compat/regress/glob/files
compat/regress/glob/globtest.c
compat/regress/glob/globtest.in
+compat/sha2.c
+compat/sha2.h
compat/sig2str.c
compat/siglist.in
compat/snprintf.c
plugins/sudoers/regress/visudo/test5.out.ok
plugins/sudoers/regress/visudo/test5.sh
plugins/sudoers/set_perms.c
-plugins/sudoers/sha2.c
-plugins/sudoers/sha2.h
plugins/sudoers/sssd.c
plugins/sudoers/sudo_nss.c
plugins/sudoers/sudo_nss.h
$(top_builddir)/config.h $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/atomode.c
conf_test.lo: $(srcdir)/regress/sudo_conf/conf_test.c $(incdir)/missing.h \
- $(incdir)/queue.h $(incdir)/sudo_conf.h $(top_builddir)/config.h \
- $(top_srcdir)/compat/stdbool.h
+ $(incdir)/queue.h $(incdir)/sudo_conf.h $(incdir)/sudo_util.h \
+ $(top_builddir)/config.h $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/sudo_conf/conf_test.c
event.lo: $(srcdir)/event.c $(incdir)/alloc.h $(incdir)/fatal.h \
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_debug.h \
$(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/gidlist.c
hltq_test.lo: $(srcdir)/regress/tailq/hltq_test.c $(incdir)/fatal.h \
- $(incdir)/missing.h $(incdir)/queue.h $(top_builddir)/config.h \
- $(top_srcdir)/compat/stdbool.h
+ $(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_util.h \
+ $(top_builddir)/config.h $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/tailq/hltq_test.c
lbuf.lo: $(srcdir)/lbuf.c $(incdir)/alloc.h $(incdir)/fatal.h $(incdir)/lbuf.h \
$(incdir)/missing.h $(incdir)/sudo_debug.h $(top_builddir)/config.h
$(incdir)/gettext.h $(incdir)/missing.h $(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(top_srcdir)/src/locale_stub.c
parseln_test.lo: $(srcdir)/regress/sudo_parseln/parseln_test.c \
- $(incdir)/fileops.h $(incdir)/missing.h \
+ $(incdir)/fileops.h $(incdir)/missing.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/sudo_parseln/parseln_test.c
progname.lo: $(srcdir)/progname.c $(incdir)/missing.h $(incdir)/sudo_util.h \
getcwd.lo: $(srcdir)/getcwd.c $(incdir)/missing.h $(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getcwd.c
getgrouplist.lo: $(srcdir)/getgrouplist.c $(incdir)/missing.h \
- $(top_builddir)/config.h $(top_srcdir)/compat/nss_dbdefs.h
+ $(incdir)/sudo_util.h $(top_builddir)/config.h \
+ $(top_srcdir)/compat/nss_dbdefs.h \
+ $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getgrouplist.c
getline.lo: $(srcdir)/getline.c $(incdir)/missing.h $(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getline.c
/* Define to 1 if you have the `set_auth_parameters' function. */
#undef HAVE_SET_AUTH_PARAMETERS
+/* Define to 1 if you have the `SHA224Update' function. */
+#undef HAVE_SHA224UPDATE
+
/* Define to 1 if you have the `shl_load' function. */
#undef HAVE_SHL_LOAD
/* Define to 1 to send mail when the user is not in the sudoers file. */
#undef SEND_MAIL_WHEN_NO_USER
+/* Define to 1 if the sha2 functions use `const void *' instead of `const
+ unsigned char'. */
+#undef SHA2_VOID_PTR
+
/* Define to 1 if you want sudo to start a shell if given no arguments. */
#undef SHELL_IF_NO_ARGS
COMPAT_TEST_PROGS
LOCALEDIR_SUFFIX
SUDO_NLS
+LIBMD
LIBINTL
LT_STATIC
LIBDL
+
#
PSMAN=0
SEMAN=0
LIBINTL=
+LIBMD=
ZLIB=
ZLIB_SRC=
AUTH_OBJS=
fi
fi
+ac_fn_c_check_header_mongrel "$LINENO" "sha2.h" "ac_cv_header_sha2_h" "$ac_includes_default"
+if test "x$ac_cv_header_sha2_h" = xyes; then :
+
+ for ac_func in SHA224Update
+do :
+ ac_fn_c_check_func "$LINENO" "SHA224Update" "ac_cv_func_SHA224Update"
+if test "x$ac_cv_func_SHA224Update" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SHA224UPDATE 1
+_ACEOF
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the data argument of SHA224Update() is void *" >&5
+$as_echo_n "checking whether the data argument of SHA224Update() is void *... " >&6; }
