add SIA support

diff --git a/Makefile.in b/Makefile.in
index 88844b1d3cce3717993e647f556846b430666155..b7555192ef25ef447c4e1a0332a5a6a23b249d98 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -98,12 +98,14 @@ SHELL = /bin/sh
 PROGS = @PROGS@
 
 SRCS = check.c getspwuid.c find_path.c logging.c parse.c sudo.c secureware.c \
-       goodpath.c sudo_setenv.c parse.yacc parse.lex visudo.c interfaces.c
+       goodpath.c sudo_setenv.c parse.yacc parse.lex visudo.c interfaces.c \
+       check_sia.c
 
 PARSEOBJS = sudo.tab.o lex.yy.o
 
-SUDOBJS = check.o getspwuid.o find_path.o logging.o parse.o sudo.o goodpath.o \
-          sudo_setenv.o interfaces.o secureware.o @DCE_OBJS@ @TGETPASS@
+SUDOBJS = check.o getspwuid.o find_path.o logging.o parse.o sudo.o \
+          secureware.o goodpath.o sudo_setenv.o interfaces.o \
+         check_sia.o @DCE_OBJS@ @TGETPASS@
 
 VISUDOBJS = visudo.o
 
@@ -133,7 +135,7 @@ VERSIONFILES = emul/utime.h check.c compat.h config.h.in dce_pwent.c \
               ins_classic.h ins_csops.h ins_goons.h insults.h interfaces.c \
               logging.c parse.c parse.lex parse.yacc pathnames.h.in \
               putenv.c strdup.c sudo.c sudo.h sudo_setenv.c testsudoers.c \
-              tgetpass.c utime.c visudo.c secureware.c
+              tgetpass.c utime.c visudo.c secureware.c check_sia.c
 
 all: $(PROGS)
 

diff --git a/check.c b/check.c
index ffb36cb0774615e6fb6ea5270e153608f325138c..e4a369cfd0dc9f03e8c97bb94ff47e1c44fea26e 100644 (file)
--- a/check.c
+++ b/check.c
@@ -159,11 +159,13 @@ void check_user()
        if (rtn == 2)
            reminder();         /* do the reminder if ticket file is new */
 #endif /* NO_MESSAGE */
-#ifdef HAVE_PAM
+#ifdef HAVE_SIA
+       sia_attempt_auth();
+#elif HAVE_PAM
        pam_attempt_auth();
-#else  /* !HAVE_PAM */
+#else  /* !HAVE_SIA && !HAVE_PAM */
        check_passwd();
-#endif /* HAVE_PAM */
+#endif /* HAVE_SIA */
     }
 
     update_timestamp();

diff --git a/config.h.in b/config.h.in
index 04a4048eb455b1152f47792c8e71e1e67145123c..8fbc912fa734939e4f04f6a578b0fddc8e89161d 100644 (file)
--- a/config.h.in
+++ b/config.h.in
@@ -144,6 +144,9 @@
 #  define HAVE_KERB4
 #endif /* HAVE_KERB5 */
 
+/* Define if you use SIA.  */
+#undef HAVE_SIA
+
 /* Define if you use PAM.  */
 #undef HAVE_PAM
 

diff --git a/configure.in b/configure.in
index 7f5e0673999b93661d03299178d3af28b57229fd..6278ff184164e36f910b831c3d2143148d4beb2a 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -233,10 +233,22 @@ AC_ARG_WITH(authenticate, [  --with-authenticate     enable AIX general authenti
                ;;
 esac])
 
+AC_ARG_WITH(sia, [  --with-sia              enable SIA support],
+[case $with_sia in
+    yes)       AC_DEFINE(HAVE_SIA)
+               AC_MSG_CHECKING(whether to use SIA authentication)
+               AC_MSG_RESULT(yes)
+               ;;
+    no)                ;;
+    *)         echo "Sorry, --with-sia does not take an argument."
+               exit 1
+               ;;
+esac])
+
 AC_ARG_WITH(pam, [  --with-pam              enable PAM support],
 [case $with_pam in
     yes)       AC_DEFINE(HAVE_PAM)
-               AC_MSG_CHECKING(whether to try PAM authentication)
+               AC_MSG_CHECKING(whether to use PAM authentication)
                AC_MSG_RESULT(yes)
                ;;
     no)                ;;
@@ -1437,5 +1449,6 @@ dnl
 if test "$with_pam" = "yes"; then
     echo ""
     echo "You will need to customize sample.pam and install it as /etc/pam.d/sudo"
+    echo "for RedHat Linux 5.x or modify /etc/pam.conf for Solaris."
     echo ""
 fi

diff --git a/logging.c b/logging.c
index 2e1c1509dff9d08bc495ef7bd37e5ffc191b5b1a..7c1e40d801e0fb4b1f9c4d39806329b89c3c8548 100644 (file)
--- a/logging.c
+++ b/logging.c
@@ -283,8 +283,14 @@ void log_error(code)
                tty, cwd, runas_user);
            break;
 
+       case BAD_ALLOCATION:
+           (void) sprintf(p,
+               "allocation failure; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=",
+               tty, cwd, runas_user);
+           break;
+
        default:
-           strcat(p, "found a wierd error : ");
+           strcat(p, "found a weird error : ");
            break;
     }
 
@@ -675,9 +681,14 @@ void inform_user(code)
                "Your timestamp file has a preposterous date, ignoring.\n");
            break;
 
+       case BAD_ALLOCATION:
+           (void) fprintf(stderr,
+               "Resource allocation failure.\n");
+           break;
+
        default:
            (void) fprintf(stderr,
-               "Something wierd happened.\n\n");
+               "Something weird happened.\n\n");
            break;
     }
 }
@@ -732,6 +743,7 @@ static int appropriate(code)
     case SPOOF_ATTEMPT:
     case BAD_STAMPDIR:
     case BAD_STAMPFILE:
+    case BAD_ALLOCATION:
     default:
        return (1);
        break;

diff --git a/sudo.h b/sudo.h
index ff9446b6115fa6e6a599e8c95270093c1ae5eaed..af16bf7e832c7cfe5d81b2eb994e3ca4c222c8a6 100644 (file)
--- a/sudo.h
+++ b/sudo.h
@@ -162,6 +162,7 @@ struct generic_alias {
 #define SPOOF_ATTEMPT            0x0D
 #define BAD_STAMPDIR             0x0E
 #define BAD_STAMPFILE            0x0F
+#define BAD_ALLOCATION           0x10
 
 /*
  * Boolean values
@@ -229,6 +230,7 @@ void set_perms              __P((int, int));
 void remove_timestamp  __P((void));
 void load_interfaces   __P((void));
 int check_secureware   __P((char *));
+void sia_attempt_auth  __P((void));
 int yyparse            __P((void));
 YY_DECL;