isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make struct {command,user}_details pointers const where possible.

Browse Source
This commit is contained in:
Todd C. Miller
2023-03-27 16:29:46 -06:00
parent 554397eaea
commit f0030cf30f
13 changed files with 68 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/edit_open.c
View File

@@ -100,7 +100,7 @@ switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups)
} }
static bool static bool
group_matches(gid_t target, struct sudo_cred *cred) group_matches(gid_t target, const struct sudo_cred *cred)
{ {
int i; int i;
debug_decl(group_matches, SUDO_DEBUG_EDIT); debug_decl(group_matches, SUDO_DEBUG_EDIT);
@@ -123,7 +123,7 @@ group_matches(gid_t target, struct sudo_cred *cred)
} }
static bool static bool
is_writable(struct sudo_cred *user_cred, struct stat *sb) is_writable(const struct sudo_cred *user_cred, struct stat *sb)
{ {
debug_decl(is_writable, SUDO_DEBUG_EDIT); debug_decl(is_writable, SUDO_DEBUG_EDIT);
@@ -153,7 +153,8 @@ is_writable(struct sudo_cred *user_cred, struct stat *sb)
* Returns true if writable, false if not, or -1 on error. * Returns true if writable, false if not, or -1 on error.
*/ */
int int
dir_is_writable(int dfd, struct sudo_cred *user_cred, struct sudo_cred *cur_cred) dir_is_writable(int dfd, const struct sudo_cred *user_cred,
const struct sudo_cred *cur_cred)
{ {
struct stat sb; struct stat sb;
int rc; int rc;
@@ -215,7 +216,8 @@ fallback:
* Returns true if writable, false if not, or -1 on error. * Returns true if writable, false if not, or -1 on error.
*/ */
int int
dir_is_writable(int dfd, struct sudo_cred *user_cred, struct sudo_cred *cur_cred) dir_is_writable(int dfd, const struct sudo_cred *user_cred,
const struct sudo_cred *cur_cred)
{ {
struct stat sb; struct stat sb;
debug_decl(dir_is_writable, SUDO_DEBUG_EDIT); debug_decl(dir_is_writable, SUDO_DEBUG_EDIT);
@@ -338,7 +340,7 @@ done:
static int static int
sudo_edit_open_nonwritable(char *path, int oflags, mode_t mode, sudo_edit_open_nonwritable(char *path, int oflags, mode_t mode,
struct sudo_cred *user_cred, struct sudo_cred *cur_cred) const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred)
{ {
const int dflags = DIR_OPEN_FLAGS; const int dflags = DIR_OPEN_FLAGS;
int dfd, fd, writable; int dfd, fd, writable;
@@ -405,7 +407,7 @@ sudo_edit_open_nonwritable(char *path, int oflags, mode_t mode,
#ifdef O_NOFOLLOW #ifdef O_NOFOLLOW
int int
sudo_edit_open(char *path, int oflags, mode_t mode, int sflags, sudo_edit_open(char *path, int oflags, mode_t mode, int sflags,
struct sudo_cred *user_cred, struct sudo_cred *cur_cred) const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred)
{ {
int fd; int fd;
debug_decl(sudo_edit_open, SUDO_DEBUG_EDIT); debug_decl(sudo_edit_open, SUDO_DEBUG_EDIT);
@@ -434,7 +436,7 @@ sudo_edit_open(char *path, int oflags, mode_t mode, int sflags,
#else #else
int int
sudo_edit_open(char *path, int oflags, mode_t mode, int sflags, sudo_edit_open(char *path, int oflags, mode_t mode, int sflags,
struct sudo_cred *user_cred, struct sudo_cred *cur_cred) const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred)
{ {
struct stat sb; struct stat sb;
int fd; int fd;
@@ -486,8 +488,8 @@ sudo_edit_open(char *path, int oflags, mode_t mode, int sflags,
* Does not modify the value of errno. * Does not modify the value of errno.
*/ */
bool bool
sudo_edit_parent_valid(char *path, int sflags, struct sudo_cred *user_cred, sudo_edit_parent_valid(char *path, int sflags,
struct sudo_cred *cur_cred) const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred)
{ {
const int serrno = errno; const int serrno = errno;
struct stat sb; struct stat sb;

