We rely on the include path to find many of these headers. It
especially doesn't make sense to use #include "foo.h" for headers
in the top-level include directory.
Previously, we checked that the previous entry's binding pointer
was not the same while freeing. However, to be able to merge
Defaults records we cannot rely on Defaults entries with the same
binding being immediately adjacent. This removes the prev_binding
checks in favor of a reference count which allows us to plug the
memory leak in cvtsudoers when merging Defaults.
Duplicate aliases are remove. If there are conflicting alias names,
the conflicts are renamed by appending a numerical suffix.
For example, if there are two SERVERS Host_Aliases, the second one
will be renamed to SERVERS_1.
We need to be able to display it using alias_error().
Only free what we actually allocated in alias_add() on error and
let the caller handle cleanup. Note that we cannot completely fill
in the alias until it is inserted. Otherwise, we will have modified
the file and members parameters even if there was an error.
As a result, we have to remove those from the leak list after
alias_add(), not before.
We now need to remove the name and members from the leak list
*before* calling alias_add() since alias_add() will consume them
for both success and failure.
This is used to provided the column number along with the line
number in error messages. For aliases we store the column of the
alias name, not the value since that is what visudo generally needs.
Previously we needed to include headers required by the various
sudo*h files. Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
o The parse tree is now passed to the alias, match and defaults functions.
o The nss API has been changed so that the nss parse() function returns
a pointer to a struct sudoers_parse_tree which will be filled in
by the getdefs() and query() functions.
Currently forces alias expansion when a filter is applied and the
entire matching user or host list is printed, even the non-matching
entries. This effectively allows you to grep sudoers by user, group
and host.
lists in sudoers. Once the headless tail queue is built up it is
converted to a normal TAILQ. This removes the last consumer of
list.c and list.h so those can now be removed.
MAXHOSTNAMELEN and the MIN/MAX macros. We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
