware.c

@@ -44,7 +44,6 @@
 #endif /* HAVE_STRINGS_H */
 #include <sys/param.h>
 #include <sys/types.h>
-#include <netinet/in.h>
 #include <pwd.h>
 #ifdef __hpux
 #  include <hpsecurity.h>

sudo.c

@@ -77,6 +77,7 @@
 #endif /* HAVE_KERB5 */
 
 #include "sudo.h"
+#include "interfaces.h"
 #include "version.h"
 
 #ifndef STDC_HEADERS
@@ -131,8 +132,8 @@ char *shost;
 char cwd[MAXPATHLEN];
 FILE *sudoers_fp = NULL;
 static char *runas_homedir = NULL;
-extern struct interface *interfaces;
-extern int num_interfaces;
+struct interface *interfaces;
+int num_interfaces;
 extern int printmatches;
 int arg_prompt = 0;	/* was -p used? */
 #ifdef HAVE_KERB5
@@ -869,7 +870,7 @@ check_sudoers()
 	    (void) fprintf(stderr, "%s: fixed mode on %s\n",
 		Argv[0], _PATH_SUDO_SUDOERS);
 	    if (statbuf.st_gid != SUDOERS_GID) {
-		if (!chown(_PATH_SUDO_SUDOERS,GID_NO_CHANGE,SUDOERS_GID)) {
+		if (!chown(_PATH_SUDO_SUDOERS,(uid_t) -1,SUDOERS_GID)) {
 		    (void) fprintf(stderr, "%s: set group on %s\n",
 			Argv[0], _PATH_SUDO_SUDOERS);
 		    statbuf.st_gid = SUDOERS_GID;

sudo.h

@@ -28,14 +28,6 @@
 #include <pathnames.h>
 #include "compat.h"
 
-/*
- * IP address and netmask pairs for checking against local interfaces.
- */
-struct interface {
-    struct in_addr addr;
-    struct in_addr netmask;
-};
-
 /*
  * Data structure used in parsing sudoers;
  * top of stack values are the ones that
@@ -222,6 +214,14 @@ struct generic_alias {
 #define GETPASS(p, t)		tgetpass(p, t)
 #endif
 
+/*
+ * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
+ * but that caused problems with various alternate authentication
+ * methods.  So, we just define our own and assume that it is >= the
+ * system max.
+ */
+#define SUDO_PASS_MAX	256
+
 /*
  * Function prototypes
  */
@@ -235,7 +235,7 @@ int putenv		__P((const char *));
 #endif
 char *sudo_goodpath	__P((const char *));
 int sudo_setenv		__P((char *, char *));
-char *tgetpass		__P((char *, int));
+char *tgetpass		__P((const char *, int));
 int find_path		__P((char *, char **));
 void log_error		__P((int));
 void inform_user	__P((int));
@@ -243,7 +243,6 @@ void check_user		__P((void));
 int validate		__P((int));
 void set_perms		__P((int, int));
 void remove_timestamp	__P((void));
-void load_interfaces	__P((void));
 int check_secureware	__P((char *));
 void sia_attempt_auth	__P((void));
 int yyparse		__P((void));
@@ -262,8 +261,6 @@ YY_DECL;
 extern char host[];
 extern char *shost;
 extern char cwd[];
-extern struct interface *interfaces;
-extern int num_interfaces;
 extern struct passwd *user_pw_ent;
 extern char *runas_user;
 extern char *tty;

sudo.tab.c

@@ -56,7 +56,6 @@ static char yyrcsid[]
 #include <pwd.h>
 #include <sys/types.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 #ifdef HAVE_STRING_H
 #include <string.h>
 #endif /* HAVE_STRING_H */

sudo_setenv.c

@@ -40,7 +40,6 @@
 #endif /* HAVE_UNISTD_H */
 #include <sys/types.h>
 #include <sys/param.h>
-#include <netinet/in.h>
 
 #include "sudo.h"
 

testsudoers.c

@@ -63,6 +63,7 @@
 #include <dirent.h>
 
 #include "sudo.h"
+#include "interfaces.h"
 
 #ifndef lint
 static const char rcsid[] = "$Sudo$";

tgetpass.c

@@ -67,8 +67,7 @@
 #endif /* HAVE_TERMIO_H */
 #endif /* HAVE_TERMIOS_H */
 
-#include <pathnames.h>
-#include "compat.h"
+#include "sudo.h"
 
 #ifndef TCSASOFT
 #define TCSASOFT	0
@@ -108,8 +107,7 @@ tgetpass(prompt, timeout)
 #else
     int oldmask;
 #endif /* POSIX_SIGNALS */
-    int n, echo;
-    FILE *input, *output;
+    int n, echo, input, output;
     static char buf[SUDO_PASS_MAX + 1];
     fd_set *readfds;
     struct timeval tv;
@@ -130,45 +128,36 @@ tgetpass(prompt, timeout)
      * open /dev/tty for reading/writing if possible or use
      * stdin and stderr instead.
      */
-    if ((input = fopen(_PATH_TTY, "r+")) == NULL) {
-	input = stdin;
-	output = stderr;
-    } else {
-	output = input;
-	setbuf(output, NULL);
+    if ((input = output = open(_PATH_TTY, O_RDWR)) == NULL) {
+	input = STDIN_FILENO;
+	output = STDERR_FILENO;
     }
 
