# include <sys/file.h>
#endif /* HAVE_FLOCK */
#include <stdio.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
* Lock/unlock a file.
*/
#ifdef HAVE_LOCKF
-int
+bool
lock_file(int fd, int lockit)
{
int op = 0;
op = F_ULOCK;
break;
}
- debug_return_int(lockf(fd, op, 0) == 0);
+ debug_return_bool(lockf(fd, op, 0) == 0);
}
#elif HAVE_FLOCK
-int
+bool
lock_file(int fd, int lockit)
{
int op = 0;
op = LOCK_UN;
break;
}
- debug_return_int(flock(fd, op) == 0);
+ debug_return_bool(flock(fd, op) == 0);
}
#else
-int
+bool
lock_file(int fd, int lockit)
{
#ifdef F_SETLK
lock.l_whence = SEEK_SET;
func = (lockit == SUDO_LOCK) ? F_SETLKW : F_SETLK;
- debug_return_int(fcntl(fd, func, &lock) == 0);
+ debug_return_bool(fcntl(fd, func, &lock) == 0);
#else
- return TRUE;
+ return true;
#endif
}
#endif
# include <stdlib.h>
# endif
#endif /* STDC_HEADERS */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
void sudo_debug_exit_size_t(const char *func, const char *file, int line,
int subsys, size_t rval)
{
- /* XXX - should use %zu but snprintf.c doesn't support it */
+ /* XXX - should use %zu but our snprintf.c doesn't support it */
sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %lu", func,
file, line, (unsigned long)rval);
}
+/* We use int, not bool, here for functions that return -1 on error. */
void sudo_debug_exit_bool(const char *func, const char *file, int line,
int subsys, int rval)
{
- if (rval == 0 || rval == 1) {
+ if (rval == true || rval == false) {
sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %s",
func, file, line, rval ? "true" : "false");
} else {
if test "$env_reset" = "on"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
- $as_echo "#define ENV_RESET TRUE" >>confdefs.h
+ $as_echo "#define ENV_RESET 1" >>confdefs.h
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
- $as_echo "#define ENV_RESET FALSE" >>confdefs.h
+ $as_echo "#define ENV_RESET 0" >>confdefs.h
fi
])
if test "$env_reset" = "on"; then
AC_MSG_RESULT(yes)
- AC_DEFINE(ENV_RESET, TRUE)
+ AC_DEFINE(ENV_RESET, 1)
else
AC_MSG_RESULT(no)
- AC_DEFINE(ENV_RESET, FALSE)
+ AC_DEFINE(ENV_RESET, 0)
fi
AC_ARG_ENABLE(warnings,
struct timeval;
-int lock_file(int, int);
+bool lock_file(int, int);
int touch(int, char *, struct timeval *);
char *sudo_parseln(FILE *);
LIBS = $(LIBOBJDIR)/libreplace.la
# C preprocessor flags
-CPPFLAGS = -I$(incdir) -I$(top_builddir) @CPPFLAGS@
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
# Usually -O and/or -g
CFLAGS = @CFLAGS@
# include <stdlib.h>
# endif
#endif /* STDC_HEADERS */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
#ifdef HAVE_STRING_H
# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
# include <memory.h>
# define ROOT_UID 0
#endif
-#undef TRUE
-#define TRUE 1
-#undef FALSE
-#define FALSE 0
-#undef ERROR
-#define ERROR -1
-
static struct plugin_state {
char **envp;
char * const *settings;
static FILE *input, *output;
static uid_t runas_uid = ROOT_UID;
static gid_t runas_gid = -1;
-static int use_sudoedit = FALSE;
+static int use_sudoedit = false;
/*
* Allocate storage for a name=value string and return it.
sudo_log(SUDO_CONV_ERROR_MSG,
"the sample plugin requires API version %d.x\n",
SUDO_API_VERSION_MAJOR);
- return ERROR;
+ return -1;
}
/* Only allow commands to be run as root. */
/* Check to see if sudo was called as sudoedit or with -e flag. */
if (strncmp(*ui, "sudoedit=", sizeof("sudoedit=") - 1) == 0) {
if (strcasecmp(*ui + sizeof("sudoedit=") - 1, "true") == 0)
- use_sudoedit = TRUE;
+ use_sudoedit = true;
}
/* This plugin doesn't support running sudo with no arguments. */
if (strncmp(*ui, "implied_shell=", sizeof("implied_shell=") - 1) == 0) {
sudo_conv(1, &msg, &repl);
if (repl.reply == NULL) {
sudo_log(SUDO_CONV_ERROR_MSG, "missing password\n");
- return FALSE;
+ return false;
}
if (strcmp(repl.reply, "test") != 0) {
sudo_log(SUDO_CONV_ERROR_MSG, "incorrect password\n");
- return FALSE;
+ return false;
}
- return TRUE;
+ return true;
}
static char **
if (!argc || argv[0] == NULL) {
sudo_log(SUDO_CONV_ERROR_MSG, "no command specified\n");
- return FALSE;
+ return false;
}
if (!check_passwd())
- return FALSE;
+ return false;
command = find_in_path(argv[0], plugin_state.envp);
if (command == NULL) {
sudo_log(SUDO_CONV_ERROR_MSG, "%s: command not found\n", argv[0]);
- return FALSE;
+ return false;
}
/* If "sudo vi" is run, auto-convert to sudoedit. */
if (strcmp(command, _PATH_VI) == 0)
- use_sudoedit = TRUE;
+ use_sudoedit = true;
if (use_sudoedit) {
/* Rebuild argv using editor */
command = find_editor(argc - 1, argv + 1, argv_out);
if (command == NULL) {
sudo_log(SUDO_CONV_ERROR_MSG, "unable to find valid editor\n");
- return ERROR;
+ return -1;
}
- use_sudoedit = TRUE;
+ use_sudoedit = true;
} else {
/* No changes needd to argv */
*argv_out = (char **)argv;
*command_info_out = build_command_info(command);
if (*command_info_out == NULL) {
sudo_log(SUDO_CONV_ERROR_MSG, "out of memory\n");
- return ERROR;
+ return -1;
}
- return TRUE;
+ return true;
}
static int
* List user's capabilities.
*/
sudo_log(SUDO_CONV_INFO_MSG, "Validated users may run any command\n");
- return TRUE;
+ return true;
}
static int
policy_version(int verbose)
{
sudo_log(SUDO_CONV_INFO_MSG, "Sample policy plugin version %s\n", PACKAGE_VERSION);
- return TRUE;
+ return true;
}
static void
(unsigned int)getpid());
fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0644);
if (fd == -1)
- return FALSE;
+ return false;
output = fdopen(fd, "w");
snprintf(path, sizeof(path), "/var/tmp/sample-%u.input",
(unsigned int)getpid());
fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0644);
if (fd == -1)
- return FALSE;
+ return false;
input = fdopen(fd, "w");
- return TRUE;
+ return true;
}
static void
{
sudo_log(SUDO_CONV_INFO_MSG, "Sample I/O plugin version %s\n",
PACKAGE_VERSION);
- return TRUE;
+ return true;
}
static int
io_log_input(const char *buf, unsigned int len)
{
fwrite(buf, len, 1, input);
- return TRUE;
+ return true;
}
static int
io_log_output(const char *buf, unsigned int len)
{
fwrite(buf, len, 1, output);
- return TRUE;
+ return true;
}
struct policy_plugin sample_policy = {
LIBS = $(LIBOBJDIR)/libreplace.la
# C preprocessor flags
-CPPFLAGS = -I$(incdir) -I$(top_builddir) @CPPFLAGS@
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
# Usually -O and/or -g
CFLAGS = @CFLAGS@
# include <stdlib.h>
# endif
#endif /* STDC_HEADERS */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
#ifdef HAVE_STRING_H
# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
# include <memory.h>
* same format as /etc/group.
*/
-#undef TRUE
-#define TRUE 1
-#undef FALSE
-#define FALSE 0
-#undef ERROR
-#define ERROR -1
-
static sudo_printf_t sudo_log;
extern void mysetgrfile(const char *);
"sample_group: incompatible major version %d, expected %d\n",
GROUP_API_VERSION_GET_MAJOR(version),
GROUP_API_VERSION_MAJOR);
- return ERROR;
+ return -1;
}
/* Sanity check the specified group file. */
if (argv == NULL || argv[0] == NULL) {
sudo_log(SUDO_CONV_ERROR_MSG,
"sample_group: path to group file not specified\n");
- return ERROR;
+ return -1;
}
if (stat(argv[0], &sb) != 0) {
sudo_log(SUDO_CONV_ERROR_MSG,
"sample_group: %s: %s\n", argv[0], strerror(errno));
- return ERROR;
+ return -1;
}
if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
sudo_log(SUDO_CONV_ERROR_MSG,
"%s must be only be writable by owner\n", argv[0]);
- return ERROR;
+ return -1;
}
mysetgrfile(argv[0]);
mysetgrent();
- return TRUE;
+ return true;
}
static void
}
/*
- * Returns TRUE if "user" is a member of "group", else FALSE.
+ * Returns true if "user" is a member of "group", else false.
*/
static int
sample_query(const char *user, const char *group, const struct passwd *pwd)
if (grp != NULL) {
for (member = grp->gr_mem; *member != NULL; member++) {
if (strcasecmp(user, *member) == 0)
- return TRUE;
+ return true;
}
}
- return FALSE;
+ return false;
}
struct sudoers_group_plugin group_plugin = {
}
/*
- * Returns TRUE if there are no aliases, else FALSE.
+ * Returns true if there are no aliases, else false.
*/
-int
+bool
no_aliases(void)
{
debug_decl(no_aliases, SUDO_DEBUG_ALIAS)
- debug_return_int(rbisempty(aliases));
+ debug_return_bool(rbisempty(aliases));
}
/*
debug_decl(sudo_auth_init, SUDO_DEBUG_AUTH)
if (auth_switch[0].name == NULL)
- debug_return_int(TRUE);
+ debug_return_int(true);
/* Make sure we haven't mixed standalone and shared auth methods. */
standalone = IS_STANDALONE(&auth_switch[0]);
}
}
}
- debug_return_int(status == AUTH_FATAL ? -1 : TRUE);
+ debug_return_int(status == AUTH_FATAL ? -1 : true);
}
int
}
}
}
- debug_return_int(status == AUTH_FATAL ? -1 : TRUE);
+ debug_return_int(status == AUTH_FATAL ? -1 : true);
}
int
switch (success) {
case AUTH_SUCCESS:
(void) sigaction(SIGTSTP, &osa, NULL);
- rval = TRUE;
+ rval = true;
break;
case AUTH_INTR:
case AUTH_FAILURE:
def_passwd_tries - counter), def_passwd_tries - counter);
}
audit_failure(NewArgv, "authentication failure");
- rval = FALSE;
+ rval = false;
break;
case AUTH_FATAL:
default:
}
}
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
int
}
}
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static void
static char *expand_prompt(char *, char *, char *);
static void lecture(int);
static void update_timestamp(char *, char *);
-static int tty_is_devpts(const char *);
+static bool tty_is_devpts(const char *);
static struct passwd *get_authpw(void);
/*
- * Returns TRUE if the user successfully authenticates, else FALSE.
+ * Returns true if the user successfully authenticates, else false.
*/
int
check_user(int validated, int mode)
char *timestampfile = NULL;
char *prompt;
struct stat sb;
- int status, rval = TRUE;
- int need_pass = def_authenticate;
+ int status, rval = true;
+ bool need_pass = def_authenticate;
debug_decl(check_user, SUDO_DEBUG_AUTH)
/*
if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
(!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name)))
|| user_is_exempt())
- need_pass = FALSE;
+ need_pass = false;
}
}
if (!need_pass)
rval = verify_user(auth_pw, prompt);
}
/* Only update timestamp if user was validated. */
- if (rval == TRUE && ISSET(validated, VALIDATE_OK) &&
+ if (rval == true && ISSET(validated, VALIDATE_OK) &&
!ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
update_timestamp(timestampdir, timestampfile);
efree(timestampdir);
sudo_auth_cleanup(auth_pw);
pw_delref(auth_pw);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
#define DEFAULT_LECTURE "\n" \
/*
* Checks if the user is exempt from supplying a password.
*/
-int
+bool
user_is_exempt(void)
{
- int rval = FALSE;
+ bool rval = false;
debug_decl(user_is_exempt, SUDO_DEBUG_AUTH)
if (def_exempt_group)
* Remove the timestamp ticket file/dir.
*/
void
-remove_timestamp(int remove)
+remove_timestamp(bool remove)
{
struct timeval tv;
char *timestampdir, *timestampfile, *path;
log_error(NO_EXIT,
_("unable to remove %s (%s), will reset to the epoch"),
path, strerror(errno));
- remove = FALSE;
+ remove = false;
}
}
if (!remove) {
}
/*
- * Returns TRUE if tty lives on a devpts or /devices filesystem, else FALSE.
+ * Returns true if tty lives on a devpts or /devices filesystem, else false.
* Unlike most filesystems, the ctime of devpts nodes is not updated when
* the device node is written to, only when the inode's status changes,
* typically via the chmod, chown, link, rename, or utimes system calls.
* Since the ctime is "stable" in this case, we can stash it the tty ticket
* file and use it to determine whether the tty ticket file is stale.
*/
-static int
+static bool
tty_is_devpts(const char *tty)
{
- int retval = FALSE;
+ bool retval = false;
#ifdef __linux__
struct statfs sfs;
debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
if (statfs(tty, &sfs) == 0) {
if (sfs.f_type == DEVPTS_SUPER_MAGIC)
- retval = TRUE;
+ retval = true;
}
#elif defined(__sun) && defined(__SVR4)
struct statvfs sfs;
if (statvfs(tty, &sfs) == 0) {
if (strcmp(sfs.f_fstr, "devices") == 0)
- retval = TRUE;
+ retval = true;
}
#else
debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
/*
* Local prototypes.
*/
-static int store_int(char *, struct sudo_defs_types *, int);
-static int store_list(char *, struct sudo_defs_types *, int);
-static int store_mode(char *, struct sudo_defs_types *, int);
-static int store_str(char *, struct sudo_defs_types *, int);
-static int store_syslogfac(char *, struct sudo_defs_types *, int);
-static int store_syslogpri(char *, struct sudo_defs_types *, int);
-static int store_tuple(char *, struct sudo_defs_types *, int);
-static int store_uint(char *, struct sudo_defs_types *, int);
-static int store_float(char *, struct sudo_defs_types *, int);
+static bool store_int(char *, struct sudo_defs_types *, bool);
+static bool store_list(char *, struct sudo_defs_types *, bool);
+static bool store_mode(char *, struct sudo_defs_types *, bool);
+static bool store_str(char *, struct sudo_defs_types *, bool);
+static bool store_syslogfac(char *, struct sudo_defs_types *, bool);
+static bool store_syslogpri(char *, struct sudo_defs_types *, bool);
+static bool store_tuple(char *, struct sudo_defs_types *, bool);
+static bool store_uint(char *, struct sudo_defs_types *, bool);
+static bool store_float(char *, struct sudo_defs_types *, bool);
static void list_op(char *, size_t, struct sudo_defs_types *, enum list_ops);
static const char *logfac2str(int);
static const char *logpri2str(int);
* Eg. you may want to turn off logging to a file for some hosts.
* This is only meaningful for variables that are *optional*.
*/
-int
-set_default(char *var, char *val, int op)
+bool
+set_default(char *var, char *val, bool op)
{
struct sudo_defs_types *cur;
int num;
}
if (!cur->name) {
warningx(_("unknown defaults entry `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
switch (cur->type & T_MASK) {
val, var);
else
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_LOGPRI:
val, var);
else
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_STR:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
- if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+ if (!ISSET(cur->type, T_BOOL) || op != false) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (ISSET(cur->type, T_PATH) && val && *val != '/') {
warningx(_("values for `%s' must start with a '/'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
if (!store_str(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_INT:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
- if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+ if (!ISSET(cur->type, T_BOOL) || op != false) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (!store_int(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_UINT:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
- if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+ if (!ISSET(cur->type, T_BOOL) || op != false) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (!store_uint(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_FLOAT:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
- if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+ if (!ISSET(cur->type, T_BOOL) || op != false) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (!store_float(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_MODE:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
- if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+ if (!ISSET(cur->type, T_BOOL) || op != false) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (!store_mode(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_FLAG:
if (val) {
warningx(_("option `%s' does not take a value"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
cur->sd_un.flag = op;
break;
case T_LIST:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
- if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+ if (!ISSET(cur->type, T_BOOL) || op != false) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (!store_list(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
case T_TUPLE:
if (!val && !ISSET(cur->type, T_BOOL)) {
warningx(_("no value specified for `%s'"), var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
if (!store_tuple(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
break;
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
/*
/* First initialize the flags. */
#ifdef LONG_OTP_PROMPT
- def_long_otp_prompt = TRUE;
+ def_long_otp_prompt = true;
#endif
#ifdef IGNORE_DOT_PATH
- def_ignore_dot = TRUE;
+ def_ignore_dot = true;
#endif
#ifdef ALWAYS_SEND_MAIL
- def_mail_always = TRUE;
+ def_mail_always = true;
#endif
#ifdef SEND_MAIL_WHEN_NO_USER
- def_mail_no_user = TRUE;
+ def_mail_no_user = true;
#endif
#ifdef SEND_MAIL_WHEN_NO_HOST
- def_mail_no_host = TRUE;
+ def_mail_no_host = true;
#endif
#ifdef SEND_MAIL_WHEN_NOT_OK
- def_mail_no_perms = TRUE;
+ def_mail_no_perms = true;
#endif
#ifndef NO_TTY_TICKETS
- def_tty_tickets = TRUE;
+ def_tty_tickets = true;
#endif
#ifndef NO_LECTURE
def_lecture = once;
#endif
#ifndef NO_AUTHENTICATION
- def_authenticate = TRUE;
+ def_authenticate = true;
#endif
#ifndef NO_ROOT_SUDO
- def_root_sudo = TRUE;
+ def_root_sudo = true;
#endif
#ifdef HOST_IN_LOG
- def_log_host = TRUE;
+ def_log_host = true;
#endif
#ifdef SHELL_IF_NO_ARGS
- def_shell_noargs = TRUE;
+ def_shell_noargs = true;
#endif
#ifdef SHELL_SETS_HOME
- def_set_home = TRUE;
+ def_set_home = true;
#endif
#ifndef DONT_LEAK_PATH_INFO
- def_path_info = TRUE;
+ def_path_info = true;
#endif
#ifdef FQDN
- def_fqdn = TRUE;
+ def_fqdn = true;
#endif
#ifdef USE_INSULTS
- def_insults = TRUE;
+ def_insults = true;
#endif
#ifdef ENV_EDITOR
- def_env_editor = TRUE;
+ def_env_editor = true;
#endif
#ifdef UMASK_OVERRIDE
- def_umask_override = TRUE;
+ def_umask_override = true;
#endif
def_iolog_file = estrdup("%{seq}");
def_iolog_dir = estrdup(_PATH_SUDO_IO_LOGDIR);
def_sudoers_locale = estrdup("C");
def_env_reset = ENV_RESET;
- def_set_logname = TRUE;
+ def_set_logname = true;
def_closefrom = STDERR_FILENO + 1;
/* Syslog options need special care since they both strings and ints */
#if (LOGGING & SLOG_SYSLOG)
- (void) store_syslogfac(LOGFAC, &sudo_defs_table[I_SYSLOG], TRUE);
+ (void) store_syslogfac(LOGFAC, &sudo_defs_table[I_SYSLOG], true);
(void) store_syslogpri(PRI_SUCCESS, &sudo_defs_table[I_SYSLOG_GOODPRI],
- TRUE);
+ true);
(void) store_syslogpri(PRI_FAILURE, &sudo_defs_table[I_SYSLOG_BADPRI],
- TRUE);
+ true);
#endif
/* Password flags also have a string and integer component. */
- (void) store_tuple("any", &sudo_defs_table[I_LISTPW], TRUE);
- (void) store_tuple("all", &sudo_defs_table[I_VERIFYPW], TRUE);
+ (void) store_tuple("any", &sudo_defs_table[I_LISTPW], true);
+ (void) store_tuple("all", &sudo_defs_table[I_VERIFYPW], true);
/* Then initialize the int-like things. */
#ifdef SUDO_UMASK
def_passwd_timeout = PASSWORD_TIMEOUT;
def_passwd_tries = TRIES_FOR_PASSWORD;
#ifdef HAVE_ZLIB_H
- def_compress_io = TRUE;
+ def_compress_io = true;
#endif
/* Now do the strings */
def_secure_path = estrdup(SECURE_PATH);
#endif
def_editor = estrdup(EDITOR);
- def_set_utmp = TRUE;
+ def_set_utmp = true;
/* Finally do the lists (currently just environment tables). */
init_envtables();
update_defaults(int what)
{
struct defaults *def;
- int rc = TRUE;
- debug_decl(init_defaults, SUDO_DEBUG_DEFAULTS)
+ bool rc = true;
+ debug_decl(update_defaults, SUDO_DEBUG_DEFAULTS)
tq_foreach_fwd(&defaults, def) {
switch (def->type) {
case DEFAULTS:
if (ISSET(what, SETDEF_GENERIC) &&
!set_default(def->var, def->val, def->op))
- rc = FALSE;
+ rc = false;
break;
case DEFAULTS_USER:
if (ISSET(what, SETDEF_USER) &&
userlist_matches(sudo_user.pw, &def->binding) == ALLOW &&
!set_default(def->var, def->val, def->op))
- rc = FALSE;
+ rc = false;
break;
case DEFAULTS_RUNAS:
if (ISSET(what, SETDEF_RUNAS) &&
runaslist_matches(&def->binding, NULL) == ALLOW &&
!set_default(def->var, def->val, def->op))
- rc = FALSE;
+ rc = false;
break;
case DEFAULTS_HOST:
if (ISSET(what, SETDEF_HOST) &&
hostlist_matches(&def->binding) == ALLOW &&
!set_default(def->var, def->val, def->op))
- rc = FALSE;
+ rc = false;
break;
case DEFAULTS_CMND:
if (ISSET(what, SETDEF_CMND) &&
cmndlist_matches(&def->binding) == ALLOW &&
!set_default(def->var, def->val, def->op))
- rc = FALSE;
+ rc = false;
break;
}
}
debug_return_bool(rc);
}
-static int
-store_int(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_int(char *val, struct sudo_defs_types *def, bool op)
{
char *endp;
long l;
debug_decl(store_int, SUDO_DEBUG_DEFAULTS)
- if (op == FALSE) {
+ if (op == false) {
def->sd_un.ival = 0;
} else {
l = strtol(val, &endp, 10);
if (*endp != '\0')
- debug_return_bool(FALSE);
+ debug_return_bool(false);
/* XXX - should check against INT_MAX */
def->sd_un.ival = (int)l;
}
if (def->callback)
debug_return_bool(def->callback(val));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
-store_uint(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_uint(char *val, struct sudo_defs_types *def, bool op)
{
char *endp;
long l;
debug_decl(store_uint, SUDO_DEBUG_DEFAULTS)
- if (op == FALSE) {
+ if (op == false) {
def->sd_un.ival = 0;
} else {
l = strtol(val, &endp, 10);
if (*endp != '\0' || l < 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
/* XXX - should check against INT_MAX */
def->sd_un.ival = (unsigned int)l;
}
if (def->callback)
debug_return_bool(def->callback(val));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
-store_float(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_float(char *val, struct sudo_defs_types *def, bool op)
{
char *endp;
double d;
debug_decl(store_float, SUDO_DEBUG_DEFAULTS)
- if (op == FALSE) {
+ if (op == false) {
def->sd_un.fval = 0.0;
} else {
d = strtod(val, &endp);
if (*endp != '\0')
- debug_return_bool(FALSE);
+ debug_return_bool(false);
/* XXX - should check against HUGE_VAL */
def->sd_un.fval = d;
}
if (def->callback)
debug_return_bool(def->callback(val));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
-store_tuple(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_tuple(char *val, struct sudo_defs_types *def, bool op)
{
struct def_values *v;
debug_decl(store_tuple, SUDO_DEBUG_DEFAULTS)
* be the equivalent to a boolean "false".
