isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

used indent to "fix" coding style

Browse Source
This commit is contained in:
Todd C. Miller
1993-10-04 19:10:33 +00:00
parent 847ce91e0f
commit e75a6d3b54
7 changed files with 1030 additions and 979 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
check.c
View File

@@ -74,13 +74,13 @@ if ( setuid (0) ) { /* have to be root to see timestamps */
exit(1);
}
rtn = check_timestamp();
if ( setruid (uid) ) { /* don't want to be root longer than necessary */
if (setruid(uid)) { /* don't want to be root longer than
* necessary */
#ifndef _AIX
perror("setruid(uid)");
exit(1);
#endif
}
if (rtn && uid) /* if timestamp is not current... */
check_passwd();
@@ -89,13 +89,13 @@ if ( setuid (0) ) { /* have to be root to play with timestamps */
exit(1);
}
update_timestamp();
if ( setruid (uid) ) { /* don't want to be root longer than necessary */
if (setruid(uid)) { /* don't want to be root longer than
* necessary */
#ifndef _AIX
perror("setruid(uid)");
exit(1);
#endif
}
umask(022); /* want a real umask to exec() the command */
}
@@ -119,33 +119,35 @@ struct stat statbuf;
register int timestamp_is_old = -1;
time_t now;
sprintf ( timestampfile, "%s/%s", TIMEDIR, user );
(void) sprintf(timestampfile, "%s/%s", TIMEDIR, user);
timestampfile_p = timestampfile;
timedir_is_good = 1; /* now there's an assumption for ya... */
/* walk through the path one directory at a time */
/*
* walk through the path one directory at a time
*/
for (p = timestampfile + 1; p = index(p, '/'); *p++ = '/') {
*p = '\0';
if (stat(timestampfile, &statbuf) < 0) {
if (strcmp(timestampfile, TIMEDIR))
fprintf ( stderr, "Cannot stat() %s\n", timestampfile );
(void) fprintf(stderr, "Cannot stat() %s\n", timestampfile);
timedir_is_good = 0;
*p = '/';
break;
}
}
if ( timedir_is_good ) { /* if all the directories are stat()able */
/*
* if all the directories are stat()able
*/
if (timedir_is_good) {
if (stat(timestampfile, &statbuf)) { /* does the file exist? */
if ( uid ) reminder(); /* if not, do the reminder */
if (uid)
reminder(); /* if not, do the reminder */
timestamp_is_old = 1; /* and return (1) */
}
else { /* otherwise, check the time */
} else { /* otherwise, check the time */
now = time((time_t *) NULL);
if (now - statbuf.st_mtime < 60 * TIMEOUT)
timestamp_is_old = 0; /* if file is recent, return(0) */
@@ -153,29 +155,25 @@ if ( timedir_is_good ) { /* if all the directories are stat()able */
timestamp_is_old = 1; /* else make 'em enter password */
}
}
/* there was a problem stat()ing a directory */
/*
* there was a problem stat()ing a directory
*/
else {
timestamp_is_old = 1; /* user has to enter password */
if (mkdir(TIMEDIR, 0700)) { /* make the TIMEDIR directory */
perror("check_timestamp: mkdir");
timedir_is_good = 0;
}
else {
} else {
timedir_is_good = 1;/* TIMEDIR now exists */
reminder();
}
}
return (timestamp_is_old);
}
/********************************************************************
*
* update_timestamp()
@@ -197,8 +195,6 @@ if ( timedir_is_good ) {
/********************************************************************
*
* check_passwd()
@@ -215,38 +211,35 @@ char *encrypted; /* this comes from /etc/passwd */
char *pass; /* this is what gets entered */
register int counter = TRIES_FOR_PASSWORD;
if ((pw_ent = getpwuid(uid)) == NULL) {
sprintf ( user, "%u", uid );
(void) sprintf(user, "%u", uid);
log_error(GLOBAL_NO_PW_ENT);
inform_user(GLOBAL_NO_PW_ENT);
exit(1);
}
encrypted = pw_ent -> pw_passwd;
/* you get TRIES_FOR_PASSWORD times to guess your password */
/*
* you get TRIES_FOR_PASSWORD times to guess your password
*/
while (counter > 0) {
pass = getpass("Password:");
if ( *pass == (char)NULL ) exit(0);
if (*pass == (char) NULL)
exit(0);
if (!strcmp(encrypted, crypt(pass, encrypted)))
return; /* if the passwd is correct return() */
--counter; /* otherwise, try again */
fprintf ( stderr, "%s\n", INCORRECT_PASSWORD );
(void) fprintf(stderr, "%s\n", INCORRECT_PASSWORD);
}
log_error(PASSWORD_NOT_CORRECT);
inform_user(PASSWORD_NOT_CORRECT);
exit(1);
}
/********************************************************************
*
* reminder()
@@ -256,20 +249,16 @@ exit (1);
static void reminder()
{
#ifdef SHORT_MESSAGE
fprintf(stderr,"\n%s\n%s\n\n%s\n%s\n\n",
(void) fprintf(stderr, "\n%s\n%s\n\n%s\n%s\n\n",
#else
fprintf(stderr,"\n%s\n%s\n%s\n\n%s\n%s\n\n%s\n%s\n\n",
(void) fprintf(stderr, "\n%s\n%s\n%s\n\n%s\n%s\n\n%s\n%s\n\n",
" sudo version 1.1, Copyright (C) 1991 The Root Group, Inc.",
" sudo comes with ABSOLUTELY NO WARRANTY. This is free software,",
" and you are welcome to redistribute it under certain conditions.",
#endif
"We trust you have received the usual lecture from the local Systems",
"Administrator. It usually boils down to these two things:",
" #1) Respect the privacy of others.",
" #2) Think before you type."
);

