394) Pam now works on HP-UX 11.0, thanks to Jeff A. Earickson.
-395) It is now possible to set the path to the editor for visudo as well
+395) Fixed a bug that caused an infinite loop when the password
+ timeout was disabled.
+
+396) It is now possible to set the path to the editor for visudo as well
as the flag that determines whether or not visudo will look at
$EDITOR in the sudoers file.
-396) configure now pulls in the values of LIBS, LDFLAGS, CPPFLAGS, etc
+397) configure now pulls in the values of LIBS, LDFLAGS, CPPFLAGS, etc
as the documentation says it ought to.
-397) Added rootpw, runaspw, and targetpw to prompt for the root, runas_default
+398) Added rootpw, runaspw, and targetpw to prompt for the root, runas_default
and target user's passwords respectively (instead of the invoking user's
password).
+
+399) Added -S flag to force password read from stdin.
Name Rev Arch Used Version By Options
======= ======= ======= =============== ======= =============== ===============
Auspex 1.6.1 sun4 bundled cc 1.3.4 Alek Komarnitsky none
-SunOS 4.1.3 sun4 bundled cc 1.6.2p1 Todd Miller none
-SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.2p1 Todd Miller none
+SunOS 4.1.3 sun4 bundled cc 1.6.2p2 Todd Miller none
+SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.2p2 Todd Miller none
SunOS 4.1.3 sun4 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
-SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.2p1 Todd Miller --with-skey
+SunOS 4.1.3 sun4 gcc2.9.5.2 1.6.2p2 Todd Miller --with-skey
Solaris 2.5.1 sparc SC4.0 1.5.6p1 Brian Jackson none
Solaris 2.5.1 sun4u gcc2.7.2.3 1.5.4 Leon von Stauber none
Solaris 2.5.1 i386 gcc2.7.2 1.5.4 Leon von Stauber none
-Solaris 2.6 sparc gcc2.9.5.2 1.6.2p1 Todd Miller none
-Solaris 2.6 sparc gcc2.9.5.2 1.6.2p1 Todd Miller --with-pam
-Solaris 2.6 i386 gcc2.9.5.2 1.6.2p1 Todd Miller none
+Solaris 2.6 sparc gcc2.9.5.2 1.6.2p2 Todd Miller none
+Solaris 2.6 sparc gcc2.9.5.2 1.6.2p2 Todd Miller --with-pam
+Solaris 2.6 i386 gcc2.9.5.2 1.6.2p2 Todd Miller none
Solaris 2.6 sparc unbundled cc 1.5.7 Giff Hammar none
Solaris 2.6 i386 unbundled cc 1.5.8p2 Udo Keller none
Solaris 7 i386 gcc 2.8.1 1.6.1 Ido Dubrawsky none
HP-UX 9.05 hp700 gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
HP-UX 9.07 hp700 unbundled cc 1.5 Alek Komarnitsky --with-C2
HP-UX 9.05 hp700 unbundled cc 1.4 Todd Miller none
-HP-UX 10.10 hp700 unbundled cc 1.6.2p1 Todd Miller --with-skey
-HP-UX 10.20 hp700 gcc2.9.5.2 1.6.2p1 Todd Miller --with-skey
-HP-UX 10.20 hp700 bundled cc 1.6.2p1 Todd Miller none
+HP-UX 10.10 hp700 unbundled cc 1.6.2p2 Todd Miller --with-skey
+HP-UX 10.20 hp700 gcc2.9.5.2 1.6.2p2 Todd Miller --with-skey
+HP-UX 10.20 hp700 bundled cc 1.6.2p2 Todd Miller none
HP-UX 10.20 PA-RISC2.0 bundled cc 1.5.4 Leon von Stauber none
HP-UX 11.00 hp700 ansi-c 1.5.5b1 Alek Komarnitsky --with-C2
HP-UX 11.00 hp700 bundled cc 1.5.5p5 Lynn Osburn none
HP-UX 11.00 hp700 HP C compiler 1.6.2 Jeff Earickson --with-pam
HP-UX 10.20 hp700 gcc 2.95.2 1.6.2 Jeff Earickson --with-DCE
-Ultrix 4.3 mips bundled cc 1.6.2p1 Todd Miller none
+Ultrix 4.3 mips bundled cc 1.6.2p2 Todd Miller none
Ultrix 4.3 mips gcc2.7.2.1 1.5.9 Todd Miller --with-skey
