} ldap_conf;
/*
- * Walk through search results and return true if we have a matching netgroup.
+ * Walk through search results and return TRUE if we have a matching
+ * netgroup, else FALSE.
*/
int
sudo_ldap_check_user_netgroup(ld, entry)
LDAPMessage *entry;
{
char **v = NULL, **p = NULL;
- int ret = 0;
+ int ret = FALSE;
if (!entry)
return ret;
/* match any */
if (netgr_matches(*p, NULL, NULL, user_name))
- ret = 1;
+ ret = TRUE;
if (ldap_conf.debug > 1)
printf(" %s\n", ret ? "MATCH!" : "not");
}
/*
- * Walk through search results and return true if we have a host match.
+ * Walk through search results and return TRUE if we have a
+ * host match, else FALSE.
*/
int
sudo_ldap_check_host(ld, entry)
LDAPMessage *entry;
{
char **v = NULL, **p = NULL;
- int ret = 0;
+ int ret = FALSE;
if (!entry)
return ret;
if (!strcasecmp(*p, "ALL") || addr_matches(*p) ||
netgr_matches(*p, user_host, user_shost, NULL) ||
!hostname_matches(user_shost, user_host, *p))
- ret = 1;
+ ret = TRUE;
if (ldap_conf.debug > 1)
printf(" %s\n", ret ? "MATCH!" : "not");
}
/*
- * Walk through search results and return true if we have a runas match.
+ * Walk through search results and return TRUE if we have a runas match,
+ * else FALSE.
* Since the runas directive in /etc/sudoers is optional, so is sudoRunAs.
*/
int
LDAPMessage *entry;
{
char **v = NULL, **p = NULL;
- int ret = 0;
+ int ret = FALSE;
if (!entry)
return ret;
printf("ldap sudoRunAs '%s' ...", *p);
if (!strcasecmp(*p, *user_runas) || !strcasecmp(*p, "ALL"))
- ret = 1;
+ ret = TRUE;
if (ldap_conf.debug > 1)
printf(" %s\n", ret ? "MATCH!" : "not");
}
/*
- * Walk through search results and return true if we have a command match.
+ * Walk through search results and return TRUE if we have a command match.
*/
int
sudo_ldap_check_command(ld, entry)
LDAPMessage *entry;
{
char *allowed_cmnd, *allowed_args, **v = NULL, **p = NULL;
- int foundbang, ret = 0;
+ int foundbang, ret = FALSE;
if (!entry)
return ret;
/* Match against ALL ? */
if (!strcasecmp(*p, "ALL")) {
- ret = 1;
+ ret = TRUE;
if (safe_cmnd)
free(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
/* check for !command */
if (**p == '!') {
- foundbang = 1;
+ foundbang = TRUE;
allowed_cmnd = estrdup(1 + *p); /* !command */
} else {
- foundbang = 0;
+ foundbang = FALSE;
allowed_cmnd = estrdup(*p); /* command */
}
* If allowed (no bang) set ret but keep on checking.
* If disallowed (bang), exit loop.
*/
- ret = foundbang ? -1 : 1;
+ ret = foundbang ? -1 : TRUE;
if (ldap_conf.debug > 1)
printf(" MATCH!\n");
} else if (ldap_conf.debug > 1) {
if (v)
ldap_value_free(v); /* more cleanup */
- /* return true if we found at least one ALLOW and no DENY */
+ /* return TRUE if we found at least one ALLOW and no DENY */
return ret > 0;
}
}
/*
- * Map yes/true/on to 1, no/false/off to 0, else -1
+ * Map yes/true/on to TRUE, no/false/off to FALSE, else -1
*/
int
_atobool(s)
const char *s;
{
if (!strcasecmp(s, "yes") || !strcasecmp(s, "true") || !strcasecmp(s, "on"))
- return 1;
+ return TRUE;
if (!strcasecmp(s, "no") || !strcasecmp(s, "false") || !strcasecmp(s, "off"))
- return 0;
+ return FALSE;
return -1;
}
ldap_conf.tls_checkpeer = -1; /* default */
if ((f = fopen(_PATH_LDAP_CONF, "r")) == NULL)
- return 0;
+ return FALSE;
while (fgets(buf, sizeof(buf), f)) {
c = buf;
if (*c == '#')
printf("===================\n");
}
if (!ldap_conf.base)
- return 0; /* if no base is defined, ignore LDAP */
- return 1;
+ return FALSE; /* if no base is defined, ignore LDAP */
+ return TRUE;
}
/*
#define SAVE_LIST(x) ncat(&sudo_ldap_cm_list,&sudo_ldap_cm_list_size,(x))
/*
- * Walks through search result and returns true if we have a
+ * Walks through search result and returns TRUE if we have a
* command match
*/
int
/* if we are not collecting matches, then don't save them */
if (pwflag != I_LISTPW)
- return 1;
+ return TRUE;
/* collect the dn, only show the rdn */
dn = ldap_get_dn(ld, entry);
if (v)
ldap_value_free(v);
- return 0; /* Don't stop at the first match */
+ return FALSE; /* Don't stop at the first match */
}
#undef SAVE_LIST
LDAP *ld = (LDAP *) v;
LDAPMessage *entry = NULL, *result = NULL; /* used for searches */
char *filt; /* used to parse attributes */
- int rc = 0, ret = 0, pass = 0; /* temp/final return values */
- int ldap_user_matches = 0, ldap_host_matches = 0; /* flags */
+ int rc = FALSE, ret = FALSE, pass = FALSE; /* temp/final return values */
+ int ldap_user_matches = FALSE, ldap_host_matches = FALSE; /* flags */
/*
* Okay - time to search for anything that matches this user
projects / sudo / commitdiff