15
src/exec.c
View File

@@ -1,7 +1,7 @@
/* /*
* SPDX-License-Identifier: ISC * SPDX-License-Identifier: ISC
* *
* Copyright (c) 2009-2022 Todd C. Miller <Todd.Miller@sudo.ws> * Copyright (c) 2009-2023 Todd C. Miller <Todd.Miller@sudo.ws>
* *
* Permission to use, copy, modify, and distribute this software for any * Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above * purpose with or without fee is hereby granted, provided that the above
@@ -361,7 +361,7 @@ sudo_terminated(struct command_status *cstat)
} }
static bool static bool
sudo_needs_pty(struct command_details *details) sudo_needs_pty(const struct command_details *details)
{ {
struct plugin_container *plugin; struct plugin_container *plugin;
@@ -382,7 +382,7 @@ sudo_needs_pty(struct command_details *details)
* sudo can exec the command directly (and not wait). * sudo can exec the command directly (and not wait).
*/ */
static bool static bool
direct_exec_allowed(struct command_details *details) direct_exec_allowed(const struct command_details *details)
{ {
struct plugin_container *plugin; struct plugin_container *plugin;
debug_decl(direct_exec_allowed, SUDO_DEBUG_EXEC); debug_decl(direct_exec_allowed, SUDO_DEBUG_EXEC);
@@ -407,8 +407,9 @@ direct_exec_allowed(struct command_details *details)
* we fact that we have two different controlling terminals to deal with. * we fact that we have two different controlling terminals to deal with.
*/ */
int int
sudo_execute(struct command_details *details, struct user_details *user_details, sudo_execute(struct command_details *details,
struct command_status *cstat) const struct user_details *user_details,
struct sudo_event_base *evbase, struct command_status *cstat)
{ {
debug_decl(sudo_execute, SUDO_DEBUG_EXEC); debug_decl(sudo_execute, SUDO_DEBUG_EXEC);
@@ -462,7 +463,7 @@ sudo_execute(struct command_details *details, struct user_details *user_details,
* is configured, this returns false and we run the command without a pty. * is configured, this returns false and we run the command without a pty.
*/ */
if (sudo_needs_pty(details)) { if (sudo_needs_pty(details)) {
if (exec_pty(details, user_details, cstat)) if (exec_pty(details, user_details, evbase, cstat))
goto done; goto done;
} }
@@ -482,7 +483,7 @@ sudo_execute(struct command_details *details, struct user_details *user_details,
/* /*
* Run the command in the existing tty (if any) and wait for it to finish. * Run the command in the existing tty (if any) and wait for it to finish.
*/ */
exec_nopty(details, user_details, cstat); exec_nopty(details, user_details, evbase, cstat);
done: done:
/* The caller will run any plugin close functions. */ /* The caller will run any plugin close functions. */

4
src/exec_intercept.c
View File

@@ -98,7 +98,7 @@ enable_write_event(int fd, sudo_ev_callback_t callback,
*/ */
void * void *
intercept_setup(int fd, struct sudo_event_base *evbase, intercept_setup(int fd, struct sudo_event_base *evbase,
struct command_details *details) const struct command_details *details)
{ {
struct intercept_closure *closure; struct intercept_closure *closure;
debug_decl(intercept_setup, SUDO_DEBUG_EXEC); debug_decl(intercept_setup, SUDO_DEBUG_EXEC);
@@ -1086,7 +1086,7 @@ bad:
#else /* _PATH_SUDO_INTERCEPT */ #else /* _PATH_SUDO_INTERCEPT */
void * void *
intercept_setup(int fd, struct sudo_event_base *evbase, intercept_setup(int fd, struct sudo_event_base *evbase,
struct command_details *details) const struct command_details *details)
{ {
debug_decl(intercept_setup, SUDO_DEBUG_EXEC); debug_decl(intercept_setup, SUDO_DEBUG_EXEC);

2
src/exec_intercept.h
View File

@@ -35,7 +35,7 @@ enum intercept_state {
/* Closure for intercept_cb() */ /* Closure for intercept_cb() */
struct intercept_closure { struct intercept_closure {
union sudo_token_un token; union sudo_token_un token;
struct command_details *details; const struct command_details *details;
struct sudo_event ev; struct sudo_event ev;
const char *errstr; const char *errstr;
char *command; /* dynamically allocated */ char *command; /* dynamically allocated */

