diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c index b7979f37e..f36ca205d 100644 --- a/plugins/sudoers/defaults.c +++ b/plugins/sudoers/defaults.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1999-2005, 2007-2020 + * Copyright (c) 1999-2005, 2007-2022 * Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any @@ -363,13 +363,13 @@ is_early_default(const char *name) } static bool -run_callback(struct sudo_defs_types *def) +run_callback(struct sudo_defs_types *def, int op) { debug_decl(run_callback, SUDOERS_DEBUG_DEFAULTS); if (def->callback == NULL) debug_return_bool(true); - debug_return_bool(def->callback(&def->sd_un)); + debug_return_bool(def->callback(&def->sd_un, op)); } /* @@ -391,7 +391,7 @@ set_default(const char *var, const char *val, int op, const char *file, /* Set parsed value in sudo_defs_table and run callback (if any). */ struct sudo_defs_types *def = &sudo_defs_table[idx]; if (parse_default_entry(def, val, op, file, line, column, quiet)) - debug_return_bool(run_callback(def)); + debug_return_bool(run_callback(def, op)); } debug_return_bool(false); } @@ -431,7 +431,7 @@ run_early_defaults(void) for (early = early_defaults; early->idx != -1; early++) { if (early->run_callback) { - if (!run_callback(&sudo_defs_table[early->idx])) + if (!run_callback(&sudo_defs_table[early->idx], true)) ret = false; early->run_callback = false; } diff --git a/plugins/sudoers/defaults.h b/plugins/sudoers/defaults.h index d8971c4c6..b78a9ae9b 100644 --- a/plugins/sudoers/defaults.h +++ b/plugins/sudoers/defaults.h @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1999-2005, 2008-2020 + * Copyright (c) 1999-2005, 2008-2022 * Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any @@ -66,7 +66,7 @@ struct sudo_defs_types { int type; char *desc; struct def_values *values; - bool (*callback)(const union sudo_defs_val *); + bool (*callback)(const union sudo_defs_val *, int op); union sudo_defs_val sd_un; }; diff --git a/plugins/sudoers/group_plugin.c b/plugins/sudoers/group_plugin.c index 829cf1ef9..b794d009d 100644 --- a/plugins/sudoers/group_plugin.c +++ b/plugins/sudoers/group_plugin.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 2010-2020 Todd C. Miller + * Copyright (c) 2010-2020, 2022 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -220,7 +220,7 @@ group_plugin_query(const char *user, const char *group, * Group plugin sudoers callback. */ bool -cb_group_plugin(const union sudo_defs_val *sd_un) +cb_group_plugin(const union sudo_defs_val *sd_un, int op) { bool rc = true; debug_decl(cb_group_plugin, SUDOERS_DEBUG_PLUGIN); diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c index 6a194bce5..6198ce9bc 100644 --- a/plugins/sudoers/iolog.c +++ b/plugins/sudoers/iolog.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 2009-2020 Todd C. Miller + * Copyright (c) 2009-2022 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -80,7 +80,7 @@ extern sudo_dso_public struct io_plugin sudoers_io; * Sudoers callback for maxseq Defaults setting. */ bool -cb_maxseq(const union sudo_defs_val *sd_un) +cb_maxseq(const union sudo_defs_val *sd_un, int op) { const char *errstr; unsigned int value; @@ -104,7 +104,7 @@ cb_maxseq(const union sudo_defs_val *sd_un) * Sudoers callback for iolog_user Defaults setting. */ bool -cb_iolog_user(const union sudo_defs_val *sd_un) +cb_iolog_user(const union sudo_defs_val *sd_un, int op) { const char *name = sd_un->str; struct passwd *pw; @@ -129,7 +129,7 @@ cb_iolog_user(const union sudo_defs_val *sd_un) * Look up I/O log group-ID from group name. */ bool -cb_iolog_group(const union