+if ${sudo_cv_func_sha2_void_ptr+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_includes_default
+#include <sha2.h>
+void SHA224Update(SHA2_CTX *context, const void *data, size_t len) {return;}
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ sudo_cv_func_sha2_void_ptr=yes
+else
+ sudo_cv_func_sha2_void_ptr=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_func_sha2_void_ptr" >&5
+$as_echo "$sudo_cv_func_sha2_void_ptr" >&6; }
+ if test $sudo_cv_func_sha2_void_ptr = yes; then
+
+$as_echo "#define SHA2_VOID_PTR 1" >>confdefs.h
+
+ fi
+
+else
+
+ # On some systems, SHA224Update is in libmd
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SHA224Update in -lmd" >&5
+$as_echo_n "checking for SHA224Update in -lmd... " >&6; }
+if ${ac_cv_lib_md_SHA224Update+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lmd $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char SHA224Update ();
+int
+main ()
+{
+return SHA224Update ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ ac_cv_lib_md_SHA224Update=yes
+else
+ ac_cv_lib_md_SHA224Update=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_md_SHA224Update" >&5
+$as_echo "$ac_cv_lib_md_SHA224Update" >&6; }
+if test "x$ac_cv_lib_md_SHA224Update" = xyes; then :
+
+ $as_echo "#define HAVE_SHA224UPDATE 1" >>confdefs.h
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the data argument of SHA224Update() is void *" >&5
+$as_echo_n "checking whether the data argument of SHA224Update() is void *... " >&6; }
+if ${sudo_cv_func_sha2_void_ptr+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_includes_default
+#include <sha2.h>
+void SHA224Update(SHA2_CTX *context, const void *data, size_t len) {return;}
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ sudo_cv_func_sha2_void_ptr=yes
+else
+ sudo_cv_func_sha2_void_ptr=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_func_sha2_void_ptr" >&5
+$as_echo "$sudo_cv_func_sha2_void_ptr" >&6; }
+ if test $sudo_cv_func_sha2_void_ptr = yes; then
+
+$as_echo "#define SHA2_VOID_PTR 1" >>confdefs.h
+
+ fi
+
+ LIBMD="-lmd"
+
+else
+ case " $LIBOBJS " in
+ *" sha2.$ac_objext "* ) ;;
+ *) LIBOBJS="$LIBOBJS sha2.$ac_objext"
+ ;;
+esac
+
+fi
+
+
+fi
+done
+
+
+else
+ case " $LIBOBJS " in
+ *" sha2.$ac_objext "* ) ;;
+ *) LIBOBJS="$LIBOBJS sha2.$ac_objext"
+ ;;
+esac
+
+fi
+
+
if test X"$with_noexec" != X"no"; then
# Check for underscore versions of standard exec functions
# unless we are using dyld symbole interposition
AC_SUBST([LIBDL])
AC_SUBST([LT_STATIC])
AC_SUBST([LIBINTL])
+AC_SUBST([LIBMD])
AC_SUBST([SUDO_NLS])
AC_SUBST([LOCALEDIR_SUFFIX])
AC_SUBST([COMPAT_TEST_PROGS])
PSMAN=0
SEMAN=0
LIBINTL=
+LIBMD=
ZLIB=
ZLIB_SRC=
AUTH_OBJS=
[AC_CHECK_MEMBER([struct stat.st_mtim.st__tim], AC_DEFINE(HAVE_ST__TIM))],
[AC_CHECK_MEMBER([struct stat.st_mtimespec], AC_DEFINE([HAVE_ST_MTIMESPEC]))])
fi
+AC_CHECK_HEADER([sha2.h], [
+ AC_CHECK_FUNCS(SHA224Update, [SUDO_FUNC_SHA2_VOID_PTR], [
+ # On some systems, SHA224Update is in libmd
+ AC_CHECK_LIB(md, SHA224Update, [
+ AC_DEFINE(HAVE_SHA224UPDATE)
+ SUDO_FUNC_SHA2_VOID_PTR
+ LIBMD="-lmd"
+ ], [AC_LIBOBJ(sha2)])
+ ])
+], [AC_LIBOBJ(sha2)])
dnl
dnl Function checks for sudo_noexec
dnl
fi
])
+dnl
+dnl Check if the data argument for the sha2 functions is void * or u_char *
+dnl
+AC_DEFUN([SUDO_FUNC_SHA2_VOID_PTR],
+[AC_CACHE_CHECK([whether the data argument of SHA224Update() is void *],
+sudo_cv_func_sha2_void_ptr,
+[AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
+#include <sha2.h>
+void SHA224Update(SHA2_CTX *context, const void *data, size_t len) {return;}], [])],
+ [sudo_cv_func_sha2_void_ptr=yes],
+ [sudo_cv_func_sha2_void_ptr=no])
+ ])
+ if test $sudo_cv_func_sha2_void_ptr = yes; then
+ AC_DEFINE(SHA2_VOID_PTR, 1,
+ [Define to 1 if the sha2 functions use `const void *' instead of `const unsigned char'.])