73
find_path.c
View File

@@ -36,8 +36,7 @@
/*
* Most of this code has been rewritten to fix bugs and bears little
* resemblence to the original. As such, this file conforms to my
* personal coding style.
* resemblence to the original.
*
* Todd C. Miller (millert@colorado.edu) Sat Sep 4 12:22:04 MDT 1993
*/
@@ -83,15 +82,19 @@ char *find_path(file)
char *qualify();
if (strlen(file) > MAXPATHLEN) {
fprintf(stderr, "%s: path too long: %s\n", Argv[0], file);
(void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], file);
exit(1);
}
/* do we need to search the path? */
/*
* do we need to search the path?
*/
if (index(file, '/'))
return (qualify(file));
/* grab PATH out of environment and make a local copy */
/*
* grab PATH out of environment and make a local copy
*/
if ((path = getenv("PATH")) == NULL)
return (NULL);
@@ -101,13 +104,12 @@ char *find_path(file)
}
do {
/* cheap strtok() */
if ((n = index(path, ':')))
*n = '\0';
/*
* search current dir last if it is in PATH
* This will miss sneaky things like using './' or './/'
* search current dir last if it is in PATH This will miss sneaky
* things like using './' or './/'
*/
if (*path == NULL || (*path == '.' && *(path + 1) == NULL)) {
checkdot = 1;
@@ -115,10 +117,11 @@ char *find_path(file)
continue;
}
/* filename to try */
(void) sprintf(fn, "%s/%s", path, file);
/* stat the file to make sure it exists and is executable */
/*
* stat the file to make sure it exists and is executable
*/
statfailed = stat(fn, &statbuf);
if (!statfailed && (statbuf.st_mode & 0000111))
return (qualify(fn));
@@ -130,11 +133,15 @@ char *find_path(file)
} while (n);
/* check current dir if dot was in the PATH */
/*
* check current dir if dot was in the PATH
*/
if (checkdot) {
(void) sprintf(fn, "./%s", file);
/* stat the file to make sure it exists and is executable */
/*
* stat the file to make sure it exists and is executable
*/
statfailed = stat(fn, &statbuf);
if (!statfailed && (statbuf.st_mode & 0000111))
return (qualify(fn));
@@ -165,7 +172,9 @@ char *qualify(n)
struct stat statbuf; /* for lstat() */
char *tmp; /* temporary pointer */
/* is it a bogus path? */
/*
* is it a bogus path?
*/
if (stat(n, &statbuf)) {
if (errno == ENOENT)
return (NULL);
@@ -175,14 +184,17 @@ char *qualify(n)
}
}
/* if n is relative, fill full with working dir */
/*
* if n is relative, fill full with working dir
*/
if (*n != '/') {
#ifdef USE_CWD
if (!getcwd(full, (size_t) (MAXPATHLEN + 1))) {
#else
if (!getwd(full)) {
#endif
fprintf(stderr, "%s: Can't get working directory!\n", Argv[0]);
(void) fprintf(stderr, "%s: Can't get working directory!\n",
Argv[0]);
exit(1);
}
} else
@@ -196,14 +208,15 @@ char *qualify(n)
else
beg = name; /* just starting out... */
/* find and terminate end of path component */
/*
* find and terminate end of path component
*/
if ((end = index(beg, '/')))
*end = '\0';
if (beg == end)
continue;
else if (!strcmp(beg, "."))
; /* ignore "." */
else if (!strcmp(beg, ".")); /* ignore "." */
else if (!strcmp(beg, "..")) {
if ((tmp = rindex(full, '/')))
*tmp = '\0';
@@ -212,11 +225,15 @@ char *qualify(n)
strcat(full, beg); /* copy in new component */
}
/* if we used ../.. to go past the root dir just continue */
/*
* if we used ../.. to go past the root dir just continue
*/
if (!full[0])
continue;
/* check for symbolic links */
/*
* check for symbolic links
*/
if (lstat(full, &statbuf)) {
perror("qualify: lstat");
exit(1);
@@ -224,7 +241,8 @@ char *qualify(n)
if ((statbuf.st_mode & S_IFMT) == S_IFLNK) {
int linklen; /* length of link contents */
char newname[MAXPATHLEN+1]; /* temp storage to build new name */
char newname[MAXPATHLEN + 1]; /* temp storage to build new
* name */
linklen = readlink(full, newname, sizeof(newname));
newname[linklen] = '\0';
@@ -233,19 +251,16 @@ char *qualify(n)
++end;
if (end != (char *) 1) {
if (linklen + strlen(end) >= MAXPATHLEN) {
fprintf(stderr, "%s: path too long: %s/%s\n", Argv[0],
newname, end);
(void )fprintf(stderr, "%s: path too long: %s/%s\n",
Argv[0], newname, end);
exit(1);
}
strcat(newname, "/");
strcat(newname, end); /* copy what's left of end */
}
if (newname[0] == '/') /* reset full if necesary */
full[0] = '\0';
else
if ((tmp = rindex(full, '/'))) /* remove component from full */
else if ((tmp = rindex(full, '/'))) /* remove component from full */
*tmp = '\0';
strcpy(name, newname); /* reset name with new path */
@@ -253,7 +268,9 @@ char *qualify(n)
}
} while (end);
/* if we resolved to "/" full[0] will be NULL */
/*
* if we resolved to "/" full[0] will be NULL
*/
if (!full[0])
strcpy(full, "/");