*/
if (!val) {
- def->sd_un.ival = (op == FALSE) ? 0 : 1;
+ def->sd_un.ival = (op == false) ? 0 : 1;
} else {
for (v = def->values; v->sval != NULL; v++) {
if (strcmp(v->sval, val) == 0) {
}
}
if (v->sval == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
if (def->callback)
debug_return_bool(def->callback(val));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
-store_str(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_str(char *val, struct sudo_defs_types *def, bool op)
{
debug_decl(store_str, SUDO_DEBUG_DEFAULTS)
efree(def->sd_un.str);
- if (op == FALSE)
+ if (op == false)
def->sd_un.str = NULL;
else
def->sd_un.str = estrdup(val);
if (def->callback)
debug_return_bool(def->callback(val));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
-store_list(char *str, struct sudo_defs_types *def, int op)
+static bool
+store_list(char *str, struct sudo_defs_types *def, bool op)
{
char *start, *end;
debug_decl(store_list, SUDO_DEBUG_DEFAULTS)
/* Remove all old members. */
- if (op == FALSE || op == TRUE)
+ if (op == false || op == true)
list_op(NULL, 0, def, freeall);
/* Split str into multiple space-separated words and act on each one. */
- if (op != FALSE) {
+ if (op != false) {
end = str;
do {
/* Remove leading blanks, if nothing but blanks we are done. */
list_op(start, end - start, def, op == '-' ? delete : add);
} while (*end++ != '\0');
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
-store_syslogfac(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_syslogfac(char *val, struct sudo_defs_types *def, bool op)
{
struct strmap *fac;
debug_decl(store_syslogfac, SUDO_DEBUG_DEFAULTS)
- if (op == FALSE) {
- def->sd_un.ival = FALSE;
- debug_return_bool(TRUE);
+ if (op == false) {
+ def->sd_un.ival = false;
+ debug_return_bool(true);
}
#ifdef LOG_NFACILITIES
if (!val)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
for (fac = facilities; fac->name && strcmp(val, fac->name); fac++)
;
if (fac->name == NULL)
- debug_return_bool(FALSE); /* not found */
+ debug_return_bool(false); /* not found */
def->sd_un.ival = fac->num;
#else
def->sd_un.ival = -1;
#endif /* LOG_NFACILITIES */
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static const char *
#endif /* LOG_NFACILITIES */
}
-static int
-store_syslogpri(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_syslogpri(char *val, struct sudo_defs_types *def, bool op)
{
struct strmap *pri;
debug_decl(store_syslogpri, SUDO_DEBUG_DEFAULTS)
- if (op == FALSE || !val)
- debug_return_bool(FALSE);
+ if (op == false || !val)
+ debug_return_bool(false);
for (pri = priorities; pri->name && strcmp(val, pri->name); pri++)
;
if (pri->name == NULL)
- debug_return_bool(FALSE); /* not found */
+ debug_return_bool(false); /* not found */
def->sd_un.ival = pri->num;
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static const char *
debug_return_str(pri->name);
}
-static int
-store_mode(char *val, struct sudo_defs_types *def, int op)
+static bool
+store_mode(char *val, struct sudo_defs_types *def, bool op)
{
char *endp;
long l;
debug_decl(store_mode, SUDO_DEBUG_DEFAULTS)
- if (op == FALSE) {
+ if (op == false) {
def->sd_un.mode = (mode_t)0777;
} else {
l = strtol(val, &endp, 8);
if (*endp != '\0' || l < 0 || l > 0777)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
def->sd_un.mode = (mode_t)l;
}
if (def->callback)
debug_return_bool(def->callback(val));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static void
*/
void dump_default(void);
void init_defaults(void);
-int set_default(char *, char *, int);
+bool set_default(char *, char *, bool);
int update_defaults(int);
extern struct sudo_defs_types sudo_defs_table[];
errorx(1, _("internal error, sudo_setenv() overflow"));
}
- sudo_putenv(estring, dupcheck, TRUE);
+ sudo_putenv(estring, dupcheck, true);
debug_return;
}
{
char **ep;
size_t len;
- int found = FALSE;
+ bool found = false;
debug_decl(sudo_putenv, SUDO_DEBUG_ENV)
/* Make sure there is room for the new entry plus a NULL. */
if (strncmp(str, *ep, len) == 0) {
if (overwrite)
*ep = str;
- found = TRUE;
+ found = true;
}
}
/* Prune out duplicate variables. */
/*
* Check the env_delete blacklist.
- * Returns TRUE if the variable was found, else false.
+ * Returns true if the variable was found, else false.
*/
-static int
+static bool
matches_env_delete(const char *var)
{
struct list_member *cur;
size_t len;
- int iswild, match = FALSE;
+ bool iswild;
+ bool match = false;
debug_decl(matches_env_delete, SUDO_DEBUG_ENV)
/* Skip anything listed in env_delete. */
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
len--;
- iswild = TRUE;
+ iswild = true;
} else
- iswild = FALSE;
+ iswild = false;
if (strncmp(cur->value, var, len) == 0 &&
(iswild || var[len] == '=')) {
- match = TRUE;
+ match = true;
break;
}
}
/*
* Apply the env_check list.
- * Returns TRUE if the variable is allowed, FALSE if denied
+ * Returns true if the variable is allowed, false if denied
* or -1 if no match.
*/
static int
{
struct list_member *cur;
size_t len;
- int iswild, keepit = -1;
+ bool iswild;
+ int keepit = -1;
debug_decl(matches_env_check, SUDO_DEBUG_ENV)
for (cur = def_env_check; cur; cur = cur->next) {
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
len--;
- iswild = TRUE;
+ iswild = true;
} else
- iswild = FALSE;
+ iswild = false;
if (strncmp(cur->value, var, len) == 0 &&
(iswild || var[len] == '=')) {
keepit = !strpbrk(var, "/%");
/*
* Check the env_keep list.
- * Returns TRUE if the variable is allowed else FALSE.
+ * Returns true if the variable is allowed else false.
*/
-static int
+static bool
matches_env_keep(const char *var)
{
struct list_member *cur;
size_t len;
- int iswild, keepit = FALSE;
+ bool iswild, keepit = false;
/* Preserve SHELL variable for "sudo -s". */
if (ISSET(sudo_mode, MODE_SHELL) && strncmp(var, "SHELL=", 6) == 0)
- return TRUE;
+ return true;
for (cur = def_env_keep; cur; cur = cur->next) {
len = strlen(cur->value);
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
len--;
- iswild = TRUE;
+ iswild = true;
} else
- iswild = FALSE;
+ iswild = false;
if (strncmp(cur->value, var, len) == 0 &&
(iswild || var[len] == '=')) {
- keepit = TRUE;
+ keepit = true;
break;
}
}
char **old_envp, **ep, *cp, *ps1;
char idbuf[MAX_UID_T_LEN];
unsigned int didvar;
- int reset_home = FALSE;
+ bool reset_home = false;
/*
* Either clean out the environment or reset to a safe default.
if (def_always_set_home ||
ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) ||
(ISSET(sudo_mode, MODE_SHELL) && def_set_home))
- reset_home = TRUE;
+ reset_home = true;
}
if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
SET(didvar, DID_USERNAME);
break;
}
- sudo_putenv(*ep, FALSE, FALSE);
+ sudo_putenv(*ep, false, false);
}
}
didvar |= didvar << 8; /* convert DID_* to KEPT_* */
ISSET(didvar, DID_USERNAME));
} else {
if (!ISSET(didvar, DID_SHELL))
- sudo_setenv("SHELL", sudo_user.pw->pw_shell, FALSE);
+ sudo_setenv("SHELL", sudo_user.pw->pw_shell, false);
if (!ISSET(didvar, DID_LOGNAME))
- sudo_setenv("LOGNAME", user_name, FALSE);
+ sudo_setenv("LOGNAME", user_name, false);
if (!ISSET(didvar, DID_USER))
- sudo_setenv("USER", user_name, FALSE);
+ sudo_setenv("USER", user_name, false);
if (!ISSET(didvar, DID_USERNAME))
- sudo_setenv("USERNAME", user_name, FALSE);
+ sudo_setenv("USERNAME", user_name, false);
}
/* If we didn't keep HOME, reset it based on target user. */
if (!ISSET(didvar, KEPT_HOME))
- reset_home = TRUE;
+ reset_home = true;
/*
* Set MAIL to target user in -i mode or if MAIL is not preserved
easprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR, runas_pw->pw_name);
else
easprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR, runas_pw->pw_name);
- sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE);
+ sudo_putenv(cp, ISSET(didvar, DID_MAIL), true);
}
} else {
/*
* env_check.
*/
for (ep = old_envp; *ep; ep++) {
- int okvar;
+ bool okvar;
/* Skip variables with values beginning with () (bash functions) */
if ((cp = strchr(*ep, '=')) != NULL) {
* First check variables against the blacklist in env_delete.
* If no match there check for '%' and '/' characters.
*/
- okvar = matches_env_delete(*ep) != TRUE;
+ okvar = matches_env_delete(*ep) != true;
if (okvar)
- okvar = matches_env_check(*ep) != FALSE;
+ okvar = matches_env_check(*ep) != false;
if (okvar) {
if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
SET(didvar, DID_PATH);
else if (strncmp(*ep, "TERM=", 5) == 0)
SET(didvar, DID_TERM);
- sudo_putenv(*ep, FALSE, FALSE);
+ sudo_putenv(*ep, false, false);
}
}
}
/* Replace the PATH envariable with a secure one? */
if (def_secure_path && !user_is_exempt()) {
- sudo_setenv("PATH", def_secure_path, TRUE);
+ sudo_setenv("PATH", def_secure_path, true);
SET(didvar, DID_PATH);
}
*/
if (def_set_logname && !ISSET(sudo_mode, MODE_LOGIN_SHELL|MODE_EDIT)) {
if (!ISSET(didvar, KEPT_LOGNAME))
- sudo_setenv("LOGNAME", runas_pw->pw_name, TRUE);
+ sudo_setenv("LOGNAME", runas_pw->pw_name, true);
if (!ISSET(didvar, KEPT_USER))
- sudo_setenv("USER", runas_pw->pw_name, TRUE);
+ sudo_setenv("USER", runas_pw->pw_name, true);
if (!ISSET(didvar, KEPT_USERNAME))
- sudo_setenv("USERNAME", runas_pw->pw_name, TRUE);
+ sudo_setenv("USERNAME", runas_pw->pw_name, true);
}
/* Set $HOME to target user if not preserving user's value. */
if (reset_home)
- sudo_setenv("HOME", runas_pw->pw_dir, TRUE);
+ sudo_setenv("HOME", runas_pw->pw_dir, true);
/* Provide default values for $TERM and $PATH if they are not set. */
if (!ISSET(didvar, DID_TERM))
- sudo_putenv("TERM=unknown", FALSE, FALSE);
+ sudo_putenv("TERM=unknown", false, false);
if (!ISSET(didvar, DID_PATH))
- sudo_setenv("PATH", _PATH_STDPATH, FALSE);
+ sudo_setenv("PATH", _PATH_STDPATH, false);
/* Set PS1 if SUDO_PS1 is set. */
if (ps1 != NULL)
- sudo_putenv(ps1, TRUE, TRUE);
+ sudo_putenv(ps1, true, true);
/* Add the SUDO_COMMAND envariable (cmnd + args). */
if (user_args) {
easprintf(&cp, "%s %s", user_cmnd, user_args);
- sudo_setenv("SUDO_COMMAND", cp, TRUE);
+ sudo_setenv("SUDO_COMMAND", cp, true);
efree(cp);
} else {
- sudo_setenv("SUDO_COMMAND", user_cmnd, TRUE);
+ sudo_setenv("SUDO_COMMAND", user_cmnd, true);
}
/* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
- sudo_setenv("SUDO_USER", user_name, TRUE);
+ sudo_setenv("SUDO_USER", user_name, true);
snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_uid);
- sudo_setenv("SUDO_UID", idbuf, TRUE);
+ sudo_setenv("SUDO_UID", idbuf, true);
snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_gid);
- sudo_setenv("SUDO_GID", idbuf, TRUE);
+ sudo_setenv("SUDO_GID", idbuf, true);
/* Free old environment. */
efree(old_envp);
/* Add user-specified environment variables. */
for (ep = envp; *ep != NULL; ep++)
- sudo_putenv(*ep, TRUE, TRUE);
+ sudo_putenv(*ep, true, true);
}
/*
char * const *ep;
char *eq, *bad = NULL;
size_t len, blen = 0, bsize = 0;
- int okvar;
+ bool okvar;
if (env_vars == NULL)
return;
for (ep = env_vars; *ep != NULL; ep++) {
if (def_secure_path && !user_is_exempt() &&
strncmp(*ep, "PATH=", 5) == 0) {
- okvar = FALSE;
+ okvar = false;
} else if (def_env_reset) {
okvar = matches_env_check(*ep);
if (okvar == -1)
okvar = matches_env_keep(*ep);
} else {
- okvar = matches_env_delete(*ep) == FALSE;
- if (okvar == FALSE)
- okvar = matches_env_check(*ep) != FALSE;
+ okvar = matches_env_delete(*ep) == false;
+ if (okvar == false)
+ okvar = matches_env_check(*ep) != false;
}
- if (okvar == FALSE) {
+ if (okvar == false) {
/* Not allowed, add to error string, allocating as needed. */
if ((eq = strchr(*ep, '=')) != NULL)
*eq = '\0';
memcpy(cp, var, var_len + 1); /* includes '=' */
memcpy(cp + var_len + 1, val, val_len + 1); /* includes NUL */
- sudo_putenv(cp, TRUE, overwrite);
+ sudo_putenv(cp, true, overwrite);
}
fclose(fp);
}
static char command[PATH_MAX]; /* qualified filename */
char *n; /* for traversing path */
char *origpath; /* so we can free path later */
- int found = FALSE; /* did we find the command? */
- int checkdot = FALSE; /* check current dir? */
+ bool found = false; /* did we find the command? */
+ bool checkdot = false; /* check current dir? */
int len; /* length parameter */
debug_decl(find_path, SUDO_DEBUG_UTIL)
/*
* Verify that path is a normal file and executable by root.