+ fi
+])
+
dnl
dnl check for sa_len field in struct sockaddr
dnl
LT_LIBS = $(top_builddir)/common/libsudo_util.la $(LIBOBJDIR)libreplace.la
LIBS = $(LT_LIBS) @LIBINTL@
NET_LIBS = @NET_LIBS@
-SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBDL@
+SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBMD@ @LIBDL@
REPLAY_LIBS = @REPLAY_LIBS@ @ZLIB@
+VISUDO_LIBS = $(NET_LIBS) @LIBMD@
+TESTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@ @LIBDL@
# C preprocessor flags
CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(devdir) -I$(srcdir) -I$(top_srcdir) -DLIBDIR=\"$(libdir)\" @CPPFLAGS@
LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo hexchar.lo \
gram.lo match.lo match_addr.lo pwutil.lo pwutil_impl.lo \
- timestr.lo toke.lo toke_util.lo redblack.lo sha2.lo
+ timestr.lo toke.lo toke_util.lo redblack.lo
SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo env.lo find_path.lo \
goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
CHECK_BASE64_OBJS = check_base64.o base64.o locale.o
-CHECK_DIGEST_OBJS = check_digest.o sha2.o
+CHECK_DIGEST_OBJS = check_digest.o
CHECK_FILL_OBJS = check_fill.o hexchar.o locale.o toke_util.o
$(LIBTOOL) @LT_STATIC@ --mode=link $(CC) $(LDFLAGS) $(LT_LDFLAGS) -o $@ $(SUDOERS_OBJS) libparsesudoers.la $(SUDOERS_LIBS) -module -avoid-version -rpath $(plugindir)
visudo: libparsesudoers.la $(VISUDO_OBJS) $(LT_LIBS)
- $(LIBTOOL) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(NET_LIBS)
+ $(LIBTOOL) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(VISUDO_LIBS) $(LIBS)
sudoreplay: timestr.lo $(REPLAY_OBJS) $(LT_LIBS)
$(LIBTOOL) --mode=link $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) timestr.lo $(REPLAY_LIBS) $(LIBS)
testsudoers: libparsesudoers.la $(TEST_OBJS) $(LT_LIBS)
- $(LIBTOOL) --mode=link $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(NET_LIBS) @LIBDL@
+ $(LIBTOOL) --mode=link $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(TESTSUDOERS_LIBS) $(LIBS)
check_addr: $(CHECK_ADDR_OBJS) $(LT_LIBS)
$(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_ADDR_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) $(NET_LIBS)
$(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_BASE64_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
check_digest: $(CHECK_DIGEST_OBJS) $(LT_LIBS)
- $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_DIGEST_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
+ $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_DIGEST_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @LIBMD@
check_fill: $(CHECK_FILL_OBJS) $(LT_LIBS)
$(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_FILL_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS)
$(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_base64.c
check_digest.o: $(srcdir)/regress/parser/check_digest.c $(incdir)/missing.h \
- $(srcdir)/sha2.h $(top_builddir)/config.h
+ $(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_digest.c
check_fill.o: $(srcdir)/regress/parser/check_fill.c $(devdir)/gram.h \
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_plugin.h \
- $(srcdir)/parse.h $(srcdir)/toke.h $(top_builddir)/config.h \
- $(top_srcdir)/compat/stdbool.h
+ $(incdir)/sudo_util.h $(srcdir)/parse.h $(srcdir)/toke.h \
+ $(top_builddir)/config.h $(top_srcdir)/compat/stdbool.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_fill.c