7
getpass.c
View File

@@ -55,15 +55,14 @@ getpass(prompt)
static char buf[PASSWD_LEN + 1];
/*
* read and write to /dev/tty if possible; else read from
* stdin and write to stderr.
* read and write to /dev/tty if possible; else read from stdin and write
* to stderr.
*/
fd_tmp = open("/dev/tty", O_RDWR);
if (fd_tmp < 0 || (outfp = fp = fdopen(fd_tmp, "r+")) == NULL) {
outfp = stderr;
fp = stdin;
}
#if defined(sgi)
(void) ioctl(fileno(fp), TCGETA, &ttyb);
svflagval = ttyb.c_lflag;
@@ -78,7 +77,7 @@ getpass(prompt)
(void) ioctl(fileno(fp), TIOCSETP, &ttyb);
#endif
fprintf(outfp, "%s", prompt);
(void) fprintf(outfp, "%s", prompt);
rewind(outfp); /* implied flush */
for (p = buf; (ch = getc(fp)) != EOF && ch != '\n';)
if (p < buf + PASSWD_LEN)

150
logging.c
View File

@@ -74,63 +74,70 @@ time_t now;
register int pri; /* syslog priority */
#endif
/* there is no need to log the date and time twice if using syslog */
/*
* there is no need to log the date and time twice if using syslog
*/
#ifndef SYSLOG
now = time((time_t) 0);
sprintf( logline, "%19.19s : %8.8s : ", ctime (&now), user );
(void) sprintf(logline, "%19.19s : %8.8s : ", ctime(&now), user);
#else
sprintf( logline, "%8.8s : ", user );
(void) sprintf(logline, "%8.8s : ", user);
#endif
p = logline + strlen(logline); /* we need a pointer to the end of logline */
/*
* we need a pointer to the end of logline
*/
p = logline + strlen(logline);
/*
* so we know where we are...
*/
#ifdef USE_CWD
getcwd(cwd, (size_t)(MAXPATHLEN+1)); /* so we know where we are... */
getcwd(cwd, (size_t) (MAXPATHLEN + 1));
#else
getwd(cwd); /* so we know where we are... */
getwd(cwd);
#endif
switch (code) {
case ALL_SYSTEMS_GO:
sprintf ( p, "PWD=%s ; COMMAND=", cwd );
(void) sprintf(p, "PWD=%s ; COMMAND=", cwd);
#ifdef SYSLOG
pri = Syslog_priority_OK;
#endif
break;
case VALIDATE_NO_USER:
sprintf ( p, "user NOT in sudoers ; PWD=%s ; COMMAND=", cwd );
(void) sprintf(p, "user NOT in sudoers ; PWD=%s ; COMMAND=", cwd);
#ifdef SYSLOG
pri = Syslog_priority_NO;
#endif
break;
case VALIDATE_NOT_OK:
sprintf ( p, "command not allowed ; PWD=%s ; COMMAND=", cwd );
(void) sprintf(p, "command not allowed ; PWD=%s ; COMMAND=", cwd);
#ifdef SYSLOG
pri = Syslog_priority_NO;
#endif
break;
case VALIDATE_ERROR:
sprintf ( p, "error in %s ; PWD=%s ; command: ", SUDOERS, cwd );
(void) sprintf(p, "error in %s ; PWD=%s ; command: ", SUDOERS, cwd);
#ifdef SYSLOG
pri = Syslog_priority_NO;
#endif
break;
case GLOBAL_NO_PW_ENT:
sprintf ( p, "There is no /etc/passwd entry for uid %d. ", uid );
(void) sprintf(p, "There is no /etc/passwd entry for uid %d. ",
uid);
#ifdef SYSLOG
pri = Syslog_priority_NO;
#endif
break;
case PASSWORD_NOT_CORRECT:
sprintf ( p, "%d incorrect passwords ; PWD=%s ; COMMAND=",
(void) sprintf(p, "%d incorrect passwords ; PWD=%s ; COMMAND=",
TRIES_FOR_PASSWORD, cwd);
#ifdef SYSLOG
pri = Syslog_priority_NO;
@@ -147,13 +154,15 @@ switch ( code ) {
case NO_SUDOERS_FILE:
switch (errno) {
case ENOENT:
sprintf ( p, "There is no %s file. ", SUDOERS );
(void) sprintf(p, "There is no %s file. ", SUDOERS);
break;
case EACCES:
sprintf ( p, "%s needs to run setuid root. ", Argv[0] );
(void) sprintf(p, "%s needs to run setuid root. ",
Argv[0]);
break;
default:
sprintf ( p, "There is a problem opening %s ", SUDOERS );
(void) sprintf(p, "There is a problem opening %s ",
SUDOERS);
break;
}
#ifdef SYSLOG
@@ -162,7 +171,7 @@ switch ( code ) {
break;
case GLOBAL_HOST_UNREGISTERED:
sprintf ( p, "gethostbyname() cannot find host %s ", host );
(void) sprintf(p, "gethostbyname() cannot find host %s ", host);
#ifdef SYSLOG
pri = Syslog_priority_NO;
#endif
@@ -174,22 +183,26 @@ switch ( code ) {
pri = Syslog_priority_NO;
#endif
break;
}
/* if this error is from load_globals() don't put argv in the message */
/*
* if this error is from load_globals() don't put argv in the message
*/
if (!(code & GLOBAL_PROBLEM)) {
strcat(logline, cmnd); /* stuff the command into the logline */
strcat(logline, " ");
argc = Argc - 2;
argv = Argv; argv++;
argv = Argv;
argv++;
p = logline + strlen(logline);