IRIX 4.05H mips gcc2.6.3 1.5.3 Todd Miller none
IRIX 4.05H mips unbundled cc 1.4 Todd Miller none
IRIX 5.3 mips MipsPro C 1.5.6p1 Brian Jackson none
IRIX 6.2 mips MipsPro C 1.5.6p1 Brian Jackson none
IRIX 6.5 mips MipsPro C 1.5.6p1 Brian Jackson none
-IRIX 5.3 mips unbundled cc 1.6.2p1 Todd Miller none
-IRIX 5.3 mips gcc2.9.5.2 1.6.2p1 Todd Miller --with-skey
+IRIX 5.3 mips unbundled cc 1.6.2p2 Todd Miller none
+IRIX 5.3 mips gcc2.9.5.2 1.6.2p2 Todd Miller --with-skey
IRIX 5.3 mips gcc2.7.2.1 1.5.3 Todd Miller --with-kerb4
IRIX 5.3 mips unbundled cc 1.4 Wallace Winfrey --with-C2
IRIX 6.2 mips unbundled cc 1.5 Alek Komarnitsky --with-C2
NEXTSTEP 3.3 i386 bundled cc 1.4 Jonathan Adams none
NEXTSTEP 3.3 sparc bundled cc 1.5.3 Mike Kienenberger none
DEC UNIX 3.2c alpha bundled cc 1.5.3 Todd Miller none
-DEC UNIX 4.0D alpha gcc-2.9.5.2 1.6.2p1 Todd Miller --with-skey
+DEC UNIX 4.0D alpha gcc-2.9.5.2 1.6.2p2 Todd Miller --with-skey
DEC UNIX 4.0 alpha gcc-2.7.2.1 1.5.3 Todd Miller --with-kerb4
DEC UNIX 4.0D alpha bundled cc 1.5.3 Randall R. Cable --with-C2
DEC UNIX 4.0E alpha bundled cc 1.5.9p2 Vangelis Haniotakis none
AIX 3.2.X rs6000 bundled cc 1.4 Todd Miller none
AIX 4.1.3 PowerPC gcc-2.7.0 1.4 Bob Shair none
-AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p1 Todd Miller none
-AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p1 Todd Miller --with-authenticate
+AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p2 Todd Miller none
+AIX 4.1.4 rs6000 gcc-2.8.1 1.6.2p2 Todd Miller --with-authenticate
AIX 4.1.5 rs6000 gcc-2.7.2.3 1.4.4 Daniel Robitaille none
AIX 4.1.X rs6000 bundled cc 1.5.3 Robin Jackson --with-AFS
AIX 4.1.X PowerPC bundled cc 1.5.3 Robin Jackson --with-AFS
ConvexOS 9.1 convex bundled cc 1.3.6 Todd Miller none
ConvexOS 9.1 convex gcc2.4.5 1.3.6 Todd Miller none
BSD/OS 2.1 i386 shlicc 1.5.3 Todd Miller none
-OpenBSD 2.X i586 gcc-2.8.1 1.6.2p1 Todd Miller none
-OpenBSD 2.X alpha gcc-2.8.1 1.6.2p1 Todd Miller none
-OpenBSD 2.X m68k gcc-2.8.1 1.6.2p1 Todd Miller none
+OpenBSD 2.X i586 gcc-2.8.1 1.6.2p2 Todd Miller none
+OpenBSD 2.X alpha gcc-2.8.1 1.6.2p2 Todd Miller none
+OpenBSD 2.X m68k gcc-2.8.1 1.6.2p2 Todd Miller none
OpenBSD 2.X mvme88k gcc-2.8.1 1.5.9 Steve Murphree none
FreeBSD 1.1 i386 gcc 1.3.2 Dworkin Muller none
FreeBSD 2.0.5 i386 gcc 1.3.4 Dworkin Muller none
Linux 1.2.13 i486 gcc-2.7.0 1.4 Michael Forman none
Linux 1.2.8 i486 gcc-2.5.8 1.3.5 Ted Coady --with-C2
Linux 2.0.15 i586 gcc-2.7.2.1 1.5 Danny Barron none
-Linux 2.0.36 i586 gcc-2.95.2 1.6.2p1 Todd Miller none
+Linux 2.0.36 i586 gcc-2.95.2 1.6.2p2 Todd Miller none
Linux 2.0.34 i586 egcs-2.91.57 1.5.6p2 Darrin Chandler none
Linux 2.0.36 i586 gcc-2.7.2.3 1.5.7p4 Nathan Haney none
Linux 2.0.34 alpha egcs-2.90.27 1.5.3 Karl Schlitt none
Linux 2.0.33pl1 m68k gcc 2.7.2.3 1.5.6 James Troup none
-Linux 2.2.12 i586 gcc-2.95.2 1.6.2p1 Todd Miller --with-pam
+Linux 2.2.12 i586 gcc-2.95.2 1.6.2p2 Todd Miller --with-pam
Linux 2.2.6-15 ppc egcs-1.1.2 1.5.9p4 Barbara Schelkle none
Linux 2.0.34 mips gcc-2.7.2 1.6 Tristan Roddis none
UnixWare 1.1.4 i386 gcc-2.7.2 1.4 Michael Hancock none
30) Add support for: Default:user@host
-31) Add -S flag to force password read from stdin
-
-32) Do login-style -sh hack for sudo -s?