*/
-int
+bool
sudo_goodpath(const char *path, struct stat *sbp)
{
struct stat sb;
- int rval = FALSE;
+ bool rval = false;
debug_decl(sudo_goodpath, SUDO_DEBUG_UTIL)
if (path != NULL && stat(path, &sb) == 0) {
/* Make sure path describes an executable regular file. */
if (S_ISREG(sb.st_mode) && ISSET(sb.st_mode, 0111))
- rval = TRUE;
+ rval = true;
else
errno = EACCES;
if (sbp)
(void) memcpy(sbp, &sb, sizeof(struct stat));
}
- debug_return_int(rval);
+ debug_return_bool(rval);
}
#include "sudoers.h" /* XXX */
#include "parse.h"
#include "toke.h"
-#include <gram.h>
+#include "gram.h"
/*
* We must define SIZE_MAX for yacc's skeleton.c.
extern int sudolineno;
extern int last_token;
extern char *sudoers;
-static int verbose = FALSE;
-int parse_error = FALSE;
-int pedantic = FALSE;
+static bool verbose = false;
+bool parse_error = false;
int errorlineno = -1;
char *errorfile = NULL;
} else if (verbose && s != NULL) {
warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
}
- parse_error = TRUE;
+ parse_error = true;
debug_return;
}
-#line 118 "gram.y"
+#line 117 "gram.y"
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
int tok;
} YYSTYPE;
#endif /* YYSTYPE_DEFINED */
-#line 144 "y.tab.c"
+#line 143 "y.tab.c"
#define COMMAND 257
#define ALIAS 258
#define DEFVAR 259
short *yysslim;
YYSTYPE *yyvs;
int yystacksize;
-#line 612 "gram.y"
+#line 611 "gram.y"
static struct defaults *
new_default(char *var, char *val, int op)
{
efree(sudoers);
sudoers = path ? estrdup(path) : NULL;
- parse_error = FALSE;
+ parse_error = false;
errorlineno = -1;
errorfile = NULL;
verbose = !quiet;
debug_return;
}
-#line 779 "y.tab.c"
+#line 778 "y.tab.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
switch (yyn)
{
case 1:
-#line 193 "gram.y"
+#line 192 "gram.y"
{ ; }
break;
case 5:
-#line 201 "gram.y"
+#line 200 "gram.y"
{
;
}
break;
case 6:
-#line 204 "gram.y"
+#line 203 "gram.y"
{
yyerrok;
}
break;
case 7:
-#line 207 "gram.y"
+#line 206 "gram.y"
{
add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
}
break;
case 8:
-#line 210 "gram.y"
+#line 209 "gram.y"
{
;
}
break;
case 9:
-#line 213 "gram.y"
+#line 212 "gram.y"
{
;
}
break;
case 10:
-#line 216 "gram.y"
+#line 215 "gram.y"
{
;
}
break;
case 11:
-#line 219 "gram.y"
+#line 218 "gram.y"
{
;
}
break;
case 12:
-#line 222 "gram.y"
+#line 221 "gram.y"
{
add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
}
break;
case 13:
-#line 225 "gram.y"
+#line 224 "gram.y"
{
add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 14:
-#line 228 "gram.y"
+#line 227 "gram.y"
{
add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 15:
-#line 231 "gram.y"
+#line 230 "gram.y"
{
add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 16:
-#line 234 "gram.y"
+#line 233 "gram.y"
{
add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 18:
-#line 240 "gram.y"
+#line 239 "gram.y"
{
list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
yyval.defaults = yyvsp[-2].defaults;
}
break;
case 19:
-#line 246 "gram.y"
+#line 245 "gram.y"
{
- yyval.defaults = new_default(yyvsp[0].string, NULL, TRUE);
+ yyval.defaults = new_default(yyvsp[0].string, NULL, true);
}
break;
case 20:
-#line 249 "gram.y"
+#line 248 "gram.y"
{
- yyval.defaults = new_default(yyvsp[0].string, NULL, FALSE);
+ yyval.defaults = new_default(yyvsp[0].string, NULL, false);
}
break;
case 21:
-#line 252 "gram.y"
+#line 251 "gram.y"
{
- yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, TRUE);
+ yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true);
}
break;
case 22:
-#line 255 "gram.y"
+#line 254 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
}
break;
case 23:
-#line 258 "gram.y"
+#line 257 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
}
break;
case 25:
-#line 264 "gram.y"
+#line 263 "gram.y"
{
list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
yyval.privilege = yyvsp[-2].privilege;
}
break;
case 26:
-#line 270 "gram.y"
+#line 269 "gram.y"
{
struct privilege *p = emalloc(sizeof(*p));
list2tq(&p->hostlist, yyvsp[-2].member);
}
break;
case 27:
-#line 280 "gram.y"
+#line 279 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = FALSE;
+ yyval.member->negated = false;
}
break;
case 28:
-#line 284 "gram.y"
+#line 283 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = TRUE;
+ yyval.member->negated = true;
}
break;
case 29:
-#line 290 "gram.y"
+#line 289 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 30:
-#line 293 "gram.y"
+#line 292 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 31:
-#line 296 "gram.y"
+#line 295 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 32:
-#line 299 "gram.y"
+#line 298 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NTWKADDR);
}
break;
case 33:
-#line 302 "gram.y"
+#line 301 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 35:
-#line 308 "gram.y"
+#line 307 "gram.y"
{
list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
#ifdef HAVE_SELINUX
}
break;
case 36:
-#line 340 "gram.y"
+#line 339 "gram.y"
{
struct cmndspec *cs = emalloc(sizeof(*cs));
if (yyvsp[-3].runas != NULL) {
}
break;
case 37:
-#line 366 "gram.y"
+#line 365 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = FALSE;
+ yyval.member->negated = false;
}
break;
case 38:
-#line 370 "gram.y"
+#line 369 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = TRUE;
+ yyval.member->negated = true;
}
break;
case 39:
-#line 376 "gram.y"
+#line 375 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 40:
-#line 381 "gram.y"
+#line 380 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 41:
-#line 386 "gram.y"
+#line 385 "gram.y"
{
yyval.seinfo.role = NULL;
yyval.seinfo.type = NULL;
}
break;
case 42:
-#line 390 "gram.y"
+#line 389 "gram.y"
{
yyval.seinfo.role = yyvsp[0].string;
yyval.seinfo.type = NULL;
}
break;
case 43:
-#line 394 "gram.y"
+#line 393 "gram.y"
{
yyval.seinfo.type = yyvsp[0].string;
yyval.seinfo.role = NULL;
}
break;
case 44:
-#line 398 "gram.y"
+#line 397 "gram.y"
{
yyval.seinfo.role = yyvsp[-1].string;
yyval.seinfo.type = yyvsp[0].string;
}
break;
case 45:
-#line 402 "gram.y"
+#line 401 "gram.y"
{
yyval.seinfo.type = yyvsp[-1].string;
yyval.seinfo.role = yyvsp[0].string;
}
break;
case 46:
-#line 408 "gram.y"
+#line 407 "gram.y"
{
yyval.runas = NULL;
}
break;
case 47:
-#line 411 "gram.y"
+#line 410 "gram.y"
{
yyval.runas = yyvsp[-1].runas;
}
break;
case 48:
-#line 416 "gram.y"
+#line 415 "gram.y"
{
yyval.runas = emalloc(sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[0].member;
}
break;
case 49:
-#line 421 "gram.y"
+#line 420 "gram.y"
{
yyval.runas = emalloc(sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[-2].member;
}
break;
case 50:
-#line 426 "gram.y"
+#line 425 "gram.y"
{
yyval.runas = emalloc(sizeof(struct runascontainer));
yyval.runas->runasusers = NULL;
}
break;
case 51:
-#line 433 "gram.y"
+#line 432 "gram.y"
{
yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv =
yyval.tag.log_input = yyval.tag.log_output = UNSPEC;
}
break;
case 52:
-#line 437 "gram.y"
+#line 436 "gram.y"
{
- yyval.tag.nopasswd = TRUE;
+ yyval.tag.nopasswd = true;
}
break;
case 53:
-#line 440 "gram.y"
+#line 439 "gram.y"
{
- yyval.tag.nopasswd = FALSE;
+ yyval.tag.nopasswd = false;
}
break;
case 54:
-#line 443 "gram.y"
+#line 442 "gram.y"
{
- yyval.tag.noexec = TRUE;
+ yyval.tag.noexec = true;
}
break;
case 55:
-#line 446 "gram.y"
+#line 445 "gram.y"
{
- yyval.tag.noexec = FALSE;
+ yyval.tag.noexec = false;
}
break;
case 56:
-#line 449 "gram.y"
+#line 448 "gram.y"
{
- yyval.tag.setenv = TRUE;
+ yyval.tag.setenv = true;
}
break;
case 57:
-#line 452 "gram.y"
+#line 451 "gram.y"
{
- yyval.tag.setenv = FALSE;
+ yyval.tag.setenv = false;
}
break;
case 58:
-#line 455 "gram.y"
+#line 454 "gram.y"
{
- yyval.tag.log_input = TRUE;
+ yyval.tag.log_input = true;
}
break;
case 59:
-#line 458 "gram.y"
+#line 457 "gram.y"
{
- yyval.tag.log_input = FALSE;
+ yyval.tag.log_input = false;
}
break;
case 60:
-#line 461 "gram.y"
+#line 460 "gram.y"
{
- yyval.tag.log_output = TRUE;
+ yyval.tag.log_output = true;
}
break;
case 61:
-#line 464 "gram.y"
+#line 463 "gram.y"
{
- yyval.tag.log_output = FALSE;
+ yyval.tag.log_output = false;
}
break;
case 62:
-#line 469 "gram.y"
+#line 468 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 63:
-#line 472 "gram.y"
+#line 471 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 64:
-#line 475 "gram.y"
+#line 474 "gram.y"
{
struct sudo_command *c = emalloc(sizeof(*c));
c->cmnd = yyvsp[0].command.cmnd;
}
break;
case 67:
-#line 487 "gram.y"
+#line 486 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 69:
-#line 497 "gram.y"
+#line 496 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 72:
-#line 507 "gram.y"
+#line 506 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 74:
-#line 517 "gram.y"
+#line 516 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 77:
-#line 527 "gram.y"
+#line 526 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 80:
-#line 540 "gram.y"
+#line 539 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 82:
-#line 550 "gram.y"
+#line 549 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 83:
-#line 556 "gram.y"
+#line 555 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = FALSE;
+ yyval.member->negated = false;
}
break;
case 84:
-#line 560 "gram.y"
+#line 559 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = TRUE;
+ yyval.member->negated = true;
}
break;
case 85:
-#line 566 "gram.y"
+#line 565 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 86:
-#line 569 "gram.y"
+#line 568 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 87:
-#line 572 "gram.y"
+#line 571 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 88:
-#line 575 "gram.y"
+#line 574 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, USERGROUP);
}
break;
case 89:
-#line 578 "gram.y"
+#line 577 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 91:
-#line 584 "gram.y"
+#line 583 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 92:
-#line 590 "gram.y"
+#line 589 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = FALSE;
+ yyval.member->negated = false;
}
break;
case 93:
-#line 594 "gram.y"
+#line 593 "gram.y"
{
yyval.member = yyvsp[0].member;
- yyval.member->negated = TRUE;
+ yyval.member->negated = true;
}
break;
case 94:
-#line 600 "gram.y"
+#line 599 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 95:
-#line 603 "gram.y"
+#line 602 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 96:
-#line 606 "gram.y"
+#line 605 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
-#line 1548 "y.tab.c"
+#line 1547 "y.tab.c"
}
yyssp -= yym;
yystate = *yyssp;
extern int sudolineno;
extern int last_token;
extern char *sudoers;
-static int verbose = FALSE;
-int parse_error = FALSE;
-int pedantic = FALSE;
+static bool verbose = false;
+bool parse_error = false;
int errorlineno = -1;
char *errorfile = NULL;
} else if (verbose && s != NULL) {
warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
}
- parse_error = TRUE;
+ parse_error = true;
debug_return;
}
%}
;
defaults_entry : DEFVAR {
- $$ = new_default($1, NULL, TRUE);
+ $$ = new_default($1, NULL, true);
}
| '!' DEFVAR {
- $$ = new_default($2, NULL, FALSE);
+ $$ = new_default($2, NULL, false);
}
| DEFVAR '=' WORD {
- $$ = new_default($1, $3, TRUE);
+ $$ = new_default($1, $3, true);
}
| DEFVAR '+' WORD {
$$ = new_default($1, $3, '+');
ophost : host {
$$ = $1;
- $$->negated = FALSE;
+ $$->negated = false;
}
| '!' host {
$$ = $2;
- $$->negated = TRUE;
+ $$->negated = true;
}
;
opcmnd : cmnd {
$$ = $1;
- $$->negated = FALSE;
+ $$->negated = false;
}
| '!' cmnd {
$$ = $2;
- $$->negated = TRUE;
+ $$->negated = true;
}
;
$$.log_input = $$.log_output = UNSPEC;
}
| cmndtag NOPASSWD {
- $$.nopasswd = TRUE;
+ $$.nopasswd = true;
}
| cmndtag PASSWD {
- $$.nopasswd = FALSE;
+ $$.nopasswd = false;
}
| cmndtag NOEXEC {
- $$.noexec = TRUE;
+ $$.noexec = true;
}
| cmndtag EXEC {
- $$.noexec = FALSE;
+ $$.noexec = false;
}
| cmndtag SETENV {
- $$.setenv = TRUE;
+ $$.setenv = true;
}
| cmndtag NOSETENV {
- $$.setenv = FALSE;
+ $$.setenv = false;
}
| cmndtag LOG_INPUT {
- $$.log_input = TRUE;
+ $$.log_input = true;
}
| cmndtag NOLOG_INPUT {
- $$.log_input = FALSE;
+ $$.log_input = false;
}
| cmndtag LOG_OUTPUT {
- $$.log_output = TRUE;
+ $$.log_output = true;
}
| cmndtag NOLOG_OUTPUT {
- $$.log_output = FALSE;
+ $$.log_output = false;
}
;
opuser : user {
$$ = $1;
- $$->negated = FALSE;
+ $$->negated = false;
}
| '!' user {
$$ = $2;
- $$->negated = TRUE;
+ $$->negated = true;
}
;
opgroup : group {
$$ = $1;
- $$->negated = FALSE;
+ $$->negated = false;
}
| '!' group {
$$ = $2;
- $$->negated = TRUE;
+ $$->negated = true;
}
;
efree(sudoers);
sudoers = path ? estrdup(path) : NULL;
- parse_error = FALSE;
+ parse_error = false;
errorlineno = -1;
errorfile = NULL;
verbose = !quiet;
* Split args into a vector if specified.
*/
if (args != NULL) {
- int ac = 0, wasblank = TRUE;
+ int ac = 0;
+ bool wasblank = true;
char *cp;
for (cp = args; *cp != '\0'; cp++) {
if (isblank((unsigned char)*cp)) {
- wasblank = TRUE;
+ wasblank = true;
} else if (wasblank) {
- wasblank = FALSE;
+ wasblank = false;
ac++;
}
}
done:
efree(argv);
- if (rc != TRUE) {
+ if (rc != true) {
if (group_handle != NULL) {
dlclose(group_handle);
group_handle = NULL;
debug_decl(group_plugin_query, SUDO_DEBUG_UTIL)
if (group_plugin == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
debug_return_bool((group_plugin->query)(user, group, pwd));
}
group_plugin_load(char *plugin_info)
{
debug_decl(group_plugin_load, SUDO_DEBUG_UTIL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
void
const struct passwd *pwd)
{
debug_decl(group_plugin_query, SUDO_DEBUG_UTIL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
#endif /* HAVE_DLOPEN || HAVE_SHL_LOAD */
/*
* Append suffix to pathbuf after len chars and open the resulting file.
* Note that the size of pathbuf is assumed to be PATH_MAX.
- * Uses zlib if docompress is TRUE.
+ * Uses zlib if docompress is true.
* Returns the open file handle which has the close-on-exec flag set.
*/
static void *
-open_io_fd(char *pathbuf, size_t len, const char *suffix, int docompress)
+open_io_fd(char *pathbuf, size_t len, const char *suffix, bool docompress)
{
void *vfd = NULL;
int fd;
continue;
}
if (strncmp(*cur, "iolog_stdin=", sizeof("iolog_stdin=") - 1) == 0) {
- if (atobool(*cur + sizeof("iolog_stdin=") - 1) == TRUE)
- details->iolog_stdin = TRUE;
+ if (atobool(*cur + sizeof("iolog_stdin=") - 1) == true)
+ details->iolog_stdin = true;
continue;
}
if (strncmp(*cur, "iolog_stdout=", sizeof("iolog_stdout=") - 1) == 0) {
- if (atobool(*cur + sizeof("iolog_stdout=") - 1) == TRUE)
- details->iolog_stdout = TRUE;
+ if (atobool(*cur + sizeof("iolog_stdout=") - 1) == true)
+ details->iolog_stdout = true;
continue;
}
if (strncmp(*cur, "iolog_stderr=", sizeof("iolog_stderr=") - 1) == 0) {
- if (atobool(*cur + sizeof("iolog_stderr=") - 1) == TRUE)
- details->iolog_stderr = TRUE;
+ if (atobool(*cur + sizeof("iolog_stderr=") - 1) == true)
+ details->iolog_stderr = true;
continue;
}
if (strncmp(*cur, "iolog_ttyin=", sizeof("iolog_ttyin=") - 1) == 0) {
- if (atobool(*cur + sizeof("iolog_ttyin=") - 1) == TRUE)
- details->iolog_ttyin = TRUE;
+ if (atobool(*cur + sizeof("iolog_ttyin=") - 1) == true)
+ details->iolog_ttyin = true;
continue;
}
if (strncmp(*cur, "iolog_ttyout=", sizeof("iolog_ttyout=") - 1) == 0) {
- if (atobool(*cur + sizeof("iolog_ttyout=") - 1) == TRUE)
- details->iolog_ttyout = TRUE;
+ if (atobool(*cur + sizeof("iolog_ttyout=") - 1) == true)
+ details->iolog_ttyout = true;
continue;
}
if (strncmp(*cur, "iolog_compress=", sizeof("iolog_compress=") - 1) == 0) {
- if (atobool(*cur + sizeof("iolog_compress=") - 1) == TRUE)
- iolog_compress = TRUE; /* must be global */
+ if (atobool(*cur + sizeof("iolog_compress=") - 1) == true)
+ iolog_compress = true; /* must be global */
continue;
}
break;
/* If we have no command (because -V was specified) just return. */
if (argc == 0)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
if (!details.iolog_stdin && !details.iolog_ttyin &&
!details.iolog_stdout && !details.iolog_stderr &&
!details.iolog_ttyout) {
- rval = FALSE;
+ rval = false;
goto done;
}
/*
* We create 7 files: a log file, a timing file and 5 for input/output.