count = (int) (logline + MAXLOGLEN - p);
/* now stuff as much of the rest of the line as will fit */
/*
* now stuff as much of the rest of the line as will fit
*/
while (count > 0 && argc--) {
strncpy(p, *++argv, count);
strcat(p, " ");
@@ -200,35 +213,26 @@ if ( ! ( code & GLOBAL_PROBLEM ) ) {
strcat(p, " ... "); /* add an elipsis to the end */
}
if (appropriate(code))
send_mail();
#ifdef SYSLOG
openlog(Syslog_ident, Syslog_options, Syslog_facility);
syslog(pri, logline);
closelog();
#else
if ((fp = fopen(LOGFILE, "a")) == NULL) {
sprintf ( logline, "Can\'t open log file: %s", LOGFILE );
(void) sprintf(logline, "Can\'t open log file: %s", LOGFILE);
send_mail();
}
else {
fprintf ( fp, "%s\n", logline );
} else {
(void) fprintf(fp, "%s\n", logline);
(void) fclose(fp);
}
#endif
}
/**********************************************************************
*
* send_mail()
@@ -242,7 +246,6 @@ char *exec_argv[]= { "sendmail" ,
ALERTMAIL,
(char *) NULL};
static void send_mail()
{
char *mailer = MAILER;
@@ -251,66 +254,56 @@ int fd[2];
char buf[MAXLOGLEN + 1024];
if ((mailer = find_path(mailer)) == NULL) {
fprintf (stderr, "%s not found\n", mailer );
(void) fprintf(stderr, "%s not found\n", mailer);
exit(1);
}
(void) signal(SIGCHLD, reapchild);
signal ( SIGCHLD, reapchild );
if (fork())
return;
if ( fork () ) return;
/* we don't want any security problems ... */
/*
* we don't want any security problems ...
*/
if (setuid(uid)) {
perror("setuid(uid)");
exit(1);
}
signal ( SIGHUP, SIG_IGN );
signal ( SIGINT, SIG_IGN );
signal ( SIGQUIT, SIG_IGN );
(void) signal(SIGHUP, SIG_IGN);
(void) signal(SIGINT, SIG_IGN);
(void) signal(SIGQUIT, SIG_IGN);
if (pipe(fd)) {
perror("send_mail: pipe");
exit(1);
}
(void) dup2(fd[0], 0);
(void) dup2(fd[1], 1);
(void) close(fd[0]);
(void) close(fd[1]);
if ( ! fork () ) {
/* child parent */
if (!fork()) { /* child */
(void) close(1);
execv ( mailer, exec_argv );
execve(mailer, exec_argv, Envp);
/* this should not happen */
perror( "execv");
perror("execve");
exit(1);
}
else {
} else { /* parent */
(void) close(0);
/* feed the data to sendmail */
sprintf (buf, "To: %s\nSubject: %s\n\n%s\n\n",
(void) sprintf(buf, "To: %s\nSubject: %s\n\n%s\n\n",
ALERTMAIL, subject, logline);
write(1, buf, strlen(buf));
close(1);
exit(0);
}
}
/****************************************************************
*
* reapchild()
@@ -325,8 +318,6 @@ static void reapchild ()
/**********************************************************************
*
* inform_user ()
@@ -340,57 +331,52 @@ int code;
{
switch (code) {
case VALIDATE_NO_USER:
fprintf( stderr,
(void) fprintf(stderr,
"%s is not in the sudoers file. This incident will be reported.\n\n",
user);
break;
case VALIDATE_NOT_OK:
fprintf( stderr,
(void) fprintf(stderr,
"Sorry, user %s is not allowed to execute %s\n\n",
user, cmnd);
break;
case VALIDATE_ERROR:
fprintf( stderr,
(void) fprintf(stderr,
"Sorry, there is a fatal error in the sudoers file.\n\n");
break;
case GLOBAL_NO_PW_ENT:
fprintf ( stderr,
(void) fprintf(stderr,
"Intruder Alert! You don\'t exist in the passwd file\n\n");
break;
case GLOBAL_NO_HOSTNAME:
fprintf ( stderr,
(void) fprintf(stderr,
"This machine does not have a hostname\n\n");
break;
case GLOBAL_HOST_UNREGISTERED:
fprintf ( stderr,
(void) fprintf(stderr,
"This machine is not available via gethostbyname()\n\n");
break;
case PASSWORD_NOT_CORRECT:
fprintf ( stderr, "Password not entered correctly after %d tries\n\n",
(void) fprintf(stderr, "Password not entered correctly after %d tries\n\n",
TRIES_FOR_PASSWORD);
break;
default:
fprintf ( stderr,
(void) fprintf(stderr,
"Something wierd happened.\n\n");
break;
}
}
/****************************************************************
*
* appropriate()
@@ -404,8 +390,9 @@ int code;
switch (code) {
/* these will NOT send mail */
/*
* these will NOT send mail
*/
case VALIDATE_OK:
case PASSWORD_NOT_CORRECT:
/* case ALL_SYSTEMS_GO: this is the same as OK */
@@ -428,8 +415,9 @@ switch ( code ) {
#endif
break;
/* these WILL send mail */
/*
* these WILL send mail
*/
case VALIDATE_ERROR:
case NO_SUDOERS_FILE:
default:

174
parse.c
View File

@@ -22,13 +22,15 @@
* 3959 Arbol CT (303) 447-8093
* Boulder, CO 80301-1752
*
********************************************************************************
**************************************************************************
*
* parse.c, sudo project
* David R. Hieb
* March 18, 1991
*
* routines to implement and maintain the parsing and list management.
*******************************************************************************/
*/
#include <stdio.h>
#include <strings.h>
#include <ctype.h>
@@ -37,7 +39,9 @@
#include "sudo.h"
/* there are 3 main lists (User, Host_Alias, Cmnd_Alias) and 1 extra list */
/*
* there are 3 main lists (User, Host_Alias, Cmnd_Alias) and 1 extra list
*/
#define NUM_LISTS 3+1
extern char *user, *host, *cmnd;
@@ -49,9 +53,11 @@ int parse_error = FALSE, found_user = FALSE;
int next_type, num_host_alias = 0, num_cmnd_alias = 0;
LINK tmp_ptr, reset_ptr, save_ptr, list_ptr[NUM_LISTS];
/*******************************************************************************
/*
* inserts a node into list 'list_num' and updates list_ptr[list_num]
*******************************************************************************/
*/
void insert_member(list_num, token_type, op_type, data_string)
int token_type, list_num;
char op_type;
@@ -67,9 +73,12 @@ char *data_string;
list_ptr[list_num] = list_ptr[EXTRA_LIST] = tmp_ptr;
}
/*******************************************************************************
/*
* diagnostic list printing utility that prints list 'list_num'
*******************************************************************************/
*/
void print_list(list_num)
int list_num;
{
@@ -78,7 +87,8 @@ LINK tmptmp_ptr;
tmptmp_ptr = list_ptr[list_num];
while (list_ptr[list_num] != NULL) {
printf("type = %d, op = %c, data = %s\n", list_ptr[list_num]->type,
(void) printf("type = %d, op = %c, data = %s\n",
list_ptr[list_num] -> type,
list_ptr[list_num] -> op, list_ptr[list_num] -> data);
tmp_ptr = list_ptr[list_num];
list_ptr[list_num] = tmp_ptr -> next;
@@ -86,9 +96,12 @@ while (list_ptr[list_num] != NULL) {
list_ptr[list_num] = tmptmp_ptr;
}
/*******************************************************************************
/*
* delete list utility that deletes list 'list_num'
*******************************************************************************/
*/
void delete_list(list_num)
int list_num;
{
@@ -99,16 +112,22 @@ while (list_ptr[list_num] != NULL) {
}
}
/*******************************************************************************
/*
* this routine is what the lex/yacc code calls to build the different lists.
* once the lists are all built, control eventually returns to validate().
*******************************************************************************/
*/
int call_back(token_type, op_type, data_string)
int token_type;
char op_type;
char *data_string;
{
/* all nodes start out in the extra list since the node name is received last */
/*
* all nodes start out in the extra list since the node name
* is received last
*/
list_num = EXTRA_LIST;
/*
@@ -116,7 +135,9 @@ list_num = EXTRA_LIST;
* and effectively transfer the extra list to the correct list type.
*/
if (token_type == TYPE1) {
/* we have just build a "Host_Alias" list */
/*
* we have just build a "Host_Alias" list
*/
if (strcmp(data_string, "Host_Alias") == 0) {
list_num = HOST_LIST;
if (num_host_alias > 0) {
@@ -124,7 +145,9 @@ if (token_type == TYPE1) {
}
num_host_alias++;
}
/* we have just build a "Cmnd_Alias" list */
/*
* we have just build a "Cmnd_Alias" list
*/
else if (strcmp(data_string, "Cmnd_Alias") == 0) {
list_num = CMND_LIST;
if (num_cmnd_alias > 0) {
@@ -132,7 +155,9 @@ if (token_type == TYPE1) {
}
num_cmnd_alias++;
}
/* we have just build a "User" list */
/*
* we have just build a "User" list
*/
else {
list_num = USER_LIST;
user_list_found = TRUE;
@@ -141,15 +166,15 @@ if (token_type == TYPE1) {
new_list[list_num] = FALSE;
list_ptr[list_num] = list_ptr[EXTRA_LIST];
}
/* actually link the new node into list 'list_num' */
/*
* actually link the new node into list 'list_num'
*/
insert_member(list_num, token_type, op_type, data_string);
if (new_list[list_num] == TRUE) {
reset_ptr = list_ptr[list_num];
new_list[list_num] = FALSE;
}
/*
* we process one user record at a time from the sudoers file. if we
* find the user were looking for, we return to lex/yacc declaring
@@ -160,8 +185,7 @@ if (user_list_found == TRUE) {
if (list_ptr[list_num] -> type == TYPE1 &&
strcmp(list_ptr[list_num] -> data, user) == 0) {
return (FOUND_USER);
}
else {
} else {
new_list[list_num] = TRUE;
user_list_found = FALSE;
delete_list(list_num);
@@ -170,22 +194,31 @@ if (user_list_found == TRUE) {
return (NOT_FOUND_USER);
}
/*******************************************************************************
/*
* this routine is called from cmnd_check() to resolve whether or not
* a user is permitted to perform a to-yet-be-determined command for
* a certain host name.
*******************************************************************************/
*/
int host_type_ok()
{
/* check for the reserved keyword 'ALL'. if so, don't check the host name */
/*
* check for the reserved keyword 'ALL'. if so, don't check the host name
*/
if (strcmp(list_ptr[USER_LIST] -> data, "ALL") == 0) {