4
src/exec_monitor.c
View File

@@ -42,7 +42,7 @@
#include "sudo_plugin_int.h" #include "sudo_plugin_int.h"
struct monitor_closure { struct monitor_closure {
struct command_details *details; const struct command_details *details;
struct sudo_event_base *evbase; struct sudo_event_base *evbase;
struct sudo_event *errpipe_event; struct sudo_event *errpipe_event;
struct sudo_event *backchannel_event; struct sudo_event *backchannel_event;
@@ -401,7 +401,7 @@ exec_cmnd_pty(struct command_details *details, sigset_t *mask,
*/ */
static void static void
fill_exec_closure_monitor(struct monitor_closure *mc, fill_exec_closure_monitor(struct monitor_closure *mc,
struct command_details *details, struct command_status *cstat, const struct command_details *details, struct command_status *cstat,
int errfd, int backchannel) int errfd, int backchannel)
{ {
debug_decl(fill_exec_closure_monitor, SUDO_DEBUG_EXEC); debug_decl(fill_exec_closure_monitor, SUDO_DEBUG_EXEC);

14
src/exec_nopty.c
View File

@@ -208,8 +208,8 @@ signal_cb_nopty(int signo, int what, void *v)
*/ */
static void static void
fill_exec_closure(struct exec_closure *ec, struct command_status *cstat, fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
struct command_details *details, struct user_details *user_details, struct command_details *details, const struct user_details *user_details,
int errfd) struct sudo_event_base *evbase, int errfd)
{ {
debug_decl(fill_exec_closure, SUDO_DEBUG_EXEC); debug_decl(fill_exec_closure, SUDO_DEBUG_EXEC);
@@ -222,8 +222,7 @@ fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
ec->cols = user_details->ts_cols; ec->cols = user_details->ts_cols;
/* Setup event base and events. */ /* Setup event base and events. */
ec->evbase = details->evbase; ec->evbase = evbase;
details->evbase = NULL;
/* Event for command status via errfd. */ /* Event for command status via errfd. */
ec->backchannel_event = sudo_ev_alloc(errfd, ec->backchannel_event = sudo_ev_alloc(errfd,
@@ -536,8 +535,9 @@ interpose_pipes(struct exec_closure *ec, int io_pipe[3][2])
* Execute a command and wait for it to finish. * Execute a command and wait for it to finish.
*/ */
void void
exec_nopty(struct command_details *details, struct user_details *user_details, exec_nopty(struct command_details *details,
struct command_status *cstat) const struct user_details *user_details,
struct sudo_event_base *evbase, struct command_status *cstat)
{ {
int io_pipe[3][2] = { { -1, -1 }, { -1, -1 }, { -1, -1 } }; int io_pipe[3][2] = { { -1, -1 }, { -1, -1 }, { -1, -1 } };
int errpipe[2], intercept_sv[2] = { -1, -1 }; int errpipe[2], intercept_sv[2] = { -1, -1 };
@@ -660,7 +660,7 @@ exec_nopty(struct command_details *details, struct user_details *user_details,
* Fill in exec closure, allocate event base, signal events and * Fill in exec closure, allocate event base, signal events and
* the error pipe event. * the error pipe event.
*/ */
fill_exec_closure(&ec, cstat, details, user_details, errpipe[0]); fill_exec_closure(&ec, cstat, details, user_details, evbase, errpipe[0]);
if (ISSET(details->flags, CD_INTERCEPT|CD_LOG_SUBCMDS)) { if (ISSET(details->flags, CD_INTERCEPT|CD_LOG_SUBCMDS)) {
int rc = 1; int rc = 1;