     /* print the prompt */
     if (prompt)
-	fputs(prompt, output);
-
-    /* rewind if necessary */
-    if (input == output) {
-	(void) fflush(output);
-	(void) rewind(output);
-    }
+	(void) write(output, prompt, strlen(prompt) + 1);
 
     /*
      * turn off echo
      */
 #ifdef HAVE_TERMIOS_H
-    (void) tcgetattr(fileno(input), &term);
+    (void) tcgetattr(input, &term);
     if ((echo = (term.c_lflag & ECHO))) {
 	term.c_lflag &= ~ECHO;
-	(void) tcsetattr(fileno(input), TCSAFLUSH|TCSASOFT, &term);
+	(void) tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
     }
 #else
 #ifdef HAVE_TERMIO_H
-    (void) ioctl(fileno(input), TCGETA, &term);
+    (void) ioctl(input, TCGETA, &term);
     if ((echo = (term.c_lflag & ECHO))) {
 	term.c_lflag &= ~ECHO;
-	(void) ioctl(fileno(input), TCSETA, &term);
+	(void) ioctl(input, TCSETA, &term);
     }
 #else
-    (void) ioctl(fileno(input), TIOCGETP, &ttyb);
+    (void) ioctl(input, TIOCGETP, &ttyb);
     if ((echo = (ttyb.sg_flags & ECHO))) {
 	ttyb.sg_flags &= ~ECHO;
-	(void) ioctl(fileno(input), TIOCSETP, &ttyb);
+	(void) ioctl(input, TIOCSETP, &ttyb);
     }
 #endif /* HAVE_TERMIO_H */
 #endif /* HAVE_TERMIOS_H */
@@ -178,14 +167,10 @@ tgetpass(prompt, timeout)
      */
     if (timeout > 0) {
 	/* setup for select(2) */
-	n = howmany(fileno(input) + 1, NFDBITS) * sizeof(fd_mask);
-	if ((readfds = (fd_set *) malloc(n)) == NULL) {
-	    (void) fprintf(stderr, "Cannot allocate memory: ");
-	    perror("");
-	    return(NULL);
-	}
+	n = howmany(input + 1, NFDBITS) * sizeof(fd_mask);
+	readfds = (fd_set *) emalloc(n);
 	(void) memset((VOID *)readfds, 0, n);
-	FD_SET(fileno(input), readfds);
+	FD_SET(input, readfds);
 
 	/* set timeout for select */
 	tv.tv_sec = timeout;
@@ -195,21 +180,21 @@ tgetpass(prompt, timeout)
 	 * get password or return empty string if nothing to read by timeout
 	 */
 	buf[0] = '\0';
-	while ((n = select(fileno(input) + 1, readfds, 0, 0, &tv)) == -1 &&
+	while ((n = select(input + 1, readfds, 0, 0, &tv)) == -1 &&
 	    errno == EINTR)
 	    ;
-	if (n != 0 && fgets(buf, sizeof(buf), input)) {
-	    n = strlen(buf);
+	if (n != 0 && (n = read(input, buf, sizeof(buf) - 1)) > 0) {
 	    if (buf[n - 1] == '\n')
-		buf[n - 1] = '\0';
+		n--;
+	    buf[n] = '\0';
 	}
 	free(readfds);
     } else {
 	buf[0] = '\0';
-	if (fgets(buf, sizeof(buf), input)) {
-	    n = strlen(buf);
+	if ((n = read(input, buf, sizeof(buf) - 1)) > 0) {
 	    if (buf[n - 1] == '\n')
-		buf[n - 1] = '\0';
+		n--;
+	    buf[n] = '\0';
 	}
     }
 
@@ -217,30 +202,24 @@ tgetpass(prompt, timeout)
 #ifdef HAVE_TERMIOS_H
     if (echo) {
 	term.c_lflag |= ECHO;
-	(void) tcsetattr(fileno(input), TCSAFLUSH|TCSASOFT, &term);
+	(void) tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
     }
 #else
 #ifdef HAVE_TERMIO_H
     if (echo) {
 	term.c_lflag |= ECHO;
-	(void) ioctl(fileno(input), TCSETA, &term);
+	(void) ioctl(input, TCSETA, &term);
     }
 #else
     if (echo) {
 	ttyb.sg_flags |= ECHO;
-	(void) ioctl(fileno(input), TIOCSETP, &ttyb);
+	(void) ioctl(input, TIOCSETP, &ttyb);
     }
 #endif /* HAVE_TERMIO_H */
 #endif /* HAVE_TERMIOS_H */
 
-    /* rewind if necessary */
-    if (input == output) {
-	(void) fflush(output);
-	(void) rewind(output);
-    }
-
     /* print a newline since echo is turned off */
-    (void) fputc('\n', output);
+    (void) write(output, "\n", 1);
 
     /* restore old signal mask */
 #ifdef POSIX_SIGNALS
@@ -250,8 +229,8 @@ tgetpass(prompt, timeout)
 #endif
 
     /* close /dev/tty if that's what we opened */
-    if (input != stdin)
-	(void) fclose(input);
+    if (input != STDIN_FILENO)
+	(void) close(input);
 
     return(buf);
 }

visudo.c

@@ -53,7 +53,6 @@
 #include <sys/param.h>
 #include <sys/stat.h>
 #include <sys/file.h>
-#include <netinet/in.h>
 
 #include "sudo.h"
 #include "version.h"