check_iolog_path.o: $(srcdir)/regress/iolog_path/check_iolog_path.c \
$(devdir)/def_data.c $(devdir)/def_data.h \
$(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/group_plugin.c
group_plugin.o: group_plugin.lo
-hexchar.lo: $(srcdir)/hexchar.c $(incdir)/fatal.h $(incdir)/missing.h \
- $(incdir)/sudo_debug.h $(top_builddir)/config.h
+hexchar.lo: $(srcdir)/hexchar.c $(incdir)/missing.h $(incdir)/sudo_debug.h \
+ $(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/hexchar.c
hexchar.o: hexchar.lo
interfaces.lo: $(srcdir)/interfaces.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
- $(srcdir)/sha2.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
- $(top_builddir)/config.h $(top_builddir)/pathnames.h \
- $(top_srcdir)/compat/fnmatch.h $(top_srcdir)/compat/glob.h \
+ $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(top_builddir)/config.h \
+ $(top_builddir)/pathnames.h $(top_srcdir)/compat/fnmatch.h \
+ $(top_srcdir)/compat/glob.h $(top_srcdir)/compat/sha2.h \
$(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/match.c
match_addr.lo: $(srcdir)/match_addr.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/set_perms.c
-sha2.lo: $(srcdir)/sha2.c $(incdir)/missing.h $(srcdir)/sha2.h \
- $(top_builddir)/config.h $(top_srcdir)/compat/endian.h
- $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sha2.c
-sha2.o: sha2.lo
sia.lo: $(authdir)/sia.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_debug.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \
$(incdir)/queue.h $(incdir)/secure_path.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
- $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sha2.h \
- $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(srcdir)/toke.h \
- $(top_builddir)/config.h $(top_builddir)/pathnames.h \
+ $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+ $(srcdir)/sudoers.h $(srcdir)/toke.h $(top_builddir)/config.h \
+ $(top_builddir)/pathnames.h $(top_srcdir)/compat/sha2.h \
$(top_srcdir)/compat/stdbool.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/toke.c
toke_util.lo: $(srcdir)/toke_util.c $(devdir)/def_data.h $(devdir)/gram.h \
#define PRIVS 289
#define LIMITPRIVS 290
#define MYSELF 291
-#define SHA224 292
-#define SHA256 293
-#define SHA384 294
-#define SHA512 295
+#define SHA224_TOK 292
+#define SHA256_TOK 293
+#define SHA384_TOK 294
+#define SHA512_TOK 295
#define YYERRCODE 256
#if defined(__cplusplus) || defined(__STDC__)
const short sudoerslhs[] =
"NOPASSWD","PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","LOG_INPUT",
"NOLOG_INPUT","LOG_OUTPUT","NOLOG_OUTPUT","ALL","COMMENT","HOSTALIAS",
"CMNDALIAS","USERALIAS","RUNASALIAS","ERROR","TYPE","ROLE","PRIVS","LIMITPRIVS",
-"MYSELF","SHA224","SHA256","SHA384","SHA512",
+"MYSELF","SHA224_TOK","SHA256_TOK","SHA384_TOK","SHA512_TOK",
};
#if defined(__cplusplus) || defined(__STDC__)
const char * const sudoersrule[] =
"cmndspeclist : cmndspec",
"cmndspeclist : cmndspeclist ',' cmndspec",
"cmndspec : runasspec selinux solarisprivs cmndtag digcmnd",
-"digest : SHA224 ':' DIGEST",
-"digest : SHA256 ':' DIGEST",
-"digest : SHA384 ':' DIGEST",
-"digest : SHA512 ':' DIGEST",
+"digest : SHA224_TOK ':' DIGEST",
+"digest : SHA256_TOK ':' DIGEST",
+"digest : SHA384_TOK ':' DIGEST",
+"digest : SHA512_TOK ':' DIGEST",
"digcmnd : opcmnd",
"digcmnd : digest opcmnd",
"opcmnd : cmnd",
goto yyreduce;
}
if (yyerrflag) goto yyinrecovery;