13
src/exec_pty.c
View File

@@ -935,8 +935,8 @@ fwdchannel_cb(int sock, int what, void *v)
*/ */
static void static void
fill_exec_closure(struct exec_closure *ec, struct command_status *cstat, fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
struct command_details *details, struct user_details *user_details, struct command_details *details, const struct user_details *user_details,
pid_t sudo_pid, pid_t ppgrp, int backchannel) struct sudo_event_base *evbase, pid_t sudo_pid, pid_t ppgrp, int backchannel)
{ {
debug_decl(fill_exec_closure, SUDO_DEBUG_EXEC); debug_decl(fill_exec_closure, SUDO_DEBUG_EXEC);
@@ -954,8 +954,7 @@ fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
cstat->val = 0; cstat->val = 0;
/* Setup event base and events. */ /* Setup event base and events. */
ec->evbase = details->evbase; ec->evbase = evbase;
details->evbase = NULL;
/* Event for command status via backchannel. */ /* Event for command status via backchannel. */
ec->backchannel_event = sudo_ev_alloc(backchannel, ec->backchannel_event = sudo_ev_alloc(backchannel,
@@ -1063,7 +1062,8 @@ fill_exec_closure(struct exec_closure *ec, struct command_status *cstat,
* we fact that we have two different controlling terminals to deal with. * we fact that we have two different controlling terminals to deal with.
*/ */
bool bool
exec_pty(struct command_details *details, struct user_details *user_details, exec_pty(struct command_details *details,
const struct user_details *user_details, struct sudo_event_base *evbase,
struct command_status *cstat) struct command_status *cstat)
{ {
int io_pipe[3][2] = { { -1, -1 }, { -1, -1 }, { -1, -1 } }; int io_pipe[3][2] = { { -1, -1 }, { -1, -1 }, { -1, -1 } };
@@ -1361,7 +1361,8 @@ exec_pty(struct command_details *details, struct user_details *user_details,
* Fill in exec closure, allocate event base, signal events and * Fill in exec closure, allocate event base, signal events and
* the backchannel event. * the backchannel event.
*/ */
fill_exec_closure(&ec, cstat, details, user_details, sudo_pid, ppgrp, sv[0]); fill_exec_closure(&ec, cstat, details, user_details, evbase,
sudo_pid, ppgrp, sv[0]);
/* Create event and closure for intercept mode. */ /* Create event and closure for intercept mode. */
if (ISSET(details->flags, CD_INTERCEPT|CD_LOG_SUBCMDS)) { if (ISSET(details->flags, CD_INTERCEPT|CD_LOG_SUBCMDS)) {

5
src/sudo.c
View File

@@ -292,7 +292,6 @@ main(int argc, char *argv[], char *envp[])
command_details.argv = nargv; command_details.argv = nargv;
command_details.argc = nargc; command_details.argc = nargc;
command_details.envp = run_envp; command_details.envp = run_envp;
command_details.evbase = sudo_event_base;
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
SET(command_details.flags, CD_LOGIN_SHELL); SET(command_details.flags, CD_LOGIN_SHELL);
if (ISSET(sudo_mode, MODE_BACKGROUND)) if (ISSET(sudo_mode, MODE_BACKGROUND))
@@ -1022,7 +1021,7 @@ done:
*/ */
int int
run_command(struct command_details *command_details, run_command(struct command_details *command_details,
struct user_details *user_details) const struct user_details *user_details)
{ {
struct command_status cstat; struct command_status cstat;
int status = W_EXITCODE(1, 0); int status = W_EXITCODE(1, 0);
@@ -1044,7 +1043,7 @@ run_command(struct command_details *command_details,
debug_return_int(status); debug_return_int(status);
} }
sudo_execute(command_details, user_details, &cstat); sudo_execute(command_details, user_details, sudo_event_base, &cstat);
switch (cstat.type) { switch (cstat.type) {
case CMD_ERRNO: case CMD_ERRNO:

9
src/sudo.h
View File

@@ -211,7 +211,6 @@ struct command_details {
const char *tty; const char *tty;
char **argv; char **argv;
char **envp; char **envp;
struct sudo_event_base *evbase;
#ifdef HAVE_PRIV_SET #ifdef HAVE_PRIV_SET
priv_set_t *privs; priv_set_t *privs;
priv_set_t *limitprivs; priv_set_t *limitprivs;
@@ -243,10 +242,10 @@ void cleanup(int);
/* tgetpass.c */ /* tgetpass.c */
char *tgetpass(const char *prompt, int timeout, int flags, char *tgetpass(const char *prompt, int timeout, int flags,
struct sudo_conv_callback *callback); struct sudo_conv_callback *callback);
struct sudo_cred *sudo_askpass_cred(struct sudo_cred *cred); const struct sudo_cred *sudo_askpass_cred(const struct sudo_cred *cred);
/* exec.c */ /* exec.c */
int sudo_execute(struct command_details *details, struct user_details *ud, struct command_status *cstat); int sudo_execute(struct command_details *details, const struct user_details *ud, struct sudo_event_base *evbase, struct command_status *cstat);
/* parse_args.c */ /* parse_args.c */
int parse_args(int argc, char **argv, const char *shell, int *old_optind, int parse_args(int argc, char **argv, const char *shell, int *old_optind,
@@ -259,7 +258,7 @@ char *get_pty(int *leader, int *follower, uid_t uid);
/* sudo.c */ /* sudo.c */
int policy_init_session(struct command_details *details); int policy_init_session(struct command_details *details);
int run_command(struct command_details *command_details, struct user_details *user_details); int run_command(struct command_details *command_details, const struct user_details *user_details);
int os_init_common(int argc, char *argv[], char *envp[]); int os_init_common(int argc, char *argv[], char *envp[]);
bool gc_add(enum sudo_gc_types type, void *v); bool gc_add(enum sudo_gc_types type, void *v);
bool set_user_groups(struct command_details *details); bool set_user_groups(struct command_details *details);
@@ -276,7 +275,7 @@ bool approval_check(char * const command_info[], char * const run_argv[],
extern int sudo_debug_instance; extern int sudo_debug_instance;
/* sudo_edit.c */ /* sudo_edit.c */
int sudo_edit(struct command_details *command_details, struct user_details *user_details); int sudo_edit(struct command_details *command_details, const struct user_details *user_details);
/* parse_args.c */ /* parse_args.c */
sudo_noreturn void usage(void); sudo_noreturn void usage(void);