sudo_defs_val *sd_un) +cb_iolog_group(const union sudo_defs_val *sd_un, int op) { const char *name = sd_un->str; struct group *gr; @@ -154,7 +154,7 @@ cb_iolog_group(const union sudo_defs_val *sd_un) * Sudoers callback for iolog_mode Defaults setting. */ bool -cb_iolog_mode(const union sudo_defs_val *sd_un) +cb_iolog_mode(const union sudo_defs_val *sd_un, int op) { iolog_set_mode(sd_un->mode); return true; @@ -502,7 +502,7 @@ iolog_deserialize_info(struct log_details *details, char * const user_info[], if (strncmp(*cur, "maxseq=", sizeof("maxseq=") - 1) == 0) { union sudo_defs_val sd_un; sd_un.str = *cur + sizeof("maxseq=") - 1; - cb_maxseq(&sd_un); + cb_maxseq(&sd_un, true); continue; } break; diff --git a/plugins/sudoers/locale.c b/plugins/sudoers/locale.c index 7e5e9ccde..bae857bee 100644 --- a/plugins/sudoers/locale.c +++ b/plugins/sudoers/locale.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 2012-2016 Todd C. Miller + * Copyright (c) 2012-2016, 2020, 2022 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -142,7 +142,7 @@ sudoers_warn_setlocale(bool restore, int *cookie) * Callback for sudoers_locale sudoers setting. */ bool -sudoers_locale_callback(const union sudo_defs_val *sd_un) +sudoers_locale_callback(const union sudo_defs_val *sd_un, int op) { debug_decl(sudoers_locale_callback, SUDOERS_DEBUG_UTIL); diff --git a/plugins/sudoers/logging.h b/plugins/sudoers/logging.h index aa1b217de..f61de455b 100644 --- a/plugins/sudoers/logging.h +++ b/plugins/sudoers/logging.h @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1999-2005, 2009-2018 + * Copyright (c) 1999-2005, 2009-2022 * Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any @@ -82,7 +82,7 @@ bool log_warning(int flags, const char *fmt, ...) __printflike(2, 3); bool log_warningx(int flags, const char *fmt, ...) __printflike(2, 3); bool gai_log_warning(int flags, int errnum, const char *fmt, ...) __printflike(3, 4); bool sudoers_initlocale(const char *ulocale, const char *slocale); -bool sudoers_locale_callback(const union sudo_defs_val *); +bool sudoers_locale_callback(const union sudo_defs_val *sd_un, int op); void sudoers_to_eventlog(struct eventlog *evlog, char * const argv[], char *const envp[], const char *uuid_str); void init_eventlog_config(void); bool init_log_details(struct log_details *details, struct eventlog *evlog); diff --git a/plugins/sudoers/regress/fuzz/fuzz_policy.c b/plugins/sudoers/regress/fuzz/fuzz_policy.c index f568e594f..1cc934aee 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_policy.c +++ b/plugins/sudoers/regress/fuzz/fuzz_policy.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Todd C. Miller + * Copyright (c) 2021-2022 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -811,35 +811,35 @@ iolog_nextid(char *iolog_dir, char sessid[7]) /* STUB */ bool -cb_maxseq(const union sudo_defs_val *sd_un) +cb_maxseq(const union sudo_defs_val *sd_un, int op) { return true; } /* STUB */ bool -cb_iolog_user(const union sudo_defs_val *sd_un) +cb_iolog_user(const union sudo_defs_val *sd_un, int op) { return true; } /* STUB */ bool -cb_iolog_group(const union sudo_defs_val *sd_un) +cb_iolog_group(const union sudo_defs_val *sd_un, int op) { return true; } /* STUB */ bool -cb_iolog_mode(const union sudo_defs_val *sd_un) +cb_iolog_mode(const union sudo_defs_val *sd_un, int op) { return true; } /* STUB */ bool -cb_group_plugin(const union sudo_defs_val *sd_un) +cb_group_plugin(const union sudo_defs_val *sd_un, int op) { return true; } diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index 2da7804f6..e0e50d796 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1993-1996, 1998-2020 Todd C. Miller + * Copyright (c) 1993-1996, 1998-2022 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -1254,7 +1254,7 @@ resolve_host(const char *host, char **longp, char **shortp) * Sets user_host, user_shost, user_runhost and user_srunhost. */ static bool -cb_fqdn(const union sudo_defs_val *sd_un) +cb_fqdn(const union sudo_defs_val *sd_un, int op) { bool remote; int rc; @@ -1392,7 +1392,7 @@ set_runasgr(const char *group, bool quiet) * Callback for runas_default sudoers setting. */ static bool -cb_runas_default(const union sudo_defs_val *sd_un) +cb_runas_default(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_runas_default, SUDOERS_DEBUG_PLUGIN); @@ -1406,7 +1406,7 @@ cb_runas_default(const union sudo_defs_val *sd_un) * Callback for tty_tickets sudoers setting. */ static bool -cb_tty_tickets(const union sudo_defs_val *sd_un) +cb_tty_tickets(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_tty_tickets, SUDOERS_DEBUG_PLUGIN); @@ -1422,7 +1422,7 @@ cb_tty_tickets(const union sudo_defs_val *sd_un) * Callback for umask sudoers setting. */ static bool -cb_umask(const union sudo_defs_val *sd_un) +cb_umask(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_umask, SUDOERS_DEBUG_PLUGIN); @@ -1436,7 +1436,7 @@ cb_umask(const union sudo_defs_val *sd_un) * Callback for runchroot sudoers setting. */ static bool -cb_runchroot(const union sudo_defs_val *sd_un) +cb_runchroot(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_runchroot, SUDOERS_DEBUG_PLUGIN); @@ -1453,7 +1453,7 @@ cb_runchroot(const union sudo_defs_val *sd_un) } static bool -cb_logfile(const union sudo_defs_val *sd_un) +cb_logfile(const union sudo_defs_val *sd_un, int op) { int logtype = def_syslog ? EVLOG_SYSLOG : EVLOG_NONE; debug_decl(cb_logfile, SUDOERS_DEBUG_PLUGIN); @@ -1467,7 +1467,7 @@ cb_logfile(const union sudo_defs_val *sd_un) } static bool -cb_log_format(const union sudo_defs_val *sd_un) +cb_log_format(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_log_format, SUDOERS_DEBUG_PLUGIN); @@ -1477,7 +1477,7 @@ cb_log_format(const union sudo_defs_val *sd_un) } static bool -cb_syslog(const union sudo_defs_val *sd_un) +cb_syslog(const union sudo_defs_val *sd_un, int op) { int logtype = def_logfile ? EVLOG_FILE : EVLOG_NONE; debug_decl(cb_syslog, SUDOERS_DEBUG_PLUGIN); @@ -1490,7 +1490,7 @@ cb_syslog(const union sudo_defs_val *sd_un) } static bool -cb_syslog_goodpri(const union sudo_defs_val *sd_un) +cb_syslog_goodpri(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_syslog_goodpri, SUDOERS_DEBUG_PLUGIN); @@ -1500,7 +1500,7 @@ cb_syslog_goodpri(const union sudo_defs_val *sd_un) } static bool -cb_syslog_badpri(const union sudo_defs_val *sd_un) +cb_syslog_badpri(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_syslog_badpri, SUDOERS_DEBUG_PLUGIN); @@ -1511,7 +1511,7 @@ cb_syslog_badpri(const union sudo_defs_val *sd_un) } static bool -cb_syslog_maxlen(const union sudo_defs_val *sd_un) +cb_syslog_maxlen(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN); @@ -1521,7 +1521,7 @@ cb_syslog_maxlen(const union sudo_defs_val *sd_un) } static bool -cb_loglinelen(const union sudo_defs_val *sd_un) +cb_loglinelen(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_loglinelen, SUDOERS_DEBUG_PLUGIN); @@ -1531,7 +1531,7 @@ cb_loglinelen(const union sudo_defs_val *sd_un) } static bool -cb_log_year(const union sudo_defs_val *sd_un) +cb_log_year(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN); @@ -1541,7 +1541,7 @@ cb_log_year(const union sudo_defs_val *sd_un) } static bool -cb_log_host(const union