*/
- io_logfile = open_io_fd(pathbuf, len, "/log", FALSE);
+ io_logfile = open_io_fd(pathbuf, len, "/log", false);
if (io_logfile == NULL)
log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
fputc('\n', io_logfile);
fclose(io_logfile);
- rval = TRUE;
+ rval = true;
done:
efree(tofree);
sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n",
PACKAGE_VERSION);
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
/*
last_time.tv_sec = now.tv_sec;
last_time.tv_usec = now.tv_usec;
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static int
size_t len, prelen = 0;
char *dst, *dst0, *path, *pathend, tmpbuf[PATH_MAX];
const char *endbrace, *src = dir;
- int pass, strfit;
+ int pass;
+ bool strfit;
debug_decl(expand_iolog_path, SUDO_DEBUG_UTIL)
/* Expanded path must be <= PATH_MAX */
file++;
for (pass = 0; pass < 3; pass++) {
- strfit = FALSE;
+ strfit = false;
switch (pass) {
case 0:
src = dir;
} ldap_conf;
static struct ldap_config_table ldap_conf_table[] = {
- { "sudoers_debug", CONF_INT, FALSE, -1, &ldap_conf.debug },
- { "host", CONF_STR, FALSE, -1, &ldap_conf.host },
- { "port", CONF_INT, FALSE, -1, &ldap_conf.port },
- { "ssl", CONF_STR, FALSE, -1, &ldap_conf.ssl },
- { "sslpath", CONF_STR, FALSE, -1, &ldap_conf.tls_certfile },
- { "uri", CONF_LIST_STR, FALSE, -1, &ldap_conf.uri },
+ { "sudoers_debug", CONF_INT, false, -1, &ldap_conf.debug },
+ { "host", CONF_STR, false, -1, &ldap_conf.host },
+ { "port", CONF_INT, false, -1, &ldap_conf.port },
+ { "ssl", CONF_STR, false, -1, &ldap_conf.ssl },
+ { "sslpath", CONF_STR, false, -1, &ldap_conf.tls_certfile },
+ { "uri", CONF_LIST_STR, false, -1, &ldap_conf.uri },
#ifdef LDAP_OPT_DEBUG_LEVEL
- { "debug", CONF_INT, FALSE, LDAP_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug },
+ { "debug", CONF_INT, false, LDAP_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug },
#endif
#ifdef LDAP_OPT_PROTOCOL_VERSION
- { "ldap_version", CONF_INT, TRUE, LDAP_OPT_PROTOCOL_VERSION,
+ { "ldap_version", CONF_INT, true, LDAP_OPT_PROTOCOL_VERSION,
&ldap_conf.version },
#endif
#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
- { "tls_checkpeer", CONF_BOOL, FALSE, LDAP_OPT_X_TLS_REQUIRE_CERT,
+ { "tls_checkpeer", CONF_BOOL, false, LDAP_OPT_X_TLS_REQUIRE_CERT,
&ldap_conf.tls_checkpeer },
#else
- { "tls_checkpeer", CONF_BOOL, FALSE, -1, &ldap_conf.tls_checkpeer },
+ { "tls_checkpeer", CONF_BOOL, false, -1, &ldap_conf.tls_checkpeer },
#endif
#ifdef LDAP_OPT_X_TLS_CACERTFILE
- { "tls_cacertfile", CONF_STR, FALSE, LDAP_OPT_X_TLS_CACERTFILE,
+ { "tls_cacertfile", CONF_STR, false, LDAP_OPT_X_TLS_CACERTFILE,
&ldap_conf.tls_cacertfile },
- { "tls_cacert", CONF_STR, FALSE, LDAP_OPT_X_TLS_CACERTFILE,
+ { "tls_cacert", CONF_STR, false, LDAP_OPT_X_TLS_CACERTFILE,
&ldap_conf.tls_cacertfile },
#endif
#ifdef LDAP_OPT_X_TLS_CACERTDIR
- { "tls_cacertdir", CONF_STR, FALSE, LDAP_OPT_X_TLS_CACERTDIR,
+ { "tls_cacertdir", CONF_STR, false, LDAP_OPT_X_TLS_CACERTDIR,
&ldap_conf.tls_cacertdir },
#endif
#ifdef LDAP_OPT_X_TLS_RANDOM_FILE
- { "tls_randfile", CONF_STR, FALSE, LDAP_OPT_X_TLS_RANDOM_FILE,
+ { "tls_randfile", CONF_STR, false, LDAP_OPT_X_TLS_RANDOM_FILE,
&ldap_conf.tls_random_file },
#endif
#ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
- { "tls_ciphers", CONF_STR, FALSE, LDAP_OPT_X_TLS_CIPHER_SUITE,
+ { "tls_ciphers", CONF_STR, false, LDAP_OPT_X_TLS_CIPHER_SUITE,
&ldap_conf.tls_cipher_suite },
#endif
#ifdef LDAP_OPT_X_TLS_CERTFILE
- { "tls_cert", CONF_STR, FALSE, LDAP_OPT_X_TLS_CERTFILE,
+ { "tls_cert", CONF_STR, false, LDAP_OPT_X_TLS_CERTFILE,
&ldap_conf.tls_certfile },
#else
- { "tls_cert", CONF_STR, FALSE, -1, &ldap_conf.tls_certfile },
+ { "tls_cert", CONF_STR, false, -1, &ldap_conf.tls_certfile },
#endif
#ifdef LDAP_OPT_X_TLS_KEYFILE
- { "tls_key", CONF_STR, FALSE, LDAP_OPT_X_TLS_KEYFILE,
+ { "tls_key", CONF_STR, false, LDAP_OPT_X_TLS_KEYFILE,
&ldap_conf.tls_keyfile },
#else
- { "tls_key", CONF_STR, FALSE, -1, &ldap_conf.tls_keyfile },
+ { "tls_key", CONF_STR, false, -1, &ldap_conf.tls_keyfile },
#endif
#ifdef LDAP_OPT_NETWORK_TIMEOUT
- { "bind_timelimit", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
+ { "bind_timelimit", CONF_INT, true, -1 /* needs timeval, set manually */,
&ldap_conf.bind_timelimit },
- { "network_timeout", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
+ { "network_timeout", CONF_INT, true, -1 /* needs timeval, set manually */,
&ldap_conf.bind_timelimit },
#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
- { "bind_timelimit", CONF_INT, TRUE, LDAP_X_OPT_CONNECT_TIMEOUT,
+ { "bind_timelimit", CONF_INT, true, LDAP_X_OPT_CONNECT_TIMEOUT,
&ldap_conf.bind_timelimit },
- { "network_timeout", CONF_INT, TRUE, LDAP_X_OPT_CONNECT_TIMEOUT,
+ { "network_timeout", CONF_INT, true, LDAP_X_OPT_CONNECT_TIMEOUT,
&ldap_conf.bind_timelimit },
#endif
- { "timelimit", CONF_INT, TRUE, LDAP_OPT_TIMELIMIT, &ldap_conf.timelimit },
+ { "timelimit", CONF_INT, true, LDAP_OPT_TIMELIMIT, &ldap_conf.timelimit },
#ifdef LDAP_OPT_TIMEOUT
- { "timeout", CONF_INT, TRUE, -1 /* needs timeval, set manually */,
+ { "timeout", CONF_INT, true, -1 /* needs timeval, set manually */,
&ldap_conf.timeout },
#endif
#ifdef LDAP_OPT_DEREF
- { "deref", CONF_DEREF_VAL, TRUE, LDAP_OPT_DEREF, &ldap_conf.deref },
+ { "deref", CONF_DEREF_VAL, true, LDAP_OPT_DEREF, &ldap_conf.deref },
#endif
- { "binddn", CONF_STR, FALSE, -1, &ldap_conf.binddn },
- { "bindpw", CONF_STR, FALSE, -1, &ldap_conf.bindpw },
- { "rootbinddn", CONF_STR, FALSE, -1, &ldap_conf.rootbinddn },
- { "sudoers_base", CONF_LIST_STR, FALSE, -1, &ldap_conf.base },
- { "sudoers_timed", CONF_BOOL, FALSE, -1, &ldap_conf.timed },
- { "sudoers_search_filter", CONF_STR, FALSE, -1, &ldap_conf.search_filter },
+ { "binddn", CONF_STR, false, -1, &ldap_conf.binddn },
+ { "bindpw", CONF_STR, false, -1, &ldap_conf.bindpw },
+ { "rootbinddn", CONF_STR, false, -1, &ldap_conf.rootbinddn },
+ { "sudoers_base", CONF_LIST_STR, false, -1, &ldap_conf.base },
+ { "sudoers_timed", CONF_BOOL, false, -1, &ldap_conf.timed },
+ { "sudoers_search_filter", CONF_STR, false, -1, &ldap_conf.search_filter },
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
- { "use_sasl", CONF_BOOL, FALSE, -1, &ldap_conf.use_sasl },
- { "sasl_auth_id", CONF_STR, FALSE, -1, &ldap_conf.sasl_auth_id },
- { "rootuse_sasl", CONF_BOOL, FALSE, -1, &ldap_conf.rootuse_sasl },
- { "rootsasl_auth_id", CONF_STR, FALSE, -1, &ldap_conf.rootsasl_auth_id },
+ { "use_sasl", CONF_BOOL, false, -1, &ldap_conf.use_sasl },
+ { "sasl_auth_id", CONF_STR, false, -1, &ldap_conf.sasl_auth_id },
+ { "rootuse_sasl", CONF_BOOL, false, -1, &ldap_conf.rootuse_sasl },
+ { "rootsasl_auth_id", CONF_STR, false, -1, &ldap_conf.rootsasl_auth_id },
# ifdef LDAP_OPT_X_SASL_SECPROPS
- { "sasl_secprops", CONF_STR, TRUE, LDAP_OPT_X_SASL_SECPROPS,
+ { "sasl_secprops", CONF_STR, true, LDAP_OPT_X_SASL_SECPROPS,
&ldap_conf.sasl_secprops },
# endif
- { "krb5_ccname", CONF_STR, FALSE, -1, &ldap_conf.krb5_ccname },
+ { "krb5_ccname", CONF_STR, false, -1, &ldap_conf.krb5_ccname },
#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
{ NULL }
};
}
/*
- * Walk through search results and return TRUE if we have a matching
- * netgroup, else FALSE.
+ * Walk through search results and return true if we have a matching
+ * netgroup, else false.
*/
-static int
+static bool
sudo_ldap_check_user_netgroup(LDAP *ld, LDAPMessage *entry, char *user)
{
struct berval **bv, **p;
char *val;
- int ret = FALSE;
+ int ret = false;
debug_decl(sudo_ldap_check_user_netgroup, SUDO_DEBUG_LDAP)
if (!entry)
- debug_return_int(ret);
+ debug_return_bool(ret);
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoUser");
if (bv == NULL)
- debug_return_int(ret);
+ debug_return_bool(ret);
/* walk through values */
for (p = bv; *p != NULL && !ret; p++) {
val = (*p)->bv_val;
/* match any */
if (netgr_matches(val, NULL, NULL, user))
- ret = TRUE;
+ ret = true;
DPRINTF(("ldap sudoUser netgroup '%s' ... %s", val,
ret ? "MATCH!" : "not"), 2 + ((ret) ? 0 : 1));
}
ldap_value_free_len(bv); /* cleanup */
- debug_return_int(ret);
+ debug_return_bool(ret);
}
/*
-* Walk through search results and return TRUE if we have a
-* host match, else FALSE.
+* Walk through search results and return true if we have a
+* host match, else false.
*/
-static int
+static bool
sudo_ldap_check_host(LDAP *ld, LDAPMessage *entry)
{
struct berval **bv, **p;
char *val;
- int ret = FALSE;
+ bool ret = false;
debug_decl(sudo_ldap_check_host, SUDO_DEBUG_LDAP)
if (!entry)
- debug_return_int(ret);
+ debug_return_bool(ret);
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoHost");
if (bv == NULL)
- debug_return_int(ret);
+ debug_return_bool(ret);
/* walk through values */
for (p = bv; *p != NULL && !ret; p++) {
if (!strcmp(val, "ALL") || addr_matches(val) ||
netgr_matches(val, user_host, user_shost, NULL) ||
hostname_matches(user_shost, user_host, val))
- ret = TRUE;
+ ret = true;
DPRINTF(("ldap sudoHost '%s' ... %s", val,
ret ? "MATCH!" : "not"), 2);
}
ldap_value_free_len(bv); /* cleanup */
- debug_return_int(ret);
+ debug_return_bool(ret);
}
static int
{
struct berval **bv, **p;
char *val;
- int ret = FALSE;
+ bool ret = false;
debug_decl(sudo_ldap_check_runas_user, SUDO_DEBUG_LDAP)
if (!runas_pw)
- debug_return_int(UNSPEC);
+ debug_return_bool(UNSPEC);
/* get the runas user from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
* what the user specified on the command line.
*/
if (bv == NULL)
- debug_return_int(!strcasecmp(runas_pw->pw_name, def_runas_default));
+ debug_return_bool(!strcasecmp(runas_pw->pw_name, def_runas_default));
/* walk through values returned, looking for a match */
for (p = bv; *p != NULL && !ret; p++) {
switch (val[0]) {
case '+':
if (netgr_matches(val, NULL, NULL, runas_pw->pw_name))
- ret = TRUE;
+ ret = true;
break;
case '%':
if (usergr_matches(val, runas_pw->pw_name, runas_pw))
- ret = TRUE;
+ ret = true;
break;
case 'A':
if (strcmp(val, "ALL") == 0) {
- ret = TRUE;
+ ret = true;
break;
}
/* FALLTHROUGH */
default:
if (strcasecmp(val, runas_pw->pw_name) == 0)
- ret = TRUE;
+ ret = true;
break;
}
DPRINTF(("ldap sudoRunAsUser '%s' ... %s", val,
ldap_value_free_len(bv); /* cleanup */
- debug_return_int(ret);
+ debug_return_bool(ret);
}
static int
{
struct berval **bv, **p;
char *val;
- int ret = FALSE;
+ bool ret = false;
debug_decl(sudo_ldap_check_runas_group, SUDO_DEBUG_LDAP)
/* runas_gr is only set if the user specified the -g flag */
if (!runas_gr)
- debug_return_int(UNSPEC);
+ debug_return_bool(UNSPEC);
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv == NULL)
- debug_return_int(ret);
+ debug_return_bool(ret);
/* walk through values returned, looking for a match */
for (p = bv; *p != NULL && !ret; p++) {
val = (*p)->bv_val;
if (strcmp(val, "ALL") == 0 || group_matches(val, runas_gr))
- ret = TRUE;
+ ret = true;
DPRINTF(("ldap sudoRunAsGroup '%s' ... %s", val,
ret ? "MATCH!" : "not"), 2);
}
ldap_value_free_len(bv); /* cleanup */
- debug_return_int(ret);
+ debug_return_bool(ret);
}
/*
- * Walk through search results and return TRUE if we have a runas match,
- * else FALSE. RunAs info is optional.
+ * Walk through search results and return true if we have a runas match,
+ * else false. RunAs info is optional.
*/
-static int
+static bool
sudo_ldap_check_runas(LDAP *ld, LDAPMessage *entry)
{
- int ret;
+ bool ret;
debug_decl(sudo_ldap_check_runas, SUDO_DEBUG_LDAP)
if (!entry)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
- ret = sudo_ldap_check_runas_user(ld, entry) != FALSE &&
- sudo_ldap_check_runas_group(ld, entry) != FALSE;
+ ret = sudo_ldap_check_runas_user(ld, entry) != false &&
+ sudo_ldap_check_runas_group(ld, entry) != false;
debug_return_bool(ret);
}
/*
- * Walk through search results and return TRUE if we have a command match,
- * FALSE if disallowed and UNSPEC if not matched.
+ * Walk through search results and return true if we have a command match,
+ * false if disallowed and UNSPEC if not matched.
*/
static int
sudo_ldap_check_command(LDAP *ld, LDAPMessage *entry, int *setenv_implied)
{
struct berval **bv, **p;
char *allowed_cmnd, *allowed_args, *val;
- int foundbang, ret = UNSPEC;
+ bool foundbang;
+ int ret = UNSPEC;
debug_decl(sudo_ldap_check_command, SUDO_DEBUG_LDAP)
if (!entry)
if (bv == NULL)
debug_return_bool(ret);
- for (p = bv; *p != NULL && ret != FALSE; p++) {
+ for (p = bv; *p != NULL && ret != false; p++) {
val = (*p)->bv_val;
/* Match against ALL ? */
if (!strcmp(val, "ALL")) {
- ret = TRUE;
+ ret = true;
if (setenv_implied != NULL)
- *setenv_implied = TRUE;
+ *setenv_implied = true;
DPRINTF(("ldap sudoCommand '%s' ... MATCH!", val), 2);
continue;
}
/* check for !command */
if (*val == '!') {
- foundbang = TRUE;
+ foundbang = true;
allowed_cmnd = estrdup(1 + val); /* !command */
} else {
- foundbang = FALSE;
+ foundbang = false;
allowed_cmnd = estrdup(val); /* command */
}
* If allowed (no bang) set ret but keep on checking.
* If disallowed (bang), exit loop.
*/
- ret = foundbang ? FALSE : TRUE;
+ ret = foundbang ? false : true;
}
DPRINTF(("ldap sudoCommand '%s' ... %s", val,
- ret == TRUE ? "MATCH!" : "not"), 2);
+ ret == true ? "MATCH!" : "not"), 2);
efree(allowed_cmnd); /* cleanup */
}
/*
* Search for boolean "option" in sudoOption.
- * Returns TRUE if found and allowed, FALSE if negated, else UNSPEC.
+ * Returns true if found and allowed, false if negated, else UNSPEC.
*/
static int
sudo_ldap_check_bool(LDAP *ld, LDAPMessage *entry, char *option)
set_default(var, val, (int) op);
} else {
/* case var=val */
- set_default(var, val, TRUE);
+ set_default(var, val, true);
}
} else if (*var == '!') {
/* case !var Boolean False */
- set_default(var + 1, NULL, FALSE);
+ set_default(var + 1, NULL, false);
} else {
/* case var Boolean True */
- set_default(var, NULL, TRUE);
+ set_default(var, NULL, true);
}
efree(var);
}
debug_return;
}
-static int
+static bool
sudo_ldap_read_config(void)
{
FILE *fp;
ldap_conf.deref = -1;
if ((fp = fopen(_PATH_LDAP_CONF, "r")) == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
while ((cp = sudo_parseln(fp)) != NULL) {
if (*cp == '\0')
*(int *)(cur->valp) = LDAP_DEREF_NEVER;
break;
case CONF_BOOL:
- *(int *)(cur->valp) = atobool(value) == TRUE;
+ *(int *)(cur->valp) = atobool(value) == true;
break;
case CONF_INT:
*(int *)(cur->valp) = atoi(value);
sudo_printf(SUDO_CONV_ERROR_MSG, "===================\n");
}
if (!ldap_conf.base)
- debug_return_bool(FALSE); /* if no base is defined, ignore LDAP */
+ debug_return_bool(false); /* if no base is defined, ignore LDAP */
if (ldap_conf.bind_timelimit > 0)
ldap_conf.bind_timelimit *= 1000; /* convert to ms */
if (ldap_conf.ssl != NULL) {
if (strcasecmp(ldap_conf.ssl, "start_tls") == 0)
ldap_conf.ssl_mode = SUDO_LDAP_STARTTLS;
- else if (atobool(ldap_conf.ssl) == TRUE)
+ else if (atobool(ldap_conf.ssl) == true)
ldap_conf.ssl_mode = SUDO_LDAP_SSL;
}
if (ldap_conf.uri) {
struct ldap_config_list_str *uri = ldap_conf.uri;
if (sudo_ldap_parse_uri(uri) != 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
do {
ldap_conf.uri = uri->next;
efree(uri);
}
}
#endif
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
/*
LDAP *ld;
struct ldap_result *lres;
LDAPMessage *entry;
- int i, found = FALSE;
+ bool found = false;
+ int i;
debug_decl(sudo_ldap_display_cmnd, SUDO_DEBUG_LDAP)
if (handle == NULL || handle->ld == NULL)
entry = lres->entries[i].entry;
if (sudo_ldap_check_command(ld, entry, NULL) &&
sudo_ldap_check_runas(ld, entry)) {
- found = TRUE;
+ found = true;
goto done;
}
}
result->nentries = 0;
result->entries = NULL;
result->allocated_entries = 0;
- result->user_matches = FALSE;
- result->host_matches = FALSE;
+ result->user_matches = false;
+ result->host_matches = false;
debug_return_ptr(result);
}
debug_decl(sudo_ldap_bind_s, SUDO_DEBUG_LDAP)
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
- if (ldap_conf.rootuse_sasl == TRUE ||
- (ldap_conf.rootuse_sasl != FALSE && ldap_conf.use_sasl == TRUE)) {
+ if (ldap_conf.rootuse_sasl == true ||
+ (ldap_conf.rootuse_sasl != false && ldap_conf.use_sasl == true)) {
void *auth_id = ldap_conf.rootsasl_auth_id ?
ldap_conf.rootsasl_auth_id : ldap_conf.sasl_auth_id;
DPRINTF(("gss_krb5_ccache_name() failed: %d", status), 1);
}
# else
- setenv("KRB5CCNAME", ldap_conf.krb5_ccname, TRUE);
+ setenv("KRB5CCNAME", ldap_conf.krb5_ccname, true);
# endif
}
rc = ldap_sasl_interactive_bind_s(ld, ldap_conf.binddn, "GSSAPI",
DPRINTF(("gss_krb5_ccache_name() failed: %d", status), 1);
# else
if (old_ccname != NULL)
- setenv("KRB5CCNAME", old_ccname, TRUE);
+ setenv("KRB5CCNAME", old_ccname, true);
else
unsetenv("KRB5CCNAME");
# endif
sudo_ldap_open(struct sudo_nss *nss)
{
LDAP *ld;
- int rc, ldapnoinit = FALSE;
+ int rc;
+ bool ldapnoinit = false;
struct sudo_ldap_handle *handle;
debug_decl(sudo_ldap_open, SUDO_DEBUG_LDAP)
/* Prevent reading of user ldaprc and system defaults. */
if (getenv("LDAPNOINIT") == NULL) {
- ldapnoinit = TRUE;
- setenv("LDAPNOINIT", "1", TRUE);
+ ldapnoinit = true;
+ setenv("LDAPNOINIT", "1", true);
}
/* Connect to LDAP server */
DPRINTF(("perform search for pwflag %d", pwflag), 1);
for (i = 0; i < lres->nentries; i++) {
entry = lres->entries[i].entry;
- if ((pwcheck == any && doauth != FALSE) ||
- (pwcheck == all && doauth == FALSE)) {
+ if ((pwcheck == any && doauth != false) ||
+ (pwcheck == all && doauth == false)) {
doauth = sudo_ldap_check_bool(ld, entry, "authenticate");
}
/* Only check the command when listing another user. */
if (user_uid == 0 || list_pw == NULL ||
user_uid == list_pw->pw_uid ||
sudo_ldap_check_command(ld, entry, NULL)) {
- matched = TRUE;
+ matched = true;
break;
}
}
break;
case all:
case any:
- if (doauth == FALSE)
- def_authenticate = FALSE;
+ if (doauth == false)
+ def_authenticate = false;
break;
case never:
- def_authenticate = FALSE;
+ def_authenticate = false;
break;
default:
break;
DPRINTF(("searching LDAP for sudoers entries"), 1);
- setenv_implied = FALSE;
+ setenv_implied = false;
for (i = 0; i < lres->nentries; i++) {
entry = lres->entries[i].entry;
if (!sudo_ldap_check_runas(ld, entry))
rc = sudo_ldap_check_command(ld, entry, &setenv_implied);
if (rc != UNSPEC) {
/* We have a match. */
- DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1);
- if (rc == TRUE) {
+ DPRINTF(("Command %sallowed", rc == true ? "" : "NOT "), 1);
+ if (rc == true) {
DPRINTF(("LDAP entry: %p", entry), 1);
/* Apply entry-specific options. */
if (setenv_implied)
- def_setenv = TRUE;
+ def_setenv = true;
sudo_ldap_parse_options(ld, entry);
#ifdef HAVE_SELINUX
/* Set role and type if not specified on command line. */
DPRINTF(("nothing found for '%s'", filt), 1);
continue;
}
- lres->user_matches = TRUE;
+ lres->user_matches = true;
/* Add the seach result to list of search results. */
DPRINTF(("adding search result"), 1);
if ((!do_netgr ||
sudo_ldap_check_user_netgroup(ld, entry, pw->pw_name)) &&
sudo_ldap_check_host(ld, entry)) {
- lres->host_matches = TRUE;
+ lres->host_matches = true;
sudo_ldap_result_add_entry(lres, entry);
}
}
static struct member_list empty;
-static int command_matches_dir(char *, size_t);
-static int command_matches_glob(char *, char *);
-static int command_matches_fnmatch(char *, char *);
-static int command_matches_normal(char *, char *);
+static bool command_matches_dir(char *, size_t);
+static bool command_matches_glob(char *, char *);
+static bool command_matches_fnmatch(char *, char *);
+static bool command_matches_normal(char *, char *);
/*
- * Returns TRUE if string 's' contains meta characters.
+ * Returns true if string 's' contains meta characters.
*/
#define has_meta(s) (strpbrk(s, "\\?*[]") != NULL)
debug_return_bool(matched);
}
-static int
+static bool
command_args_match(sudoers_cmnd, sudoers_args)
char *sudoers_cmnd;
char *sudoers_args;
*/
if (!sudoers_args ||
(!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)))
- debug_return_bool(TRUE);
+ debug_return_bool(true);
/*
* If args are specified in sudoers, they must match the user args.
* If running as sudoedit, all args are assumed to be paths.
if (strcmp(sudoers_cmnd, "sudoedit") == 0)
flags = FNM_PATHNAME;
if (fnmatch(sudoers_args, user_args ? user_args : "", flags) == 0)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
/*
- * If path doesn't end in /, return TRUE iff cmnd & path name the same inode;
- * otherwise, return TRUE if user_cmnd names one of the inodes in path.
+ * If path doesn't end in /, return true iff cmnd & path name the same inode;
+ * otherwise, return true if user_cmnd names one of the inodes in path.
*/
-int
+bool
command_matches(char *sudoers_cmnd, char *sudoers_args)
{
debug_decl(command_matches, SUDO_DEBUG_MATCH)
*/
if (strcmp(sudoers_cmnd, "sudoedit") != 0 ||
strcmp(user_cmnd, "sudoedit") != 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(sudoers_cmnd);
- debug_return_bool(TRUE);
+ debug_return_bool(true);
} else
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
if (has_meta(sudoers_cmnd)) {
debug_return_bool(command_matches_normal(sudoers_cmnd, sudoers_args));
}
-static int
+static bool
command_matches_fnmatch(char *sudoers_cmnd, char *sudoers_args)
{
debug_decl(command_matches_fnmatch, SUDO_DEBUG_MATCH)
* else return false.
*/
if (fnmatch(sudoers_cmnd, user_cmnd, FNM_PATHNAME) != 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
if (safe_cmnd)
free(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
-static int
+static bool
command_matches_glob(char *sudoers_cmnd, char *sudoers_args)
{
struct stat sudoers_stat;
if ((base = strrchr(sudoers_cmnd, '/')) != NULL) {
base++;
if (!has_meta(base) && strcmp(user_base, base) != 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
/*
#define GLOB_FLAGS (GLOB_NOSORT | GLOB_MARK | GLOB_BRACE | GLOB_TILDE)
if (glob(sudoers_cmnd, GLOB_FLAGS, NULL, &gl) != 0 || gl.gl_pathc == 0) {
globfree(&gl);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
/* For each glob match, compare basename, st_dev and st_ino. */
for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) {
dlen = strlen(cp);
if (cp[dlen - 1] == '/') {
if (command_matches_dir(cp, dlen))
- debug_return_bool(TRUE);
+ debug_return_bool(true);
continue;
}
}
globfree(&gl);
if (cp == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
-static int
+static bool
command_matches_normal(char *sudoers_cmnd, char *sudoers_args)
{
struct stat sudoers_stat;
base++;
if (strcmp(user_base, base) != 0 ||
stat(sudoers_cmnd, &sudoers_stat) == -1)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
/*
* Return true if inode/device matches AND
if (user_stat != NULL &&
(user_stat->st_dev != sudoers_stat.st_dev ||
user_stat->st_ino != sudoers_stat.st_ino))
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(sudoers_cmnd);
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
/*
- * Return TRUE if user_cmnd names one of the inodes in dir, else FALSE.
+ * Return true if user_cmnd names one of the inodes in dir, else false.
*/
-static int
+static bool
command_matches_dir(char *sudoers_dir, size_t dlen)
{
struct stat sudoers_stat;
*/
dirp = opendir(sudoers_dir);
if (dirp == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (strlcpy(buf, sudoers_dir, sizeof(buf)) >= sizeof(buf)) {
closedir(dirp);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
while ((dent = readdir(dirp)) != NULL) {
/* ignore paths > PATH_MAX (XXX - log) */
}
/*
- * Returns TRUE if the hostname matches the pattern, else FALSE
+ * Returns true if the hostname matches the pattern, else false
*/
-int
+bool
hostname_matches(char *shost, char *lhost, char *pattern)
{
debug_decl(hostname_matches, SUDO_DEBUG_MATCH)
}
/*
- * Returns TRUE if the user/uid from sudoers matches the specified user/uid,
- * else returns FALSE.
+ * Returns true if the user/uid from sudoers matches the specified user/uid,
+ * else returns false.
*/
-int
+bool
userpw_matches(char *sudoers_user, char *user, struct passwd *pw)
{
debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
if (pw != NULL && *sudoers_user == '#') {
uid_t uid = (uid_t) atoi(sudoers_user + 1);
if (uid == pw->pw_uid)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
debug_return_bool(strcmp(sudoers_user, user) == 0);
}
/*
- * Returns TRUE if the group/gid from sudoers matches the specified group/gid,
- * else returns FALSE.
+ * Returns true if the group/gid from sudoers matches the specified group/gid,
+ * else returns false.
*/
-int
+bool
group_matches(char *sudoers_group, struct group *gr)
{
debug_decl(group_matches, SUDO_DEBUG_MATCH)
if (*sudoers_group == '#') {
gid_t gid = (gid_t) atoi(sudoers_group + 1);
if (gid == gr->gr_gid)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
debug_return_bool(strcmp(gr->gr_name, sudoers_group) == 0);
}
/*
- * Returns TRUE if the given user belongs to the named group,
- * else returns FALSE.
+ * Returns true if the given user belongs to the named group,
+ * else returns false.
*/
-int
+bool
usergr_matches(char *group, char *user, struct passwd *pw)
{
- int matched = FALSE;
+ int matched = false;
struct passwd *pw0 = NULL;
debug_decl(usergr_matches, SUDO_DEBUG_MATCH)
}
if (user_in_group(pw, group)) {
- matched = TRUE;
+ matched = true;
goto done;
}
/* not a Unix group, could be an external group */
if (def_group_plugin && group_plugin_query(user, group, pw)) {
- matched = TRUE;
+ matched = true;
goto done;
}
}
/*
- * Returns TRUE if "host" and "user" belong to the netgroup "netgr",
- * else return FALSE. Either of "host", "shost" or "user" may be NULL
+ * Returns true if "host" and "user" belong to the netgroup "netgr",
+ * else return false. Either of "host", "shost" or "user" may be NULL
* in which case that argument is not checked...
*
* XXX - swap order of host & shost
*/
-int
+bool
netgr_matches(char *netgr, char *lhost, char *shost, char *user)
{
static char *domain;
/* make sure we have a valid netgroup, sudo style */
if (*netgr++ != '+')
- debug_return_bool(FALSE);
+ debug_return_bool(false);
#ifdef HAVE_GETDOMAINNAME
/* get the domain name (if any) */
#ifdef HAVE_INNETGR
if (innetgr(netgr, lhost, user, domain))
- debug_return_bool(TRUE);
+ debug_return_bool(true);
else if (lhost != shost && innetgr(netgr, shost, user, domain))
- debug_return_bool(TRUE);
+ debug_return_bool(true);
#endif /* HAVE_INNETGR */
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
#include "sudoers.h"
#include "interfaces.h"
-static int
+static bool
addr_matches_if(char *n)
{
union sudo_in_addr_un addr;
if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
(ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
== addr.ip4.s_addr)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
break;
#ifdef HAVE_STRUCT_IN6_ADDR
case AF_INET6:
if (memcmp(ifp->addr.ip6.s6_addr, addr.ip6.s6_addr,
sizeof(addr.ip6.s6_addr)) == 0)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
if ((ifp->addr.ip6.s6_addr[j] & ifp->netmask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
break;
}
if (j == sizeof(addr.ip6.s6_addr))
- debug_return_bool(TRUE);
+ debug_return_bool(true);
#endif /* HAVE_STRUCT_IN6_ADDR */
}
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
-static int
+static bool
addr_matches_if_netmask(char *n, char *m)
{
int i;
switch(family) {
case AF_INET:
if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
#ifdef HAVE_STRUCT_IN6_ADDR
case AF_INET6:
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
break;
}
if (j == sizeof(addr.ip6.s6_addr))
- debug_return_bool(TRUE);
+ debug_return_bool(true);
#endif /* HAVE_STRUCT_IN6_ADDR */
}
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
/*
- * Returns TRUE if "n" is one of our ip addresses or if
- * "n" is a network that we are on, else returns FALSE.
+ * Returns true if "n" is one of our ip addresses or if
+ * "n" is a network that we are on, else returns false.
*/
-int
+bool
addr_matches(char *n)
{
char *m;
- int retval;
+ bool retval;
debug_decl(addr_matches, SUDO_DEBUG_MATCH)
/* If there's an explicit netmask, use it. */
if (def_ignore_local_sudoers)
debug_return_int(-1);
- nss->handle = open_sudoers(sudoers_file, FALSE, NULL);
+ nss->handle = open_sudoers(sudoers_file, false, NULL);
debug_return_int(nss->handle ? 0 : -1);
}
* Always check the host and user.
*/
if (pwflag) {
- int nopass;
+ bool nopass;
enum def_tuple pwcheck;
pwcheck = (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
- nopass = (pwcheck == all) ? TRUE : FALSE;
+ nopass = (pwcheck == all) ? true : false;
if (list_pw == NULL)
SET(validated, FLAG_NO_CHECK);
user_uid == list_pw->pw_uid ||
cmnd_matches(cs->cmnd) == ALLOW)
match = ALLOW;
- if ((pwcheck == any && cs->tags.nopasswd == TRUE) ||
- (pwcheck == all && cs->tags.nopasswd != TRUE))
+ if ((pwcheck == any && cs->tags.nopasswd == true) ||
+ (pwcheck == all && cs->tags.nopasswd != true))
nopass = cs->tags.nopasswd;
}
}
SET(validated, VALIDATE_NOT_OK);
if (pwcheck == always && def_authenticate)
SET(validated, FLAG_CHECK_USER);
- else if (pwcheck == never || nopass == TRUE)
- def_authenticate = FALSE;
+ else if (pwcheck == never || nopass == true)
+ def_authenticate = false;
debug_return_int(validated);
}
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val);
} else
lbuf_append(lbuf, "%s%s%s", prefix,
- d->op == FALSE ? "!" : "", d->var);
+ d->op == false ? "!" : "", d->var);
prefix = ", ";
nfound++;
}
lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" :
d->op == '-' ? "-=" : "=", d->val);
} else
- lbuf_append(lbuf, "%s%s", d->op == FALSE ? "!" : "", d->var);
+ lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var);
}
debug_return_int(nfound);
/*
* Tags associated with a command.
- * Possible valus: TRUE, FALSE, UNSPEC.
+ * Possible values: true, false, UNSPEC.
*/
struct cmndtag {
__signed int nopasswd: 3;
char *val; /* variable value */
struct member_list binding; /* user/host/runas binding */
int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */
- int op; /* TRUE, FALSE, '+', '-' */
+ int op; /* true, false, '+', '-' */
};
/*
* Prototypes
*/
char *alias_add(char *, int, struct member *);
-int addr_matches(char *);
+bool addr_matches(char *);
int cmnd_matches(struct member *);
int cmndlist_matches(struct member_list *);
-int command_matches(char *, char *);
+bool command_matches(char *, char *);
int hostlist_matches(struct member_list *);
-int hostname_matches(char *, char *, char *);
-int netgr_matches(char *, char *, char *, char *);
-int no_aliases(void);
+bool hostname_matches(char *, char *, char *);
+bool netgr_matches(char *, char *, char *, char *);
+bool no_aliases(void);
int runaslist_matches(struct member_list *, struct member_list *);
int userlist_matches(struct passwd *, struct member_list *);
-int usergr_matches(char *, char *, struct passwd *);
-int userpw_matches(char *, char *, struct passwd *);
-int group_matches(char *, struct group *);
+bool usergr_matches(char *, char *, struct passwd *);
+bool userpw_matches(char *, char *, struct passwd *);
+bool group_matches(char *, struct group *);
struct alias *alias_find(char *, int);
struct alias *alias_remove(char *, int);
void alias_free(void *);
debug_return;
}
-int
+bool
user_in_group(struct passwd *pw, const char *group)
{
struct group_list *grlist;
struct group *grp = NULL;
- int i, matched = FALSE;
+ int i;
+ bool matched = false;
debug_decl(user_in_group, SUDO_DEBUG_NSS)
if ((grlist = get_group_list(pw)) != NULL) {
if (group[0] == '#') {
gid_t gid = atoi(group + 1);
if (gid == pw->pw_gid) {
- matched = TRUE;
+ matched = true;
goto done;
}
for (i = 0; i < grlist->ngids; i++) {
if (gid == grlist->gids[i]) {
- matched = TRUE;
+ matched = true;
goto done;
}
}
*/
for (i = 0; i < grlist->ngroups; i++) {
if (strcasecmp(group, grlist->groups[i]) == 0) {
- matched = TRUE;
+ matched = true;
goto done;
}
}
/* Finally check against user's primary (passwd file) group. */
if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL) {
if (strcasecmp(group, grp->gr_name) == 0) {
- matched = TRUE;
+ matched = true;
goto done;
}
}
{
FILE *fp;
char *cp;
- int saw_files = FALSE;
- int saw_ldap = FALSE;
- int got_match = FALSE;
+ bool saw_files = false;
+ bool saw_ldap = false;
+ bool got_match = false;
static struct sudo_nss_list snl;
debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
for ((cp = strtok(cp + 8, " \t")); cp != NULL; (cp = strtok(NULL, " \t"))) {
if (strcasecmp(cp, "files") == 0 && !saw_files) {
tq_append(&snl, &sudo_nss_file);
- got_match = TRUE;
+ got_match = true;
} else if (strcasecmp(cp, "ldap") == 0 && !saw_ldap) {
tq_append(&snl, &sudo_nss_ldap);
- got_match = TRUE;
+ got_match = true;
} else if (strcasecmp(cp, "[NOTFOUND=return]") == 0 && got_match) {
/* NOTFOUND affects the most recent entry */
- tq_last(&snl)->ret_if_notfound = TRUE;
- got_match = FALSE;
+ tq_last(&snl)->ret_if_notfound = true;
+ got_match = false;
} else
- got_match = FALSE;
+ got_match = false;
}
/* Only parse the first "sudoers:" line */
break;
{
FILE *fp;
char *cp, *ep;
- int saw_files = FALSE;
- int saw_ldap = FALSE;
- int got_match = FALSE;
+ bool saw_files = false;
+ bool saw_ldap = false;
+ bool got_match = false;
static struct sudo_nss_list snl;
debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
if (!saw_files && strncasecmp(cp, "files", 5) == 0 &&
(isspace((unsigned char)cp[5]) || cp[5] == '\0')) {
tq_append(&snl, &sudo_nss_file);
- got_match = TRUE;
+ got_match = true;
ep = &cp[5];
} else if (!saw_ldap && strncasecmp(cp, "ldap", 4) == 0 &&
(isspace((unsigned char)cp[4]) || cp[4] == '\0')) {
tq_append(&snl, &sudo_nss_ldap);
- got_match = TRUE;
+ got_match = true;
ep = &cp[4];
} else {
- got_match = FALSE;
+ got_match = false;
}
/* check for = auth qualifier */
cp++;
if (strncasecmp(cp, "auth", 4) == 0 &&
(isspace((unsigned char)cp[4]) || cp[4] == '\0')) {
- tq_last(&snl)->ret_if_found = TRUE;
+ tq_last(&snl)->ret_if_found = true;
}
}
}
/*
* Check user_cmnd against sudoers and print the matching entry if the
* command is allowed.
- * Returns TRUE if the command is allowed, else FALSE.
+ * Returns true if the command is allowed, else false.
*/
-int
+bool
display_cmnd(struct sudo_nss_list *snl, struct passwd *pw)
{
struct sudo_nss *nss;
tq_foreach_fwd(snl, nss) {
if (nss->display_cmnd(nss, pw) == 0)
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
int long_list;
uid_t timestamp_uid;
extern int errorlineno;
-extern int parse_error;
+extern bool parse_error;
extern char *errorfile;
#ifdef HAVE_LOGIN_CAP_H
login_cap_t *lc;
* Initialize external group plugin, if any.
*/
if (def_group_plugin) {
- if (group_plugin_load(def_group_plugin) != TRUE)
+ if (group_plugin_load(def_group_plugin) != true)
def_group_plugin = NULL;
}
restore_perms();
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static void
struct sudo_nss *nss;
int cmnd_status = -1, validated;
volatile int info_len = 0;
- volatile int rval = TRUE;
+ volatile int rval = true;
debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
/* If given the -P option, set the "preserve_groups" flag. */
if (ISSET(sudo_mode, MODE_PRESERVE_GROUPS))
- def_preserve_groups = TRUE;
+ def_preserve_groups = true;
/* Find command in path */
cmnd_status = set_cmnd();
*/
if (ISSET(sudo_mode, MODE_EDIT) ||
(ISSET(sudo_mode, MODE_PRESERVE_ENV) && def_setenv))
- def_env_reset = FALSE;
+ def_env_reset = false;
/* Build a new environment that avoids any nasty bits. */
rebuild_env();
/* Require a password if sudoers says so. */
rval = check_user(validated, sudo_mode);
- if (rval != TRUE)
+ if (rval != true)
goto done;
/* If run as root with SUDO_USER set, set sudo_user.pw to that user. */
#if defined(__linux__) || defined(_AIX)
/* Insert system-wide environment variables. */
- read_env_file(_PATH_ENVIRONMENT, TRUE);
+ read_env_file(_PATH_ENVIRONMENT, true);
#endif
}
/* Insert system-wide environment variables. */
if (def_env_file)
- read_env_file(def_env_file, FALSE);
+ read_env_file(def_env_file, false);
/* Insert user-specified environment variables. */
insert_env_vars(sudo_user.env_vars);
goto done;
bad:
- rval = FALSE;
+ rval = false;
done:
rewind_perms();
* Returns a handle to the sudoers file or NULL on error.
*/
FILE *
-open_sudoers(const char *sudoers, int doedit, int *keepopen)
+open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
{
struct stat statbuf;
FILE *fp = NULL;
/* Only reset runaspw if user didn't specify one. */
if (!runas_user && !runas_group)
set_runaspw(user);
- return TRUE;
+ return true;
}
/*
dump_interfaces(interfaces_string);
sudo_printf(SUDO_CONV_INFO_MSG, "\n");
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static int
}
if (MATCHES(*cur, "prompt=")) {
user_prompt = *cur + sizeof("prompt=") - 1;
- def_passprompt_override = TRUE;
+ def_passprompt_override = true;
continue;
}
if (MATCHES(*cur, "set_home=")) {
- if (atobool(*cur + sizeof("set_home=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("set_home=") - 1) == true)
SET(flags, MODE_RESET_HOME);
continue;
}
if (MATCHES(*cur, "preserve_environment=")) {
- if (atobool(*cur + sizeof("preserve_environment=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("preserve_environment=") - 1) == true)
SET(flags, MODE_PRESERVE_ENV);
continue;
}
if (MATCHES(*cur, "run_shell=")) {
- if (atobool(*cur + sizeof("run_shell=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("run_shell=") - 1) == true)
SET(flags, MODE_SHELL);
continue;
}
if (MATCHES(*cur, "login_shell=")) {
- if (atobool(*cur + sizeof("login_shell=") - 1) == TRUE) {
+ if (atobool(*cur + sizeof("login_shell=") - 1) == true) {
SET(flags, MODE_LOGIN_SHELL);
- def_env_reset = TRUE;
+ def_env_reset = true;
}
continue;
}
if (MATCHES(*cur, "implied_shell=")) {
- if (atobool(*cur + sizeof("implied_shell=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("implied_shell=") - 1) == true)
SET(flags, MODE_IMPLIED_SHELL);
continue;
}
if (MATCHES(*cur, "preserve_groups=")) {
- if (atobool(*cur + sizeof("preserve_groups=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("preserve_groups=") - 1) == true)
SET(flags, MODE_PRESERVE_GROUPS);
continue;
}
if (MATCHES(*cur, "ignore_ticket=")) {
- if (atobool(*cur + sizeof("ignore_ticket=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("ignore_ticket=") - 1) == true)
SET(flags, MODE_IGNORE_TICKET);
continue;
}
if (MATCHES(*cur, "noninteractive=")) {
- if (atobool(*cur + sizeof("noninteractive=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("noninteractive=") - 1) == true)
SET(flags, MODE_NONINTERACTIVE);
continue;
}
if (MATCHES(*cur, "sudoedit=")) {
- if (atobool(*cur + sizeof("sudoedit=") - 1) == TRUE)
+ if (atobool(*cur + sizeof("sudoedit=") - 1) == true)
SET(flags, MODE_EDIT);
continue;
}
if (MATCHES(*cur, "login_class=")) {
login_class = *cur + sizeof("login_class=") - 1;
- def_use_loginclass = TRUE;
+ def_use_loginclass = true;
continue;
}
#ifdef HAVE_SELINUX
resolve_editor(char *editor, int nfiles, char **files, char ***argv_out)
{
char *cp, **nargv, *editor_path = NULL;
- int ac, i, nargc, wasblank;
+ int ac, i, nargc;
+ bool wasblank;
debug_decl(resolve_editor, SUDO_DEBUG_PLUGIN)
editor = estrdup(editor); /* becomes part of argv_out */
* line args so look for those and alloc space for them too.
*/
nargc = 1;
- for (wasblank = FALSE, cp = editor; *cp != '\0'; cp++) {
+ for (wasblank = false, cp = editor; *cp != '\0'; cp++) {
if (isblank((unsigned char) *cp))
- wasblank = TRUE;
+ wasblank = true;
else if (wasblank) {
- wasblank = FALSE;
+ wasblank = false;
nargc++;
}
}
#define _SUDO_SUDOERS_H
#include <limits.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
#include <pathnames.h>
#include "missing.h"
#define FLAG_NO_HOST 0x040
#define FLAG_NO_CHECK 0x080
-/*
- * Pseudo-boolean values
- */
-#undef TRUE
-#define TRUE 1
-#undef FALSE
-#define FALSE 0
-
/*
* find_path()/load_cmnd() return values
*/
#define YY_DECL int yylex(void)
/* goodpath.c */
-int sudo_goodpath(const char *, struct stat *);
+bool sudo_goodpath(const char *, struct stat *);
/* findpath.c */
int find_path(char *, char **, struct stat *, char *, int);
/* check.c */
int check_user(int, int);
-void remove_timestamp(int);
-int user_is_exempt(void);
+void remove_timestamp(bool);
+bool user_is_exempt(void);
/* sudo_auth.c */
int verify_user(struct passwd *, char *);
/* sudo_nss.c */
void display_privs(struct sudo_nss_list *, struct passwd *);
-int display_cmnd(struct sudo_nss_list *, struct passwd *);
+bool display_cmnd(struct sudo_nss_list *, struct passwd *);
/* pwutil.c */
void sudo_setgrent(void);
void gr_delref(struct group *);
void pw_addref(struct passwd *);
void pw_delref(struct passwd *);
-int user_in_group(struct passwd *, const char *);
+bool user_in_group(struct passwd *, const char *);
/* timestr.c */
char *get_timestr(time_t, int);
/* sudoers.c */
void plugin_cleanup(int);
void set_fqdn(void);
-FILE *open_sudoers(const char *, int, int *);
+FILE *open_sudoers(const char *, bool, bool *);
/* aix.c */
void aix_restoreauthdb(void);
init_parser("sudoers", 0);
if (yyparse() != 0 || parse_error) {
- parse_error = TRUE;
+ parse_error = true;
if (errorlineno != -1)
(void) printf("Parse error in %s near line %d",
errorfile, errorlineno);
(void) fputs(" (problem with defaults entries)", stdout);
puts(".");
- if (def_group_plugin && group_plugin_load(def_group_plugin) != TRUE)
+ if (def_group_plugin && group_plugin_load(def_group_plugin) != true)
def_group_plugin = NULL;
/*
/* Only reset runaspw if user didn't specify one. */
if (!runas_user && !runas_group)
set_runaspw(user);
- return TRUE;
+ return true;
}
void
}
FILE *
-open_sudoers(const char *path, int isdir, int *keepopen)
+open_sudoers(const char *path, bool doedit, bool *keepopen)
{
return fopen(path, "r");
}
putchar(',');
print_member(m);
}
- printf("\t%s%s", d->op == FALSE ? "!" : "", d->var);
+ printf("\t%s%s", d->op == false ? "!" : "", d->var);
if (d->val != NULL) {
- printf("%c%s", d->op == TRUE ? '=' : d->op, d->val);
+ printf("%c%s", d->op == true ? '=' : d->op, d->val);
}
putchar('\n');
}
#include "lbuf.h"
extern YYSTYPE yylval;
-extern int parse_error;
+extern bool parse_error;
int sudolineno;
int last_token;
char *sudoers;
-static int continued, prev_state, sawspace;
+static bool continued, sawspace;
+static int prev_state;
-static int _push_include(char *, int);
-static int pop_include(void);
+static bool _push_include(char *, bool);
+static bool pop_include(void);
static char *parse_include(char *);
static int sudoers_trace_print(const char *msg);
return (n); \
} while (0)
-#define push_include(_p) (_push_include((_p), FALSE))
-#define push_includedir(_p) (_push_include((_p), TRUE))
+#define push_include(_p) (_push_include((_p), false))
+#define push_includedir(_p) (_push_include((_p), true))
#define YY_NO_INPUT 1
#define YY_NO_UNPUT 1
#define GOTDEFS 1
#define INSTR 5
-#line 1514 "lex.yy.c"
+#line 1515 "lex.yy.c"
/* Macros after this point can all be overridden by user definitions in
* section 1.
register char *yy_cp, *yy_bp;
register int yy_act;
-#line 122 "toke.l"
+#line 123 "toke.l"
-#line 1670 "lex.yy.c"
+#line 1671 "lex.yy.c"
if ( yy_init )
{
case 1:
YY_RULE_SETUP
-#line 123 "toke.l"
+#line 124 "toke.l"
{
LEXTRACE(", ");
LEXRETURN(',');
YY_BREAK
case 2:
YY_RULE_SETUP
-#line 128 "toke.l"
+#line 129 "toke.l"
BEGIN STARTDEFS;
YY_BREAK
case 3:
YY_RULE_SETUP
-#line 130 "toke.l"
+#line 131 "toke.l"
{
BEGIN INDEFS;
LEXTRACE("DEFVAR ");
case 4:
YY_RULE_SETUP
-#line 139 "toke.l"
+#line 140 "toke.l"
{
BEGIN STARTDEFS;
LEXTRACE(", ");
YY_BREAK
case 5:
YY_RULE_SETUP
-#line 145 "toke.l"
+#line 146 "toke.l"
{
LEXTRACE("= ");
LEXRETURN('=');
YY_BREAK
case 6:
YY_RULE_SETUP
-#line 150 "toke.l"
+#line 151 "toke.l"
{
LEXTRACE("+= ");
LEXRETURN('+');
YY_BREAK
case 7:
YY_RULE_SETUP
-#line 155 "toke.l"
+#line 156 "toke.l"
{
LEXTRACE("-= ");
LEXRETURN('-');
YY_BREAK
case 8:
YY_RULE_SETUP
-#line 160 "toke.l"
+#line 161 "toke.l"
{
LEXTRACE("BEGINSTR ");
yylval.string = NULL;
YY_BREAK
case 9:
YY_RULE_SETUP
-#line 167 "toke.l"
+#line 168 "toke.l"
{
LEXTRACE("WORD(2) ");
if (!fill(yytext, yyleng))
case 10:
YY_RULE_SETUP
-#line 176 "toke.l"
+#line 177 "toke.l"
{
/* Line continuation char followed by newline. */
sudolineno++;
- continued = TRUE;
+ continued = true;
}
YY_BREAK
case 11:
YY_RULE_SETUP
-#line 182 "toke.l"
+#line 183 "toke.l"
{
LEXTRACE("ENDSTR ");
BEGIN prev_state;
YY_BREAK
case 12:
YY_RULE_SETUP
-#line 214 "toke.l"
+#line 215 "toke.l"
{
LEXTRACE("BACKSLASH ");
if (!append(yytext, yyleng))
YY_BREAK
case 13:
YY_RULE_SETUP
-#line 220 "toke.l"
+#line 221 "toke.l"
{
LEXTRACE("STRBODY ");
if (!append(yytext, yyleng))
case 14:
YY_RULE_SETUP
-#line 228 "toke.l"
+#line 229 "toke.l"
{
/* quoted fnmatch glob char, pass verbatim */
LEXTRACE("QUOTEDCHAR ");
if (!fill_args(yytext, 2, sawspace))
yyterminate();
- sawspace = FALSE;
+ sawspace = false;
}
YY_BREAK
case 15:
YY_RULE_SETUP
-#line 236 "toke.l"
+#line 237 "toke.l"
{
/* quoted sudoers special char, strip backslash */
LEXTRACE("QUOTEDCHAR ");
if (!fill_args(yytext + 1, 1, sawspace))
yyterminate();
- sawspace = FALSE;
+ sawspace = false;
}
YY_BREAK
case 16:
YY_RULE_SETUP
-#line 244 "toke.l"
+#line 245 "toke.l"
{
BEGIN INITIAL;
yyless(0);
YY_BREAK
case 17:
YY_RULE_SETUP
-#line 250 "toke.l"
+#line 251 "toke.l"
{
LEXTRACE("ARG ");
if (!fill_args(yytext, yyleng, sawspace))
yyterminate();
- sawspace = FALSE;
+ sawspace = false;
} /* a command line arg */
YY_BREAK
case 18:
YY_RULE_SETUP
-#line 258 "toke.l"
+#line 259 "toke.l"
{
char *path;
YY_BREAK
case 19:
YY_RULE_SETUP
-#line 276 "toke.l"
+#line 277 "toke.l"
{
char *path;
YY_BREAK
case 20:
YY_RULE_SETUP
-#line 297 "toke.l"
+#line 298 "toke.l"
{
char deftype;
int n;
YY_BREAK
case 21:
YY_RULE_SETUP
-#line 337 "toke.l"
+#line 338 "toke.l"
{
int n;
YY_BREAK
case 22:
YY_RULE_SETUP
-#line 363 "toke.l"
+#line 364 "toke.l"
{
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
YY_BREAK
case 23:
YY_RULE_SETUP
-#line 369 "toke.l"
+#line 370 "toke.l"
{
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
YY_BREAK
case 24:
YY_RULE_SETUP
-#line 375 "toke.l"
+#line 376 "toke.l"
{
LEXTRACE("NOEXEC ");
LEXRETURN(NOEXEC);
YY_BREAK
case 25:
YY_RULE_SETUP
-#line 380 "toke.l"
+#line 381 "toke.l"
{
LEXTRACE("EXEC ");
LEXRETURN(EXEC);
YY_BREAK
case 26:
YY_RULE_SETUP
-#line 385 "toke.l"
+#line 386 "toke.l"
{
LEXTRACE("SETENV ");
LEXRETURN(SETENV);
YY_BREAK
case 27:
YY_RULE_SETUP
-#line 390 "toke.l"
+#line 391 "toke.l"
{
LEXTRACE("NOSETENV ");
LEXRETURN(NOSETENV);
YY_BREAK
case 28:
YY_RULE_SETUP
-#line 395 "toke.l"
+#line 396 "toke.l"
{
LEXTRACE("LOG_OUTPUT ");
LEXRETURN(LOG_OUTPUT);
YY_BREAK
case 29:
YY_RULE_SETUP
-#line 400 "toke.l"
+#line 401 "toke.l"
{
LEXTRACE("NOLOG_OUTPUT ");
LEXRETURN(NOLOG_OUTPUT);
YY_BREAK
case 30:
YY_RULE_SETUP
-#line 405 "toke.l"
+#line 406 "toke.l"
{
LEXTRACE("LOG_INPUT ");
LEXRETURN(LOG_INPUT);
YY_BREAK
case 31:
YY_RULE_SETUP
-#line 410 "toke.l"
+#line 411 "toke.l"
{
LEXTRACE("NOLOG_INPUT ");
LEXRETURN(NOLOG_INPUT);
YY_BREAK
case 32:
YY_RULE_SETUP
-#line 415 "toke.l"
+#line 416 "toke.l"
{
/* empty group or netgroup */
LEXTRACE("ERROR ");
YY_BREAK
case 33:
YY_RULE_SETUP
-#line 421 "toke.l"
+#line 422 "toke.l"
{
/* netgroup */
if (!fill(yytext, yyleng))
YY_BREAK
case 34:
YY_RULE_SETUP
-#line 429 "toke.l"
+#line 430 "toke.l"
{
/* group */
if (!fill(yytext, yyleng))
YY_BREAK
case 35:
YY_RULE_SETUP
-#line 437 "toke.l"
+#line 438 "toke.l"
{
if (!fill(yytext, yyleng))
yyterminate();
YY_BREAK
case 36:
YY_RULE_SETUP
-#line 444 "toke.l"
+#line 445 "toke.l"
{
if (!fill(yytext, yyleng))
yyterminate();
YY_BREAK
case 37:
YY_RULE_SETUP
-#line 451 "toke.l"
+#line 452 "toke.l"
{
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
YY_BREAK
case 38:
YY_RULE_SETUP
-#line 462 "toke.l"
+#line 463 "toke.l"
{
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
YY_BREAK
case 39:
YY_RULE_SETUP
-#line 473 "toke.l"
+#line 474 "toke.l"
{
LEXTRACE("ALL ");
LEXRETURN(ALL);
YY_BREAK
case 40:
YY_RULE_SETUP
-#line 479 "toke.l"
+#line 480 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("ROLE ");
YY_BREAK
case 41:
YY_RULE_SETUP
-#line 488 "toke.l"
+#line 489 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("TYPE ");
YY_BREAK
case 42:
YY_RULE_SETUP
-#line 497 "toke.l"
+#line 498 "toke.l"
{
#ifndef HAVE_SELINUX
got_alias:
YY_BREAK
case 43:
YY_RULE_SETUP
-#line 507 "toke.l"
+#line 508 "toke.l"
{
/* no command args allowed for Defaults!/path */
if (!fill_cmnd(yytext, yyleng))
YY_BREAK
case 44:
YY_RULE_SETUP
-#line 515 "toke.l"
+#line 516 "toke.l"
{
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
YY_BREAK
case 45:
YY_RULE_SETUP
-#line 522 "toke.l"
+#line 523 "toke.l"
{
/* directories can't have args... */
if (yytext[yyleng - 1] == '/') {
YY_BREAK
case 46:
YY_RULE_SETUP
-#line 537 "toke.l"
+#line 538 "toke.l"
{
LEXTRACE("BEGINSTR ");
yylval.string = NULL;
YY_BREAK
case 47:
YY_RULE_SETUP
-#line 544 "toke.l"
+#line 545 "toke.l"
{
/* a word */
if (!fill(yytext, yyleng))
YY_BREAK
case 48:
YY_RULE_SETUP
-#line 552 "toke.l"
+#line 553 "toke.l"
{
LEXTRACE("( ");
LEXRETURN('(');
YY_BREAK
case 49:
YY_RULE_SETUP
-#line 557 "toke.l"
+#line 558 "toke.l"
{
LEXTRACE(") ");
LEXRETURN(')');
YY_BREAK
case 50:
YY_RULE_SETUP
-#line 562 "toke.l"
+#line 563 "toke.l"
{
LEXTRACE(", ");
LEXRETURN(',');
YY_BREAK
case 51:
YY_RULE_SETUP
-#line 567 "toke.l"
+#line 568 "toke.l"
{
LEXTRACE("= ");
LEXRETURN('=');
YY_BREAK
case 52:
YY_RULE_SETUP
-#line 572 "toke.l"
+#line 573 "toke.l"
{
LEXTRACE(": ");
LEXRETURN(':');
YY_BREAK
case 53:
YY_RULE_SETUP
-#line 577 "toke.l"
+#line 578 "toke.l"
{
if (yyleng & 1) {
LEXTRACE("!");
YY_BREAK
case 54:
YY_RULE_SETUP
-#line 584 "toke.l"
+#line 585 "toke.l"
{
if (YY_START == INSTR) {
LEXTRACE("ERROR ");
}
BEGIN INITIAL;
sudolineno++;
- continued = FALSE;
+ continued = false;
LEXTRACE("\n");
LEXRETURN(COMMENT);
} /* return newline */
YY_BREAK
case 55:
YY_RULE_SETUP
-#line 596 "toke.l"
+#line 597 "toke.l"
{ /* throw away space/tabs */
- sawspace = TRUE; /* but remember for fill_args */
+ sawspace = true; /* but remember for fill_args */
}
YY_BREAK
case 56:
YY_RULE_SETUP
-#line 600 "toke.l"
+#line 601 "toke.l"
{
- sawspace = TRUE; /* remember for fill_args */
+ sawspace = true; /* remember for fill_args */
sudolineno++;
- continued = TRUE;
+ continued = true;
} /* throw away EOL after \ */
YY_BREAK
case 57:
YY_RULE_SETUP
-#line 606 "toke.l"
+#line 607 "toke.l"
{
BEGIN INITIAL;
sudolineno++;
- continued = FALSE;
+ continued = false;
LEXTRACE("#\n");
LEXRETURN(COMMENT);
} /* comment, not uid/gid */
YY_BREAK
case 58:
YY_RULE_SETUP
-#line 614 "toke.l"
+#line 615 "toke.l"
{
LEXTRACE("ERROR ");
LEXRETURN(ERROR);
case YY_STATE_EOF(STARTDEFS):
case YY_STATE_EOF(INDEFS):
case YY_STATE_EOF(INSTR):
-#line 619 "toke.l"
+#line 620 "toke.l"
{
if (YY_START != INITIAL) {
BEGIN INITIAL;
YY_BREAK
case 59:
YY_RULE_SETUP
-#line 629 "toke.l"
+#line 630 "toke.l"
ECHO;
YY_BREAK
-#line 2446 "lex.yy.c"
+#line 2447 "lex.yy.c"
case YY_END_OF_BUFFER:
{
return 0;
}
#endif
-#line 629 "toke.l"
+#line 630 "toke.l"
struct path_list {
char *path;
char *path;
struct path_list *more; /* more files in case of includedir */
int lineno;
- int keepopen;
+ bool keepopen;
};
static int
static size_t istacksize, idepth;
static struct include_stack *istack;
-static int keepopen;
+static bool keepopen;
void
init_lexer(void)
istack = NULL;
istacksize = idepth = 0;
sudolineno = 1;
- keepopen = FALSE;
- sawspace = FALSE;
- continued = FALSE;
+ keepopen = false;
+ sawspace = false;
+ continued = false;
prev_state = INITIAL;
debug_return;
}
-static int
-_push_include(char *path, int isdir)
+static bool
+_push_include(char *path, bool isdir)
{
struct path_list *pl;
FILE *fp;
if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) {
yyerror(_("too many levels of includes"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack,
sizeof(*istack) * istacksize);
if (istack == NULL) {
yyerror(_("unable to allocate memory"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
- while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
+ while ((fp = open_sudoers(path, false, &keepopen)) == NULL) {
/* Unable to open path in includedir, go to next one, if any. */
efree(path);
if ((pl = istack[idepth].more) == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
path = pl->path;
istack[idepth].more = pl->next;
efree(pl);
}
} else {
- if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
+ if ((fp = open_sudoers(path, true, &keepopen)) == NULL) {
char *errbuf;
if (asprintf(&errbuf, _("%s: %s"), path, strerror(errno)) != -1) {
yyerror(errbuf);
} else {
yyerror(_("unable to allocate memory"));
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
istack[idepth].more = NULL;
}
sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
+static bool
pop_include(void)
{
struct path_list *pl;
debug_decl(pop_include, SUDO_DEBUG_PARSER)
if (idepth == 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
yy_delete_buffer(YY_CURRENT_BUFFER);
/* If we are in an include dir, move to the next file. */
while ((pl = istack[idepth - 1].more) != NULL) {
- fp = open_sudoers(pl->path, FALSE, &keepopen);
+ fp = open_sudoers(pl->path, false, &keepopen);
if (fp != NULL) {
istack[idepth - 1].more = pl->next;
efree(sudoers);
sudolineno = istack[idepth].lineno;
keepopen = istack[idepth].keepopen;
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static char *
static int
sudoers_trace_print(const char *msg)
{
- static int initialized;
+ static bool initialized;
static struct lbuf lbuf;
if (!initialized) {
- initialized = TRUE;
+ initialized = true;
lbuf_init(&lbuf, NULL, 0, NULL, 0);
}
#ifndef _SUDO_TOKE_H
#define _SUDO_TOKE_H
-int append(const char *, int);
-int fill_args(const char *, int, int);
-int fill_cmnd(const char *, int);
-int fill_txt(const char *, int, int);
-int ipv6_valid(const char *s);
+bool append(const char *, int);
+bool fill_args(const char *, int, int);
+bool fill_cmnd(const char *, int);
+bool fill_txt(const char *, int, int);
+bool ipv6_valid(const char *s);
void yyerror(const char *);
#ifndef FLEX_SCANNER
#include "lbuf.h"
extern YYSTYPE yylval;
-extern int parse_error;
+extern bool parse_error;
int sudolineno;
int last_token;
char *sudoers;
-static int continued, prev_state, sawspace;
+static bool continued, sawspace;
+static int prev_state;
-static int _push_include(char *, int);
-static int pop_include(void);
+static bool _push_include(char *, bool);
+static bool pop_include(void);
static char *parse_include(char *);
static int sudoers_trace_print(const char *msg);
return (n); \
} while (0)
-#define push_include(_p) (_push_include((_p), FALSE))
-#define push_includedir(_p) (_push_include((_p), TRUE))
+#define push_include(_p) (_push_include((_p), false))
+#define push_includedir(_p) (_push_include((_p), true))
%}
HEX16 [0-9A-Fa-f]{1,4}
\\[[:blank:]]*\n[[:blank:]]* {
/* Line continuation char followed by newline. */
sudolineno++;
- continued = TRUE;
+ continued = true;
}
\" {
LEXTRACE("QUOTEDCHAR ");
if (!fill_args(yytext, 2, sawspace))
yyterminate();
- sawspace = FALSE;
+ sawspace = false;
}
\\[:\\,= \t#] {
LEXTRACE("QUOTEDCHAR ");
if (!fill_args(yytext + 1, 1, sawspace))
yyterminate();
- sawspace = FALSE;
+ sawspace = false;
}
[#:\,=\n] {
LEXTRACE("ARG ");
if (!fill_args(yytext, yyleng, sawspace))
yyterminate();
- sawspace = FALSE;
+ sawspace = false;
} /* a command line arg */
}
}
BEGIN INITIAL;
sudolineno++;
- continued = FALSE;
+ continued = false;
LEXTRACE("\n");
LEXRETURN(COMMENT);
} /* return newline */
<*>[[:blank:]]+ { /* throw away space/tabs */
- sawspace = TRUE; /* but remember for fill_args */
+ sawspace = true; /* but remember for fill_args */
}
<*>\\[[:blank:]]*\n {
- sawspace = TRUE; /* remember for fill_args */
+ sawspace = true; /* remember for fill_args */
sudolineno++;
- continued = TRUE;
+ continued = true;
} /* throw away EOL after \ */
<INITIAL,STARTDEFS,INDEFS>#(-[^\n0-9].*|[^\n0-9-].*)?\n {
BEGIN INITIAL;
sudolineno++;
- continued = FALSE;
+ continued = false;
LEXTRACE("#\n");
LEXRETURN(COMMENT);
} /* comment, not uid/gid */
char *path;
struct path_list *more; /* more files in case of includedir */
int lineno;
- int keepopen;
+ bool keepopen;
};
static int
static size_t istacksize, idepth;
static struct include_stack *istack;
-static int keepopen;
+static bool keepopen;
void
init_lexer(void)
istack = NULL;
istacksize = idepth = 0;
sudolineno = 1;
- keepopen = FALSE;
- sawspace = FALSE;
- continued = FALSE;
+ keepopen = false;
+ sawspace = false;
+ continued = false;
prev_state = INITIAL;
debug_return;
}
-static int
-_push_include(char *path, int isdir)
+static bool
+_push_include(char *path, bool isdir)
{
struct path_list *pl;
FILE *fp;
if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) {
yyerror(_("too many levels of includes"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack,
sizeof(*istack) * istacksize);
if (istack == NULL) {
yyerror(_("unable to allocate memory"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
}
if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
- while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
+ while ((fp = open_sudoers(path, false, &keepopen)) == NULL) {
/* Unable to open path in includedir, go to next one, if any. */
efree(path);
if ((pl = istack[idepth].more) == NULL)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
path = pl->path;
istack[idepth].more = pl->next;
efree(pl);
}
} else {
- if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
+ if ((fp = open_sudoers(path, true, &keepopen)) == NULL) {
char *errbuf;
if (asprintf(&errbuf, _("%s: %s"), path, strerror(errno)) != -1) {
yyerror(errbuf);
} else {
yyerror(_("unable to allocate memory"));
}
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
istack[idepth].more = NULL;
}
sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-static int
+static bool
pop_include(void)
{
struct path_list *pl;
debug_decl(pop_include, SUDO_DEBUG_PARSER)
if (idepth == 0)
- debug_return_bool(FALSE);
+ debug_return_bool(false);
if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
yy_delete_buffer(YY_CURRENT_BUFFER);
/* If we are in an include dir, move to the next file. */
while ((pl = istack[idepth - 1].more) != NULL) {
- fp = open_sudoers(pl->path, FALSE, &keepopen);
+ fp = open_sudoers(pl->path, false, &keepopen);
if (fp != NULL) {
istack[idepth - 1].more = pl->next;
efree(sudoers);
sudolineno = istack[idepth].lineno;
keepopen = istack[idepth].keepopen;
}
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static char *
static int
sudoers_trace_print(const char *msg)
{
- static int initialized;
+ static bool initialized;
static struct lbuf lbuf;
if (!initialized) {
- initialized = TRUE;
+ initialized = true;
lbuf_init(&lbuf, NULL, 0, NULL, 0);
}
debug_return_int(result);
}
-int
+bool
fill_txt(const char *src, int len, int olen)
{
char *dst;
dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
if (dst == NULL) {
yyerror(_("unable to allocate memory"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
yylval.string = dst;
}
}
*dst = '\0';
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-int
+bool
append(const char *src, int len)
{
int olen = 0;
#define SPECIAL(c) \
((c) == ',' || (c) == ':' || (c) == '=' || (c) == ' ' || (c) == '\t' || (c) == '#')
-int
+bool
fill_cmnd(const char *src, int len)
{
char *dst;
dst = yylval.command.cmnd = (char *) malloc(len + 1);
if (yylval.command.cmnd == NULL) {
yyerror(_("unable to allocate memory"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
/* Copy the string and collapse any escaped sudo-specific characters. */
*dst = '\0';
yylval.command.args = NULL;
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
-int
+bool
fill_args(const char *s, int len, int addspace)
{
int new_len;
if (p == NULL) {
efree(yylval.command.args);
yyerror(_("unable to allocate memory"));
- debug_return_bool(FALSE);
+ debug_return_bool(false);
} else
yylval.command.args = p;
}
*p++ = ' ';
if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) {
yyerror(_("fill_args: buffer overflow")); /* paranoia */
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
arg_len = new_len;
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
/*
* Check to make sure an IPv6 address does not contain multiple instances
* of the string "::". Assumes strlen(s) >= 1.
- * Returns TRUE if address is valid else FALSE.
+ * Returns true if address is valid else false.
*/
-int
+bool
ipv6_valid(const char *s)
{
int nmatch = 0;
static char *get_editor(char **);
static void get_hostname(void);
static char whatnow(void);
-static int check_aliases(int, int);
-static int check_syntax(char *, int, int);
-static int edit_sudoers(struct sudoersfile *, char *, char *, int);
-static int install_sudoers(struct sudoersfile *, int);
+static int check_aliases(bool, bool);
+static int check_syntax(char *, bool, bool);
+static bool edit_sudoers(struct sudoersfile *, char *, char *, int);
+static bool install_sudoers(struct sudoersfile *, bool);
static int print_unused(void *, void *);
-static int reparse_sudoers(char *, char *, int, int);
+static bool reparse_sudoers(char *, char *, bool, bool);
static int run_command(char *, char **);
static int visudo_printf(int msg_type, const char *fmt, ...);
static void setup_signals(void);
{
struct sudoersfile *sp;
char *args, *editor, *sudoers_path;
- int ch, checkonly, quiet, strict, oldperms;
+ int ch;
+ bool checkonly, quiet, strict, oldperms;
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
extern char *malloc_options;
malloc_options = "AFGJPR";
/*
* Arg handling.
*/
- checkonly = oldperms = quiet = strict = FALSE;
+ checkonly = oldperms = quiet = strict = false;
sudoers_path = _PATH_SUDOERS;
while ((ch = getopt(argc, argv, "Vcf:sq")) != -1) {
switch (ch) {
break;
case 'f':
sudoers_path = optarg; /* sudoers file path */
- oldperms = TRUE;
+ oldperms = true;
break;
case 'h':
help();
* Parse the existing sudoers file(s) in quiet mode to highlight any
* existing errors and to pull in editor and env_editor conf values.
*/
- if ((yyin = open_sudoers(sudoers_path, TRUE, NULL)) == NULL) {
+ if ((yyin = open_sudoers(sudoers_path, true, NULL)) == NULL) {
error(1, "%s", sudoers_path);
}
init_parser(sudoers_path, 0);
/*
* Edit each sudoers file.
- * Returns TRUE on success, else FALSE.
+ * Returns true on success, else false.
*/
-static int
+static bool
edit_sudoers(struct sudoersfile *sp, char *editor, char *args, int lineno)
{
int tfd; /* sudoers temp file descriptor */
- int modified; /* was the file modified? */
+ bool modified; /* was the file modified? */
int ac; /* argument count */
char **av; /* argument vector for run_command */
char *cp; /* scratch char pointer */
/* Find the length of the argument vector */
ac = 3 + (lineno > 0);
if (args) {
- int wasblank;
+ bool wasblank;
ac++;
- for (wasblank = FALSE, cp = args; *cp; cp++) {
+ for (wasblank = false, cp = args; *cp; cp++) {
if (isblank((unsigned char) *cp))
- wasblank = TRUE;
+ wasblank = true;
else if (wasblank) {
- wasblank = FALSE;
+ wasblank = false;
ac++;
}
}
if (stat(sp->tpath, &sb) < 0) {
warningx(_("unable to stat temporary file (%s), %s unchanged"),
sp->tpath, sp->path);
- return FALSE;
+ return false;
}
if (sb.st_size == 0 && orig_size != 0) {
warningx(_("zero length temporary file (%s), %s unchanged"),
sp->tpath, sp->path);
- sp->modified = TRUE;
- return FALSE;
+ sp->modified = true;
+ return false;
}
} else {
warningx(_("editor (%s) failed, %s unchanged"), editor, sp->path);
- return FALSE;
+ return false;
}
/* Set modified bit if use changed the file. */
- modified = TRUE;
+ modified = true;
mtim_get(&sb, &tv);
if (orig_size == sb.st_size && timevalcmp(&orig_mtim, &tv, ==)) {
/*
*/
timevalsub(&tv1, &tv2);
if (timevalisset(&tv2))
- modified = FALSE;
+ modified = false;
}
/*
else
warningx(_("%s unchanged"), sp->tpath);
- return TRUE;
+ return true;
}
/*
* Parse sudoers after editing and re-edit any ones that caused a parse error.
- * Returns TRUE on success, else FALSE.
+ * Returns true on success, else false.
*/
-static int
-reparse_sudoers(char *editor, char *args, int strict, int quiet)
+static bool
+reparse_sudoers(char *editor, char *args, bool strict, bool quiet)
{
struct sudoersfile *sp, *last;
FILE *fp;
if (yyparse() && !parse_error) {
warningx(_("unabled to parse temporary file (%s), unknown error"),
sp->tpath);
- parse_error = TRUE;
+ parse_error = true;
errorfile = sp->path;
}
fclose(yyin);
if (!parse_error) {
if (!update_defaults(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER) ||
check_aliases(strict, quiet) != 0) {
- parse_error = TRUE;
+ parse_error = true;
errorfile = sp->path;
}
}
*/
if (parse_error) {
switch (whatnow()) {
- case 'Q' : parse_error = FALSE; /* ignore parse error */
+ case 'Q' : parse_error = false; /* ignore parse error */
break;
case 'x' : cleanup(0);
exit(0);
}
} while (parse_error);
- return TRUE;
+ return true;
}
/*
* Set the owner and mode on a sudoers temp file and
- * move it into place. Returns TRUE on success, else FALSE.
+ * move it into place. Returns true on success, else false.
*/
-static int
-install_sudoers(struct sudoersfile *sp, int oldperms)
+static bool
+install_sudoers(struct sudoersfile *sp, bool oldperms)
{
struct stat sb;
if ((sb.st_mode & 0777) != SUDOERS_MODE)
(void) chmod(sp->path, SUDOERS_MODE);
}
- return TRUE;
+ return true;
}
/*
if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) {
warning(_("unable to set (uid, gid) of %s to (%u, %u)"),
sp->tpath, SUDOERS_UID, SUDOERS_GID);
- return FALSE;
+ return false;
}
if (chmod(sp->tpath, SUDOERS_MODE) != 0) {
warning(_("unable to change mode of %s to 0%o"), sp->tpath,
SUDOERS_MODE);
- return FALSE;
+ return false;
}
}
(void) unlink(sp->tpath);
efree(sp->tpath);
sp->tpath = NULL;
- return FALSE;
+ return false;
}
efree(sp->tpath);
sp->tpath = NULL;
} else {
warning(_("error renaming %s, %s unchanged"), sp->tpath, sp->path);
(void) unlink(sp->tpath);
- return FALSE;
+ return false;
}
}
- return TRUE;
+ return true;
}
/* STUB */
}
/* STUB */
-int
+bool
user_is_exempt(void)
{
- return FALSE;
+ return false;
}
/* STUB */
int
group_plugin_query(const char *user, const char *group, const struct passwd *pw)
{
- return FALSE;
+ return false;
}
/*
}
static int
-check_syntax(char *sudoers_path, int quiet, int strict)
+check_syntax(char *sudoers_path, bool quiet, bool strict)
{
struct stat sb;
- int error;
+ int rval;
if (strcmp(sudoers_path, "-") == 0) {
yyin = stdin;
if (yyparse() && !parse_error) {
if (!quiet)
warningx(_("failed to parse %s file, unknown error"), sudoers_path);
- parse_error = TRUE;
+ parse_error = true;
errorfile = sudoers_path;
}
if (!parse_error && check_aliases(strict, quiet) != 0) {
- parse_error = TRUE;
+ parse_error = true;
errorfile = sudoers_path;
}
- error = parse_error;
+ rval = parse_error;
if (!quiet) {
if (parse_error) {
if (errorlineno != -1)
/* Check mode and owner in strict mode. */
if (strict && yyin != stdin && fstat(fileno(yyin), &sb) == 0) {
if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID) {
- error = TRUE;
+ rval = 1;
if (!quiet) {
fprintf(stderr,
_("%s: wrong owner (uid, gid) should be (%u, %u)\n"),
}
}
if ((sb.st_mode & 07777) != SUDOERS_MODE) {
- error = TRUE;
+ rval = 1;
if (!quiet) {
fprintf(stderr, _("%s: bad permissions, should be mode 0%o\n"),
sudoers_path, SUDOERS_MODE);
}
}
- return error;
+ return rval;
}
/*
* any subsequent files #included via a callback from the parser.
*/
FILE *
-open_sudoers(const char *path, int doedit, int *keepopen)
+open_sudoers(const char *path, bool doedit, bool *keepopen)
{
struct sudoersfile *entry;
FILE *fp;
}
}
if (keepopen != NULL)
- *keepopen = TRUE;
+ *keepopen = true;
return fp;
}
}
}
-static int
+static bool
alias_remove_recursive(char *name, int type)
{
struct member *m;
struct alias *a;
- int rval = TRUE;
+ bool rval = true;
if ((a = alias_find(name, type)) != NULL) {
tq_foreach_fwd(&a->members, m) {
if (m->type == ALIAS) {
if (!alias_remove_recursive(m->name, type))
- rval = FALSE;
+ rval = false;
}
}
}
{
struct member *m;
struct alias *a;
- int error = 0;
+ int errors = 0;
if ((a = alias_find(name, type)) != NULL) {
/* check alias contents */
tq_foreach_fwd(&a->members, m) {
if (m->type == ALIAS)
- error += check_alias(m->name, type, strict, quiet);
+ errors += check_alias(m->name, type, strict, quiet);
}
} else {
if (!quiet) {
type == USERALIAS ? "User" : type == RUNASALIAS ? "Runas" :
"Unknown", name);
}
- error++;
+ errors++;
}
- return error;
+ return errors;
}
/*
* aliases or unused aliases.
*/
static int
-check_aliases(int strict, int quiet)
+check_aliases(bool strict, bool quiet)
{
struct cmndspec *cs;
struct member *m, *binding;
struct privilege *priv;
struct userspec *us;
struct defaults *d;
- int atype, error = 0;
+ int atype, errors = 0;
alias_freelist = rbcreate(alias_compare);
tq_foreach_fwd(&us->users, m) {
if (m->type == ALIAS) {
alias_seqno++;
- error += check_alias(m->name, USERALIAS, strict, quiet);
+ errors += check_alias(m->name, USERALIAS, strict, quiet);
}
}
tq_foreach_fwd(&us->privileges, priv) {
tq_foreach_fwd(&priv->hostlist, m) {
if (m->type == ALIAS) {
alias_seqno++;
- error += check_alias(m->name, HOSTALIAS, strict, quiet);
+ errors += check_alias(m->name, HOSTALIAS, strict, quiet);
}
}
tq_foreach_fwd(&priv->cmndlist, cs) {
tq_foreach_fwd(&cs->runasuserlist, m) {
if (m->type == ALIAS) {
alias_seqno++;
- error += check_alias(m->name, RUNASALIAS, strict, quiet);
+ errors += check_alias(m->name, RUNASALIAS, strict, quiet);
}
}
if ((m = cs->cmnd)->type == ALIAS) {
alias_seqno++;
- error += check_alias(m->name, CMNDALIAS, strict, quiet);
+ errors += check_alias(m->name, CMNDALIAS, strict, quiet);
}
}
}
if (m->type == ALIAS) {
alias_seqno++;
if (!alias_remove_recursive(m->name, USERALIAS))
- error++;
+ errors++;
}
}
tq_foreach_fwd(&us->privileges, priv) {
if (m->type == ALIAS) {
alias_seqno++;
if (!alias_remove_recursive(m->name, HOSTALIAS))
- error++;
+ errors++;
}
}
tq_foreach_fwd(&priv->cmndlist, cs) {
if (m->type == ALIAS) {
alias_seqno++;
if (!alias_remove_recursive(m->name, RUNASALIAS))
- error++;
+ errors++;
}
}
if ((m = cs->cmnd)->type == ALIAS) {
alias_seqno++;
if (!alias_remove_recursive(m->name, CMNDALIAS))
- error++;
+ errors++;
}
}
}
if (m->type == ALIAS) {
alias_seqno++;
if (!alias_remove_recursive(m->name, atype))
- error++;
+ errors++;
}
}
}
if (!no_aliases() && !quiet)
alias_apply(print_unused, strict ? "Error" : "Warning");
- return strict ? error : 0;
+ return strict ? errors : 0;
}
static int
close(signal_pipe[1]);
fcntl(sv[1], F_SETFD, FD_CLOEXEC);
restore_signals();
- if (exec_setup(details, NULL, -1) == TRUE) {
+ if (exec_setup(details, NULL, -1) == true) {
/* headed for execve() */
sudo_debug_execve(SUDO_DEBUG_INFO, details->command,
details->argv, details->envp);
int
sudo_execve(struct command_details *details, struct command_status *cstat)
{
- int maxfd, n, nready, sv[2], log_io = FALSE;
+ int maxfd, n, nready, sv[2];
const char *utmp_user = NULL;
+ bool log_io = false;
fd_set *fdsr, *fdsw;
sigaction_t sa;
pid_t child;
* as the io plugin tailqueue will be empty and no I/O logging will occur.