-#if defined(lint) || defined(__GNUC__)
+#if defined(__GNUC__)
goto yynewerror;
#endif
yynewerror:
yyerror("syntax error");
-#if defined(lint) || defined(__GNUC__)
+#if defined(__GNUC__)
goto yyerrlab;
#endif
yyerrlab:
#define PRIVS 289
#define LIMITPRIVS 290
#define MYSELF 291
-#define SHA224 292
-#define SHA256 293
-#define SHA384 294
-#define SHA512 295
+#define SHA224_TOK 292
+#define SHA256_TOK 293
+#define SHA384_TOK 294
+#define SHA512_TOK 295
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
%token <tok> PRIVS /* Solaris privileges */
%token <tok> LIMITPRIVS /* Solaris limit privileges */
%token <tok> MYSELF /* run as myself, not another user */
-%token <tok> SHA224 /* sha224 digest */
-%token <tok> SHA256 /* sha256 digest */
-%token <tok> SHA384 /* sha384 digest */
-%token <tok> SHA512 /* sha512 digest */
+%token <tok> SHA224_TOK /* sha224 token */
+%token <tok> SHA256_TOK /* sha256 token */
+%token <tok> SHA384_TOK /* sha384 token */
+%token <tok> SHA512_TOK /* sha512 token */
%type <cmndspec> cmndspec
%type <cmndspec> cmndspeclist
}
;
-digest : SHA224 ':' DIGEST {
+digest : SHA224_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA224, $3);
}
- | SHA256 ':' DIGEST {
+ | SHA256_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA256, $3);
}
- | SHA384 ':' DIGEST {
+ | SHA384_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA384, $3);
}
- | SHA512 ':' DIGEST {
+ | SHA512_TOK ':' DIGEST {
$$ = new_digest(SUDO_DIGEST_SHA512, $3);
}
;
# include <ndir.h>
# endif
#endif
+#ifdef HAVE_SHA224UPDATE
+# include <sha2.h>
+#else
+# include "compat/sha2.h"
+#endif
#include <pwd.h>
#include <grp.h>
#include <errno.h>
#include "sudoers.h"
#include "parse.h"
-#include "sha2.h"
#include <gram.h>
static struct member_list empty = TAILQ_HEAD_INITIALIZER(empty);
const char *digest_name;
const unsigned int digest_len;
void (*init)(SHA2_CTX *);
+#ifdef SHA2_VOID_PTR
+ void (*update)(SHA2_CTX *, const void *, size_t);
+ void (*final)(void *, SHA2_CTX *);
+#else
void (*update)(SHA2_CTX *, const unsigned char *, size_t);
void (*final)(unsigned char *, SHA2_CTX *);
+#endif
} digest_functions[] = {
{
"SHA224",
#elif defined(HAVE_INTTYPES_H)
# include <inttypes.h>
#endif
+#ifdef HAVE_SHA224UPDATE
+# include <sha2.h>
+#else
+# include "compat/sha2.h"
+#endif
#include "missing.h"
-#include "sha2.h"
__dso_public int main(int argc, char *argv[]);
const char *digest_name;
const int digest_len;
void (*init)(SHA2_CTX *);
+#ifdef SHA2_VOID_PTR
+ void (*update)(SHA2_CTX *, const void *, size_t);
+ void (*final)(void *, SHA2_CTX *);
+#else
void (*update)(SHA2_CTX *, const unsigned char *, size_t);
void (*final)(unsigned char *, SHA2_CTX *);
+#endif
} digest_functions[] = {
{
"SHA224",
-CMNDALIAS ALIAS = SHA224 : DIGEST COMMAND
-CMNDALIAS ALIAS = SHA256 : DIGEST COMMAND
+CMNDALIAS ALIAS = SHA224_TOK : DIGEST COMMAND
+CMNDALIAS ALIAS = SHA256_TOK : DIGEST COMMAND
-WORD(5) ALL = ALIAS , ALIAS , SHA512 : DIGEST COMMAND
+WORD(5) ALL = ALIAS , ALIAS , SHA512_TOK : DIGEST COMMAND
# include <ndir.h>
# endif
#endif
+#ifdef HAVE_SHA224UPDATE
+# include <sha2.h>
+#else
+# include "compat/sha2.h"
+#endif
#include <errno.h>
#include <ctype.h>
#include "sudoers.h"
#include "toke.h"
#include <gram.h>
#include "lbuf.h"
-#include "sha2.h"
#include "secure_path.h"
int sudolineno; /* current sudoers line number. */
#define WANTDIGEST 6
