isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

s/setenv_ok/setenv_implied/g

Browse Source
This commit is contained in:
Todd C. Miller
2007-11-21 18:50:47 +00:00
parent fff47a319a
commit e6c0ba72f3
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ldap.c
View File

@@ -276,10 +276,10 @@ sudo_ldap_check_runas(ld, entry)
* Walk through search results and return TRUE if we have a command match. * Walk through search results and return TRUE if we have a command match.
*/ */
int int
sudo_ldap_check_command(ld, entry, setenv_ok) sudo_ldap_check_command(ld, entry, setenv_implied)
LDAP *ld; LDAP *ld;
LDAPMessage *entry; LDAPMessage *entry;
int *setenv_ok; int *setenv_implied;
{ {
char *allowed_cmnd, *allowed_args, **v = NULL, **p = NULL; char *allowed_cmnd, *allowed_args, **v = NULL, **p = NULL;
int foundbang, ret = FALSE; int foundbang, ret = FALSE;
@@ -293,8 +293,8 @@ sudo_ldap_check_command(ld, entry, setenv_ok)
/* Match against ALL ? */ /* Match against ALL ? */
if (!strcmp(*p, "ALL")) { if (!strcmp(*p, "ALL")) {
ret = TRUE; ret = TRUE;
if (setenv_ok != NULL) if (setenv_implied != NULL)
*setenv_ok = TRUE; *setenv_implied = TRUE;
DPRINTF(("ldap sudoCommand '%s' ... MATCH!", *p), 2); DPRINTF(("ldap sudoCommand '%s' ... MATCH!", *p), 2);
continue; continue;
} }
@@ -1152,7 +1152,7 @@ sudo_ldap_check(v, pwflag)
LDAPMessage *entry = NULL, *result = NULL; /* used for searches */ LDAPMessage *entry = NULL, *result = NULL; /* used for searches */
char *filt; /* used to parse attributes */ char *filt; /* used to parse attributes */
int do_netgr, rc, ret; /* temp/final return values */ int do_netgr, rc, ret; /* temp/final return values */
int setenv_ok; int setenv_implied;
int ldap_user_matches = FALSE, ldap_host_matches = FALSE; /* flags */ int ldap_user_matches = FALSE, ldap_host_matches = FALSE; /* flags */
struct passwd *pw = list_pw ? list_pw : sudo_user.pw; struct passwd *pw = list_pw ? list_pw : sudo_user.pw;
@@ -1235,7 +1235,7 @@ sudo_ldap_check(v, pwflag)
* user netgroups. Then we take the netgroups returned and * user netgroups. Then we take the netgroups returned and
* try to match them against the username. * try to match them against the username.
*/ */
setenv_ok = FALSE; setenv_implied = FALSE;
for (ret = 0, do_netgr = 0; !ret && do_netgr < 2; do_netgr++) { for (ret = 0, do_netgr = 0; !ret && do_netgr < 2; do_netgr++) {
filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(pw); filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(pw);
DPRINTF(("ldap search '%s'", filt), 1); DPRINTF(("ldap search '%s'", filt), 1);
@@ -1259,14 +1259,14 @@ sudo_ldap_check(v, pwflag)
/* remember that host matched */ /* remember that host matched */
(ldap_host_matches = TRUE) && (ldap_host_matches = TRUE) &&
/* verify command match */ /* verify command match */
sudo_ldap_check_command(ld, entry, &setenv_ok) && sudo_ldap_check_command(ld, entry, &setenv_implied) &&
/* verify runas match */ /* verify runas match */
sudo_ldap_check_runas(ld, entry) sudo_ldap_check_runas(ld, entry)
) { ) {
/* We have a match! */ /* We have a match! */
DPRINTF(("Perfect Match!"), 1); DPRINTF(("Perfect Match!"), 1);
/* pick up any options */ /* pick up any options */
if (setenv_ok) if (setenv_implied)
def_setenv = TRUE; def_setenv = TRUE;
sudo_ldap_parse_options(ld, entry); sudo_ldap_parse_options(ld, entry);
/* make sure we don't reenter loop */ /* make sure we don't reenter loop */