27
src/sudo_edit.c
View File

@@ -60,7 +60,7 @@ static char edit_tmpdir[MAX(sizeof(_PATH_VARTMP), sizeof(_PATH_TMP))];
* Returns true on success, else false; * Returns true on success, else false;
*/ */
static bool static bool
set_tmpdir(struct sudo_cred *user_cred) set_tmpdir(const struct sudo_cred *user_cred)
{ {
const char *tdir = NULL; const char *tdir = NULL;
const char *tmpdirs[] = { const char *tmpdirs[] = {
@@ -162,8 +162,8 @@ sudo_edit_mktemp(const char *ofile, char **tfile)
* or -1 if a fatal error occurred. * or -1 if a fatal error occurred.
*/ */
static int static int
sudo_edit_create_tfiles(struct command_details *command_details, sudo_edit_create_tfiles(const struct command_details *command_details,
struct sudo_cred *user_cred, struct tempfile *tf, char *files[], const struct sudo_cred *user_cred, struct tempfile *tf, char *files[],
int nfiles) int nfiles)
{ {
int i, j, tfd, ofd, rc; int i, j, tfd, ofd, rc;
@@ -266,8 +266,8 @@ sudo_edit_create_tfiles(struct command_details *command_details,
* Returns the number of copy errors or 0 if completely successful. * Returns the number of copy errors or 0 if completely successful.
*/ */
static int static int
sudo_edit_copy_tfiles(struct command_details *command_details, sudo_edit_copy_tfiles(const struct command_details *command_details,
struct sudo_cred *user_cred, struct tempfile *tf, const struct sudo_cred *user_cred, struct tempfile *tf,
int nfiles, struct timespec *times) int nfiles, struct timespec *times)
{ {
int i, tfd, ofd, errors = 0; int i, tfd, ofd, errors = 0;
@@ -380,7 +380,7 @@ selinux_run_helper(uid_t uid, gid_t gid, int ngroups, GETGROUPS_T *groups,
} }
static char * static char *
selinux_fmt_sudo_user(struct sudo_cred *user_cred) selinux_fmt_sudo_user(const struct sudo_cred *user_cred)
{ {
char *cp, *user_str; char *cp, *user_str;
size_t user_size; size_t user_size;
@@ -411,8 +411,8 @@ selinux_fmt_sudo_user(struct sudo_cred *user_cred)
} }
static int static int
selinux_edit_create_tfiles(struct command_details *command_details, selinux_edit_create_tfiles(const struct command_details *command_details,
struct sudo_cred *user_cred, struct tempfile *tf, const struct sudo_cred *user_cred, struct tempfile *tf,
char *files[], int nfiles) char *files[], int nfiles)
{ {
const char **sesh_args, **sesh_ap; const char **sesh_args, **sesh_ap;
@@ -518,8 +518,8 @@ done:
} }
static int static int
selinux_edit_copy_tfiles(struct command_details *command_details, selinux_edit_copy_tfiles(const struct command_details *command_details,
struct sudo_cred *user_cred, struct tempfile *tf, const struct sudo_cred *user_cred, struct tempfile *tf,
int nfiles, struct timespec *times) int nfiles, struct timespec *times)
{ {
const char **sesh_args, **sesh_ap; const char **sesh_args, **sesh_ap;
@@ -627,10 +627,11 @@ done:
* of 1 on failure. * of 1 on failure.
*/ */
int int
sudo_edit(struct command_details *command_details, struct user_details *user_details) sudo_edit(struct command_details *command_details,
const struct user_details *user_details)
{ {
struct command_details saved_command_details; struct command_details saved_command_details;
struct sudo_cred *user_cred = &user_details->cred; const struct sudo_cred *user_cred = &user_details->cred;
char **nargv = NULL, **files = NULL; char **nargv = NULL, **files = NULL;
int nfiles = command_details->nfiles; int nfiles = command_details->nfiles;
int errors, i, ac, nargc, ret; int errors, i, ac, nargc, ret;
@@ -786,7 +787,7 @@ cleanup:
* Must have the ability to change the effective uid to use sudoedit. * Must have the ability to change the effective uid to use sudoedit.
*/ */
int int
sudo_edit(struct command_details *command_details, struct sudo_cred *user_cred) sudo_edit(const struct command_details *command_details, const struct sudo_cred *user_cred)
{ {
debug_decl(sudo_edit, SUDO_DEBUG_EDIT); debug_decl(sudo_edit, SUDO_DEBUG_EDIT);
debug_return_int(W_EXITCODE(1, 0)); debug_return_int(W_EXITCODE(1, 0));