*/
if (!tq_empty(&io_plugins) || ISSET(details->flags, CD_USE_PTY)) {
- log_io = TRUE;
+ log_io = true;
if (ISSET(details->flags, CD_SET_UTMP))
utmp_user = details->utmp_user ? details->utmp_user : user_details.username;
sudo_debug_printf(SUDO_DEBUG_INFO, "allocate pty for I/O logging");
} else {
/* Nothing listening on sv[0], send directly. */
if (signo == SIGALRM)
- terminate_child(child, FALSE);
+ terminate_child(child, false);
else if (kill(child, signo) != 0)
warning("kill(%d, %d)", (int)child, signo);
}
int off; /* write position (how much already consumed) */
int rfd; /* reader (producer) */
int wfd; /* writer (consumer) */
- int (*action)(const char *buf, unsigned int len);
+ bool (*action)(const char *buf, unsigned int len);
char buf[16 * 1024];
};
static char slavename[PATH_MAX];
-static int foreground;
+static bool foreground, pipeline, tty_initialized;
static int io_fds[6] = { -1, -1, -1, -1, -1, -1};
-static int pipeline = FALSE;
-static int tty_initialized;
static int ttymode = TERM_COOKED;
static pid_t ppgrp, child, child_pgrp;
static sigset_t ttyblock;
}
/* Call I/O plugin tty input log method. */
-static int
+static bool
log_ttyin(const char *buf, unsigned int n)
{
struct plugin_container *plugin;
sigset_t omask;
- int rval = TRUE;
+ bool rval = true;
debug_decl(log_ttyin, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_ttyin) {
if (!plugin->u.io->log_ttyin(buf, n)) {
- rval = FALSE;
+ rval = false;
break;
}
}
}
sigprocmask(SIG_SETMASK, &omask, NULL);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
/* Call I/O plugin stdin log method. */
-static int
+static bool
log_stdin(const char *buf, unsigned int n)
{
struct plugin_container *plugin;
sigset_t omask;
- int rval = TRUE;
+ bool rval = true;
debug_decl(log_stdin, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_stdin) {
if (!plugin->u.io->log_stdin(buf, n)) {
- rval = FALSE;
+ rval = false;
break;
}
}
}
sigprocmask(SIG_SETMASK, &omask, NULL);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
/* Call I/O plugin tty output log method. */
-static int
+static bool
log_ttyout(const char *buf, unsigned int n)
{
struct plugin_container *plugin;
sigset_t omask;
- int rval = TRUE;
+ bool rval = true;
debug_decl(log_ttyout, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_ttyout) {
if (!plugin->u.io->log_ttyout(buf, n)) {
- rval = FALSE;
+ rval = false;
break;
}
}
}
sigprocmask(SIG_SETMASK, &omask, NULL);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
/* Call I/O plugin stdout log method. */
-static int
+static bool
log_stdout(const char *buf, unsigned int n)
{
struct plugin_container *plugin;
sigset_t omask;
- int rval = TRUE;
+ bool rval = true;
debug_decl(log_stdout, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_stdout) {
if (!plugin->u.io->log_stdout(buf, n)) {
- rval = FALSE;
+ rval = false;
break;
}
}
}
sigprocmask(SIG_SETMASK, &omask, NULL);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
/* Call I/O plugin stderr log method. */
-static int
+static bool
log_stderr(const char *buf, unsigned int n)
{
struct plugin_container *plugin;
sigset_t omask;
- int rval = TRUE;
+ bool rval = true;
debug_decl(log_stderr, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_stderr) {
if (!plugin->u.io->log_stderr(buf, n)) {
- rval = FALSE;
+ rval = false;
break;
}
}
}
sigprocmask(SIG_SETMASK, &omask, NULL);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
/*
foreground = tcgetpgrp(io_fds[SFD_USERTTY]) == ppgrp;
if (foreground && !tty_initialized) {
if (term_copy(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE])) {
- tty_initialized = 1;
+ tty_initialized = true;
sync_ttysize(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE]);
}
}
* Kill child with increasing urgency.
*/
void
-terminate_child(pid_t pid, int use_pgrp)
+terminate_child(pid_t pid, bool use_pgrp)
{
debug_decl(terminate_child, SUDO_DEBUG_EXEC);
}
static struct io_buffer *
-io_buf_new(int rfd, int wfd, int (*action)(const char *, unsigned int),
+io_buf_new(int rfd, int wfd, bool (*action)(const char *, unsigned int),
struct io_buffer *head)
{
struct io_buffer *iob;
break;
default:
if (!iob->action(iob->buf + iob->len, n))
- terminate_child(child, TRUE);
+ terminate_child(child, true);
iob->len += n;
break;
}
*/
memset(io_pipe, 0, sizeof(io_pipe));
if (io_fds[SFD_STDIN] == -1 || !isatty(STDIN_FILENO)) {
- pipeline = TRUE;
+ pipeline = true;
if (pipe(io_pipe[STDIN_FILENO]) != 0)
error(1, _("unable to create pipe"));
iobufs = io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
io_fds[SFD_STDIN] = io_pipe[STDIN_FILENO][0];
}
if (io_fds[SFD_STDOUT] == -1 || !isatty(STDOUT_FILENO)) {
- pipeline = TRUE;
+ pipeline = true;
if (pipe(io_pipe[STDOUT_FILENO]) != 0)
error(1, _("unable to create pipe"));
iobufs = io_buf_new(io_pipe[STDOUT_FILENO][0], STDOUT_FILENO,
if (foreground) {
/* Copy terminal attrs from user tty -> pty slave. */
if (term_copy(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE])) {
- tty_initialized = 1;
+ tty_initialized = true;
sync_ttysize(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE]);
}
close(signal_pipe[0]);
close(signal_pipe[1]);
fcntl(sv[1], F_SETFD, FD_CLOEXEC);
- if (exec_setup(details, slavename, io_fds[SFD_SLAVE]) == TRUE) {
+ if (exec_setup(details, slavename, io_fds[SFD_SLAVE]) == true) {
/* Close the other end of the stdin/stdout/stderr pipes and exec. */
if (io_pipe[STDIN_FILENO][1])
close(io_pipe[STDIN_FILENO][1]);
sudo_debug_printf(SUDO_DEBUG_INFO, "received signal %d from parent", signo);
switch (signo) {
case SIGALRM:
- terminate_child(pid, TRUE);
+ terminate_child(pid, true);
break;
case SIGCONT_FG:
/* Continue in foreground, grant it controlling tty. */
* Wait for child status after receiving SIGCHLD.
* If the child was stopped, the status is send back to the parent.
* Otherwise, cstat is filled in but not sent.
- * Returns TRUE if child is still alive, else FALSE.
+ * Returns true if child is still alive, else false.
*/
-static int
+static bool
handle_sigchld(int backchannel, struct command_status *cstat)
{
- int status, alive = TRUE;
+ bool alive = true;
+ int status;
pid_t pid;
debug_decl(handle_sigchld, SUDO_DEBUG_EXEC);
}
}
if (!WIFSTOPPED(status))
- alive = FALSE;
+ alive = false;
}
- debug_return_int(alive);
+ debug_return_bool(alive);
}
/*
fd_set *fdsr;
sigaction_t sa;
int errpipe[2], maxfd, n, status;
- int alive = TRUE;
+ bool alive = true;
unsigned char signo;
debug_decl(exec_monitor, SUDO_DEBUG_EXEC);
* when it needs access to the controlling tty.
*/
if (pipeline)
- foreground = 0;
+ foreground = false;
/* Start command and wait for it to stop or exit */
if (pipe(errpipe) == -1)
struct sudo_conf_table {
const char *name;
unsigned int namelen;
- int (*setter)(const char *entry, void *data);
+ bool (*setter)(const char *entry, void *data);
};
struct sudo_conf_paths {
const char **pval;
};
-static int set_debug(const char *entry, void *data);
-static int set_path(const char *entry, void *data);
-static int set_plugin(const char *entry, void *data);
+static bool set_debug(const char *entry, void *data);
+static bool set_path(const char *entry, void *data);
+static bool set_plugin(const char *entry, void *data);
static struct plugin_info_list plugin_info_list;
/*
* "Debug progname debug_file debug_flags"
*/
-static int
+static bool
set_debug(const char *entry, void *data)
{
size_t filelen, proglen;
proglen = strlen(progname);
if (strncmp(entry, progname, proglen) != 0 ||
!isblank((unsigned char)entry[proglen]))
- return FALSE;
+ return false;
entry += proglen + 1;
while (isblank((unsigned char)*entry))
entry++;
debug_flags = strpbrk(entry, " \t");
if (debug_flags == NULL)
- return FALSE;
+ return false;
filelen = (size_t)(debug_flags - entry);
while (isblank((unsigned char)*debug_flags))
debug_flags++;
sudo_debug_init(debug_file, debug_flags);
efree(debug_file);
- return TRUE;
+ return true;
}
-static int
+static bool
set_path(const char *entry, void *data)
{
const char *name, *path;
name = entry;
path = strpbrk(entry, " \t");
if (path == NULL)
- return FALSE;
+ return false;
while (isblank((unsigned char)*path))
path++;
}
}
- return TRUE;
+ return true;
}
-static int
+static bool
set_plugin(const char *entry, void *data)
{
struct plugin_info_list *pil = data;
name = entry;
path = strpbrk(entry, " \t");
if (path == NULL)
- return FALSE;
+ return false;
namelen = (size_t)(path - name);
while (isblank((unsigned char)*path))
path++;
info->next = NULL;
tq_append(pil, info);
- return TRUE;
+ return true;
}
/*
/*
* Load the plugins listed in sudo.conf.
*/
-int
+bool
sudo_load_plugins(struct plugin_container *policy_plugin,
struct plugin_container_list *io_plugins)
{
struct stat sb;
void *handle;
char path[PATH_MAX];
- int rval = FALSE;
+ bool rval = false;
/* Walk plugin list. */
tq_foreach_fwd(&plugin_info_list, info) {
goto done;
}
- rval = TRUE;
+ rval = true;
done:
return rval;
/* Open policy plugin. */
ok = policy_open(&policy_plugin, settings, user_info, envp);
- if (ok != TRUE) {
+ if (ok != 1) {
if (ok == -2)
usage(1);
else
tq_foreach_fwd(&io_plugins, plugin) {
ok = iolog_open(plugin, settings, user_info, NULL,
nargc, nargv, envp);
- if (ok == TRUE)
+ if (ok == 1)
iolog_show_version(plugin, !user_details.uid);
}
break;
case MODE_VALIDATE:
case MODE_VALIDATE|MODE_INVALIDATE:
ok = policy_validate(&policy_plugin);
- exit(ok != TRUE);
+ exit(ok != 1);
case MODE_KILL:
case MODE_INVALIDATE:
policy_invalidate(&policy_plugin, sudo_mode == MODE_KILL);
case MODE_LIST|MODE_INVALIDATE:
ok = policy_list(&policy_plugin, nargc, nargv,
ISSET(sudo_mode, MODE_LONG_LIST), list_user);
- exit(ok != TRUE);
+ exit(ok != 1);
case MODE_EDIT:
case MODE_RUN:
ok = policy_check(&policy_plugin, nargc, nargv, env_add,
&command_info, &argv_out, &user_env_out);
sudo_debug_printf(SUDO_DEBUG_INFO, "policy plugin returns %d", ok);
- if (ok != TRUE) {
+ if (ok != 1) {
if (ok == -2)
usage(1);
exit(1); /* plugin printed error message */
ok = iolog_open(plugin, settings, user_info,
command_info, nargc, nargv, envp);
switch (ok) {
- case TRUE:
+ case 1:
break;
- case FALSE:
+ case 0:
/* I/O plugin asked to be disabled, remove from list. */
tq_remove(&io_plugins, plugin);
break;
break;
}
if (strncmp("noexec=", info[i], sizeof("noexec=") - 1) == 0) {
- if (atobool(info[i] + sizeof("noexec=") - 1) == TRUE)
+ if (atobool(info[i] + sizeof("noexec=") - 1) == true)
SET(details->flags, CD_NOEXEC);
break;
}
break;
case 'p':
if (strncmp("preserve_groups=", info[i], sizeof("preserve_groups=") - 1) == 0) {
- if (atobool(info[i] + sizeof("preserve_groups=") - 1) == TRUE)
+ if (atobool(info[i] + sizeof("preserve_groups=") - 1) == true)
SET(details->flags, CD_PRESERVE_GROUPS);
break;
}
SET_STRING("selinux_role=", selinux_role)
SET_STRING("selinux_type=", selinux_type)
if (strncmp("set_utmp=", info[i], sizeof("set_utmp=") - 1) == 0) {
- if (atobool(info[i] + sizeof("set_utmp=") - 1) == TRUE)
+ if (atobool(info[i] + sizeof("set_utmp=") - 1) == true)
SET(details->flags, CD_SET_UTMP);
break;
}
if (strncmp("sudoedit=", info[i], sizeof("sudoedit=") - 1) == 0) {
- if (atobool(info[i] + sizeof("sudoedit=") - 1) == TRUE)
+ if (atobool(info[i] + sizeof("sudoedit=") - 1) == true)
SET(details->flags, CD_SUDOEDIT);
break;
}
break;
}
if (strncmp("use_pty=", info[i], sizeof("use_pty=") - 1) == 0) {
- if (atobool(info[i] + sizeof("use_pty=") - 1) == TRUE)
+ if (atobool(info[i] + sizeof("use_pty=") - 1) == true)
SET(details->flags, CD_USE_PTY);
break;
}
/*
* Setup the execution environment immediately prior to the call to execve()
- * Returns TRUE on success and FALSE on failure.
+ * Returns true on success and false on failure.
*/
-int
+bool
exec_setup(struct command_details *details, const char *ptyname, int ptyfd)
{
- int rval = FALSE;
+ bool rval = false;
struct passwd *pw;
debug_decl(exec_setup, SUDO_DEBUG_EXEC)
* Call policy plugin's session init before other setup occurs.
* The session init code is expected to print an error as needed.
*/
- if (policy_init_session(&policy_plugin, pw) != TRUE)
+ if (policy_init_session(&policy_plugin, pw) != true)
goto done;
#ifdef HAVE_SELINUX
}
#endif
- rval = TRUE;
+ rval = true;
done:
debug_return_bool(rval);
if (plugin->u.policy->list == NULL) {
warningx(_("policy plugin %s does not support listing privileges"),
plugin->name);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
debug_return_bool(plugin->u.policy->list(argc, argv, verbose, list_user));
}
if (plugin->u.policy->validate == NULL) {
warningx(_("policy plugin %s does not support the -v option"),
plugin->name);
- debug_return_bool(FALSE);
+ debug_return_bool(false);
}
debug_return_bool(plugin->u.policy->validate());
}
debug_decl(policy_init_session, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->init_session)
debug_return_bool(plugin->u.policy->init_session(pwd));
- debug_return_bool(TRUE);
+ debug_return_bool(true);
}
static int
#include <limits.h>
#include <pathnames.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
#include "missing.h"
#include "alloc.h"
# define ROOT_UID 0
#endif
-/*
- * Pseudo-boolean values
- */
-#undef TRUE
-#define TRUE 1
-#undef FALSE
-#define FALSE 0
-
/*
* Various modes sudo can be in (based on arguments) in hex
*/
char *fmt_string(const char *var, const char *value);
/* atobool.c */
-int atobool(const char *str);
+bool atobool(const char *str);
/* parse_args.c */
int parse_args(int argc, char **argv, int *nargc, char ***nargv,
void get_ttysize(int *rowp, int *colp);
/* sudo.c */
-int exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
+bool exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
int run_command(struct command_details *details);
extern int debug_level;
extern const char *list_user, *runas_user, *runas_group;
void handler(int s);
void pty_close(struct command_status *cstat);
void pty_setup(uid_t uid, const char *tty, const char *utmp_user);
-void terminate_child(pid_t pid, int use_pgrp);
+void terminate_child(pid_t pid, bool use_pgrp);
extern int signal_pipe[2];
/* utmp.c */
-int utmp_login(const char *from_line, const char *to_line, int ttyfd,
+bool utmp_login(const char *from_line, const char *to_line, int ttyfd,
const char *user);
-int utmp_logout(const char *line, int status);
+bool utmp_logout(const char *line, int status);
#endif /* _SUDO_EXEC_H */
int _sudo_printf(int msg_type, const char *fmt, ...);
void sudo_read_conf(void);
-int sudo_load_plugins(struct plugin_container *policy_plugin,
+bool sudo_load_plugins(struct plugin_container *policy_plugin,
struct plugin_container_list *io_plugins);
#endif /* _SUDO_PLUGIN_INT_H */
* Legacy: sparse file indexed by ttyslot() * sizeof(struct utmp)
*/
#if defined(HAVE_GETUTXID) || defined(HAVE_GETUTID)
-int
+bool
utmp_login(const char *from_line, const char *to_line, int ttyfd,
const char *user)
{
sudo_utmp_t utbuf, *ut_old = NULL;
- int rval = FALSE;
+ bool rval = false;
debug_decl(utmp_login, SUDO_DEBUG_UTMP)
/* Strip off /dev/ prefix from line as needed. */
}
utmp_fill(to_line, user, ut_old, &utbuf);
if (pututxline(&utbuf) != NULL)
- rval = TRUE;
+ rval = true;
endutxent();
- debug_return_int(rval);
+ debug_return_bool(rval);
}
-int
+bool
utmp_logout(const char *line, int status)
{
- int rval = FALSE;
+ bool rval = false;
sudo_utmp_t *ut, utbuf;
debug_decl(utmp_logout, SUDO_DEBUG_UTMP)
# endif
utmp_settime(ut);
if (pututxline(ut) != NULL)
- rval = TRUE;
+ rval = true;
}
- debug_return_int(rval);
+ debug_return_bool(rval);
}
#else /* !HAVE_GETUTXID && !HAVE_GETUTID */
}
# endif /* HAVE_GETTTYENT */
-int
+bool
utmp_login(const char *from_line, const char *to_line, int ttyfd,
const char *user)
{
sudo_utmp_t utbuf, *ut_old = NULL;
- int slot, rval = FALSE;
+ bool rval = false;
+ int slot;
FILE *fp;
debug_decl(utmp_login, SUDO_DEBUG_UTMP)
utmp_fill(to_line, user, ut_old, &utbuf);
if (fseek(fp, slot * (long)sizeof(utbuf), SEEK_SET) == 0) {
if (fwrite(&utbuf, sizeof(utbuf), 1, fp) == 1)
- rval = TRUE;
+ rval = true;
}
fclose(fp);
done:
- debug_return_int(rval);
+ debug_return_bool(rval);
}
-int
+bool
utmp_logout(const char *line, int status)
{
sudo_utmp_t utbuf;
- int rval = FALSE;
+ bool rval = false;
FILE *fp;
debug_decl(utmp_logout, SUDO_DEBUG_UTMP)
/* Back up and overwrite record. */
if (fseek(fp, 0L - (long)sizeof(utbuf), SEEK_CUR) == 0) {
if (fwrite(&utbuf, sizeof(utbuf), 1, fp) == 1)
- rval = TRUE;
+ rval = true;
}
break;
}
}
fclose(fp);
- debug_return_int(rval);
+ debug_return_bool(rval);
}
#endif /* HAVE_GETUTXID || HAVE_GETUTID */
projects / sudo / commitdiff