-#line 2053 "lex.sudoers.c"
+#line 2057 "lex.sudoers.c"
/* Macros after this point can all be overridden by user definitions in
* section 1.
register char *yy_cp, *yy_bp;
register int yy_act;
-#line 137 "toke.l"
+#line 141 "toke.l"
-#line 2209 "lex.sudoers.c"
+#line 2213 "lex.sudoers.c"
if ( yy_init )
{
case 1:
YY_RULE_SETUP
-#line 138 "toke.l"
+#line 142 "toke.l"
{
LEXTRACE(", ");
LEXRETURN(',');
YY_BREAK
case 2:
YY_RULE_SETUP
-#line 143 "toke.l"
+#line 147 "toke.l"
BEGIN STARTDEFS;
YY_BREAK
case 3:
YY_RULE_SETUP
-#line 145 "toke.l"
+#line 149 "toke.l"
{
BEGIN INDEFS;
LEXTRACE("DEFVAR ");
case 4:
YY_RULE_SETUP
-#line 154 "toke.l"
+#line 158 "toke.l"
{
BEGIN STARTDEFS;
LEXTRACE(", ");
YY_BREAK
case 5:
YY_RULE_SETUP
-#line 160 "toke.l"
+#line 164 "toke.l"
{
LEXTRACE("= ");
LEXRETURN('=');
YY_BREAK
case 6:
YY_RULE_SETUP
-#line 165 "toke.l"
+#line 169 "toke.l"
{
LEXTRACE("+= ");
LEXRETURN('+');
YY_BREAK
case 7:
YY_RULE_SETUP
-#line 170 "toke.l"
+#line 174 "toke.l"
{
LEXTRACE("-= ");
LEXRETURN('-');
YY_BREAK
case 8:
YY_RULE_SETUP
-#line 175 "toke.l"
+#line 179 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
YY_BREAK
case 9:
YY_RULE_SETUP
-#line 182 "toke.l"
+#line 186 "toke.l"
{
LEXTRACE("WORD(2) ");
if (!fill(sudoerstext, sudoersleng))
case 10:
YY_RULE_SETUP
-#line 191 "toke.l"
+#line 195 "toke.l"
{
/* Line continuation char followed by newline. */
sudolineno++;
YY_BREAK
case 11:
YY_RULE_SETUP
-#line 197 "toke.l"
+#line 201 "toke.l"
{
LEXTRACE("ENDSTR ");
BEGIN prev_state;
YY_BREAK
case 12:
YY_RULE_SETUP
-#line 229 "toke.l"
+#line 233 "toke.l"
{
LEXTRACE("BACKSLASH ");
if (!append(sudoerstext, sudoersleng))
YY_BREAK
case 13:
YY_RULE_SETUP
-#line 235 "toke.l"
+#line 239 "toke.l"
{
LEXTRACE("STRBODY ");
if (!append(sudoerstext, sudoersleng))
case 14:
YY_RULE_SETUP
-#line 243 "toke.l"
+#line 247 "toke.l"
{
/* quoted fnmatch glob char, pass verbatim */
LEXTRACE("QUOTEDCHAR ");
YY_BREAK
case 15:
YY_RULE_SETUP
-#line 251 "toke.l"
+#line 255 "toke.l"
{
/* quoted sudoers special char, strip backslash */
LEXTRACE("QUOTEDCHAR ");
YY_BREAK
case 16:
YY_RULE_SETUP
-#line 259 "toke.l"
+#line 263 "toke.l"
{
BEGIN INITIAL;
yyless(0);
YY_BREAK
case 17:
YY_RULE_SETUP
-#line 265 "toke.l"
+#line 269 "toke.l"
{
LEXTRACE("ARG ");
if (!fill_args(sudoerstext, sudoersleng, sawspace))
case 18:
YY_RULE_SETUP
-#line 273 "toke.l"
+#line 277 "toke.l"
{
/* Only return DIGEST if the length is correct. */
if (sudoersleng == digest_len * 2) {
YY_BREAK
case 19:
YY_RULE_SETUP
-#line 286 "toke.l"
+#line 290 "toke.l"
{
/* Only return DIGEST if the length is correct. */
int len;
YY_BREAK
case 20:
YY_RULE_SETUP
-#line 307 "toke.l"
+#line 311 "toke.l"
{
char *path;
YY_BREAK
case 21:
YY_RULE_SETUP
-#line 325 "toke.l"
+#line 329 "toke.l"
{
char *path;
YY_BREAK
case 22:
YY_RULE_SETUP
-#line 346 "toke.l"
+#line 350 "toke.l"
{
char deftype;
int n;
YY_BREAK
case 23:
YY_RULE_SETUP
-#line 386 "toke.l"
+#line 390 "toke.l"
{
int n;
YY_BREAK
case 24:
YY_RULE_SETUP
-#line 412 "toke.l"
+#line 416 "toke.l"
{
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
YY_BREAK
case 25:
YY_RULE_SETUP
-#line 418 "toke.l"
+#line 422 "toke.l"
{
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
YY_BREAK
case 26:
YY_RULE_SETUP
-#line 424 "toke.l"
+#line 428 "toke.l"
{
LEXTRACE("NOEXEC ");
LEXRETURN(NOEXEC);
YY_BREAK
case 27:
YY_RULE_SETUP
-#line 429 "toke.l"
+#line 433 "toke.l"
{
LEXTRACE("EXEC ");
LEXRETURN(EXEC);
YY_BREAK
case 28:
YY_RULE_SETUP
-#line 434 "toke.l"
+#line 438 "toke.l"
{
LEXTRACE("SETENV ");
LEXRETURN(SETENV);
YY_BREAK
case 29:
YY_RULE_SETUP
-#line 439 "toke.l"
+#line 443 "toke.l"
{
LEXTRACE("NOSETENV ");
LEXRETURN(NOSETENV);
YY_BREAK
case 30:
YY_RULE_SETUP
-#line 444 "toke.l"
+#line 448 "toke.l"
{
LEXTRACE("LOG_OUTPUT ");
LEXRETURN(LOG_OUTPUT);
YY_BREAK
case 31:
YY_RULE_SETUP
-#line 449 "toke.l"
+#line 453 "toke.l"
{
LEXTRACE("NOLOG_OUTPUT ");
LEXRETURN(NOLOG_OUTPUT);
YY_BREAK
case 32:
YY_RULE_SETUP
-#line 454 "toke.l"
+#line 458 "toke.l"
{
LEXTRACE("LOG_INPUT ");
LEXRETURN(LOG_INPUT);
YY_BREAK
case 33:
YY_RULE_SETUP
-#line 459 "toke.l"
+#line 463 "toke.l"
{
LEXTRACE("NOLOG_INPUT ");
LEXRETURN(NOLOG_INPUT);
YY_BREAK
case 34:
YY_RULE_SETUP
-#line 464 "toke.l"
+#line 468 "toke.l"
{
/* empty group or netgroup */
LEXTRACE("ERROR ");
YY_BREAK
case 35:
YY_RULE_SETUP
-#line 470 "toke.l"
+#line 474 "toke.l"
{
/* netgroup */
if (!fill(sudoerstext, sudoersleng))
YY_BREAK
case 36:
YY_RULE_SETUP
-#line 478 "toke.l"
+#line 482 "toke.l"
{
/* group */
if (!fill(sudoerstext, sudoersleng))
YY_BREAK
case 37:
YY_RULE_SETUP
-#line 486 "toke.l"
+#line 490 "toke.l"
{
if (!fill(sudoerstext, sudoersleng))
yyterminate();
YY_BREAK
case 38:
YY_RULE_SETUP
-#line 493 "toke.l"
+#line 497 "toke.l"
{
if (!fill(sudoerstext, sudoersleng))
yyterminate();
YY_BREAK
case 39:
YY_RULE_SETUP
-#line 500 "toke.l"
+#line 504 "toke.l"
{
if (!ipv6_valid(sudoerstext)) {
LEXTRACE("ERROR ");
YY_BREAK
case 40:
YY_RULE_SETUP
-#line 511 "toke.l"
+#line 515 "toke.l"
{
if (!ipv6_valid(sudoerstext)) {
LEXTRACE("ERROR ");
YY_BREAK
case 41:
YY_RULE_SETUP
-#line 522 "toke.l"
+#line 526 "toke.l"
{
LEXTRACE("ALL ");
LEXRETURN(ALL);
YY_BREAK
case 42:
YY_RULE_SETUP
-#line 528 "toke.l"
+#line 532 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("ROLE ");
YY_BREAK
case 43:
YY_RULE_SETUP
-#line 537 "toke.l"
+#line 541 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("TYPE ");
YY_BREAK
case 44:
YY_RULE_SETUP
-#line 545 "toke.l"
+#line 549 "toke.l"
{
#ifdef HAVE_PRIV_SET
LEXTRACE("PRIVS ");
YY_BREAK
case 45:
YY_RULE_SETUP
-#line 554 "toke.l"
+#line 558 "toke.l"
{
#ifdef HAVE_PRIV_SET
LEXTRACE("LIMITPRIVS ");
YY_BREAK
case 46:
YY_RULE_SETUP
-#line 563 "toke.l"
+#line 567 "toke.l"
{
got_alias:
if (!fill(sudoerstext, sudoersleng))
YY_BREAK
case 47:
YY_RULE_SETUP
-#line 571 "toke.l"
+#line 575 "toke.l"
{
/* XXX - no way to specify digest for command */
/* no command args allowed for Defaults!/path */
YY_BREAK
case 48:
YY_RULE_SETUP
-#line 580 "toke.l"
+#line 584 "toke.l"
{
digest_len = SHA224_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA224 ");
- LEXRETURN(SHA224);
+ LEXTRACE("SHA224_TOK ");
+ LEXRETURN(SHA224_TOK);
}
YY_BREAK
case 49:
YY_RULE_SETUP
-#line 587 "toke.l"
+#line 591 "toke.l"
{
digest_len = SHA256_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA256 ");
- LEXRETURN(SHA256);
+ LEXTRACE("SHA256_TOK ");
+ LEXRETURN(SHA256_TOK);
}
YY_BREAK
case 50:
YY_RULE_SETUP
-#line 594 "toke.l"
+#line 598 "toke.l"
{
digest_len = SHA384_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA384 ");
- LEXRETURN(SHA384);
+ LEXTRACE("SHA384_TOK ");
+ LEXRETURN(SHA384_TOK);
}
YY_BREAK
case 51:
YY_RULE_SETUP
-#line 601 "toke.l"
+#line 605 "toke.l"
{
digest_len = SHA512_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA512 ");