6
src/sudo_edit.h
View File

@@ -48,8 +48,8 @@ bool sudo_check_temp_file(int tfd, const char *tname, uid_t uid, struct stat *sb
/* edit_open.c */ /* edit_open.c */
struct sudo_cred; struct sudo_cred;
void switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups); void switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups);
int sudo_edit_open(char *path, int oflags, mode_t mode, int sflags, struct sudo_cred *user_cred, struct sudo_cred *cur_cred); int sudo_edit_open(char *path, int oflags, mode_t mode, int sflags, const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred);
int dir_is_writable(int dfd, struct sudo_cred *user_cred, struct sudo_cred *cur_cred); int dir_is_writable(int dfd, const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred);
bool sudo_edit_parent_valid(char *path, int sflags, struct sudo_cred *user_cred, struct sudo_cred *cur_cred); bool sudo_edit_parent_valid(char *path, int sflags, const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred);
#endif /* SUDO_EDIT_H */ #endif /* SUDO_EDIT_H */

6
src/sudo_exec.h
View File

@@ -185,7 +185,7 @@ char **disable_execute(char *envp[], const char *dso);
char **enable_monitor(char *envp[], const char *dso); char **enable_monitor(char *envp[], const char *dso);
/* exec_intercept.c */ /* exec_intercept.c */
void *intercept_setup(int fd, struct sudo_event_base *evbase, struct command_details *details); void *intercept_setup(int fd, struct sudo_event_base *evbase, const struct command_details *details);
void intercept_cleanup(struct exec_closure *ec); void intercept_cleanup(struct exec_closure *ec);
/* exec_iolog.c */ /* exec_iolog.c */
@@ -205,10 +205,10 @@ void del_io_events(bool nonblocking);
void init_ttyblock(void); void init_ttyblock(void);
/* exec_nopty.c */ /* exec_nopty.c */
void exec_nopty(struct command_details *details, struct user_details *user_details, struct command_status *cstat); void exec_nopty(struct command_details *details, const struct user_details *user_details, struct sudo_event_base *evbase, struct command_status *cstat);
/* exec_pty.c */ /* exec_pty.c */
bool exec_pty(struct command_details *details, struct user_details *user_details, struct command_status *cstat); bool exec_pty(struct command_details *details, const struct user_details *user_details, struct sudo_event_base *evbase, struct command_status *cstat);
extern int io_fds[6]; extern int io_fds[6];
/* exec_monitor.c */ /* exec_monitor.c */

8
src/tgetpass.c
View File

@@ -290,7 +290,7 @@ static char *
sudo_askpass(const char *askpass, const char *prompt) sudo_askpass(const char *askpass, const char *prompt)
{ {
static char buf[SUDO_CONV_REPL_MAX + 1], *pass; static char buf[SUDO_CONV_REPL_MAX + 1], *pass;
struct sudo_cred *cred = sudo_askpass_cred(NULL); const struct sudo_cred *cred = sudo_askpass_cred(NULL);
sigset_t chldmask; sigset_t chldmask;
enum tgetpass_errval errval; enum tgetpass_errval errval;
int pfd[2], status; int pfd[2], status;
@@ -455,10 +455,10 @@ tgetpass_handler(int s)
signo[s] = 1; signo[s] = 1;
} }
struct sudo_cred * const struct sudo_cred *
sudo_askpass_cred(struct sudo_cred *cred) sudo_askpass_cred(const struct sudo_cred *cred)
{ {
static struct sudo_cred *saved_cred; static const struct sudo_cred *saved_cred;
if (cred != NULL) if (cred != NULL)
saved_cred = cred; saved_cred = cred;