sudo_defs_val *sd_un) +cb_log_host(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN); @@ -1551,7 +1551,7 @@ cb_log_host(const union sudo_defs_val *sd_un) } static bool -cb_mailerpath(const union sudo_defs_val *sd_un) +cb_mailerpath(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_mailerpath, SUDOERS_DEBUG_PLUGIN); @@ -1561,7 +1561,7 @@ cb_mailerpath(const union sudo_defs_val *sd_un) } static bool -cb_mailerflags(const union sudo_defs_val *sd_un) +cb_mailerflags(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_mailerflags, SUDOERS_DEBUG_PLUGIN); @@ -1571,7 +1571,7 @@ cb_mailerflags(const union sudo_defs_val *sd_un) } static bool -cb_mailfrom(const union sudo_defs_val *sd_un) +cb_mailfrom(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_mailfrom, SUDOERS_DEBUG_PLUGIN); @@ -1581,7 +1581,7 @@ cb_mailfrom(const union sudo_defs_val *sd_un) } static bool -cb_mailto(const union sudo_defs_val *sd_un) +cb_mailto(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_mailto, SUDOERS_DEBUG_PLUGIN); @@ -1591,7 +1591,7 @@ cb_mailto(const union sudo_defs_val *sd_un) } static bool -cb_mailsub(const union sudo_defs_val *sd_un) +cb_mailsub(const union sudo_defs_val *sd_un, int op) { debug_decl(cb_mailsub, SUDOERS_DEBUG_PLUGIN); diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index c171780f5..a5dfb2de4 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1993-1996, 1998-2005, 2007-2020 + * Copyright (c) 1993-1996, 1998-2005, 2007-2022 * Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any @@ -374,10 +374,10 @@ char *get_timestr(time_t, int); bool get_boottime(struct timespec *); /* iolog.c */ -bool cb_maxseq(const union sudo_defs_val *sd_un); -bool cb_iolog_user(const union sudo_defs_val *sd_un); -bool cb_iolog_group(const union sudo_defs_val *sd_un); -bool cb_iolog_mode(const union sudo_defs_val *sd_un); +bool cb_maxseq(const union sudo_defs_val *sd_un, int op); +bool cb_iolog_user(const union sudo_defs_val *sd_un, int op); +bool cb_iolog_group(const union sudo_defs_val *sd_un, int op); +bool cb_iolog_mode(const union sudo_defs_val *sd_un, int op); /* iolog_path_escapes.c */ struct iolog_path_escape; @@ -440,7 +440,7 @@ int group_plugin_load(char *plugin_info); void group_plugin_unload(void); int group_plugin_query(const char *user, const char *group, const struct passwd *pwd); -bool cb_group_plugin(const union sudo_defs_val *sd_un); +bool cb_group_plugin(const union sudo_defs_val *sd_un, int op); extern const char *path_plugin_dir; /* editor.c */ diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c index cd4250705..e0ef5ed66 100644 --- a/plugins/sudoers/testsudoers.c +++ b/plugins/sudoers/testsudoers.c @@ -1,7 +1,7 @@ /* * SPDX-License-Identifier: ISC * - * Copyright (c) 1996, 1998-2005, 2007-2018 + * Copyright (c) 1996, 1998-2005, 2007-2022 * Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any @@ -64,7 +64,7 @@ static void dump_sudoers(struct sudo_lbuf *lbuf); static void usage(void) __attribute__((__noreturn__)); static void set_runaspw(const char *); static void set_runasgr(const char *); -static bool cb_runas_default(const union sudo_defs_val *); +static bool cb_runas_default(const union sudo_defs_val *, int); static int testsudoers_error(const char *msg); static int testsudoers_output(const char *buf); @@ -415,7 +415,7 @@ set_runasgr(const char *group) * Callback for runas_default sudoers setting. */ static bool -cb_runas_default(const union sudo_defs_val *sd_un) +cb_runas_default(const union sudo_defs_val *sd_un, int op) { /* Only reset runaspw if user didn't specify one. */ if (!runas_user && !runas_group)