Make path_ldap_conf and path_ldap_secret private to policy.c.
Add getters for both so the ldap code can access them.
This commit is contained in:
Todd C. Miller
@@ -226,7 +226,7 @@ sudo_ldap_init(LDAP **ldp, const char *host, int port)
|
|||||||
ldapssl_err2string(ret));
|
ldapssl_err2string(ret));
|
||||||
if (ldap_conf.tls_certfile == NULL)
|
if (ldap_conf.tls_certfile == NULL)
|
||||||
sudo_warnx(U_("you must set TLS_CERT in %s to use SSL"),
|
sudo_warnx(U_("you must set TLS_CERT in %s to use SSL"),
|
||||||
path_ldap_conf);
|
policy_path_ldap_conf());
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -354,7 +354,7 @@ sudo_ldap_read_secret(const char *path)
|
|||||||
ssize_t len;
|
ssize_t len;
|
||||||
debug_decl(sudo_ldap_read_secret, SUDOERS_DEBUG_LDAP);
|
debug_decl(sudo_ldap_read_secret, SUDOERS_DEBUG_LDAP);
|
||||||
|
|
||||||
if ((fp = fopen(path_ldap_secret, "r")) != NULL) {
|
if ((fp = fopen(policy_path_ldap_secret(), "r")) != NULL) {
|
||||||
len = getdelim(&line, &linesize, '\n', fp);
|
len = getdelim(&line, &linesize, '\n', fp);
|
||||||
if (len != -1) {
|
if (len != -1) {
|
||||||
/* trim newline */
|
/* trim newline */
|
||||||
@@ -428,7 +428,7 @@ sudo_ldap_parse_keyword(const char *keyword, const char *value,
|
|||||||
&errstr);
|
&errstr);
|
||||||
if (errstr != NULL) {
|
if (errstr != NULL) {
|
||||||
sudo_warnx(U_("%s: %s: %s: %s"),
|
sudo_warnx(U_("%s: %s: %s: %s"),
|
||||||
path_ldap_conf, keyword, value, U_(errstr));
|
policy_path_ldap_conf(), keyword, value, U_(errstr));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CONF_STR:
|
case CONF_STR:
|
||||||
@@ -561,7 +561,7 @@ sudo_ldap_read_config(void)
|
|||||||
debug_return_bool(false);
|
debug_return_bool(false);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((fp = fopen(path_ldap_conf, "r")) == NULL)
|
if ((fp = fopen(policy_path_ldap_conf(), "r")) == NULL)
|
||||||
debug_return_bool(false);
|
debug_return_bool(false);
|
||||||
|
|
||||||
while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_COMM_BOL|PARSELN_CONT_IGN) != -1) {
|
while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_COMM_BOL|PARSELN_CONT_IGN) != -1) {
|
||||||
@@ -777,7 +777,7 @@ sudo_ldap_read_config(void)
|
|||||||
|
|
||||||
/* If rootbinddn set, read in /etc/ldap.secret if it exists. */
|
/* If rootbinddn set, read in /etc/ldap.secret if it exists. */
|
||||||
if (ldap_conf.rootbinddn) {
|
if (ldap_conf.rootbinddn) {
|
||||||
sudo_ldap_read_secret(path_ldap_secret);
|
sudo_ldap_read_secret(policy_path_ldap_secret());
|
||||||
} else if (ldap_conf.bindpw) {
|
} else if (ldap_conf.bindpw) {
|
||||||
cp = sudo_ldap_decode_secret(ldap_conf.bindpw);
|
cp = sudo_ldap_decode_secret(ldap_conf.bindpw);
|
||||||
if (cp != NULL) {
|
if (cp != NULL) {
|
||||||
|
|||||||
@@ -54,8 +54,8 @@ static const char *interfaces_string;
|
|||||||
sudo_conv_t sudo_conv;
|
sudo_conv_t sudo_conv;
|
||||||
sudo_printf_t sudo_printf;
|
sudo_printf_t sudo_printf;
|
||||||
struct sudo_plugin_event * (*plugin_event_alloc)(void);
|
struct sudo_plugin_event * (*plugin_event_alloc)(void);
|
||||||
const char *path_ldap_conf = _PATH_LDAP_CONF;
|
static const char *path_ldap_conf = _PATH_LDAP_CONF;
|
||||||
const char *path_ldap_secret = _PATH_LDAP_SECRET;
|
static const char *path_ldap_secret = _PATH_LDAP_SECRET;
|
||||||
static const char *path_sudoers = _PATH_SUDOERS;
|
static const char *path_sudoers = _PATH_SUDOERS;
|
||||||
static bool session_opened;
|
static bool session_opened;
|
||||||
int sudoedit_nfiles;
|
int sudoedit_nfiles;
|
||||||
@@ -634,6 +634,20 @@ policy_path_sudoers(void)
|
|||||||
return path_sudoers;
|
return path_sudoers;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Return the path to ldap.conf file, which may be set in the plugin args. */
|
||||||
|
const char *
|
||||||
|
policy_path_ldap_conf(void)
|
||||||
|
{
|
||||||
|
return path_ldap_conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Return the path to ldap.secret file, which may be set in the plugin args. */
|
||||||
|
const char *
|
||||||
|
policy_path_ldap_secret(void)
|
||||||
|
{
|
||||||
|
return path_ldap_secret;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Store the execution environment and other front-end settings.
|
* Store the execution environment and other front-end settings.
|
||||||
* Builds up the command_info list and sets argv and envp.
|
* Builds up the command_info list and sets argv and envp.
|
||||||
|
|||||||
@@ -451,8 +451,8 @@ void sudoers_debug_deregister(void);
|
|||||||
int sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults);
|
int sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults);
|
||||||
bool sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v);
|
bool sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v);
|
||||||
const char *policy_path_sudoers(void);
|
const char *policy_path_sudoers(void);
|
||||||
extern const char *path_ldap_conf;
|
const char *policy_path_ldap_conf(void);
|
||||||
extern const char *path_ldap_secret;
|
const char *policy_path_ldap_secret(void);
|
||||||
|
|
||||||
/* group_plugin.c */
|
/* group_plugin.c */
|
||||||
int group_plugin_load(const char *plugin_info);
|
int group_plugin_load(const char *plugin_info);
|
||||||
|
|||||||
Reference in New Issue
Block a user