+31) Do login-style -sh hack for sudo -s?
char *message, *pass;
int reenter = 1;
- pass = tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, 1);
+ pass = tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, tgetpass_flags);
if (authenticate(pw->pw_name, pass, &reenter, &message) == 0)
return(AUTH_SUCCESS);
else
/* Get the password/response from the user. */
if (strncmp(resp, "challenge ", 10) == 0) {
(void) snprintf(buf, sizeof(buf), "%s\nResponse: ", &resp[10]);
- pass = tgetpass(buf, def_ival(I_PW_TIMEOUT) * 60, 0);
+ pass = tgetpass(buf, def_ival(I_PW_TIMEOUT) * 60,
+ tgetpass_flags | TGP_ECHO);
} else if (strncmp(resp, "password", 8) == 0) {
- pass = tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, 1);
+ pass = tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, tgetpass_flags);
} else {
(void) fprintf(stderr, "%s: %s\n", Argv[0], resp);
return(AUTH_FATAL);
struct pam_response *pr;
PAM_CONST struct pam_message *pm;
const char *p = def_prompt;
- int echo = 0;
extern int nil_pw;
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
for (pr = *response, pm = *msg; num_msg--; pr++, pm++) {
switch (pm->msg_style) {
case PAM_PROMPT_ECHO_ON:
- echo = 1;
+ tgetpass_flags |= TGP_ECHO;
case PAM_PROMPT_ECHO_OFF:
/* Only override PAM prompt if it matches /^Password: ?/ */
if (strncmp(pm->msg, "Password:", 9) || (pm->msg[9] != '\0'
p = pm->msg;
/* Read the password. */
pr->resp = estrdup((char *) tgetpass(p,
- def_ival(I_PW_TIMEOUT) * 60, !echo));
+ def_ival(I_PW_TIMEOUT) * 60, tgetpass_flags));
if (*pr->resp == '\0')
nil_pw = 1; /* empty password */
break;
#ifdef AUTH_STANDALONE
p = prompt;
#else
- p = (char *) tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, 1);
+ p = (char *) tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60,
+ tgetpass_flags);
if (!p || *p == '\0')
nil_pw = 1;
#endif /* AUTH_STANDALONE */
static char *runas_homedir = NULL; /* XXX */
struct interface *interfaces;
int num_interfaces;
+int tgetpass_flags;
extern int errorlineno;
/*
case 'H':
rval |= MODE_RESET_HOME;
break;
+ case 'S':
+ tgetpass_flags |= TGP_STDIN;
+ break;
case '-':
NewArgc--;
NewArgv++;
int exit_val;
{
(void) fprintf(stderr,
- "usage: %s -V | -h | -L | -l | -v | -k | -K | -H | [-b] [-p prompt]\n%*s",
+ "usage: %s -V | -h | -L | -l | -v | -k | -K | -H | [-S] [-b] [-p prompt]\n%*s",
Argv[0], (int) strlen(Argv[0]) + 8, " ");
(void) fprintf(stderr, "[-u username/#uid] -s | <command>\n");
exit(exit_val);
#define PWCHECK_ANY 0x04
#define PWCHECK_ALWAYS 0x08
+/*
+ * Flags for tgetpass()
+ */
+#define TGP_ECHO 0x01 /* leave echo on when reading passwd */
+#define TGP_STDIN 0x02 /* read from stdin, not /dev/tty */
+
/*
* Function prototypes
*/
extern int Argc;
extern char **Argv;
extern FILE *sudoers_fp;
+extern int tgetpass_flags;
#endif
extern int errno;
#include "sudo.h"
+#ifndef lint
+static const char rcsid[] = "$Sudo$";
+#endif /* lint */
+
#ifndef TCSASOFT
#define TCSASOFT 0
#endif /* TCSASOFT */
-#ifndef lint
-static const char rcsid[] = "$Sudo$";
-#endif /* lint */
+/*
+ * Abstract method of getting at the term flags.