return (TRUE);
}
/* this case is the normal lowercase hostname */
/*
* this case is the normal lowercase hostname
*/
else if (isupper(list_ptr[USER_LIST] -> data[0]) == FALSE) {
return (strcmp(list_ptr[USER_LIST] -> data, host) == 0);
}
/* by now we have a Host_Alias that will have to be expanded */
/*
* by now we have a Host_Alias that will have to be expanded
*/
else {
save_ptr = list_ptr[HOST_LIST];
while (list_ptr[HOST_LIST] != NULL) {
@@ -204,13 +237,11 @@ else {
next_type = list_ptr[HOST_LIST] -> next -> type;
tmp_ptr = list_ptr[HOST_LIST];
list_ptr[HOST_LIST] = tmp_ptr -> next;
}
else {
} else {
next_type = ~TYPE3;
}
}
}
else {
} else {
tmp_ptr = list_ptr[HOST_LIST];
list_ptr[HOST_LIST] = tmp_ptr -> next;
}
@@ -220,14 +251,19 @@ else {
}
}
/*******************************************************************************
/*
* this routine is called from cmnd_check() to resolve whether or not
* a user is permitted to perform a certain command on the already
* established host.
*******************************************************************************/
*/
int cmnd_type_ok()
{
/* check for the reserved keyword 'ALL'. */
/*
* check for the reserved keyword 'ALL'.
*/
if (strcmp(list_ptr[USER_LIST] -> data, "ALL") == 0) {
/* if the command has an absolute path, let them do it */
if (cmnd[0] == '/') {
@@ -238,32 +274,35 @@ if (strcmp(list_ptr[USER_LIST]->data, "ALL") == 0) {
return (NO_MATCH);
}
}
/* if the command has an absolute path, check it out */
/*
* if the command has an absolute path, check it out
*/
else if (list_ptr[USER_LIST] -> data[0] == '/') {
/* op | data | return value
/*
* op | data | return value
* ---------------------------------
* ' ' | No Match | return(NO_MATCH)
* '!' | No Match | return(NO_MATCH)
* ' ' | A Match | return(MATCH)
* '!' | A Match | return(QUIT_NOW)
*
* these special cases are important in subtracting from the
* Universe of commands in something like:
* these special cases are important in subtracting from the Universe
* of commands in something like:
* user machine=ALL,!/bin/rm,!/etc/named ...
*/
if (strcmp(list_ptr[USER_LIST] -> data, cmnd) == 0) {
if (list_ptr[USER_LIST] -> op == '!') {
return (QUIT_NOW);
}
else {
} else {
return (MATCH);
}
}
else {
} else {
return (NO_MATCH);
}
}
/* by now we have a Cmnd_Alias that will have to be expanded */
/*
* by now we have a Cmnd_Alias that will have to be expanded
*/
else {
save_ptr = list_ptr[CMND_LIST];
while (list_ptr[CMND_LIST] != NULL) {
@@ -278,8 +317,7 @@ else {
if (list_ptr[USER_LIST] -> op == '!') {
list_ptr[CMND_LIST] = save_ptr;
return (QUIT_NOW);
}
else {
} else {
list_ptr[CMND_LIST] = save_ptr;
return (MATCH);
}
@@ -288,13 +326,11 @@ else {
next_type = list_ptr[CMND_LIST] -> next -> type;
tmp_ptr = list_ptr[CMND_LIST];
list_ptr[CMND_LIST] = tmp_ptr -> next;
}
else {
} else {
next_type = ~TYPE3;
}
}
}
else {
} else {
tmp_ptr = list_ptr[CMND_LIST];
list_ptr[CMND_LIST] = tmp_ptr -> next;
}
@@ -304,12 +340,15 @@ else {
}
}
/*******************************************************************************
/*
* this routine is called from validate() after the call_back() routine
* has built all the possible lists. this routine steps thru the user list
* calling on host_type_ok() and cmnd_type_ok() trying to resolve whether
* or not the user will be able to execute the command on the host.
*******************************************************************************/
*/
int cmnd_check()
{
int return_code;
@@ -323,21 +362,18 @@ while (list_ptr[USER_LIST] != NULL) {
return_code = cmnd_type_ok();
if (return_code == MATCH) {
return (VALIDATE_OK);
}
else if (return_code == QUIT_NOW) {
} else if (return_code == QUIT_NOW) {
return (VALIDATE_NOT_OK);
}
if (list_ptr[USER_LIST] -> next != NULL) {
next_type = list_ptr[USER_LIST] -> next -> type;
tmp_ptr = list_ptr[USER_LIST];
list_ptr[USER_LIST] = tmp_ptr -> next;
}
else {
} else {
next_type = ~TYPE3;
}
}
}
else {
} else {
tmp_ptr = list_ptr[USER_LIST];
list_ptr[USER_LIST] = tmp_ptr -> next;
}
@@ -345,10 +381,13 @@ while (list_ptr[USER_LIST] != NULL) {
return (VALIDATE_NOT_OK);
}
/*******************************************************************************
/*
* this routine is called from the sudo.c module and tries to validate
* the user, host and command triplet.
*******************************************************************************/
*/
int validate()
{
FILE *sudoers_fp;
@@ -359,7 +398,6 @@ if ((sudoers_fp = fopen(SUDOERS, "r")) == NULL ) {
log_error(NO_SUDOERS_FILE);
exit(1);
}
yyin = sudoers_fp;
yyout = stdout;
@@ -373,20 +411,26 @@ for (i = 0; i < NUM_LISTS; i++)
*/
return_code = yyparse();
/* don't need to keep this open... */
/*
* don't need to keep this open...
*/
(void) fclose(sudoers_fp);
/* if a parsing error occurred, set return_code accordingly */
/*
* if a parsing error occurred, set return_code accordingly
*/
if (parse_error == TRUE) {
return_code = PARSE_ERROR;
}
/* if the user was not found, set the return_code accordingly */
/*
* if the user was not found, set the return_code accordingly
*/
if (found_user == FALSE) {
return_code = NOT_FOUND_USER;
}
/* handle the 3 cases individually &*/
/*
* handle the 3 cases individually
*/
switch (return_code) {
case FOUND_USER:
return_code = cmnd_check();