- LEXRETURN(SHA512);
+ LEXTRACE("SHA512_TOK ");
+ LEXRETURN(SHA512_TOK);
}
YY_BREAK
case 52:
YY_RULE_SETUP
-#line 608 "toke.l"
+#line 612 "toke.l"
{
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
YY_BREAK
case 53:
YY_RULE_SETUP
-#line 615 "toke.l"
+#line 619 "toke.l"
{
/* directories can't have args... */
if (sudoerstext[sudoersleng - 1] == '/') {
YY_BREAK
case 54:
YY_RULE_SETUP
-#line 630 "toke.l"
+#line 634 "toke.l"
{
LEXTRACE("BEGINSTR ");
sudoerslval.string = NULL;
YY_BREAK
case 55:
YY_RULE_SETUP
-#line 637 "toke.l"
+#line 641 "toke.l"
{
/* a word */
if (!fill(sudoerstext, sudoersleng))
YY_BREAK
case 56:
YY_RULE_SETUP
-#line 645 "toke.l"
+#line 649 "toke.l"
{
LEXTRACE("( ");
LEXRETURN('(');
YY_BREAK
case 57:
YY_RULE_SETUP
-#line 650 "toke.l"
+#line 654 "toke.l"
{
LEXTRACE(") ");
LEXRETURN(')');
YY_BREAK
case 58:
YY_RULE_SETUP
-#line 655 "toke.l"
+#line 659 "toke.l"
{
LEXTRACE(", ");
LEXRETURN(',');
YY_BREAK
case 59:
YY_RULE_SETUP
-#line 660 "toke.l"
+#line 664 "toke.l"
{
LEXTRACE("= ");
LEXRETURN('=');
YY_BREAK
case 60:
YY_RULE_SETUP
-#line 665 "toke.l"
+#line 669 "toke.l"
{
LEXTRACE(": ");
LEXRETURN(':');
YY_BREAK
case 61:
YY_RULE_SETUP
-#line 670 "toke.l"
+#line 674 "toke.l"
{
if (sudoersleng & 1) {
LEXTRACE("!");
YY_BREAK
case 62:
YY_RULE_SETUP
-#line 677 "toke.l"
+#line 681 "toke.l"
{
if (YY_START == INSTR) {
LEXTRACE("ERROR ");
YY_BREAK
case 63:
YY_RULE_SETUP
-#line 689 "toke.l"
+#line 693 "toke.l"
{ /* throw away space/tabs */
sawspace = true; /* but remember for fill_args */
}
YY_BREAK
case 64:
YY_RULE_SETUP
-#line 693 "toke.l"
+#line 697 "toke.l"
{
sawspace = true; /* remember for fill_args */
sudolineno++;
YY_BREAK
case 65:
YY_RULE_SETUP
-#line 699 "toke.l"
+#line 703 "toke.l"
{
if (sudoerstext[sudoersleng - 1] == '\n') {
/* comment ending in a newline */
YY_BREAK
case 66:
YY_RULE_SETUP
-#line 713 "toke.l"
+#line 717 "toke.l"
{
LEXTRACE("ERROR ");
LEXRETURN(ERROR);
case YY_STATE_EOF(INDEFS):
case YY_STATE_EOF(INSTR):
case YY_STATE_EOF(WANTDIGEST):
-#line 718 "toke.l"
+#line 722 "toke.l"
{
if (YY_START != INITIAL) {
BEGIN INITIAL;
YY_BREAK
case 67:
YY_RULE_SETUP
-#line 728 "toke.l"
+#line 732 "toke.l"
ECHO;
YY_BREAK
-#line 3095 "lex.sudoers.c"
+#line 3099 "lex.sudoers.c"
case YY_END_OF_BUFFER:
{
return 0;
}
#endif
-#line 728 "toke.l"
+#line 732 "toke.l"
struct path_list {
SLIST_ENTRY(path_list) entries;
# include <ndir.h>
# endif
#endif
+#ifdef HAVE_SHA224UPDATE
+# include <sha2.h>
+#else
+# include "compat/sha2.h"
+#endif
#include <errno.h>
#include <ctype.h>
#include "sudoers.h"
#include "toke.h"
#include <gram.h>
#include "lbuf.h"
-#include "sha2.h"
#include "secure_path.h"
int sudolineno; /* current sudoers line number. */
sha224 {
digest_len = SHA224_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA224 ");
- LEXRETURN(SHA224);
+ LEXTRACE("SHA224_TOK ");
+ LEXRETURN(SHA224_TOK);
}
sha256 {
digest_len = SHA256_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA256 ");
- LEXRETURN(SHA256);
+ LEXTRACE("SHA256_TOK ");
+ LEXRETURN(SHA256_TOK);
}
sha384 {
digest_len = SHA384_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA384 ");
- LEXRETURN(SHA384);
+ LEXTRACE("SHA384_TOK ");
+ LEXRETURN(SHA384_TOK);
}
sha512 {
digest_len = SHA512_DIGEST_LENGTH;
BEGIN WANTDIGEST;
- LEXTRACE("SHA512 ");
- LEXRETURN(SHA512);
+ LEXTRACE("SHA512_TOK ");
+ LEXRETURN(SHA512_TOK);
}
sudoedit {
projects / sudo / commitdiff