+ */
+#undef TERM
+#undef tflags
+#ifdef HAVE_TERMIOS_H
+# define TERM termios
+# define tflags c_lflag
+# define term_getattr(f, t) tcgetattr(f, t)
+# define term_setattr(f, t) tcsetattr(f, TCSAFLUSH|TCSASOFT, t)
+#else
+# ifdef HAVE_TERMIO_H
+# define TERM termio
+# define tflags c_lflag
+# define term_getattr(f, t) ioctl(f, TCGETA, t)
+# define term_setattr(f, t) ioctl(f, TCSETA, t)
+# else
+# define TERM sgttyb
+# define tflags sg_flags
+# define term_getattr(f, t) ioctl(f, TIOCGETP, t)
+# define term_setattr(f, t) ioctl(f, TIOCSETP, t)
+# endif /* HAVE_TERMIO_H */
+#endif /* HAVE_TERMIOS_H */
static char *tgetline __P((int, char *, size_t, int));
* Like getpass(3) but with timeout and echo flags.
*/
char *
-tgetpass(prompt, timeout, echo_off)
+tgetpass(prompt, timeout, flags)
const char *prompt;
int timeout;
- int echo_off;
+ int flags;
{
-#ifdef HAVE_TERMIOS_H
- struct termios term;
-#else
-#ifdef HAVE_TERMIO_H
- struct termio term;
-#else
- struct sgttyb ttyb;
-#endif /* HAVE_TERMIO_H */
-#endif /* HAVE_TERMIOS_H */
+ struct TERM term, oterm;
int input, output;
static char buf[SUDO_PASS_MAX + 1];
/* Open /dev/tty for reading/writing if possible else use stdin/stderr. */
- if ((input = output = open(_PATH_TTY, O_RDWR|O_NOCTTY)) == -1) {
+ if ((flags & TGP_STDIN) ||
+ (input = output = open(_PATH_TTY, O_RDWR|O_NOCTTY)) == -1) {
input = STDIN_FILENO;
output = STDERR_FILENO;
}
if (prompt)
(void) write(output, prompt, strlen(prompt) + 1);
- if (echo_off) {
-#ifdef HAVE_TERMIOS_H
- (void) tcgetattr(input, &term);
- if ((echo_off = (term.c_lflag & ECHO))) {
- term.c_lflag &= ~ECHO;
- (void) tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
- }
-#else
-#ifdef HAVE_TERMIO_H
- (void) ioctl(input, TCGETA, &term);
- if ((echo_off = (term.c_lflag & ECHO))) {
- term.c_lflag &= ~ECHO;
- (void) ioctl(input, TCSETA, &term);
- }
-#else
- (void) ioctl(input, TIOCGETP, &ttyb);
- if ((echo_off = (ttyb.sg_flags & ECHO))) {
- ttyb.sg_flags &= ~ECHO;
- (void) ioctl(input, TIOCSETP, &ttyb);
- }
-#endif /* HAVE_TERMIO_H */
-#endif /* HAVE_TERMIOS_H */
- }
+ /* Turn echo off/on as specified by flags. */
+ (void) term_getattr(input, &oterm);
+ (void) memcpy(&term, &oterm, sizeof(term));
+ if ((flags & TGP_ECHO) && !(term.tflags & ECHO))
+ term.tflags |= ECHO;
+ else if (!(flags & TGP_ECHO) && (term.tflags & ECHO))
+ term.tflags &= ~ECHO;
+ (void) term_setattr(input, &term);
buf[0] = '\0';
tgetline(input, buf, sizeof(buf), timeout);
-#ifdef HAVE_TERMIOS_H
- if (echo_off) {
- term.c_lflag |= ECHO;
- (void) tcsetattr(input, TCSAFLUSH|TCSASOFT, &term);
- }
-#else
-#ifdef HAVE_TERMIO_H
- if (echo_off) {
- term.c_lflag |= ECHO;
- (void) ioctl(input, TCSETA, &term);
- }
-#else
- if (echo_off) {
- ttyb.sg_flags |= ECHO;
- (void) ioctl(input, TIOCSETP, &ttyb);
- }
-#endif /* HAVE_TERMIO_H */
-#endif /* HAVE_TERMIOS_H */
+ /* Restore old tty flags. */
+ (void) term_setattr(input, &oterm);
- if (echo_off)
+ if (!(flags & TGP_ECHO))
(void) write(output, "\n", 1);
if (input != STDIN_FILENO)
projects / sudo / commitdiff