Add new check_defaults() function to check (but not update) the

Defaults entries. Visudo can now use this instead of update_defaults
to check all the defaults regardless instead of just the global
Defaults entries.

--HG--
branch : 1.7

diff --git a/defaults.c b/defaults.c
index f311a1bf193780d80755c55518907492a10488eb..92e2ed629b2f820179962e1de844ce23d422f740 100644 (file)
--- a/defaults.c
+++ b/defaults.c
@@ -552,6 +552,55 @@ update_defaults(what)
     return rc;
 }
 
+/*
+ * Check the defaults entries without actually setting them.
+ * Pass in an OR'd list of which default types to check.
+ */
+int
+check_defaults(what, quiet)
+    int what;
+    int quiet;
+{
+    struct sudo_defs_types *cur;
+    struct defaults *def;
+    int rc = TRUE;
+
+    tq_foreach_fwd(&defaults, def) {
+       switch (def->type) {
+           case DEFAULTS:
+               if (!ISSET(what, SETDEF_GENERIC))
+                   continue;
+               break;
+           case DEFAULTS_USER:
+               if (!ISSET(what, SETDEF_USER))
+                   continue;
+               break;
+           case DEFAULTS_RUNAS:
+               if (!ISSET(what, SETDEF_RUNAS))
+                   continue;
+               break;
+           case DEFAULTS_HOST:
+               if (!ISSET(what, SETDEF_HOST))
+                   continue;
+               break;
+           case DEFAULTS_CMND:
+               if (!ISSET(what, SETDEF_CMND))
+                   continue;
+               break;
+       }
+       for (cur = sudo_defs_table; cur->name != NULL; cur++) {
+           if (strcmp(def->var, cur->name) == 0)
+               break;
+       }
+       if (cur->name == NULL) {
+           if (!quiet)
+               warningx("unknown defaults entry `%s'", def->var);
+           rc = FALSE;
+       }
+    }
+    return rc;
+}
+
 static int
 store_int(val, def, op)
     char *val;

diff --git a/defaults.h b/defaults.h
index 837d453c9aca267b41ef07c6825e750622797622..9b20a67c47d44fe76f1ff5cddeb148a34b193336 100644 (file)
--- a/defaults.h
+++ b/defaults.h
@@ -93,7 +93,7 @@ struct sudo_defs_types {
 #define T_PATH         0x200
 
 /*
- * Argument to update_defaults()
+ * Argument to update_defaults() and check_defaults()
  */
 #define SETDEF_GENERIC 0x01
 #define        SETDEF_HOST     0x02
@@ -107,6 +107,7 @@ struct sudo_defs_types {
  */
 int set_default                __P((char *, char *, int));
 int update_defaults    __P((int));
+int check_defaults     __P((int, int));
 void dump_default      __P((void));
 void dump_defaults     __P((void));
 void init_defaults     __P((void));

diff --git a/visudo.c b/visudo.c
index 1ca6a55b010e7cfbfa3dbbb9cfc6649158cb503c..db8d53466cff512b5163f2943596cea2d92f6dcc 100644 (file)
--- a/visudo.c
+++ b/visudo.c
@@ -479,10 +479,10 @@ reparse_sudoers(editor, args, strict, quiet)
        }
        fclose(yyin);
        if (!parse_error) {
-           if (!update_defaults(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER) ||
+           if (!check_defaults(SETDEF_ALL, quiet) ||
                check_aliases(strict, quiet) != 0) {
                parse_error = TRUE;
-               errorfile = sp->path;
+               errorfile = NULL;
            }
        }
 
@@ -503,10 +503,11 @@ reparse_sudoers(editor, args, strict, quiet)
            tq_foreach_fwd(&sudoerslist, sp) {
                if (errorfile == NULL || strcmp(sp->path, errorfile) == 0) {
                    edit_sudoers(sp, editor, args, errorlineno);
-                   break;
+                   if (errorfile != NULL)
+                       break;
                }
            }
-           if (sp == NULL)
+           if (errorfile != NULL && sp == NULL)
                errorx(1, "internal error, can't find %s in list!", sudoers);
        }
 
@@ -777,9 +778,12 @@ check_syntax(sudoers_path, quiet, strict)
        parse_error = TRUE;
        errorfile = sudoers_path;
     }
-    if (!parse_error && check_aliases(strict, quiet) != 0) {
-       parse_error = TRUE;
-       errorfile = sudoers_path;
+    if (!parse_error) {
+       if (!check_defaults(SETDEF_ALL, quiet) ||
+           check_aliases(strict, quiet) != 0) {
+           parse_error = TRUE;
+           errorfile = NULL;
+       }
     }
     error = parse_error;
     if (!quiet) {