67
sudo.c
View File

@@ -78,7 +78,9 @@ uid_t uid;
*/
main(argc, argv, envp)
int argc; char **argv; char **envp;
int argc;
char **argv;
char **envp;
{
static void usage();
int rtn;
@@ -86,10 +88,14 @@ int rtn;
Argv = argv;
Argc = argc;
/* if nothing is passed, we don't need to do anything... */
if ( argc < 2 ) usage();
/*
* if nothing is passed, we don't need to do anything...
*/
if (argc < 2)
usage();
/* close all file descriptors to make sure we have a nice
/*
* close all file descriptors to make sure we have a nice
* clean slate from which to work.
*/
for (rtn = getdtablesize() - 1; rtn > 3; rtn--)
@@ -110,7 +116,6 @@ if ( setruid(uid) ) {
exit(1);
#endif
}
switch (rtn) {
case VALIDATE_OK:
@@ -136,16 +141,16 @@ switch ( rtn ) {
inform_user(rtn);
exit(1);
break;
}
return(-1); /* If we get here it's an error (execve failed) */
/*
* If we get here it's an error (execve failed)
*/
return (-1);
}
/**********************************************************************
*
* load_globals()
@@ -170,31 +175,32 @@ if ( (host=malloc(MAXHOSTNAMELEN+1)) == NULL ) {
perror("malloc");
exit(1);
}
uid = getuid(); /* we need to tuck this away for safe keeping */
/* loading the cmnd global variable from argv[1] */
/*
* loading the cmnd global variable from argv[1]
*/
strncpy(path, Argv[1], MAXPATHLEN)[MAXPATHLEN] = 0;
cmnd = find_path(path); /* get the absolute path */
if (cmnd == NULL) {
fprintf ( stderr, "%s: %s: command not found\n", Argv[0], Argv[1] );
(void) fprintf(stderr, "%s: %s: command not found\n", Argv[0], Argv[1]);
exit(1);
}
cmnd = strdup(cmnd);
#ifdef NO_ROOT_SUDO
if (uid == 0) {
fprintf(stderr, "You are already root, you don\'t need to use sudo.\n");
(void) fprintf(stderr, "You are already root, you don\'t need to use sudo.\n");
exit(1);
}
#endif
/* loading the user global variable from the passwd file */
/*
* loading the user global variable from the passwd file
*/
if ((pw_ent = getpwuid(uid)) == NULL) {
sprintf ( user, "%u", uid );
(void) sprintf(user, "%u", uid);
log_error(GLOBAL_NO_PW_ENT);
inform_user(GLOBAL_NO_PW_ENT);
exit(1);
@@ -202,23 +208,25 @@ if ( (pw_ent = getpwuid( uid )) == NULL ) {
strncpy(user, pw_ent -> pw_name, 8)[8] = '\0';
/* loading the host global variable from gethostname() & gethostbyname() */
/*
* loading the host global variable from gethostname() & gethostbyname()
*/
if ((gethostname(host, MAXHOSTNAMELEN))) {
strcpy(host, "amnesiac");
log_error(GLOBAL_NO_HOSTNAME);
inform_user(GLOBAL_NO_HOSTNAME);
}
else {
} else {
if ((h_ent = gethostbyname(host)) == NULL)
log_error(GLOBAL_HOST_UNREGISTERED);
else
strcpy(host, h_ent -> h_name);
/* We don't want to return the fully quallified name all the time... */
/*
* We don't want to return the fully quallified name all the time...
*/
#ifndef FQDN
if ( (p = index ( host, '.' )) ) *p='\0';
if ((p = index(host, '.')))
*p = '\0';
#endif
}
@@ -226,7 +234,6 @@ else {
/**********************************************************************
*
* usage()
@@ -236,13 +243,12 @@ else {
static void usage()
{
fprintf( stderr, "usage: %s command\n", *Argv);
(void) fprintf(stderr, "usage: %s command\n", *Argv);
exit(1);
}
/**********************************************************************
*
* clean_envp()
@@ -257,8 +263,7 @@ char **envp;
int envlen;
char **tenvp;
for ( envlen=0; envp[envlen]; envlen++ )
; /* noop */
for (envlen = 0; envp[envlen]; envlen++); /* noop */
++envlen;
Envp = (char **) malloc(sizeof(char **) * envlen);
@@ -268,7 +273,9 @@ if ( Envp == NULL ) {
exit(1);
}
/* omit all LD_* environmental vars */
/*
* omit all LD_* environmental vars
*/
for (tenvp = Envp; *envp; envp++)
if (strncmp("LD_", *envp, 3))
*tenvp++ = *envp;

37
sudo.h
View File

@@ -120,7 +120,6 @@
#define MAXHOSTNAMELEN 64
#endif
/* 48 chars is not enough */
#define MAXCOMMANDLENGTH MAXPATHLEN
typedef union {
@@ -141,10 +140,10 @@ YYSTYPE yylval, yyval;
YYSTYPE yylval;
#endif
#ifdef SYSLOG /* SYSLOG should be defined in the makefile */
/*
* SYSLOG should be defined in the makefile
*/
#ifdef SYSLOG
#include <syslog.h>
#ifndef Syslog_ident
#define Syslog_ident "sudo"
@@ -171,12 +170,16 @@ YYSTYPE yylval;
#endif /* LOGFILE */
#endif /* SYSLOG */
/* Maximum number of characters to log per entry. */
#ifndef MAXLOGLEN /* The syslogger will log this much, after that, */
#define MAXLOGLEN 990 /* it truncates the log line. We need this here */
#endif /* to make sure that we get ellipses when the log */
/* line is longer than 990 characters. */
/*
* Maximum number of characters to log per entry.
* The syslogger will log this much, after that,
* it truncates the log line. We need this here
* to make sure that we get ellipses when the log
* line is longer than 990 characters.
*/
#ifndef MAXLOGLEN
#define MAXLOGLEN 990
#endif
#define VALIDATE_OK 0x00
#define VALIDATE_NO_USER 0x01
@@ -226,6 +229,7 @@ void load_globals();
void log_error();
void inform_user();
void check_user();
void clean_envp();
int validate();
/* Most of these variables are declared in main() so they don't need
@@ -240,16 +244,19 @@ extern uid_t uid;
extern char *host;
extern char *user;
extern char *cmnd;
extern char **Argv;
extern int Argc;
extern char **Argv;
extern char **Envp;
#endif
extern int errno;
/* This is to placate hpux */
/*
* This is to placate hpux
*/
#ifdef hpux
#define setruid(__RUID) (setresuid((uid_t)(__RUID), (uid_t) -1, (uid_t) -1))
#define getdtablesize() (sysconf(_SC_OPEN_MAX))
#ifndef USE_CWD
#define USE_CWD
#endif
#endif
#endif /* USE_CWD */
#endif /* hpux */