The listpw and verifypw sudoers options would not take effect because

the value of the default was checked *before* sudoers was parsed.
Instead of passing in the value of PWCHECK_* to sudoers_lookup(),
pass in the arg for def_ival() so the check can be deferred until
after sudoers is parsed.

diff --git a/parse.c b/parse.c
index c1e0e39617616e4377eea6a4d2923fd113423f98..4919906b6797d23e6b62d33475ff23191ce03344 100644 (file)
--- a/parse.c
+++ b/parse.c
@@ -112,10 +112,11 @@ static int has_meta       __P((char *));
  * allowed to run the specified command on this host as the target user.
  */
 int
-sudoers_lookup(pwflags)
-    int pwflags;
+sudoers_lookup(pwflag)
+    int pwflag;
 {
     int error;
+    int pwcheck;
 
     /* Become sudoers file owner */
     set_perms(PERM_SUDOERS, 0);
@@ -128,8 +129,8 @@ sudoers_lookup(pwflags)
     /* Allocate space for data structures in the parser. */
     init_parser();
 
-    /* For most pwflags to be useful we need to keep more state around. */
-    if (pwflags && pwflags != PWCHECK_NEVER && pwflags != PWCHECK_ALWAYS)
+    /* If pwcheck *could* be PWCHECK_ALL or PWCHECK_ANY, keep more state. */
+    if (pwflag > 0)
        keepall = TRUE;
 
     /* Need to be root while stat'ing things in the parser. */
@@ -143,6 +144,15 @@ sudoers_lookup(pwflags)
     if (error || parse_error)
        return(VALIDATE_ERROR);
 
+    /*
+     * The pw options may have changed during sudoers parse so we
+     * wait until now to set this.
+     */
+    if (pwflag)
+       pwcheck = (pwflag == -1) ? PWCHECK_NEVER : def_ival(pwflag);
+    else
+       pwcheck = 0;
+
     /*
      * Assume the worst.  If the stack is empty the user was
      * not mentioned at all.
@@ -151,7 +161,7 @@ sudoers_lookup(pwflags)
        error = VALIDATE_NOT_OK;
     else
        error = VALIDATE_NOT_OK | FLAG_NOPASS;
-    if (pwflags) {
+    if (pwcheck) {
        error |= FLAG_NO_CHECK;
     } else {
        error |= FLAG_NO_HOST;
@@ -160,14 +170,14 @@ sudoers_lookup(pwflags)
     }
 
     /*
-     * Only check the actual command if pwflags flag is not set.
+     * Only check the actual command if pwcheck flag is not set.
      * It is set for the "validate", "list" and "kill" pseudo-commands.
      * Always check the host and user.
      */
-    if (pwflags) {
+    if (pwcheck) {
        int nopass, found;
 
-       if (pwflags == PWCHECK_NEVER || !def_flag(I_AUTHENTICATE))
+       if (pwcheck == PWCHECK_NEVER || !def_flag(I_AUTHENTICATE))
            nopass = FLAG_NOPASS;
        else
            nopass = -1;
@@ -175,9 +185,9 @@ sudoers_lookup(pwflags)
        while (top) {
            if (host_matches == TRUE) {
                found = 1;
-               if (pwflags == PWCHECK_ANY && no_passwd == TRUE)
+               if (pwcheck == PWCHECK_ANY && no_passwd == TRUE)
                    nopass = FLAG_NOPASS;
-               else if (pwflags == PWCHECK_ALL && nopass != 0)
+               else if (pwcheck == PWCHECK_ALL && nopass != 0)
                    nopass = (no_passwd == TRUE) ? FLAG_NOPASS : 0;
            }
            top--;

diff --git a/sudo.c b/sudo.c
index 4233d6de1e4aeb904202b9dfc107d1b3f3e94e45..ab9374ce1b4a4800ea6dac74302a71a4e77cb7ae 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -61,6 +61,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/param.h>
+#include <sys/socket.h>
 #include <netinet/in.h>
 #include <netdb.h>
 #ifdef HAVE_SETRLIMIT
@@ -176,7 +177,7 @@ main(argc, argv)
     int fd;
     int cmnd_status;
     int sudo_mode;
-    int sudoers_flags;
+    int pwflag;
 #ifdef POSIX_SIGNALS
     sigset_t set, oset;
 #else
@@ -237,7 +238,7 @@ main(argc, argv)
     /* Load the list of local ip addresses and netmasks.  */
     load_interfaces();
 
-    sudoers_flags = 0;
+    pwflag = 0;
     if (sudo_mode & MODE_SHELL)
        user_cmnd = "shell";
     else
@@ -257,12 +258,12 @@ main(argc, argv)
                break;
            case MODE_VALIDATE:
                user_cmnd = "validate";
-               sudoers_flags = def_ival(I_VERIFYPW);
+               pwflag = I_VERIFYPW;
                break;
            case MODE_KILL:
            case MODE_INVALIDATE:
                user_cmnd = "kill";
-               sudoers_flags = PWCHECK_NEVER;
+               pwflag = -1;
                break;
            case MODE_LISTDEFS:
                list_options();
@@ -270,8 +271,8 @@ main(argc, argv)
                break;
            case MODE_LIST:
                user_cmnd = "list";
+               pwflag = I_LISTPW;
                printmatches = 1;
-               sudoers_flags = def_ival(I_LISTPW);
                break;
        }
 
@@ -288,7 +289,7 @@ main(argc, argv)
     add_env(!(sudo_mode & MODE_SHELL));        /* add in SUDO_* envariables */
 
     /* Validate the user but don't search for pseudo-commands. */
-    validated = sudoers_lookup(sudoers_flags);
+    validated = sudoers_lookup(pwflag);
 
     /* This goes after the sudoers parse since we honor sudoers options. */
     if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {