Remove old sudo_debug() and convert users to sudo_debug_printf().
SHELL = @SHELL@
LTOBJS = alloc.lo atobool.lo fileops.lo fmt_string.lo lbuf.lo list.lo \
- setgroups.lo sudo_debug.lo term.lo zero_bytes.lo @COMMON_OBJS@
+ setgroups.lo sudo_debug.lo term.lo zero_bytes.lo @COMMON_OBJS@
all: libcommon.la
alloc.lo: $(srcdir)/alloc.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/alloc.h $(incdir)/error.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/alloc.c
-atobool.lo: $(srcdir)/atobool.c $(top_builddir)/config.h $(incdir)/missing.h
+atobool.lo: $(srcdir)/atobool.c $(top_builddir)/config.h $(incdir)/missing.h \
+ $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/atobool.c
fileops.lo: $(srcdir)/fileops.c $(top_builddir)/config.h \
$(top_srcdir)/compat/timespec.h $(incdir)/missing.h \
- $(incdir)/fileops.h
+ $(incdir)/fileops.h $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/fileops.c
fmt_string.lo: $(srcdir)/fmt_string.c $(top_builddir)/config.h \
- $(incdir)/missing.h
+ $(incdir)/missing.h $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/fmt_string.c
lbuf.lo: $(srcdir)/lbuf.c $(top_builddir)/config.h $(incdir)/missing.h \
- $(incdir)/alloc.h $(incdir)/error.h $(incdir)/lbuf.h
+ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/lbuf.h \
+ $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/lbuf.c
list.lo: $(srcdir)/list.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/list.h $(incdir)/error.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/list.c
-setgroups.lo: $(srcdir)/setgroups.c $(top_builddir)/config.h $(incdir)/missing.h
+setgroups.lo: $(srcdir)/setgroups.c $(top_builddir)/config.h \
+ $(incdir)/missing.h $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/setgroups.c
sudo_debug.lo: $(srcdir)/sudo_debug.c $(top_builddir)/config.h \
- $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
- $(incdir)/gettext.h $(incdir)/sudo_debug.h
+ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
+ $(incdir)/gettext.h $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudo_debug.c
-term.lo: $(srcdir)/term.c $(top_builddir)/config.h $(incdir)/missing.h
+term.lo: $(srcdir)/term.c $(top_builddir)/config.h $(incdir)/missing.h \
+ $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/term.c
zero_bytes.lo: $(srcdir)/zero_bytes.c $(top_builddir)/config.h \
$(incdir)/missing.h
#endif /* HAVE_STRINGS_H */
#include "missing.h"
+#include "sudo_debug.h"
int
atobool(const char *str)
{
+ debug_decl(atobool, SUDO_DEBUG_UTIL)
+
switch (*str) {
case '0':
case '1':
break;
}
return -1;
+ debug_return_int(-1);
}
#include "missing.h"
#include "fileops.h"
+#include "sudo_debug.h"
#ifndef LINE_MAX
# define LINE_MAX 2048
touch(int fd, char *path, struct timeval *tvp)
{
struct timeval times[2];
+ int rval = -1;
+ debug_decl(touch, SUDO_DEBUG_UTIL)
if (tvp != NULL) {
times[0].tv_sec = times[1].tv_sec = tvp->tv_sec;
#if defined(HAVE_FUTIME) || defined(HAVE_FUTIMES)
if (fd != -1)
- return futimes(fd, tvp ? times : NULL);
+ rval = futimes(fd, tvp ? times : NULL);
else
#endif
if (path != NULL)
- return utimes(path, tvp ? times : NULL);
- else
- return -1;
+ rval = utimes(path, tvp ? times : NULL);
+ debug_return_int(rval);
}
/*
lock_file(int fd, int lockit)
{
int op = 0;
+ debug_decl(lock_file, SUDO_DEBUG_UTIL)
switch (lockit) {
case SUDO_LOCK:
op = F_ULOCK;
break;
}
- return lockf(fd, op, 0) == 0;
+ debug_return_int(lockf(fd, op, 0) == 0);
}
#elif HAVE_FLOCK
int
lock_file(int fd, int lockit)
{
int op = 0;
+ debug_decl(lock_file, SUDO_DEBUG_UTIL)
switch (lockit) {
case SUDO_LOCK:
op = LOCK_UN;
break;
}
- return flock(fd, op) == 0;
+ debug_return_int(flock(fd, op) == 0);
}
#else
int
#ifdef F_SETLK
int func;
struct flock lock;
+ debug_decl(lock_file, SUDO_DEBUG_UTIL)
lock.l_start = 0;
lock.l_len = 0;
lock.l_whence = SEEK_SET;
func = (lockit == SUDO_LOCK) ? F_SETLKW : F_SETLK;
- return fcntl(fd, func, &lock) == 0;
+ debug_return_int(fcntl(fd, func, &lock) == 0);
#else
return TRUE;
#endif
size_t len;
char *cp = NULL;
static char buf[LINE_MAX];
+ debug_decl(sudo_parseln, SUDO_DEBUG_UTIL)
if (fgets(buf, sizeof(buf), fp) != NULL) {
/* Remove comments */
for (cp = buf; isblank((unsigned char)*cp); cp++)
continue;
}
- return cp;
+ debug_return_str(cp);
}
#endif /* HAVE_STRINGS_H */
#include "missing.h"
+#include "sudo_debug.h"
/*
* Allocate storage for a name=value string and return it.
size_t var_len = strlen(var);
size_t val_len = strlen(val);
char *cp, *str;
+ debug_decl(fmt_string, SUDO_DEBUG_UTIL)
cp = str = malloc(var_len + 1 + val_len + 1);
if (str != NULL) {
*cp = '\0';
}
- return str;
+ debug_return_str(str);
}
#include "alloc.h"
#include "error.h"
#include "lbuf.h"
+#include "sudo_debug.h"
void
lbuf_init(struct lbuf *lbuf, int (*output)(const char *),
int indent, const char *continuation, int cols)
{
+ debug_decl(lbuf_init, SUDO_DEBUG_UTIL)
+
lbuf->output = output;
lbuf->continuation = continuation;
lbuf->indent = indent;
lbuf->len = 0;
lbuf->size = 0;
lbuf->buf = NULL;
+
+ debug_return;
}
void
lbuf_destroy(struct lbuf *lbuf)
{
+ debug_decl(lbuf_destroy, SUDO_DEBUG_UTIL)
+
efree(lbuf->buf);
lbuf->buf = NULL;
+
+ debug_return;
}
/*
va_list ap;
int len;
char *cp, *s = NULL;
+ debug_decl(lbuf_append_quoted, SUDO_DEBUG_UTIL)
va_start(ap, fmt);
while (*fmt != '\0') {
}
lbuf->buf[lbuf->len] = '\0';
va_end(ap);
+
+ debug_return;
}
/*
va_list ap;
int len;
char *s = NULL;
+ debug_decl(lbuf_append, SUDO_DEBUG_UTIL)
va_start(ap, fmt);
while (*fmt != '\0') {
}
lbuf->buf[lbuf->len] = '\0';
va_end(ap);
+
+ debug_return;
}
static void
{
char *cp, save;
int i, have, contlen;
+ debug_decl(lbuf_println, SUDO_DEBUG_UTIL)
contlen = lbuf->continuation ? strlen(lbuf->continuation) : 0;
}
lbuf->output("\n");
}
+
+ debug_return;
}
/*
{
char *cp, *ep;
int len;
+ debug_decl(lbuf_print, SUDO_DEBUG_UTIL)
if (lbuf->buf == NULL || lbuf->len == 0)
goto done;
done:
lbuf->len = 0; /* reset the buffer for re-use. */
+
+ debug_return;
}
if (l != NULL) {
#ifdef DEBUG
if (l->prev == NULL) {
- warningx("list2tq called with non-semicircular list");
+ warningx2("list2tq called with non-semicircular list");
abort();
}
#endif
#include <limits.h>
#include "missing.h"
+#include "sudo_debug.h"
int
sudo_setgroups(int ngids, const GETGROUPS_T *gids)
{
int maxgids, rval;
+ debug_decl(sudo_setgroups, SUDO_DEBUG_UTIL)
rval = setgroups(ngids, gids);
if (rval == -1 && errno == EINVAL) {
if (ngids > maxgids)
rval = setgroups(maxgids, gids);
}
- return rval;
+ debug_return_int(rval);
}
#include <termios.h>
#include "missing.h"
+#include "sudo_debug.h"
#ifndef TCSASOFT
# define TCSASOFT 0
int
term_restore(int fd, int flush)
{
+ debug_decl(term_restore, SUDO_DEBUG_UTIL)
+
if (changed) {
int flags = TCSASOFT;
flags |= flush ? TCSAFLUSH : TCSADRAIN;
if (tcsetattr(fd, flags, &oterm) != 0)
- return 0;
+ debug_return_int(0);
changed = 0;
}
- return 1;
+ debug_return_int(1);
}
int
term_noecho(int fd)
{
+ debug_decl(term_noecho, SUDO_DEBUG_UTIL)
+
if (!changed && tcgetattr(fd, &oterm) != 0)
- return 0;
+ debug_return_int(0);
(void) memcpy(&term, &oterm, sizeof(term));
CLR(term.c_lflag, ECHO|ECHONL);
#ifdef VSTATUS
if (tcsetattr(fd, TCSADRAIN|TCSASOFT, &term) == 0) {
changed = 1;
return 1;
+ debug_return_int(1);
}
- return 0;
+ debug_return_int(0);
}
int
term_raw(int fd, int isig)
{
struct termios term;
+ debug_decl(term_raw, SUDO_DEBUG_UTIL)
if (!changed && tcgetattr(fd, &oterm) != 0)
return 0;
SET(term.c_lflag, ISIG);
if (tcsetattr(fd, TCSADRAIN|TCSASOFT, &term) == 0) {
changed = 1;
- return 1;
+ debug_return_int(1);
}
- return 0;
+ debug_return_int(0);
}
int
term_cbreak(int fd)
{
+ debug_decl(term_cbreak, SUDO_DEBUG_UTIL)
+
if (!changed && tcgetattr(fd, &oterm) != 0)
return 0;
(void) memcpy(&term, &oterm, sizeof(term));
term_erase = term.c_cc[VERASE];
term_kill = term.c_cc[VKILL];
changed = 1;
- return 1;
+ debug_return_int(1);
}
- return 0;
+ debug_return_int(0);
}
int
term_copy(int src, int dst)
{
struct termios tt;
+ debug_decl(term_copy, SUDO_DEBUG_UTIL)
if (tcgetattr(src, &tt) != 0)
- return 0;
+ debug_return_int(0);
if (tcsetattr(dst, TCSANOW|TCSASOFT, &tt) != 0)
- return 0;
- return 1;
+ debug_return_int(0);
+ debug_return_int(1);
}
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/afs.c
aix_auth.lo: $(authdir)/aix_auth.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/aix_auth.c
alias.lo: $(srcdir)/alias.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/gram.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/redblack.h \
+ $(srcdir)/gram.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/alias.c
audit.lo: $(srcdir)/audit.c $(top_builddir)/config.h $(incdir)/missing.h \
- $(srcdir)/logging.h $(srcdir)/bsm_audit.h $(srcdir)/linux_audit.h
+ $(srcdir)/logging.h $(incdir)/sudo_debug.h $(srcdir)/bsm_audit.h \
+ $(srcdir)/linux_audit.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/audit.c
-boottime.lo: $(srcdir)/boottime.c $(top_builddir)/config.h $(incdir)/missing.h
+boottime.lo: $(srcdir)/boottime.c $(top_builddir)/config.h $(incdir)/missing.h \
+ $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/boottime.c
bsdauth.lo: $(authdir)/bsdauth.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/bsdauth.c
bsm_audit.lo: $(srcdir)/bsm_audit.c $(top_builddir)/config.h \
$(srcdir)/bsm_audit.h
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/check.c
check_addr.o: $(srcdir)/regress/parser/check_addr.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h $(srcdir)/parse.h \
- $(srcdir)/interfaces.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/interfaces.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_addr.c
check_fill.o: $(srcdir)/regress/parser/check_fill.c $(top_builddir)/config.h \
$(incdir)/list.h $(srcdir)/parse.h $(srcdir)/toke.h \
$(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
- $(incdir)/gettext.h $(srcdir)/def_data.c
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h \
+ $(srcdir)/def_data.c
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/regress/iolog_path/check_iolog_path.c
check_wrap.o: $(srcdir)/regress/logging/check_wrap.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/error.h
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/dce.c
defaults.lo: $(srcdir)/defaults.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/parse.h $(srcdir)/gram.h $(srcdir)/def_data.c
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/parse.h \
+ $(srcdir)/gram.h $(srcdir)/def_data.c
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/defaults.c
env.lo: $(srcdir)/env.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/env.c
error.o: $(top_srcdir)/src/error.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/gettext.h
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/find_path.c
find_path.o: find_path.lo
fwtk.lo: $(authdir)/fwtk.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/fwtk.c
getdate.o: $(devdir)/getdate.c $(top_builddir)/config.h \
$(top_builddir)/config.h $(incdir)/missing.h
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/getspwuid.c
goodpath.lo: $(srcdir)/goodpath.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/goodpath.c
goodpath.o: goodpath.lo
gram.lo: $(devdir)/gram.c $(top_builddir)/config.h $(top_builddir)/config.h \
$(incdir)/error.h $(incdir)/alloc.h $(incdir)/list.h \
$(incdir)/fileops.h $(srcdir)/defaults.h $(srcdir)/def_data.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
- $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/toke.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/parse.h \
+ $(srcdir)/toke.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(devdir)/gram.c
group_plugin.lo: $(srcdir)/group_plugin.c $(top_builddir)/config.h \
$(top_srcdir)/compat/dlfcn.h $(srcdir)/sudoers.h \
$(incdir)/error.h $(incdir)/alloc.h $(incdir)/list.h \
$(incdir)/fileops.h $(srcdir)/defaults.h $(srcdir)/def_data.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/group_plugin.c
group_plugin.o: group_plugin.lo
interfaces.lo: $(srcdir)/interfaces.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/interfaces.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/interfaces.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/interfaces.c
interfaces.o: interfaces.lo
iolog.lo: $(srcdir)/iolog.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/iolog.c
iolog_path.lo: $(srcdir)/iolog_path.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/iolog_path.c
iolog_path.o: iolog_path.lo
kerb4.lo: $(authdir)/kerb4.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/kerb4.c
kerb5.lo: $(authdir)/kerb5.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/kerb5.c
ldap.lo: $(srcdir)/ldap.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/parse.h $(incdir)/lbuf.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/parse.h $(incdir)/lbuf.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/ldap.c
linux_audit.lo: $(srcdir)/linux_audit.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
- $(incdir)/gettext.h $(srcdir)/linux_audit.h
+ $(incdir)/gettext.h $(incdir)/sudo_debug.h \
+ $(srcdir)/linux_audit.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/linux_audit.c
logging.lo: $(srcdir)/logging.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/logging.c
logwrap.lo: $(srcdir)/logwrap.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/logwrap.c
logwrap.o: logwrap.lo
match.lo: $(srcdir)/match.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/parse.h $(srcdir)/gram.h $(top_srcdir)/compat/fnmatch.h \
- $(top_srcdir)/compat/glob.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/gram.h \
+ $(top_srcdir)/compat/fnmatch.h $(top_srcdir)/compat/glob.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/match.c
match_addr.lo: $(srcdir)/match_addr.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/interfaces.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/interfaces.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/match_addr.c
match_addr.o: match_addr.lo
net_ifs.o: $(top_srcdir)/src/net_ifs.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
- $(incdir)/gettext.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(top_srcdir)/src/net_ifs.c
pam.lo: $(authdir)/pam.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/pam.c
parse.lo: $(srcdir)/parse.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/parse.h $(incdir)/lbuf.h $(srcdir)/gram.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/parse.h $(incdir)/lbuf.h \
+ $(srcdir)/gram.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/parse.c
passwd.lo: $(authdir)/passwd.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/passwd.c
plugin_error.lo: $(srcdir)/plugin_error.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/redblack.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/redblack.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/pwutil.c
pwutil.o: pwutil.lo
redblack.lo: $(srcdir)/redblack.c $(top_builddir)/config.h $(incdir)/missing.h \
- $(incdir)/alloc.h $(srcdir)/redblack.h
+ $(incdir)/alloc.h $(incdir)/sudo_debug.h $(srcdir)/redblack.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/redblack.c
redblack.o: redblack.lo
rfc1938.lo: $(authdir)/rfc1938.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/rfc1938.c
secureware.lo: $(authdir)/secureware.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/secureware.c
securid.lo: $(authdir)/securid.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/securid.c
securid5.lo: $(authdir)/securid5.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/securid5.c
set_perms.lo: $(srcdir)/set_perms.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/set_perms.c
sia.lo: $(authdir)/sia.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/sia.c
sudo_auth.lo: $(authdir)/sudo_auth.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h $(srcdir)/insults.h \
- $(srcdir)/ins_2001.h $(srcdir)/ins_goons.h \
- $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/insults.h $(srcdir)/ins_2001.h \
+ $(srcdir)/ins_goons.h $(srcdir)/ins_classic.h \
+ $(srcdir)/ins_csops.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/sudo_auth.c
sudo_nss.lo: $(srcdir)/sudo_nss.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(incdir)/lbuf.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(incdir)/lbuf.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudo_nss.c
sudoers.lo: $(srcdir)/sudoers.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/interfaces.h $(srcdir)/sudoers_version.h \
- $(srcdir)/auth/sudo_auth.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/interfaces.h \
+ $(srcdir)/sudoers_version.h $(srcdir)/auth/sudo_auth.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudoers.c
sudoreplay.o: $(srcdir)/sudoreplay.c $(top_builddir)/config.h \
$(top_srcdir)/compat/timespec.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/interfaces.h $(srcdir)/parse.h $(srcdir)/gram.h \
- $(top_srcdir)/compat/fnmatch.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/interfaces.h $(srcdir)/parse.h \
+ $(srcdir)/gram.h $(top_srcdir)/compat/fnmatch.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/testsudoers.c
timestr.lo: $(srcdir)/timestr.c $(top_builddir)/config.h $(incdir)/missing.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/timestr.c
$(incdir)/error.h $(incdir)/alloc.h $(incdir)/list.h \
$(incdir)/fileops.h $(srcdir)/defaults.h $(srcdir)/def_data.h \
$(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
- $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/toke.h $(srcdir)/gram.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/parse.h \
+ $(srcdir)/toke.h $(srcdir)/gram.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(devdir)/toke.c
toke_util.lo: $(srcdir)/toke_util.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h $(srcdir)/parse.h \
- $(srcdir)/toke.h $(srcdir)/gram.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/toke.h \
+ $(srcdir)/gram.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/toke_util.c
toke_util.o: toke_util.lo
tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \
$(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \
$(srcdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
- $(incdir)/sudo_plugin.h $(incdir)/gettext.h
+ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/tsgetgrpw.c
visudo.o: $(srcdir)/visudo.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \
$(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \
$(srcdir)/defaults.h $(srcdir)/def_data.h $(srcdir)/logging.h \
- $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/gettext.h \
- $(srcdir)/interfaces.h $(srcdir)/parse.h $(srcdir)/redblack.h \
- $(incdir)/gettext.h $(srcdir)/sudoers_version.h $(srcdir)/gram.h
+ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(srcdir)/interfaces.h $(srcdir)/parse.h \
+ $(srcdir)/redblack.h $(incdir)/gettext.h $(srcdir)/sudoers_version.h \
+ $(srcdir)/gram.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/visudo.c
const struct alias *a1 = (const struct alias *)v1;
const struct alias *a2 = (const struct alias *)v2;
int res;
+ debug_decl(alias_compare, SUDO_DEBUG_ALIAS)
if (v1 == NULL)
res = -1;
res = 1;
else if ((res = strcmp(a1->name, a2->name)) == 0)
res = a1->type - a2->type;
- return res;
+ debug_return_int(res);
}
/*
struct alias key;
struct rbnode *node;
struct alias *a = NULL;
+ debug_decl(alias_find, SUDO_DEBUG_ALIAS)
key.name = name;
key.type = type;
a = node->data;
if (a->seqno == alias_seqno) {
errno = ELOOP;
- return NULL;
+ debug_return_ptr(NULL);
}
a->seqno = alias_seqno;
} else {
errno = ENOENT;
}
- return a;
+ debug_return_ptr(a);
}
/*
{
static char errbuf[512];
struct alias *a;
+ debug_decl(alias_add, SUDO_DEBUG_ALIAS)
a = emalloc(sizeof(*a));
a->name = name;
if (rbinsert(aliases, a)) {
snprintf(errbuf, sizeof(errbuf), _("Alias `%s' already defined"), name);
alias_free(a);
- return errbuf;
+ debug_return_str(errbuf);
}
- return NULL;
+ debug_return_str(NULL);
}
/*
void
alias_apply(int (*func)(void *, void *), void *cookie)
{
+ debug_decl(alias_apply, SUDO_DEBUG_ALIAS)
+
rbapply(aliases, func, cookie, inorder);
+
+ debug_return;
}
/*
int
no_aliases(void)
{
- return rbisempty(aliases);
+ debug_decl(no_aliases, SUDO_DEBUG_ALIAS)
+ debug_return_int(rbisempty(aliases));
}
/*
struct member *m;
struct sudo_command *c;
void *next;
+ debug_decl(alias_free, SUDO_DEBUG_ALIAS)
efree(a->name);
for (m = a->members.first; m != NULL; m = next) {
efree(m);
}
efree(a);
+
+ debug_return;
}
/*
{
struct rbnode *node;
struct alias key;
+ debug_decl(alias_remove, SUDO_DEBUG_ALIAS)
key.name = name;
key.type = type;
errno = ENOENT;
return NULL;
}
- return rbdelete(aliases, node);
+ debug_return_ptr(rbdelete(aliases, node));
}
void
init_aliases(void)
{
+ debug_decl(init_aliases, SUDO_DEBUG_ALIAS)
+
if (aliases != NULL)
rbdestroy(aliases, alias_free);
aliases = rbcreate(alias_compare);
+
+ debug_return;
}
#include "missing.h"
#include "logging.h"
+#include "sudo_debug.h"
#ifdef HAVE_BSM_AUDIT
# include "bsm_audit.h"
void
audit_success(char *exec_args[])
{
- if (exec_args == NULL)
- return;
+ debug_decl(audit_success, SUDO_DEBUG_AUDIT)
+ if (exec_args != NULL) {
#ifdef HAVE_BSM_AUDIT
- bsm_audit_success(exec_args);
+ bsm_audit_success(exec_args);
#endif
#ifdef HAVE_LINUX_AUDIT
- linux_audit_command(exec_args, 1);
+ linux_audit_command(exec_args, 1);
#endif
+ }
+
+ debug_return;
}
void
audit_failure(char *exec_args[], char const *const fmt, ...)
{
va_list ap;
+ debug_decl(audit_success, SUDO_DEBUG_AUDIT)
- if (exec_args == NULL)
- return;
-
- va_start(ap, fmt);
+ if (exec_args != NULL) {
+ va_start(ap, fmt);
#ifdef HAVE_BSM_AUDIT
- bsm_audit_failure(exec_args, fmt, ap);
+ bsm_audit_failure(exec_args, fmt, ap);
#endif
#ifdef HAVE_LINUX_AUDIT
- linux_audit_command(exec_args, 0);
+ linux_audit_command(exec_args, 0);
#endif
- va_end(ap);
+ va_end(ap);
+ }
+
+ debug_return;
}
{
struct ktc_encryptionKey afs_key;
struct ktc_token afs_token;
+ debug_decl(afs_verify, SUDO_DEBUG_AUTH)
/* Try to just check the password */
ka_StringToKey(pass, NULL, &afs_key);
0, /* lifetime */
&afs_token, /* token */
0) == 0) /* new */
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
/* Fall back on old method XXX - needed? */
setpag();
NULL, /* expiration ptr (unused) */
0, /* spare */
NULL) == 0) /* reason */
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
char *pass, *message = NULL;
int result = 1, reenter = 0;
int rval = AUTH_SUCCESS;
+ debug_decl(aixauth_verify, SUDO_DEBUG_AUTH)
do {
pass = auth_getpass(prompt, def_passwd_timeout * 60,
rval = pass ? AUTH_FAILURE : AUTH_INTR;
}
efree(message);
- return rval;
+ debug_return_int(rval);
}
int
aixauth_cleanup(struct passwd *pw, sudo_auth *auth)
{
+ debug_decl(aixauth_cleanup, SUDO_DEBUG_AUTH)
+
/* Unset AUTHSTATE as it may not be correct for the runas user. */
unsetenv("AUTHSTATE");
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
bsdauth_init(struct passwd *pw, sudo_auth *auth)
{
static auth_session_t *as;
- extern login_cap_t *lc; /* from sudo.c */
+ extern login_cap_t *lc; /* from sudoers.c */
+ debug_decl(bsdauth_init, SUDO_DEBUG_AUTH)
if ((as = auth_open()) == NULL) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
_("unable to begin bsd authentication"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/* XXX - maybe sanity check the auth style earlier? */
if (login_style == NULL) {
log_error(NO_EXIT|NO_MAIL, _("invalid authentication type"));
auth_close(as);
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
if (auth_setitem(as, AUTHV_STYLE, login_style) < 0 ||
auth_setitem(as, AUTHV_CLASS, login_class) < 0) {
log_error(NO_EXIT|NO_MAIL, _("unable to setup authentication"));
auth_close(as);
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
auth->data = (void *) as;
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
int authok = 0;
sigaction_t sa, osa;
auth_session_t *as = (auth_session_t *) auth->data;
+ debug_decl(bsdauth_verify, SUDO_DEBUG_AUTH)
/* save old signal handler */
sigemptyset(&sa.sa_mask);
(void) sigaction(SIGCHLD, &osa, NULL);
if (authok)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
if (!pass)
- return AUTH_INTR;
+ debug_return_int(AUTH_INTR);
if ((s = auth_getvalue(as, "errormsg")) != NULL)
log_error(NO_EXIT|NO_MAIL, "%s", s);
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
int
bsdauth_cleanup(struct passwd *pw, sudo_auth *auth)
{
auth_session_t *as = (auth_session_t *) auth->data;
+ debug_decl(bsdauth_cleanup, SUDO_DEBUG_AUTH)
auth_close(as);
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
boolean32 reset_passwd;
sec_login_auth_src_t auth_src;
error_status_t status;
+ debug_decl(dce_verify, SUDO_DEBUG_AUTH)
/*
* Create the local context of the DCE principal necessary
sec_login_no_flags, &login_context, &status)) {
if (check_dce_status(status, "sec_login_setup_identity(1):"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
password_rec.key.key_type = sec_passwd_plain;
password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
&reset_passwd, &auth_src, &status)) {
if (check_dce_status(status, "sec_login_validate_identity(1):"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
/*
* Certify that the DCE Security Server used to set
if (!sec_login_certify_identity(login_context, &status)) {
(void) fprintf(stderr, "Whoa! Bogus authentication server!\n");
(void) check_dce_status(status,"sec_login_certify_identity(1):");
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
if (check_dce_status(status, "sec_login_certify_identity(2):"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
/*
* Sets the network credentials to those specified
*/
sec_login_set_context(login_context, &status);
if (check_dce_status(status, "sec_login_set_context:"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
/*
* Oops, your credentials were no good. Possibly
if (auth_src != sec_login_auth_src_network) {
(void) fprintf(stderr,
"You have no network credentials.\n");
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
/* Check if the password has aged and is thus no good */
if (reset_passwd) {
(void) fprintf(stderr,
"Your DCE password needs resetting.\n");
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
/*
sec_login_get_pwent(login_context, (sec_login_passwd_t) &temp_pw,
&status);
if (check_dce_status(status, "sec_login_get_pwent:"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
/*
* If we get to here, then the pwent above properly fetched
* somewhere later in the program.
*/
sec_login_purge_context(&login_context, &status);
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
} else {
if(check_dce_status(status, "sec_login_validate_identity(2):"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
sec_login_purge_context(&login_context, &status);
if(check_dce_status(status, "sec_login_purge_context:"))
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
}
(void) check_dce_status(status, "sec_login_setup_identity(2):");
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
/* Returns 0 for DCE "ok" status, 1 otherwise */
{
int error_stat;
unsigned char error_string[dce_c_error_string_len];
+ debug_decl(check_dce_status, SUDO_DEBUG_AUTH)
if (input_status == rpc_s_ok)
- return 0;
+ debug_return_bool(0);
dce_error_inq_text(input_status, error_string, &error_stat);
(void) fprintf(stderr, "%s %s\n", comment, error_string);
- return 1;
+ debug_return_bool(1);
}
{
static Cfg *confp; /* Configuration entry struct */
char resp[128]; /* Response from the server */
+ debug_decl(fwtk_init, SUDO_DEBUG_AUTH)
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
warningx(_("unable to read fwtk config"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
if (auth_open(confp)) {
warningx(_("unable to connect to authentication server"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) {
warningx(_("lost connection to authentication server"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
if (strncmp(resp, "Authsrv ready", 13) != 0) {
warningx(_("authentication server error:\n%s"), resp);
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
char resp[128]; /* Response from the server */
int error;
+ debug_decl(fwtk_verify, SUDO_DEBUG_AUTH)
/* Send username to authentication server. */
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
restart:
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
warningx(_("lost connection to authentication server"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/* Get the password/response from the user. */
goto restart;
} else {
warningx("%s", resp);
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
if (!pass) { /* ^C or error */
- return AUTH_INTR;
+ debug_return_int(AUTH_INTR);
}
/* Send the user's response to the server */
done:
zero_bytes(pass, strlen(pass));
zero_bytes(buf, strlen(buf));
- return error;
+ debug_return_int(error);
}
int
fwtk_cleanup(struct passwd *pw, sudo_auth *auth)
{
+ debug_decl(fwtk_cleanup, SUDO_DEBUG_AUTH)
auth_close();
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
kerb4_init(struct passwd *pw, sudo_auth *auth)
{
static char realm[REALM_SZ];
+ debug_decl(kerb4_init, SUDO_DEBUG_AUTH)
/* Don't try to verify root */
if (pw->pw_uid == 0)
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
/* Get the local realm, or retrun failure (no krb.conf) */
if (krb_get_lrealm(realm, 1) != KSUCCESS)
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
/* Stash a pointer to the realm (used in kerb4_verify) */
auth->data = (void *) realm;
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
char tkfile[sizeof(_PATH_SUDO_TIMEDIR) + 4 + MAX_UID_T_LEN];
char *realm = (char *) auth->data;
int error;
+ debug_decl(kerb4_verify, SUDO_DEBUG_AUTH)
/*
* Set the ticket file to be in sudo sudo timedir so we don't
switch (error) {
case INTK_OK:
dest_tkt(); /* we are done with the temp ticket */
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
break;
case INTK_BADPW:
case KDC_PR_UNKNOWN:
krb_err_txt[error]);
}
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
kerb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{
static char *krb5_prompt;
+ debug_decl(kerb5_init, SUDO_DEBUG_AUTH)
if (krb5_prompt == NULL) {
krb5_context sudo_context;
log_error(NO_EXIT|NO_MAIL,
_("%s: unable to unparse princ ('%s'): %s"), auth->name,
pw->pw_name, error_message(error));
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
/* Only rewrite prompt if user didn't specify their own. */
}
*promptp = krb5_prompt;
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
krb5_principal princ;
krb5_error_code error;
char cache_name[64];
+ debug_decl(kerb5_init, SUDO_DEBUG_AUTH)
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
error = krb5_init_context(&(sudo_krb5_data.sudo_context));
#endif
if (error)
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
sudo_context = sudo_krb5_data.sudo_context;
if ((error = krb5_parse_name(sudo_context, pw->pw_name,
log_error(NO_EXIT|NO_MAIL,
_("%s: unable to parse '%s': %s"), auth->name, pw->pw_name,
error_message(error));
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
princ = sudo_krb5_data.princ;
log_error(NO_EXIT|NO_MAIL,
_("%s: unable to resolve ccache: %s"), auth->name,
error_message(error));
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
ccache = sudo_krb5_data.ccache;
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
#ifdef HAVE_KRB5_VERIFY_USER
krb5_principal princ;
krb5_ccache ccache;
krb5_error_code error;
+ debug_decl(kerb5_verify, SUDO_DEBUG_AUTH)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
ccache = ((sudo_krb5_datap) auth->data)->ccache;
error = krb5_verify_user(sudo_context, princ, ccache, pass, 1, NULL);
- return error ? AUTH_FAILURE : AUTH_SUCCESS;
+ debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS);
}
#else
int
krb5_ccache ccache;
krb5_error_code error;
krb5_get_init_creds_opt *opts = NULL;
+ debug_decl(kerb5_verify, SUDO_DEBUG_AUTH)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
}
if (creds)
krb5_free_cred_contents(sudo_context, creds);
- return error ? AUTH_FAILURE : AUTH_SUCCESS;
+ debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS);
}
#endif
krb5_context sudo_context;
krb5_principal princ;
krb5_ccache ccache;
+ debug_decl(kerb5_cleanup, SUDO_DEBUG_AUTH)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
krb5_free_context(sudo_context);
}
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
#ifndef HAVE_KRB5_VERIFY_USER
krb5_error_code error;
krb5_principal server;
krb5_verify_init_creds_opt vopt;
+ debug_decl(verify_krb_v5_tgt, SUDO_DEBUG_AUTH)
/*
* Get the server principal for the local host.
log_error(NO_EXIT|NO_MAIL,
_("%s: unable to get host principal: %s"), auth_name,
error_message(error));
- return -1;
+ debug_return_int(-1);
}
/* Initialize verify opts and set secure mode */
log_error(NO_EXIT|NO_MAIL,
_("%s: Cannot verify TGT! Possible attack!: %s"),
auth_name, error_message(error));
- return error;
+ debug_return_int(error);
}
#endif
{
static struct pam_conv pam_conv;
static int pam_status;
+ debug_decl(pam_init, SUDO_DEBUG_AUTH)
/* Initial PAM setup */
if (auth != NULL)
pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
if (pam_status != PAM_SUCCESS) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, _("unable to initialize PAM"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/*
else
(void) pam_set_item(pamh, PAM_TTY, user_ttypath);
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
{
const char *s;
int *pam_status = (int *) auth->data;
+ debug_decl(pam_verify, SUDO_DEBUG_AUTH)
def_prompt = prompt; /* for converse */
*pam_status = pam_acct_mgmt(pamh, PAM_SILENT);
switch (*pam_status) {
case PAM_SUCCESS:
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
case PAM_AUTH_ERR:
log_error(NO_EXIT|NO_MAIL, _("account validation failure, "
"is your account locked?"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
case PAM_NEW_AUTHTOK_REQD:
log_error(NO_EXIT|NO_MAIL, _("Account or password is "
"expired, reset your password and try again"));
*pam_status = pam_chauthtok(pamh,
PAM_CHANGE_EXPIRED_AUTHTOK);
if (*pam_status == PAM_SUCCESS)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
if ((s = pam_strerror(pamh, *pam_status)))
log_error(NO_EXIT|NO_MAIL, _("pam_chauthtok: %s"), s);
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
case PAM_AUTHTOK_EXPIRED:
log_error(NO_EXIT|NO_MAIL,
_("Password expired, contact your system administrator"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
case PAM_ACCT_EXPIRED:
log_error(NO_EXIT|NO_MAIL,
_("Account expired or PAM config lacks an \"account\" "
"section for sudo, contact your system administrator"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/* FALLTHROUGH */
case PAM_AUTH_ERR:
if (gotintr) {
/* error or ^C from tgetpass() */
- return AUTH_INTR;
+ debug_return_int(AUTH_INTR);
}
case PAM_MAXTRIES:
case PAM_PERM_DENIED:
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
default:
if ((s = pam_strerror(pamh, *pam_status)))
log_error(NO_EXIT|NO_MAIL, _("pam_authenticate: %s"), s);
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
}
pam_cleanup(struct passwd *pw, sudo_auth *auth)
{
int *pam_status = (int *) auth->data;
+ debug_decl(pam_cleanup, SUDO_DEBUG_AUTH)
/* If successful, we can't close the session until pam_end_session() */
if (*pam_status == AUTH_SUCCESS)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
*pam_status = pam_end(pamh, *pam_status | PAM_DATA_SILENT);
pamh = NULL;
- return *pam_status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
+ return_debug_int(*pam_status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
}
int
pam_begin_session(struct passwd *pw, sudo_auth *auth)
{
int status = PAM_SUCCESS;
+ debug_decl(pam_begin_session, SUDO_DEBUG_AUTH)
/*
* If there is no valid user we cannot open a PAM session.
#endif
done:
- return status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
+ return_debug_int(status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
}
int
pam_end_session(struct passwd *pw, sudo_auth *auth)
{
int status = PAM_SUCCESS;
+ debug_decl(pam_end_session, SUDO_DEBUG_AUTH)
if (pamh != NULL) {
#ifndef NO_PAM_SESSION
pamh = NULL;
}
- return status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
+ return_debug_int(status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE);
}
/*
const char *prompt;
char *pass;
int n, type, std_prompt;
+ debug_decl(converse, SUDO_DEBUG_AUTH)
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
- return PAM_SYSTEM_ERR;
+ return_debug_int(PAM_SYSTEM_ERR);
zero_bytes(*response, num_msg * sizeof(struct pam_response));
for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) {
}
}
- return PAM_SUCCESS;
+ return_debug_int(PAM_SUCCESS);
err:
/* Zero and free allocated memory and return an error. */
zero_bytes(*response, num_msg * sizeof(struct pam_response));
free(*response);
*response = NULL;
- return gotintr ? PAM_AUTH_ERR : PAM_CONV_ERR;
+ return_debug_int(gotintr ? PAM_AUTH_ERR : PAM_CONV_ERR);
}
int
passwd_init(struct passwd *pw, sudo_auth *auth)
{
+ debug_decl(passwd_init, SUDO_DEBUG_AUTH)
+
#ifdef HAVE_SKEYACCESS
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
#endif
sudo_setspent();
auth->data = sudo_getepw(pw);
sudo_endspent();
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
char *pw_epasswd = auth->data;
size_t pw_len;
int error;
+ debug_decl(passwd_verify, SUDO_DEBUG_AUTH)
pw_len = strlen(pw_epasswd);
/* Ultrix shadow passwords may use crypt16() */
error = strcmp(pw_epasswd, (char *) crypt16(pass, pw_epasswd));
if (!error)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
#endif /* HAVE_GETAUTHUID */
/*
else
error = strcmp(pw_epasswd, epass);
- return error ? AUTH_FAILURE : AUTH_SUCCESS;
+ debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS);
}
int
sudo_auth *auth;
{
char *pw_epasswd = auth->data;
+ debug_decl(passwd_cleanup, SUDO_DEBUG_AUTH)
if (pw_epasswd != NULL) {
zero_bytes(pw_epasswd, strlen(pw_epasswd));
efree(pw_epasswd);
}
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
static char *orig_prompt = NULL, *new_prompt = NULL;
static int op_len, np_size;
static struct RFC1938 rfc1938;
+ debug_decl(rfc1938_setup, SUDO_DEBUG_AUTH)
/* Stash a pointer to the rfc1938 struct if we have not initialized */
if (!auth->data)
if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) {
if (IS_ONEANDONLY(auth)) {
warningx(_("you do not exist in the %s database"), auth->name);
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
} else {
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
}
orig_prompt, challenge);
*promptp = new_prompt;
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
+ debug_decl(rfc1938_verify, SUDO_DEBUG_AUTH)
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
else
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
{
#ifdef __alpha
extern int crypt_type;
+ debug_decl(secureware_init, SUDO_DEBUG_AUTH)
if (crypt_type == INT_MAX)
- return AUTH_FAILURE; /* no shadow */
+ debug_return_int(AUTH_FAILURE); /* no shadow */
+#else
+ debug_decl(secureware_init, SUDO_DEBUG_AUTH)
#endif
sudo_setspent();
auth->data = sudo_getepw(pw);
sudo_endspent();
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
char *pw_epasswd = auth->data;
+ debug_decl(secureware_verify, SUDO_DEBUG_AUTH)
#ifdef __alpha
- extern int crypt_type;
+ {
+ extern int crypt_type;
# ifdef HAVE_DISPCRYPT
- if (strcmp(pw_epasswd, dispcrypt(pass, pw_epasswd, crypt_type)) == 0)
- return AUTH_SUCCESS;
+ if (strcmp(pw_epasswd, dispcrypt(pass, pw_epasswd, crypt_type)) == 0)
+ debug_return_int(AUTH_SUCCESS);
# else
- if (crypt_type == AUTH_CRYPT_BIGCRYPT) {
- if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
- return AUTH_SUCCESS;
- } else if (crypt_type == AUTH_CRYPT_CRYPT16) {
- if (strcmp(pw_epasswd, crypt(pass, pw_epasswd)) == 0)
- return AUTH_SUCCESS;
+ if (crypt_type == AUTH_CRYPT_BIGCRYPT) {
+ if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
+ debug_return_int(AUTH_SUCCESS);
+ } else if (crypt_type == AUTH_CRYPT_CRYPT16) {
+ if (strcmp(pw_epasswd, crypt(pass, pw_epasswd)) == 0)
+ debug_return_int(AUTH_SUCCESS);
+ }
}
# endif /* HAVE_DISPCRYPT */
#elif defined(HAVE_BIGCRYPT)
if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
#endif /* __alpha */
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
int
sudo_auth *auth;
{
char *pw_epasswd = auth->data;
+ debug_decl(secureware_cleanup, SUDO_DEBUG_AUTH)
if (pw_epasswd != NULL) {
zero_bytes(pw_epasswd, strlen(pw_epasswd));
efree(pw_epasswd);
}
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
securid_init(struct passwd *pw, sudo_auth *auth)
{
static struct SD_CLIENT sd_dat; /* SecurID data block */
+ debug_decl(securid_init, SUDO_DEBUG_AUTH)
auth->data = (void *) &sd_dat; /* For method-specific data */
if (creadcfg() == 0)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
else
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
int
securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{
struct SD_CLIENT *sd = (struct SD_CLIENT *) auth->data;
+ debug_decl(securid_setup, SUDO_DEBUG_AUTH)
/* Re-initialize SecurID every time. */
if (sd_init(sd) == 0) {
/* The programmer's guide says username is 32 bytes */
strlcpy(sd->username, pw->pw_name, 32);
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
} else {
warningx(_("unable to contact the SecurID server"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
}
{
struct SD_CLIENT *sd = (struct SD_CLIENT *) auth->data;
int rval;
+ debug_decl(securid_verify, SUDO_DEBUG_AUTH)
rval = sd_auth(sd);
sd_close();
if (rval == ACM_OK)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
else
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
securid_init(struct passwd *pw, sudo_auth *auth)
{
static SDI_HANDLE sd_dat; /* SecurID handle */
+ debug_decl(securid_init, SUDO_DEBUG_AUTH)
auth->data = (void *) &sd_dat; /* For method-specific data */
/* Start communications */
if (AceInitialize() != SD_FALSE)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
warningx(_("failed to initialise the ACE API library"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/*
{
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
int retval;
+ debug_decl(securid_setup, SUDO_DEBUG_AUTH)
/* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) {
warningx(_("unable to contact the SecurID server"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
/* Lock new PIN code */
switch (retval) {
case ACM_OK:
warningx(_("User ID locked for SecurID Authentication"));
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
case ACE_UNDEFINED_USERNAME:
warningx(_("invalid username length for SecurID"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
case ACE_ERR_INVALID_HANDLE:
warningx(_("invalid Authentication Handle for SecurID"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
case ACM_ACCESS_DENIED:
warningx(_("SecurID communication failed"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
default:
warningx(_("unknown SecurID error"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
}
{
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
int rval;
+ debug_decl(securid_verify, SUDO_DEBUG_AUTH)
pass = auth_getpass("Enter your PASSCODE: ",
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF);
SD_Close(*sd);
/* Return stored state to calling process */
- return rval;
+ debug_return_int(rval);
}
sudo_collect(int timeout, int rendition, uchar_t *title, int nprompts,
prompt_t *prompts)
{
+ debug_decl(sudo_collect, SUDO_DEBUG_AUTH)
+
switch (rendition) {
case SIAFORM:
case SIAONELINER:
break;
}
- return sia_collect_trm(timeout, rendition, title, nprompts, prompts);
+ debug_return_int(sia_collect_trm(timeout, rendition, title, nprompts, prompts));
}
int
int i;
extern int NewArgc;
extern char **NewArgv;
+ debug_decl(sia_setup, SUDO_DEBUG_AUTH)
/* Rebuild argv for sia_ses_init() */
sudo_argc = NewArgc + 1;
log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
_("unable to initialize SIA session"));
- return AUTH_FATAL;
+ debug_return_int(AUTH_FATAL);
}
auth->data = (void *) siah;
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
int
sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
{
SIAENTITY *siah = (SIAENTITY *) auth->data;
+ debug_decl(sia_verify, SUDO_DEBUG_AUTH)
def_prompt = prompt; /* for sudo_collect */
/* XXX - need a way to detect user hitting return or EOF at prompt */
if (sia_ses_reauthent(sudo_collect, siah) == SIASUCCESS)
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
else
- return AUTH_FAILURE;
+ debug_return_int(AUTH_FAILURE);
}
int
sia_cleanup(struct passwd *pw, sudo_auth *auth)
{
SIAENTITY *siah = (SIAENTITY *) auth->data;
+ debug_decl(sia_cleanup, SUDO_DEBUG_AUTH)
(void) sia_ses_release(&siah);
efree(sudo_argv);
- return AUTH_SUCCESS;
+ debug_return_int(AUTH_SUCCESS);
}
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
+ debug_decl(sudo_auth_init, SUDO_DEBUG_AUTH)
if (auth_switch[0].name == NULL)
- return TRUE;
+ debug_return_int(TRUE);
/* Make sure we haven't mixed standalone and shared auth methods. */
standalone = IS_STANDALONE(&auth_switch[0]);
audit_failure(NewArgv, "invalid authentication methods");
log_error(0, _("Invalid authentication methods compiled into sudo! "
"You may mix standalone and non-standalone authentication."));
- return -1;
+ debug_return_int(-1);
}
/* Set FLAG_ONEANDONLY if there is only one auth method. */
}
}
}
- return status == AUTH_FATAL ? -1 : TRUE;
+ debug_return_int(status == AUTH_FATAL ? -1 : TRUE);
}
int
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
+ debug_decl(sudo_auth_cleanup, SUDO_DEBUG_AUTH)
/* Call cleanup routines. */
for (auth = auth_switch; auth->name; auth++) {
}
}
}
- return status == AUTH_FATAL ? -1 : TRUE;
+ debug_return_int(status == AUTH_FATAL ? -1 : TRUE);
}
int
char *p;
sudo_auth *auth;
sigaction_t sa, osa;
+ debug_decl(verify_user, SUDO_DEBUG_AUTH)
/* Enable suspend during password entry. */
sigemptyset(&sa.sa_mask);
_("There are no authentication methods compiled into sudo! "
"If you want to turn off authentication, use the "
"--disable-authentication configure option."));
- return -1;
+ debug_return_int(-1);
}
while (--counter) {
else if (status == AUTH_FATAL) {
/* XXX log */
audit_failure(NewArgv, "authentication failure");
- return -1; /* assume error msg already printed */
+ debug_return_int(-1);/* assume error msg already printed */
}
}
}
break;
}
- return rval;
+ debug_return_int(rval);
}
int
{
sudo_auth *auth;
int status;
+ debug_decl(auth_begin_session, SUDO_DEBUG_AUTH)
for (auth = auth_switch; auth->name; auth++) {
if (auth->begin_session && !IS_DISABLED(auth)) {
if (status == AUTH_FATAL) {
/* XXX log */
audit_failure(NewArgv, "authentication failure");
- return -1; /* assume error msg already printed */
+ debug_return_bool(-1); /* assume error msg already printed */
}
}
}
- return TRUE;
+ debug_return_bool(TRUE);
}
int
{
sudo_auth *auth;
int status;
+ debug_decl(auth_end_session, SUDO_DEBUG_AUTH)
for (auth = auth_switch; auth->name; auth++) {
if (auth->end_session && !IS_DISABLED(auth)) {
status = (auth->end_session)(pw, auth);
if (status == AUTH_FATAL) {
/* XXX log */
- return -1; /* assume error msg already printed */
+ debug_return_bool(-1); /* assume error msg already printed */
}
}
}
- return TRUE;
+ debug_return_bool(TRUE);
}
static void
pass_warn(void)
{
const char *warning = def_badpass_message;
+ debug_decl(pass_warn, SUDO_DEBUG_AUTH)
#ifdef INSULT
if (def_insults)
warning = INSULT;
#endif
sudo_printf(SUDO_CONV_ERROR_MSG, "%s\n", warning);
+
+ debug_return;
}
char *
{
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
+ debug_decl(auth_getpass, SUDO_DEBUG_AUTH)
/* Mask user input if pwfeedback set and echo is off. */
if (type == SUDO_CONV_PROMPT_ECHO_OFF && def_pwfeedback)
memset(&repl, 0, sizeof(repl));
sudo_conv(1, &msg, &repl);
/* XXX - check for ENOTTY? */
- return repl.reply;
+ debug_return_str_masked(repl.reply);
}
void
dump_auth_methods(void)
{
sudo_auth *auth;
+ debug_decl(dump_auth_methods, SUDO_DEBUG_AUTH)
sudo_printf(SUDO_CONV_INFO_MSG, _("Authentication methods:"));
for (auth = auth_switch; auth->name; auth++)
sudo_printf(SUDO_CONV_INFO_MSG, " '%s'", auth->name);
sudo_printf(SUDO_CONV_INFO_MSG, "\n");
+
+ debug_return;
}
#endif /* !__linux__ */
#include "missing.h"
+#include "sudo_debug.h"
/*
* Fill in a struct timeval with the time the system booted.
size_t linesize = 0;
ssize_t len;
FILE * fp;
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL)
/* read btime from /proc/stat */
fp = fopen("/proc/stat", "r");
if (strncmp(line, "btime ", 6) == 0) {
tv->tv_sec = atoi(line + 6);
tv->tv_usec = 0;
- return 1;
+ debug_return_bool(1);
}
}
fclose(fp);
free(line);
}
- return 0;
+ debug_return_bool(0);
}
#elif defined(HAVE_SYSCTL) && defined(KERN_BOOTTIME)
{
size_t size;
int mib[2];
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL)
mib[0] = CTL_KERN;
mib[1] = KERN_BOOTTIME;
size = sizeof(*tv);
if (sysctl(mib, 2, tv, &size, NULL, 0) != -1)
- return 1;
+ debug_return_bool(1);
- return 0;
+ debug_return_bool(0);
}
#elif defined(HAVE_GETUTXID)
get_boottime(struct timeval *tv)
{
struct utmpx *ut, key;
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL)
memset(&key, 0, sizeof(key));
key.ut_type = BOOT_TIME;
tv->tv_usec = ut->ut_tv.tv_usec;
}
endutxent();
- return ut != NULL;
+ debug_return_bool(ut != NULL);
}
#elif defined(HAVE_GETUTID)
get_boottime(struct timeval *tv)
{
struct utmp *ut, key;
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL)
memset(&key, 0, sizeof(key));
key.ut_type = BOOT_TIME;
tv->tv_usec = 0;
}
endutent();
- return ut != NULL;
+ debug_return_bool(ut != NULL);
}
#else
int
get_boottime(struct timeval *tv)
{
- return 0;
+ debug_decl(get_boottime, SUDO_DEBUG_UTIL)
+ debug_return_bool(0);
}
#endif
struct au_mask *mask;
auditinfo_t ainfo;
int rc, sorf;
+ debug_decl(audit_sudo_selected, SUDO_DEBUG_AUDIT)
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
if (errno == ENOSYS) {
mask = &ainfo_addr.ai_mask;
sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;
rc = au_preselect(AUE_sudo, mask, sorf, AU_PRS_REREAD);
- return rc;
+ debug_return_int(rc);
}
void
long au_cond;
int aufd;
pid_t pid;
+ debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT)
pid = getpid();
/*
log_error(0, _("Could not determine audit condition"));
}
if (au_cond == AUC_NOAUDIT)
- return;
+ debug_return;
/*
* Check to see if the preselection masks are interested in seeing
* this event.
*/
if (!audit_sudo_selected(0))
- return;
+ debug_return;
if (getauid(&auid) < 0)
log_error(0, _("getauid failed"));
if ((aufd = au_open()) == -1)
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1)
log_error(0, _("unable to commit audit record"));
+ debug_return;
}
void
au_id_t auid;
pid_t pid;
int aufd;
+ debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT)
pid = getpid();
/*
*/
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)
- return;
+ debug_return;
log_error(0, _("Could not determine audit condition"));
}
if (au_cond == AUC_NOAUDIT)
- return;
+ debug_return;
if (!audit_sudo_selected(1))
- return;
+ debug_return;
if (getauid(&auid) < 0)
log_error(0, _("getauid: failed"));
if ((aufd = au_open()) == -1)
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1)
log_error(0, _("unable to commit audit record"));
+ debug_return;
}
char *prompt;
struct stat sb;
int status, rval = TRUE;
+ debug_decl(check_user, SUDO_DEBUG_AUTH)
/* Stash the tty's ctime for tty ticket comparison. */
if (def_tty_tickets && user_ttypath && stat(user_ttypath, &sb) == 0) {
sudo_auth_cleanup(auth_pw);
pw_delref(auth_pw);
- return rval;
+ debug_return_int(rval);
}
#define DEFAULT_LECTURE "\n" \
ssize_t nread;
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
+ debug_decl(lecture, SUDO_DEBUG_AUTH)
if (def_lecture == never ||
(def_lecture == once && status != TS_MISSING && status != TS_ERROR))
- return;
+ debug_return;
memset(&msg, 0, sizeof(msg));
memset(&repl, 0, sizeof(repl));
msg.msg = _(DEFAULT_LECTURE);
sudo_conv(1, &msg, &repl);
}
+ debug_return;
}
/*
static void
update_timestamp(char *timestampdir, char *timestampfile)
{
+ debug_decl(update_timestamp, SUDO_DEBUG_AUTH)
+
/* If using tty timestamps but we have no tty there is nothing to do. */
if (def_tty_tickets && !user_ttypath)
- return;
+ debug_return;
if (timestamp_uid != 0)
set_perms(PERM_TIMESTAMP);
}
if (timestamp_uid != 0)
restore_perms();
+ debug_return;
}
/*
size_t len, n;
int subst;
char *p, *np, *new_prompt, *endp;
+ debug_decl(expand_prompt, SUDO_DEBUG_AUTH)
/* How much space do we need to malloc for the prompt? */
subst = 0;
} else
new_prompt = old_prompt;
- return new_prompt;
+ debug_return_str(new_prompt);
oflow:
/* We pre-allocate enough space, so this should never happen. */
int
user_is_exempt(void)
{
- if (!def_exempt_group)
- return FALSE;
- return user_in_group(sudo_user.pw, def_exempt_group);
+ int rval = FALSE;
+ debug_decl(user_is_exempt, SUDO_DEBUG_AUTH)
+
+ if (def_exempt_group)
+ rval = user_in_group(sudo_user.pw, def_exempt_group);
+ debug_return_bool(rval);
}
/*
{
char *dirparent;
int len;
+ debug_decl(build_timestamp, SUDO_DEBUG_AUTH)
dirparent = def_timestampdir;
len = easprintf(timestampdir, "%s/%s", dirparent, user_name);
} else
*timestampfile = NULL;
- return len;
+ debug_return_int(len);
bad:
log_error(0, _("timestamp path too long: %s"), *timestampfile);
- return -1;
+ debug_return_int(-1);
}
/*
time_t now;
char *dirparent = def_timestampdir;
int status = TS_ERROR; /* assume the worst */
+ debug_decl(timestamp_status, SUDO_DEBUG_AUTH)
if (timestamp_uid != 0)
set_perms(PERM_TIMESTAMP);
done:
if (timestamp_uid != 0)
restore_perms();
- return status;
+ debug_return_int(status);
}
/*
struct timeval tv;
char *timestampdir, *timestampfile, *path;
int status;
+ debug_decl(remove_timestamp, SUDO_DEBUG_AUTH)
if (build_timestamp(×tampdir, ×tampfile) == -1)
- return;
+ debug_return;
status = timestamp_status(timestampdir, timestampfile, user_name,
TS_REMOVE);
error(1, _("unable to reset %s to the epoch"), path);
}
}
-
efree(timestampdir);
efree(timestampfile);
+
+ debug_return;
}
/*
int retval = FALSE;
#ifdef __linux__
struct statfs sfs;
+ debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
#ifndef DEVPTS_SUPER_MAGIC
# define DEVPTS_SUPER_MAGIC 0x1cd1
}
#elif defined(__sun) && defined(__SVR4)
struct statvfs sfs;
+ debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
if (statvfs(tty, &sfs) == 0) {
if (strcmp(sfs.f_fstr, "devices") == 0)
retval = TRUE;
}
+#else
+ debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
#endif /* __linux__ */
- return retval;
+ debug_return_bool(retval);
}
/*
get_authpw(void)
{
struct passwd *pw;
+ debug_decl(get_authpw, SUDO_DEBUG_AUTH)
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
pw = sudo_user.pw;
}
- return pw;
+ debug_return_ptr(pw);
}
struct list_member *item;
struct def_values *def;
char *desc;
+ debug_decl(dump_defaults, SUDO_DEBUG_DEFAULTS)
for (cur = sudo_defs_table; cur->name; cur++) {
if (cur->desc) {
}
}
}
+ debug_return;
}
/*
{
struct sudo_defs_types *cur;
int num;
+ debug_decl(set_default, SUDO_DEBUG_DEFAULTS)
for (cur = sudo_defs_table, num = 0; cur->name; cur++, num++) {
if (strcmp(var, cur->name) == 0)
}
if (!cur->name) {
warningx(_("unknown defaults entry `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
switch (cur->type & T_MASK) {
val, var);
else
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_LOGPRI:
val, var);
else
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_STR:
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (ISSET(cur->type, T_PATH) && val && *val != '/') {
warningx(_("values for `%s' must start with a '/'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
if (!store_str(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_INT:
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (!store_int(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_UINT:
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (!store_uint(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_FLOAT:
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (!store_float(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_MODE:
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (!store_mode(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_FLAG:
if (val) {
warningx(_("option `%s' does not take a value"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
cur->sd_un.flag = op;
break;
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (!store_list(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
case T_TUPLE:
if (!val && !ISSET(cur->type, T_BOOL)) {
warningx(_("no value specified for `%s'"), var);
- return FALSE;
+ debug_return_bool(FALSE);
}
if (!store_tuple(val, cur, op)) {
warningx(_("value `%s' is invalid for option `%s'"), val, var);
- return FALSE;
+ debug_return_bool(FALSE);
}
break;
}
- return TRUE;
+ debug_return_bool(TRUE);
}
/*
{
static int firsttime = 1;
struct sudo_defs_types *def;
+ debug_decl(init_defaults, SUDO_DEBUG_DEFAULTS)
/* Clear any old settings. */
if (!firsttime) {
init_envtables();
firsttime = 0;
+
+ debug_return;
}
/*
{
struct defaults *def;
int rc = TRUE;
+ debug_decl(init_defaults, SUDO_DEBUG_DEFAULTS)
tq_foreach_fwd(&defaults, def) {
switch (def->type) {
break;
}
}
- return rc;
+ debug_return_bool(rc);
}
static int
{
char *endp;
long l;
+ debug_decl(store_int, SUDO_DEBUG_DEFAULTS)
if (op == FALSE) {
def->sd_un.ival = 0;
} else {
l = strtol(val, &endp, 10);
if (*endp != '\0')
- return FALSE;
+ debug_return_bool(FALSE);
/* XXX - should check against INT_MAX */
def->sd_un.ival = (int)l;
}
if (def->callback)
- return def->callback(val);
- return TRUE;
+ debug_return_bool(def->callback(val));
+ debug_return_bool(TRUE);
}
static int
{
char *endp;
long l;
+ debug_decl(store_uint, SUDO_DEBUG_DEFAULTS)
if (op == FALSE) {
def->sd_un.ival = 0;
} else {
l = strtol(val, &endp, 10);
if (*endp != '\0' || l < 0)
- return FALSE;
+ debug_return_bool(FALSE);
/* XXX - should check against INT_MAX */
def->sd_un.ival = (unsigned int)l;
}
if (def->callback)
- return def->callback(val);
- return TRUE;
+ debug_return_bool(def->callback(val));
+ debug_return_bool(TRUE);
}
static int
{
char *endp;
double d;
+ debug_decl(store_float, SUDO_DEBUG_DEFAULTS)
if (op == FALSE) {
def->sd_un.fval = 0.0;
} else {
d = strtod(val, &endp);
if (*endp != '\0')
- return FALSE;
+ debug_return_bool(FALSE);
/* XXX - should check against HUGE_VAL */
def->sd_un.fval = d;
}
if (def->callback)
- return def->callback(val);
- return TRUE;
+ debug_return_bool(def->callback(val));
+ debug_return_bool(TRUE);
}
static int
store_tuple(char *val, struct sudo_defs_types *def, int op)
{
struct def_values *v;
+ debug_decl(store_tuple, SUDO_DEBUG_DEFAULTS)
/*
* Since enums are really just ints we store the value as an ival.
}
}
if (v->sval == NULL)
- return FALSE;
+ debug_return_bool(FALSE);
}
if (def->callback)
- return def->callback(val);
- return TRUE;
+ debug_return_bool(def->callback(val));
+ debug_return_bool(TRUE);
}
static int
store_str(char *val, struct sudo_defs_types *def, int op)
{
+ debug_decl(store_str, SUDO_DEBUG_DEFAULTS)
efree(def->sd_un.str);
if (op == FALSE)
else
def->sd_un.str = estrdup(val);
if (def->callback)
- return def->callback(val);
- return TRUE;
+ debug_return_bool(def->callback(val));
+ debug_return_bool(TRUE);
}
static int
store_list(char *str, struct sudo_defs_types *def, int op)
{
char *start, *end;
+ debug_decl(store_list, SUDO_DEBUG_DEFAULTS)
/* Remove all old members. */
if (op == FALSE || op == TRUE)
list_op(start, end - start, def, op == '-' ? delete : add);
} while (*end++ != '\0');
}
- return TRUE;
+ debug_return_bool(TRUE);
}
static int
store_syslogfac(char *val, struct sudo_defs_types *def, int op)
{
struct strmap *fac;
+ debug_decl(store_syslogfac, SUDO_DEBUG_DEFAULTS)
if (op == FALSE) {
def->sd_un.ival = FALSE;
- return TRUE;
+ debug_return_bool(TRUE);
}
#ifdef LOG_NFACILITIES
if (!val)
- return FALSE;
+ debug_return_bool(FALSE);
for (fac = facilities; fac->name && strcmp(val, fac->name); fac++)
;
if (fac->name == NULL)
- return FALSE; /* not found */
+ debug_return_bool(FALSE); /* not found */
def->sd_un.ival = fac->num;
#else
def->sd_un.ival = -1;
#endif /* LOG_NFACILITIES */
- return TRUE;
+ debug_return_bool(TRUE);
}
static const char *
{
#ifdef LOG_NFACILITIES
struct strmap *fac;
+ debug_decl(logfac2str, SUDO_DEBUG_DEFAULTS)
for (fac = facilities; fac->name && fac->num != n; fac++)
;
- return fac->name;
+ debug_return_str(fac->name);
#else
return "default";
#endif /* LOG_NFACILITIES */
store_syslogpri(char *val, struct sudo_defs_types *def, int op)
{
struct strmap *pri;
+ debug_decl(store_syslogpri, SUDO_DEBUG_DEFAULTS)
if (op == FALSE || !val)
- return FALSE;
+ debug_return_bool(FALSE);
for (pri = priorities; pri->name && strcmp(val, pri->name); pri++)
;
if (pri->name == NULL)
- return FALSE; /* not found */
+ debug_return_bool(FALSE); /* not found */
def->sd_un.ival = pri->num;
- return TRUE;
+ debug_return_bool(TRUE);
}
static const char *
logpri2str(int n)
{
struct strmap *pri;
+ debug_decl(logpri2str, SUDO_DEBUG_DEFAULTS)
for (pri = priorities; pri->name && pri->num != n; pri++)
;
- return pri->name;
+ debug_return_str(pri->name);
}
static int
{
char *endp;
long l;
+ debug_decl(store_mode, SUDO_DEBUG_DEFAULTS)
if (op == FALSE) {
def->sd_un.mode = (mode_t)0777;
} else {
l = strtol(val, &endp, 8);
if (*endp != '\0' || l < 0 || l > 0777)
- return FALSE;
+ debug_return_bool(FALSE);
def->sd_un.mode = (mode_t)l;
}
if (def->callback)
- return def->callback(val);
- return TRUE;
+ debug_return_bool(def->callback(val));
+ debug_return_bool(TRUE);
}
static void
list_op(char *val, size_t len, struct sudo_defs_types *def, enum list_ops op)
{
struct list_member *cur, *prev, *tmp;
+ debug_decl(list_op, SUDO_DEBUG_DEFAULTS)
if (op == freeall) {
for (cur = def->sd_un.list; cur; ) {
efree(tmp);
}
def->sd_un.list = NULL;
- return;
+ debug_return;
}
for (cur = def->sd_un.list, prev = NULL; cur; prev = cur, cur = cur->next) {
if ((strncmp(cur->value, val, len) == 0 && cur->value[len] == '\0')) {
if (op == add)
- return; /* already exists */
+ debug_return; /* already exists */
/* Delete node */
if (prev != NULL)
cur->next = def->sd_un.list;
def->sd_un.list = cur;
}
+ debug_return;
}
{
char * const *ep;
size_t len;
+ debug_decl(env_init, SUDO_DEBUG_ENV)
for (ep = envp; *ep != NULL; ep++)
continue;
#endif
memcpy(env.envp, envp, len * sizeof(char *));
env.envp[len] = '\0';
+
+ debug_return;
}
char **
{
char *estring;
size_t esize;
+ debug_decl(sudo_setenv, SUDO_DEBUG_ENV)
esize = strlen(var) + 1 + strlen(val) + 1;
estring = emalloc(esize);
errorx(1, _("internal error, sudo_setenv() overflow"));
}
sudo_putenv(estring, dupcheck, TRUE);
+
+ debug_return;
}
/*
char **ep;
size_t len;
int found = FALSE;
+ debug_decl(sudo_putenv, SUDO_DEBUG_ENV)
/* Make sure there is room for the new entry plus a NULL. */
if (env.env_len + 2 > env.env_size) {
*ep++ = str;
*ep = NULL;
}
+ debug_return;
}
/*
struct list_member *cur;
size_t len;
int iswild, match = FALSE;
+ debug_decl(matches_env_delete, SUDO_DEBUG_ENV)
/* Skip anything listed in env_delete. */
for (cur = def_env_delete; cur; cur = cur->next) {
break;
}
}
- return match;
+ debug_return_bool(match);
}
/*
struct list_member *cur;
size_t len;
int iswild, keepit = -1;
+ debug_decl(matches_env_check, SUDO_DEBUG_ENV)
for (cur = def_env_check; cur; cur = cur->next) {
len = strlen(cur->value);
break;
}
}
- return keepit;
+ debug_return_bool(keepit);
}
/*
char *result = NULL; /* result of path/file lookup */
int checkdot = 0; /* check current dir? */
int len; /* length parameter */
+ debug_decl(find_path, SUDO_DEBUG_UTIL)
if (strlen(infile) >= PATH_MAX)
errorx(1, _("%s: %s"), infile, strerror(ENAMETOOLONG));
strlcpy(command, infile, sizeof(command)); /* paranoia */
if (sudo_goodpath(command, sbp)) {
*outfile = command;
- return FOUND;
+ debug_return_int(FOUND);
} else
- return NOT_FOUND;
+ debug_return_int(NOT_FOUND);
}
if (path == NULL)
- return NOT_FOUND;
+ debug_return_int(NOT_FOUND);
path = estrdup(path);
origpath = path;
errorx(1, _("%s: %s"), infile, strerror(ENAMETOOLONG));
result = sudo_goodpath(command, sbp);
if (result && ignore_dot)
- return NOT_FOUND_DOT;
+ debug_return_int(NOT_FOUND_DOT);
}
if (result) {
*outfile = result;
- return FOUND;
+ debug_return_int(FOUND);
} else
- return NOT_FOUND;
+ debug_return_int(NOT_FOUND);
}
sudo_getepw(const struct passwd *pw)
{
char *epw = NULL;
+ debug_decl(sudo_getepw, SUDO_DEBUG_AUTH)
/* If there is a function to check for shadow enabled, use it... */
#ifdef HAVE_ISCOMSEC
done:
#endif
/* If no shadow password, fall back on regular password. */
- return estrdup(epw ? epw : pw->pw_passwd);
+ debug_return_str(estrdup(epw ? epw : pw->pw_passwd));
}
void
sudo_setspent(void)
{
+ debug_decl(sudo_setspent, SUDO_DEBUG_AUTH)
+
#ifdef HAVE_GETPRPWNAM
setprpwent();
#endif
#ifdef HAVE_GETAUTHUID
setauthent();
#endif
+ debug_return;
}
void
sudo_endspent(void)
{
+ debug_decl(sudo_endspent, SUDO_DEBUG_AUTH)
+
#ifdef HAVE_GETPRPWNAM
endprpwent();
#endif
#ifdef HAVE_GETAUTHUID
endauthent();
#endif
+ debug_return;
}
sudo_goodpath(const char *path, struct stat *sbp)
{
struct stat sb;
+ debug_decl(sudo_goodpath, SUDO_DEBUG_UTIL)
/* Check for brain damage */
if (path == NULL || path[0] == '\0')
- return NULL;
+ debug_return_str(NULL);
if (stat(path, &sb))
- return NULL;
+ debug_return_str(NULL);
/* Make sure path describes an executable regular file. */
if (!S_ISREG(sb.st_mode) || !(sb.st_mode & 0000111)) {
errno = EACCES;
- return NULL;
+ debug_return_str(NULL);
}
if (sbp != NULL)
(void) memcpy(sbp, &sb, sizeof(struct stat));
- return (char *)path;
+
+ debug_return_str((char *)path);
}
void
yyerror(const char *s)
{
+ debug_decl(yyerror, SUDO_DEBUG_PARSER)
+
/* Save the line the first error occurred on. */
if (errorlineno == -1) {
errorlineno = sudolineno ? sudolineno - 1 : 0;
sudolineno ? sudolineno - 1 : 0);
}
parse_error = TRUE;
+ debug_return;
}
-#line 110 "gram.y"
+#line 113 "gram.y"
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
int tok;
} YYSTYPE;
#endif /* YYSTYPE_DEFINED */
-#line 136 "y.tab.c"
+#line 139 "y.tab.c"
#define COMMAND 257
#define ALIAS 258
#define DEFVAR 259
short *yysslim;
YYSTYPE *yyvs;
int yystacksize;
-#line 604 "gram.y"
+#line 607 "gram.y"
static struct defaults *
new_default(char *var, char *val, int op)
{
struct defaults *d;
+ debug_decl(new_default, SUDO_DEBUG_PARSER)
d = emalloc(sizeof(struct defaults));
d->var = var;
d->prev = d;
d->next = NULL;
- return d;
+ debug_return_ptr(d);
}
static struct member *
new_member(char *name, int type)
{
struct member *m;
+ debug_decl(new_member, SUDO_DEBUG_PARSER)
m = emalloc(sizeof(struct member));
m->name = name;
m->prev = m;
m->next = NULL;
- return m;
+ debug_return_ptr(m);
}
/*
{
struct defaults *d;
struct member_list binding;
+ debug_decl(add_defaults, SUDO_DEBUG_PARSER)
/*
* We can only call list2tq once on bmem as it will zero
d->binding = binding;
}
tq_append(&defaults, defs);
+
+ debug_return;
}
/*
add_userspec(struct member *members, struct privilege *privs)
{
struct userspec *u;
+ debug_decl(add_userspec, SUDO_DEBUG_PARSER)
u = emalloc(sizeof(*u));
list2tq(&u->users, members);
u->prev = u;
u->next = NULL;
tq_append(&userspecs, u);
+
+ debug_return;
}
/*
struct privilege *priv;
struct cmndspec *cs;
struct sudo_command *c;
+ debug_decl(init_parser, SUDO_DEBUG_PARSER)
while ((us = tq_pop(&userspecs)) != NULL) {
while ((m = tq_pop(&us->users)) != NULL) {
errorlineno = -1;
errorfile = NULL;
verbose = !quiet;
+
+ debug_return;
}
-#line 760 "y.tab.c"
+#line 774 "y.tab.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
switch (yyn)
{
case 1:
-#line 185 "gram.y"
+#line 188 "gram.y"
{ ; }
break;
case 5:
-#line 193 "gram.y"
+#line 196 "gram.y"
{
;
}
break;
case 6:
-#line 196 "gram.y"
+#line 199 "gram.y"
{
yyerrok;
}
break;
case 7:
-#line 199 "gram.y"
+#line 202 "gram.y"
{
add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
}
break;
case 8:
-#line 202 "gram.y"
+#line 205 "gram.y"
{
;
}
break;
case 9:
-#line 205 "gram.y"
+#line 208 "gram.y"
{
;
}
break;
case 10:
-#line 208 "gram.y"
+#line 211 "gram.y"
{
;
}
break;
case 11:
-#line 211 "gram.y"
+#line 214 "gram.y"
{
;
}
break;
case 12:
-#line 214 "gram.y"
+#line 217 "gram.y"
{
add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
}
break;
case 13:
-#line 217 "gram.y"
+#line 220 "gram.y"
{
add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 14:
-#line 220 "gram.y"
+#line 223 "gram.y"
{
add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 15:
-#line 223 "gram.y"
+#line 226 "gram.y"
{
add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 16:
-#line 226 "gram.y"
+#line 229 "gram.y"
{
add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 18:
-#line 232 "gram.y"
+#line 235 "gram.y"
{
list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
yyval.defaults = yyvsp[-2].defaults;
}
break;
case 19:
-#line 238 "gram.y"
+#line 241 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, TRUE);
}
break;
case 20:
-#line 241 "gram.y"
+#line 244 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, FALSE);
}
break;
case 21:
-#line 244 "gram.y"
+#line 247 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, TRUE);
}
break;
case 22:
-#line 247 "gram.y"
+#line 250 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
}
break;
case 23:
-#line 250 "gram.y"
+#line 253 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
}
break;
case 25:
-#line 256 "gram.y"
+#line 259 "gram.y"
{
list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
yyval.privilege = yyvsp[-2].privilege;
}
break;
case 26:
-#line 262 "gram.y"
+#line 265 "gram.y"
{
struct privilege *p = emalloc(sizeof(*p));
list2tq(&p->hostlist, yyvsp[-2].member);
}
break;
case 27:
-#line 272 "gram.y"
+#line 275 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = FALSE;
}
break;
case 28:
-#line 276 "gram.y"
+#line 279 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = TRUE;
}
break;
case 29:
-#line 282 "gram.y"
+#line 285 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 30:
-#line 285 "gram.y"
+#line 288 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 31:
-#line 288 "gram.y"
+#line 291 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 32:
-#line 291 "gram.y"
+#line 294 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NTWKADDR);
}
break;
case 33:
-#line 294 "gram.y"
+#line 297 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 35:
-#line 300 "gram.y"
+#line 303 "gram.y"
{
list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
#ifdef HAVE_SELINUX
}
break;
case 36:
-#line 332 "gram.y"
+#line 335 "gram.y"
{
struct cmndspec *cs = emalloc(sizeof(*cs));
if (yyvsp[-3].runas != NULL) {
}
break;
case 37:
-#line 358 "gram.y"
+#line 361 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = FALSE;
}
break;
case 38:
-#line 362 "gram.y"
+#line 365 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = TRUE;
}
break;
case 39:
-#line 368 "gram.y"
+#line 371 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 40:
-#line 373 "gram.y"
+#line 376 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 41:
-#line 378 "gram.y"
+#line 381 "gram.y"
{
yyval.seinfo.role = NULL;
yyval.seinfo.type = NULL;
}
break;
case 42:
-#line 382 "gram.y"
+#line 385 "gram.y"
{
yyval.seinfo.role = yyvsp[0].string;
yyval.seinfo.type = NULL;
}
break;
case 43:
-#line 386 "gram.y"
+#line 389 "gram.y"
{
yyval.seinfo.type = yyvsp[0].string;
yyval.seinfo.role = NULL;
}
break;
case 44:
-#line 390 "gram.y"
+#line 393 "gram.y"
{
yyval.seinfo.role = yyvsp[-1].string;
yyval.seinfo.type = yyvsp[0].string;
}
break;
case 45:
-#line 394 "gram.y"
+#line 397 "gram.y"
{
yyval.seinfo.type = yyvsp[-1].string;
yyval.seinfo.role = yyvsp[0].string;
}
break;
case 46:
-#line 400 "gram.y"
+#line 403 "gram.y"
{
yyval.runas = NULL;
}
break;
case 47:
-#line 403 "gram.y"
+#line 406 "gram.y"
{
yyval.runas = yyvsp[-1].runas;
}
break;
case 48:
-#line 408 "gram.y"
+#line 411 "gram.y"
{
yyval.runas = emalloc(sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[0].member;
}
break;
case 49:
-#line 413 "gram.y"
+#line 416 "gram.y"
{
yyval.runas = emalloc(sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[-2].member;
}
break;
case 50:
-#line 418 "gram.y"
+#line 421 "gram.y"
{
yyval.runas = emalloc(sizeof(struct runascontainer));
yyval.runas->runasusers = NULL;
}
break;
case 51:
-#line 425 "gram.y"
+#line 428 "gram.y"
{
yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv =
yyval.tag.log_input = yyval.tag.log_output = UNSPEC;
}
break;
case 52:
-#line 429 "gram.y"
+#line 432 "gram.y"
{
yyval.tag.nopasswd = TRUE;
}
break;
case 53:
-#line 432 "gram.y"
+#line 435 "gram.y"
{
yyval.tag.nopasswd = FALSE;
}
break;
case 54:
-#line 435 "gram.y"
+#line 438 "gram.y"
{
yyval.tag.noexec = TRUE;
}
break;
case 55:
-#line 438 "gram.y"
+#line 441 "gram.y"
{
yyval.tag.noexec = FALSE;
}
break;
case 56:
-#line 441 "gram.y"
+#line 444 "gram.y"
{
yyval.tag.setenv = TRUE;
}
break;
case 57:
-#line 444 "gram.y"
+#line 447 "gram.y"
{
yyval.tag.setenv = FALSE;
}
break;
case 58:
-#line 447 "gram.y"
+#line 450 "gram.y"
{
yyval.tag.log_input = TRUE;
}
break;
case 59:
-#line 450 "gram.y"
+#line 453 "gram.y"
{
yyval.tag.log_input = FALSE;
}
break;
case 60:
-#line 453 "gram.y"
+#line 456 "gram.y"
{
yyval.tag.log_output = TRUE;
}
break;
case 61:
-#line 456 "gram.y"
+#line 459 "gram.y"
{
yyval.tag.log_output = FALSE;
}
break;
case 62:
-#line 461 "gram.y"
+#line 464 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 63:
-#line 464 "gram.y"
+#line 467 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 64:
-#line 467 "gram.y"
+#line 470 "gram.y"
{
struct sudo_command *c = emalloc(sizeof(*c));
c->cmnd = yyvsp[0].command.cmnd;
}
break;
case 67:
-#line 479 "gram.y"
+#line 482 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 69:
-#line 489 "gram.y"
+#line 492 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 72:
-#line 499 "gram.y"
+#line 502 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 74:
-#line 509 "gram.y"
+#line 512 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 77:
-#line 519 "gram.y"
+#line 522 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 80:
-#line 532 "gram.y"
+#line 535 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 82:
-#line 542 "gram.y"
+#line 545 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 83:
-#line 548 "gram.y"
+#line 551 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = FALSE;
}
break;
case 84:
-#line 552 "gram.y"
+#line 555 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = TRUE;
}
break;
case 85:
-#line 558 "gram.y"
+#line 561 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 86:
-#line 561 "gram.y"
+#line 564 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 87:
-#line 564 "gram.y"
+#line 567 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 88:
-#line 567 "gram.y"
+#line 570 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, USERGROUP);
}
break;
case 89:
-#line 570 "gram.y"
+#line 573 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 91:
-#line 576 "gram.y"
+#line 579 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 92:
-#line 582 "gram.y"
+#line 585 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = FALSE;
}
break;
case 93:
-#line 586 "gram.y"
+#line 589 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = TRUE;
}
break;
case 94:
-#line 592 "gram.y"
+#line 595 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 95:
-#line 595 "gram.y"
+#line 598 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 96:
-#line 598 "gram.y"
+#line 601 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
-#line 1529 "y.tab.c"
+#line 1543 "y.tab.c"
}
yyssp -= yym;
yystate = *yyssp;
void
yyerror(const char *s)
{
+ debug_decl(yyerror, SUDO_DEBUG_PARSER)
+
/* Save the line the first error occurred on. */
if (errorlineno == -1) {
errorlineno = sudolineno ? sudolineno - 1 : 0;
sudolineno ? sudolineno - 1 : 0);
}
parse_error = TRUE;
+ debug_return;
}
%}
new_default(char *var, char *val, int op)
{
struct defaults *d;
+ debug_decl(new_default, SUDO_DEBUG_PARSER)
d = emalloc(sizeof(struct defaults));
d->var = var;
d->prev = d;
d->next = NULL;
- return d;
+ debug_return_ptr(d);
}
static struct member *
new_member(char *name, int type)
{
struct member *m;
+ debug_decl(new_member, SUDO_DEBUG_PARSER)
m = emalloc(sizeof(struct member));
m->name = name;
m->prev = m;
m->next = NULL;
- return m;
+ debug_return_ptr(m);
}
/*
{
struct defaults *d;
struct member_list binding;
+ debug_decl(add_defaults, SUDO_DEBUG_PARSER)
/*
* We can only call list2tq once on bmem as it will zero
d->binding = binding;
}
tq_append(&defaults, defs);
+
+ debug_return;
}
/*
add_userspec(struct member *members, struct privilege *privs)
{
struct userspec *u;
+ debug_decl(add_userspec, SUDO_DEBUG_PARSER)
u = emalloc(sizeof(*u));
list2tq(&u->users, members);
u->prev = u;
u->next = NULL;
tq_append(&userspecs, u);
+
+ debug_return;
}
/*
struct privilege *priv;
struct cmndspec *cs;
struct sudo_command *c;
+ debug_decl(init_parser, SUDO_DEBUG_PARSER)
while ((us = tq_pop(&userspecs)) != NULL) {
while ((m = tq_pop(&us->users)) != NULL) {
errorlineno = -1;
errorfile = NULL;
verbose = !quiet;
+
+ debug_return;
}
char *args, path[PATH_MAX];
char **argv = NULL;
int len, rc = -1;
+ debug_decl(group_plugin_load, SUDO_DEBUG_UTIL)
/*
* Fill in .so path and split out args (if any).
}
}
- return rc;
+ debug_return_bool(rc);
}
void
group_plugin_unload(void)
{
+ debug_decl(group_plugin_unload, SUDO_DEBUG_UTIL)
+
if (group_plugin != NULL) {
(group_plugin->cleanup)();
group_plugin = NULL;
dlclose(group_handle);
group_handle = NULL;
}
+ debug_return;
}
int
group_plugin_query(const char *user, const char *group,
const struct passwd *pwd)
{
+ debug_decl(group_plugin_query, SUDO_DEBUG_UTIL)
+
if (group_plugin == NULL)
- return FALSE;
- return (group_plugin->query)(user, group, pwd);
+ debug_return_bool(FALSE);
+ debug_return_bool((group_plugin->query)(user, group, pwd));
}
#else /* !HAVE_DLOPEN && !HAVE_SHL_LOAD */
int
group_plugin_load(char *plugin_info)
{
- return FALSE;
+ debug_decl(group_plugin_load, SUDO_DEBUG_UTIL)
+ debug_return_bool(FALSE);
}
void
group_plugin_unload(void)
{
- return;
+ debug_decl(group_plugin_unload, SUDO_DEBUG_UTIL)
+ debug_return_bool;
}
int
group_plugin_query(const char *user, const char *group,
const struct passwd *pwd)
{
- return FALSE;
+ debug_decl(group_plugin_query, SUDO_DEBUG_UTIL)
+ debug_return_bool(FALSE);
}
#endif /* HAVE_DLOPEN || HAVE_SHL_LOAD */
{
char *addrinfo, *addr, *mask;
struct interface *ifp;
+ debug_decl(set_interfaces, SUDO_DEBUG_NETIF)
addrinfo = estrdup(ai);
for (addr = strtok(addrinfo, " \t"); addr != NULL; addr = strtok(NULL, " \t")) {
interfaces = ifp;
}
efree(addrinfo);
+ debug_return;
}
void
dump_interfaces(const char *ai)
{
char *cp, *addrinfo;
+ debug_decl(set_interfaces, SUDO_DEBUG_NETIF)
addrinfo = estrdup(ai);
sudo_printf(SUDO_CONV_INFO_MSG, "\t%s\n", cp);
efree(addrinfo);
+ debug_return;
}
{
struct stat sb;
char *slash = path;
+ debug_decl(mkdir_parents, SUDO_DEBUG_UTIL)
for (;;) {
if ((slash = strchr(slash + 1, '/')) == NULL)
}
*slash = '/';
}
+ debug_return;
}
/*
ssize_t nread;
char pathbuf[PATH_MAX];
static const char b36char[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ debug_decl(io_nextid, SUDO_DEBUG_UTIL)
/*
* Create I/O log directory if it doesn't already exist.
if (lseek(fd, 0, SEEK_SET) == (off_t)-1 || write(fd, buf, 7) != 7)
log_error(USE_ERRNO, _("unable to write to %s"), pathbuf);
close(fd);
+
+ debug_return;
}
/*
mkdir_iopath(const char *iolog_path, char *pathbuf, size_t pathsize)
{
size_t len;
+ debug_decl(mkdir_iopath, SUDO_DEBUG_UTIL)
len = strlcpy(pathbuf, iolog_path, pathsize);
if (len >= pathsize) {
log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
}
- return len;
+ debug_return_size_t(len);
}
/*
{
void *vfd = NULL;
int fd;
+ debug_decl(open_io_fd, SUDO_DEBUG_UTIL)
pathbuf[len] = '\0';
strlcat(pathbuf, suffix, PATH_MAX);
#endif
vfd = fdopen(fd, "w");
}
- return vfd;
+ debug_return_ptr(vfd);
}
/*
unsigned long ulval;
uid_t runas_uid = 0;
gid_t runas_gid = 0;
+ debug_decl(iolog_deserialize_info, SUDO_DEBUG_UTIL)
memset(details, 0, sizeof(*details));
details->runas_gr = sudo_fakegrnam(id);
}
}
+ debug_return;
}
static int
FILE *io_logfile;
size_t len;
int rval = -1;
+ debug_decl(sudoers_io_open, SUDO_DEBUG_UTIL)
if (!sudo_conv)
sudo_conv = conversation;
/* If we have no command (because -V was specified) just return. */
if (argc == 0)
- return TRUE;
+ debug_return_bool(TRUE);
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
gr_delref(details.runas_gr);
sudo_endgrent();
- return rval;
+ debug_return_bool(rval);
}
static void
sudoers_io_close(int exit_status, int error)
{
int i;
+ debug_decl(sudoers_io_close, SUDO_DEBUG_UTIL)
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
- return;
+ debug_return;
}
for (i = 0; i < IOFD_MAX; i++) {
#endif
fclose(io_fds[i].f);
}
+ debug_return;
}
static int
sudoers_io_version(int verbose)
{
+ debug_decl(sudoers_io_version, SUDO_DEBUG_UTIL)
+
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
- return -1;
+ debug_return_bool(-1);
}
sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers I/O plugin version %s\n",
PACKAGE_VERSION);
- return TRUE;
+ debug_return_bool(TRUE);
}
/*
sudoers_io_log(const char *buf, unsigned int len, int idx)
{
struct timeval now, delay;
+ debug_decl(sudoers_io_version, SUDO_DEBUG_UTIL)
gettimeofday(&now, NULL);
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
- return -1;
+ debug_return_bool(-1);
}
#ifdef HAVE_ZLIB_H
last_time.tv_sec = now.tv_sec;
last_time.tv_usec = now.tv_usec;
- return TRUE;
+ debug_return_bool(TRUE);
}
static int
{
static char sessid[7];
int len;
+ debug_decl(sudoers_io_version, SUDO_DEBUG_UTIL)
if (sessid[0] == '\0')
io_nextid(def_iolog_dir, sessid);
len = snprintf(str, strsize, "%c%c/%c%c/%c%c", sessid[0],
sessid[1], sessid[2], sessid[3], sessid[4], sessid[5]);
if (len < 0)
- return strsize; /* handle non-standard snprintf() */
- return (size_t)len;
+ debug_return_size_t(strsize); /* handle non-standard snprintf() */
+ debug_return_size_t(len);
}
static size_t
fill_user(char *str, size_t strsize)
{
- return strlcpy(str, user_name, strsize);
+ debug_decl(fill_user, SUDO_DEBUG_UTIL)
+ debug_return_size_t(strlcpy(str, user_name, strsize));
}
static size_t
{
struct group *grp;
size_t len;
+ debug_decl(fill_group, SUDO_DEBUG_UTIL)
if ((grp = sudo_getgrgid(user_gid)) != NULL) {
len = strlcpy(str, grp->gr_name, strsize);
len = snprintf(str + len, strsize - len, "#%u",
(unsigned int) user_gid);
}
- return len;
+ debug_return_size_t(len);
}
static size_t
fill_runas_user(char *str, size_t strsize)
{
- return strlcpy(str, runas_pw->pw_name, strsize);
+ debug_decl(fill_runas_user, SUDO_DEBUG_UTIL)
+ debug_return_size_t(strlcpy(str, runas_pw->pw_name, strsize));
}
static size_t
{
struct group *grp;
size_t len;
+ debug_decl(fill_runas_group, SUDO_DEBUG_UTIL)
if (runas_gr != NULL) {
len = strlcpy(str, runas_gr->gr_name, strsize);
(unsigned int) runas_pw->pw_gid);
}
}
- return len;
+ debug_return_size_t(len);
}
static size_t
fill_hostname(char *str, size_t strsize)
{
- return strlcpy(str, user_shost, strsize);
+ debug_decl(fill_hostname, SUDO_DEBUG_UTIL)
+ debug_return_size_t(strlcpy(str, user_shost, strsize));
}
static size_t
fill_command(char *str, size_t strsize)
{
- return strlcpy(str, user_base, strsize);
+ debug_decl(fill_command, SUDO_DEBUG_UTIL)
+ debug_return_size_t(strlcpy(str, user_base, strsize));
}
/*
char *dst, *dst0, *path, *pathend, tmpbuf[PATH_MAX];
const char *endbrace, *src = dir;
int pass, strfit;
+ debug_decl(expand_iolog_path, SUDO_DEBUG_UTIL)
/* Expanded path must be <= PATH_MAX */
if (prefix != NULL)
}
}
- return path;
+ debug_return_str(path);
bad:
efree(path);
- return NULL;
+ debug_return_str(NULL);
}
char *host, *port, defport[13];
char hostbuf[LINE_MAX * 2];
+ debug_decl(sudo_ldap_conf_add_ports, SUDO_DEBUG_LDAP)
hostbuf[0] = '\0';
if (snprintf(defport, sizeof(defport), ":%d", ldap_conf.port) >= sizeof(defport))
efree(ldap_conf.host);
ldap_conf.host = estrdup(hostbuf);
- return;
+ debug_return;
toobig:
errorx(1, _("sudo_ldap_conf_add_ports: out of space expanding hostbuf"));
char hostbuf[LINE_MAX];
int nldap = 0, nldaps = 0;
int rc = -1;
+ debug_decl(sudo_ldap_parse_uri, SUDO_DEBUG_LDAP)
do {
buf = estrdup(uri_list->val);
done:
efree(buf);
- return rc;
+ debug_return_int(rc);
toobig:
errorx(1, _("sudo_ldap_parse_uri: out of space building hostbuf"));
struct ldap_config_list_str *uri;
size_t len = 0;
char *buf, *cp;
+ debug_decl(sudo_ldap_join_uri, SUDO_DEBUG_LDAP)
/* Usually just a single entry. */
if (uri_list->next == NULL)
- return estrdup(uri_list->val);
+ debug_return_str(estrdup(uri_list->val));
for (uri = uri_list; uri != NULL; uri = uri->next) {
len += strlen(uri->val) + 1;
*cp++ = ' ';
}
cp[-1] = '\0';
- return buf;
+ debug_return_str(buf);
}
#endif /* HAVE_LDAP_INITIALIZE */
{
LDAP *ld = NULL;
int rc = LDAP_CONNECT_ERROR;
+ debug_decl(sudo_ldap_init, SUDO_DEBUG_LDAP)
#ifdef HAVE_LDAPSSL_INIT
if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
done:
*ldp = ld;
- return rc;
+ debug_return_int(rc);
}
/*
struct berval **bv, **p;
char *val;
int ret = FALSE;
+ debug_decl(sudo_ldap_check_user_netgroup, SUDO_DEBUG_LDAP)
if (!entry)
- return ret;
+ debug_return_int(ret);
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoUser");
if (bv == NULL)
- return ret;
+ debug_return_int(ret);
/* walk through values */
for (p = bv; *p != NULL && !ret; p++) {
ldap_value_free_len(bv); /* cleanup */
- return ret;
+ debug_return_int(ret);
}
/*
- * Walk through search results and return TRUE if we have a
- * host match, else FALSE.
- */
+* Walk through search results and return TRUE if we have a
+* host match, else FALSE.
+*/
static int
sudo_ldap_check_host(LDAP *ld, LDAPMessage *entry)
{
struct berval **bv, **p;
char *val;
int ret = FALSE;
+ debug_decl(sudo_ldap_check_host, SUDO_DEBUG_LDAP)
if (!entry)
- return ret;
+ debug_return_int(ret);
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoHost");
if (bv == NULL)
- return ret;
+ debug_return_int(ret);
/* walk through values */
for (p = bv; *p != NULL && !ret; p++) {
ldap_value_free_len(bv); /* cleanup */
- return ret;
+ debug_return_int(ret);
}
static int
struct berval **bv, **p;
char *val;
int ret = FALSE;
+ debug_decl(sudo_ldap_check_runas_user, SUDO_DEBUG_LDAP)
if (!runas_pw)
- return UNSPEC;
+ debug_return_int(UNSPEC);
/* get the runas user from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
* what the user specified on the command line.
*/
if (bv == NULL)
- return !strcasecmp(runas_pw->pw_name, def_runas_default);
+ debug_return_int(!strcasecmp(runas_pw->pw_name, def_runas_default));
/* walk through values returned, looking for a match */
for (p = bv; *p != NULL && !ret; p++) {
ldap_value_free_len(bv); /* cleanup */
- return ret;
+ debug_return_int(ret);
}
static int
struct berval **bv, **p;
char *val;
int ret = FALSE;
+ debug_decl(sudo_ldap_check_runas_group, SUDO_DEBUG_LDAP)
/* runas_gr is only set if the user specified the -g flag */
if (!runas_gr)
- return UNSPEC;
+ debug_return_int(UNSPEC);
/* get the values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv == NULL)
- return ret;
+ debug_return_int(ret);
/* walk through values returned, looking for a match */
for (p = bv; *p != NULL && !ret; p++) {
ldap_value_free_len(bv); /* cleanup */
- return ret;
+ debug_return_int(ret);
}
/*
sudo_ldap_check_runas(LDAP *ld, LDAPMessage *entry)
{
int ret;
+ debug_decl(sudo_ldap_check_runas, SUDO_DEBUG_LDAP)
if (!entry)
- return FALSE;
+ debug_return_bool(FALSE);
ret = sudo_ldap_check_runas_user(ld, entry) != FALSE &&
sudo_ldap_check_runas_group(ld, entry) != FALSE;
- return ret;
+ debug_return_bool(ret);
}
/*
struct berval **bv, **p;
char *allowed_cmnd, *allowed_args, *val;
int foundbang, ret = UNSPEC;
+ debug_decl(sudo_ldap_check_command, SUDO_DEBUG_LDAP)
if (!entry)
- return ret;
+ debug_return_bool(ret);
bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv == NULL)
- return ret;
+ debug_return_bool(ret);
for (p = bv; *p != NULL && ret != FALSE; p++) {
val = (*p)->bv_val;
ldap_value_free_len(bv); /* more cleanup */
- return ret;
+ debug_return_bool(ret);
}
/*
struct berval **bv, **p;
char ch, *var;
int ret = UNSPEC;
+ debug_decl(sudo_ldap_check_bool, SUDO_DEBUG_LDAP)
if (entry == NULL)
- return UNSPEC;
+ debug_return_bool(ret);
bv = ldap_get_values_len(ld, entry, "sudoOption");
if (bv == NULL)
- return ret;
+ debug_return_bool(ret);
/* walk through options */
for (p = bv; *p != NULL; p++) {
ldap_value_free_len(bv);
- return ret;
+ debug_return_bool(ret);
}
/*
{
struct berval **bv, **p;
char op, *var, *val;
+ debug_decl(sudo_ldap_parse_options, SUDO_DEBUG_LDAP)
if (entry == NULL)
- return;
+ debug_return;
bv = ldap_get_values_len(ld, entry, "sudoOption");
if (bv == NULL)
- return;
+ debug_return;
/* walk through options */
for (p = bv; *p != NULL; p++) {
}
ldap_value_free_len(bv);
+
+ debug_return;
}
/*
time_t now;
char timebuffer[16];
int bytes = 0;
+ debug_decl(sudo_ldap_timefilter, SUDO_DEBUG_LDAP)
/* Make sure we have a formatted timestamp for __now__. */
time(&now);
}
done:
- return bytes;
+ debug_return_int(bytes);
}
/*
* Builds up a filter to search for default settings
*/
static char *
-sudo_ldap_build_default_filter()
+sudo_ldap_build_default_filter(void)
{
char *filt;
+ debug_decl(sudo_ldap_build_default_filter, SUDO_DEBUG_LDAP)
if (ldap_conf.search_filter)
easprintf(&filt, "(&%s(cn=defaults))", ldap_conf.search_filter);
else
filt = estrdup("cn=defaults");
- return filt;
+ debug_return_str(filt);
}
/*
struct group_list *grlist;
size_t sz = 0;
int i;
+ debug_decl(sudo_ldap_build_pass1, SUDO_DEBUG_LDAP)
/* Start with LDAP search filter length + 3 */
if (ldap_conf.search_filter)
}
strlcat(buf, ")", sz); /* closes the global OR or the global AND */
- return buf;
+ debug_return_str(buf);
}
/*
sudo_ldap_build_pass2(void)
{
char *filt, timebuffer[TIMEFILTER_LENGTH];
+ debug_decl(sudo_ldap_build_pass2, SUDO_DEBUG_LDAP)
if (ldap_conf.timed)
sudo_ldap_timefilter(timebuffer, sizeof(timebuffer));
ldap_conf.timed ? timebuffer : "",
(ldap_conf.timed || ldap_conf.search_filter) ? ")" : "");
- return filt;
+ debug_return_str(filt);
}
static void
{
FILE *fp;
char buf[LINE_MAX], *cp;
+ debug_decl(sudo_ldap_read_secret, SUDO_DEBUG_LDAP)
if ((fp = fopen(_PATH_LDAP_SECRET, "r")) != NULL) {
if (fgets(buf, sizeof(buf), fp) != NULL) {
}
fclose(fp);
}
+ debug_return;
}
static int
FILE *fp;
char *cp, *keyword, *value;
struct ldap_config_table *cur;
+ debug_decl(sudo_ldap_read_config, SUDO_DEBUG_LDAP)
/* defaults */
ldap_conf.version = 3;
ldap_conf.deref = -1;
if ((fp = fopen(_PATH_LDAP_CONF, "r")) == NULL)
- return FALSE;
+ debug_return_bool(FALSE);
while ((cp = sudo_parseln(fp)) != NULL) {
if (*cp == '\0')
sudo_printf(SUDO_CONV_ERROR_MSG, "===================\n");
}
if (!ldap_conf.base)
- return FALSE; /* if no base is defined, ignore LDAP */
+ debug_return_bool(FALSE); /* if no base is defined, ignore LDAP */
if (ldap_conf.bind_timelimit > 0)
ldap_conf.bind_timelimit *= 1000; /* convert to ms */
if (ldap_conf.uri) {
struct ldap_config_list_str *uri = ldap_conf.uri;
if (sudo_ldap_parse_uri(uri) != 0)
- return FALSE;
+ debug_return_bool(FALSE);
do {
ldap_conf.uri = uri->next;
efree(uri);
}
}
#endif
- return TRUE;
+ debug_return_bool(TRUE);
}
/*
#ifdef HAVE_LDAP_STR2DN
char *dn, *rdn = NULL;
LDAPDN tmpDN;
+ debug_decl(sudo_ldap_get_first_rdn, SUDO_DEBUG_LDAP)
if ((dn = ldap_get_dn(ld, entry)) == NULL)
- return NULL;
+ debug_return_str(NULL);
if (ldap_str2dn(dn, &tmpDN, LDAP_DN_FORMAT_LDAP) == LDAP_SUCCESS) {
ldap_rdn2str(tmpDN[0], &rdn, LDAP_DN_FORMAT_UFN);
ldap_dnfree(tmpDN);
}
ldap_memfree(dn);
- return rdn;
+ debug_return_str(rdn);
#else
char *dn, **edn;
+ debug_decl(sudo_ldap_get_first_rdn, SUDO_DEBUG_LDAP)
if ((dn = ldap_get_dn(ld, entry)) == NULL)
return NULL;
edn = ldap_explode_dn(dn, 1);
ldap_memfree(dn);
- return edn ? edn[0] : NULL;
+ debug_return_str(edn ? edn[0] : NULL);
#endif
}
LDAPMessage *entry, *result;
char *prefix, *filt;
int rc, count = 0;
+ debug_decl(sudo_ldap_display_defaults, SUDO_DEBUG_LDAP)
if (handle == NULL || handle->ld == NULL)
goto done;
}
efree(filt);
done:
- return count;
+ debug_return_int(count);
}
/*
sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
{
- return 0;
+ debug_decl(sudo_ldap_display_bound_defaults, SUDO_DEBUG_LDAP)
+ debug_return_int(0);
}
/*
{
struct berval **bv, **p;
int count = 0;
+ debug_decl(sudo_ldap_display_entry_short, SUDO_DEBUG_LDAP)
lbuf_append(lbuf, " (");
}
lbuf_append(lbuf, "\n");
- return count;
+ debug_return_int(count);
}
/*
struct berval **bv, **p;
char *rdn;
int count = 0;
+ debug_decl(sudo_ldap_display_entry_long, SUDO_DEBUG_LDAP)
/* extract the dn, only show the first rdn */
rdn = sudo_ldap_get_first_rdn(ld, entry);
ldap_value_free_len(bv);
}
- return count;
+ debug_return_int(count);
}
/*
struct ldap_result *lres;
LDAPMessage *entry;
int i, count = 0;
+ debug_decl(sudo_ldap_display_privs, SUDO_DEBUG_LDAP)
if (handle == NULL || handle->ld == NULL)
goto done;
}
done:
- return count;
+ debug_return_int(count);
}
static int
struct ldap_result *lres;
LDAPMessage *entry;
int i, found = FALSE;
+ debug_decl(sudo_ldap_display_cmnd, SUDO_DEBUG_LDAP)
if (handle == NULL || handle->ld == NULL)
goto done;
if (found)
printf("%s%s%s\n", safe_cmnd ? safe_cmnd : user_cmnd,
user_args ? " " : "", user_args ? user_args : "");
- return !found;
+ debug_return_bool(!found);
}
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
{
char *auth_id = (char *)_auth_id;
sasl_interact_t *interact = (sasl_interact_t *)_interact;
+ debug_decl(sudo_ldap_sasl_interact, SUDO_DEBUG_LDAP)
for (; interact->id != SASL_CB_LIST_END; interact++) {
if (interact->id != SASL_CB_USER)
- return LDAP_PARAM_ERROR;
+ debug_return_int(LDAP_PARAM_ERROR);
if (auth_id != NULL)
interact->result = auth_id;
interact->result = estrdup(interact->result);
#endif /* SASL_VERSION_MAJOR < 2 */
}
- return LDAP_SUCCESS;
+ debug_return_int(LDAP_SUCCESS);
}
#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
{
struct ldap_config_table *cur;
int rc;
+ debug_decl(sudo_ldap_set_options, SUDO_DEBUG_LDAP)
/* Set ber options */
#ifdef LBER_OPT_DEBUG_LEVEL
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %d: %s",
cur->conf_str, ival, ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_set_option: %s -> %d", cur->conf_str, ival), 1);
}
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %s: %s",
cur->conf_str, sval, ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_set_option: %s -> %s", cur->conf_str, sval), 1);
}
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option(TIMEOUT, %ld): %s",
(long)tv.tv_sec, ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_set_option(LDAP_OPT_TIMEOUT, %ld)",
(long)tv.tv_sec), 1);
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option(NETWORK_TIMEOUT, %ld): %s",
(long)tv.tv_sec, ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, %ld)",
(long)tv.tv_sec), 1);
if (rc != LDAP_SUCCESS) {
warningx("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD): %s",
ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD)"), 1);
}
#endif
- return 0;
+ debug_return_int(0);
}
/*
sudo_ldap_result_alloc(void)
{
struct ldap_result *result;
+ debug_decl(sudo_ldap_result_alloc, SUDO_DEBUG_LDAP)
result = emalloc(sizeof(*result));
result->searches = NULL;
result->allocated_entries = 0;
result->user_matches = FALSE;
result->host_matches = FALSE;
- return result;
+ debug_return_ptr(result);
}
/*
sudo_ldap_result_free(struct ldap_result *lres)
{
struct ldap_search_list *s;
+ debug_decl(sudo_ldap_result_free, SUDO_DEBUG_LDAP)
if (lres != NULL) {
if (lres->nentries) {
}
efree(lres);
}
+ debug_return;
}
/*
LDAPMessage *searchresult)
{
struct ldap_search_list *s, *news;
+ debug_decl(sudo_ldap_result_add_search, SUDO_DEBUG_LDAP)
news = emalloc(sizeof(struct ldap_search_list));
news->next = NULL;
} else {
lres->searches = news;
}
- return news;
+ debug_return_ptr(news);
}
/*
unsigned int status;
# endif
#endif
+ debug_decl(sudo_ldap_bind_s, SUDO_DEBUG_LDAP)
#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
if (ldap_conf.rootuse_sasl == TRUE ||
if (rc != LDAP_SUCCESS) {
warningx("ldap_sasl_interactive_bind_s(): %s",
ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_sasl_interactive_bind_s() ok"), 1);
} else
NULL, NULL, NULL);
if (rc != LDAP_SUCCESS) {
warningx("ldap_sasl_bind_s(): %s", ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_sasl_bind_s() ok"), 1);
}
rc = ldap_simple_bind_s(ld, ldap_conf.binddn, ldap_conf.bindpw);
if (rc != LDAP_SUCCESS) {
warningx("ldap_simple_bind_s(): %s", ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_simple_bind_s() ok"), 1);
}
#endif
- return 0;
+ debug_return_int(0);
}
/*
{
LDAP *ld;
int rc, ldapnoinit = FALSE;
- struct sudo_ldap_handle *handle;
+ struct sudo_ldap_handle *handle;
+ debug_decl(sudo_ldap_open, SUDO_DEBUG_LDAP)
if (!sudo_ldap_read_config())
- return -1;
+ debug_return_int(-1);
/* Prevent reading of user ldaprc and system defaults. */
if (getenv("LDAPNOINIT") == NULL) {
rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
if (rc != LDAP_SUCCESS) {
warningx(_("unable to initialize LDAP: %s"), ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
if (ldapnoinit)
/* Set LDAP options */
if (sudo_ldap_set_options(ld) < 0)
- return -1;
+ debug_return_int(-1);
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
#if defined(HAVE_LDAP_START_TLS_S)
rc = ldap_start_tls_s(ld, NULL, NULL);
if (rc != LDAP_SUCCESS) {
warningx("ldap_start_tls_s(): %s", ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_start_tls_s() ok"), 1);
#elif defined(HAVE_LDAP_SSL_CLIENT_INIT) && defined(HAVE_LDAP_START_TLS_S_NP)
if (ldap_ssl_client_init(NULL, NULL, 0, &rc) != LDAP_SUCCESS) {
warningx("ldap_ssl_client_init(): %s", ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
rc = ldap_start_tls_s_np(ld, NULL);
if (rc != LDAP_SUCCESS) {
warningx("ldap_start_tls_s_np(): %s", ldap_err2string(rc));
- return -1;
+ debug_return_int(-1);
}
DPRINTF(("ldap_start_tls_s_np() ok"), 1);
#else
/* Actually connect */
if (sudo_ldap_bind_s(ld) != 0)
- return -1;
+ debug_return_int(-1);
/* Create a handle container. */
handle = emalloc(sizeof(struct sudo_ldap_handle));
handle->grlist = NULL;
nss->handle = handle;
- return 0;
+ debug_return_int(0);
}
static int
LDAPMessage *entry, *result;
char *filt;
int rc;
+ debug_decl(sudo_ldap_setdefs, SUDO_DEBUG_LDAP)
if (handle == NULL || handle->ld == NULL)
- return -1;
+ debug_return_int(-1);
ld = handle->ld;
filt = sudo_ldap_build_default_filter();
}
efree(filt);
- return 0;
+ debug_return_int(0);
}
/*
LDAPMessage *entry;
int i, rc, setenv_implied;
struct ldap_result *lres = NULL;
+ debug_decl(sudo_ldap_lookup, SUDO_DEBUG_LDAP)
if (handle == NULL || handle->ld == NULL)
- return ret;
+ debug_return_int(ret);
ld = handle->ld;
/* Fetch list of sudoRole entries that match user and host. */
CLR(ret, FLAG_NO_HOST);
DPRINTF(("sudo_ldap_lookup(%d)=0x%02x", pwflag, ret), 1);
- return ret;
+ debug_return_int(ret);
}
/*
{
const struct ldap_entry_wrapper *aw = a;
const struct ldap_entry_wrapper *bw = b;
+ debug_decl(ldap_entry_compare, SUDO_DEBUG_LDAP)
- return bw->order < aw->order ? -1 :
- (bw->order > aw->order ? 1 : 0);
+ debug_return_int(bw->order < aw->order ? -1 :
+ (bw->order > aw->order ? 1 : 0));
}
/*
sudo_ldap_result_last_search(struct ldap_result *lres)
{
struct ldap_search_list *result = lres->searches;
+ debug_decl(sudo_ldap_result_last_search, SUDO_DEBUG_LDAP)
if (result) {
while (result->next)
result = result->next;
}
- return result;
+ debug_return_ptr(result);
}
/*
struct berval **bv;
double order = 0.0;
char *ep;
+ debug_decl(sudo_ldap_result_add_entry, SUDO_DEBUG_LDAP)
/* Determine whether the entry has the sudoOrder attribute. */
last = sudo_ldap_result_last_search(lres);
lres->entries[lres->nentries - 1].entry = entry;
lres->entries[lres->nentries - 1].order = order;
- return &lres->entries[lres->nentries - 1];
+ debug_return_ptr(&lres->entries[lres->nentries - 1]);
}
/*
sudo_ldap_result_free_nss(struct sudo_nss *nss)
{
struct sudo_ldap_handle *handle = nss->handle;
+ debug_decl(sudo_ldap_result_free_nss, SUDO_DEBUG_LDAP)
if (handle->result != NULL) {
DPRINTF(("removing reusable search result"), 1);
handle->grlist = NULL;
handle->result = NULL;
}
+ debug_return;
}
/*
LDAP *ld = handle->ld;
int do_netgr, rc;
char *filt;
+ debug_decl(sudo_ldap_result_get, SUDO_DEBUG_LDAP)
/*
* If we already have a cached result, return it so we don't have to
strcmp(pw->pw_name, handle->username) == 0) {
DPRINTF(("reusing previous result (user %s) with %d entries",
handle->username, handle->result->nentries), 1);
- return handle->result;
+ debug_return_ptr(handle->result);
}
/* User mismatch, cached result cannot be used. */
DPRINTF(("removing result (user %s), new search (user %s)",
handle->username = estrdup(pw->pw_name);
handle->grlist = user_group_list;
- return lres;
+ debug_return_ptr(lres);
}
/*
sudo_ldap_close(struct sudo_nss *nss)
{
struct sudo_ldap_handle *handle = nss->handle;
+ debug_decl(sudo_ldap_close, SUDO_DEBUG_LDAP)
if (handle != NULL) {
/* Free the result before unbinding; it may use the LDAP connection. */
efree(nss->handle);
nss->handle = NULL;
}
- return 0;
+ debug_return_int(0);
}
/*
#include "error.h"
#include "alloc.h"
#include "gettext.h"
+#include "sudo_debug.h"
#include "linux_audit.h"
/*
* Open audit connection if possible.
* Returns audit fd on success and -1 on failure.
*/
-static int
-linux_audit_open(void)
+int
+static linux_audit_open(void)
{
static int au_fd = -1;
+ debug_decl(linux_audit_open, SUDO_DEBUG_AUDIT)
if (au_fd != -1)
- return au_fd;
+ debug_return_int(au_fd);
au_fd = audit_open();
if (au_fd == -1) {
/* Kernel may not have audit support. */
} else {
(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
}
- return au_fd;
+ debug_return_int(au_fd);
}
int
int au_fd, rc;
char *command, *cp, **av;
size_t size, n;
+ debug_decl(linux_audit_command, SUDO_DEBUG_AUDIT)
if ((au_fd = linux_audit_open()) == -1)
- return -1;
+ debug_return_int(-1);
/* Convert argv to a flat string. */
for (size = 0, av = argv; *av != NULL; av++)
efree(command);
- return rc;
+ debug_return_int(rc);
}
#endif
char buf[MAXSYSLOGLEN+1];
va_list ap;
+ debug_decl(mysyslog, SUDO_DEBUG_LOGGING)
va_start(ap, fmt);
#ifdef LOG_NFACILITIES
#endif /* BROKEN_SYSLOG */
va_end(ap);
closelog();
+ debug_return;
}
#define FMT_FIRST "%8s : %s"
size_t len, maxlen;
char *p, *tmp, save;
const char *fmt;
+ debug_decl(do_syslog, SUDO_DEBUG_LOGGING)
#ifdef HAVE_SETLOCALE
const char *old_locale = estrdup(setlocale(LC_ALL, NULL));
setlocale(LC_ALL, old_locale);
efree((void *)old_locale);
#endif /* HAVE_SETLOCALE */
+
+ debug_return;
}
static void
mode_t oldmask;
time_t now;
FILE *fp;
+ debug_decl(do_logfile, SUDO_DEBUG_LOGGING)
oldmask = umask(077);
fp = fopen(def_logfile, "a");
efree((void *)old_locale);
#endif /* HAVE_SETLOCALE */
}
+ debug_return;
}
/*
void
log_denial(int status, int inform_user)
{
- char *message;
- char *logline;
+ char *logline, *message;
+ debug_decl(log_denial, SUDO_DEBUG_LOGGING)
/* Set error message. */
if (ISSET(status, FLAG_NO_USER))
do_logfile(logline);
efree(logline);
+ debug_return;
}
/*
log_allowed(int status)
{
char *logline;
+ debug_decl(log_allowed, SUDO_DEBUG_LOGGING)
logline = new_logline(NULL, 0);
do_logfile(logline);
efree(logline);
+ debug_return;
}
void
log_error(int flags, const char *fmt, ...)
{
int serrno = errno;
- char *message;
- char *logline;
+ char *logline, *message;
va_list ap;
+ debug_decl(log_error, SUDO_DEBUG_LOGGING)
/* Expand printf-style format + args. */
va_start(ap, fmt);
plugin_cleanup(0);
siglongjmp(error_jmp, 1);
}
+ debug_return;
}
#define MAX_MAILFLAGS 63
NULL
};
#endif /* NO_ROOT_MAILER */
+ debug_decl(send_mail, SUDO_DEBUG_LOGGING)
/* Just return if mailer is disabled. */
if (!def_mailerpath || !def_mailto)
- return;
+ debug_return;
/* Fork and return, child will daemonize. */
switch (pid = fork()) {
case -1:
/* Error. */
mysyslog(LOG_ERR, _("unable to fork: %m"));
+ sudo_debug_printf(SUDO_DEBUG_SYSERR, "unable to fork: %s",
+ strerror(errno));
_exit(1);
case 0:
/* Grandchild continues below. */
do {
rv = waitpid(pid, &status, 0);
} while (rv == -1 && errno == EINTR);
- return;
+ return; /* not debug */
}
/* Daemonize - disassociate from session/tty. */
if (pipe(pfd) == -1) {
mysyslog(LOG_ERR, _("unable to open pipe: %m"));
+ sudo_debug_printf(SUDO_DEBUG_SYSERR, "unable to open pipe: %s",
+ strerror(errno));
+ sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
_exit(1);
}
case -1:
/* Error. */
mysyslog(LOG_ERR, _("unable to fork: %m"));
+ sudo_debug_printf(SUDO_DEBUG_SYSERR, "unable to fork: %s",
+ strerror(errno));
+ sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
_exit(1);
break;
case 0:
if (pfd[0] != STDIN_FILENO) {
if (dup2(pfd[0], STDIN_FILENO) == -1) {
mysyslog(LOG_ERR, _("unable to dup stdin: %m"));
+ sudo_debug_printf(SUDO_DEBUG_SYSERR,
+ "unable to dup stdin: %s", strerror(errno));
_exit(127);
}
(void) close(pfd[0]);
execv(mpath, argv);
#endif /* NO_ROOT_MAILER */
mysyslog(LOG_ERR, _("unable to execute %s: %m"), mpath);
+ sudo_debug_printf(SUDO_DEBUG_SYSERR, "unable to execute %s: %s",
+ mpath, strerror(errno));
_exit(127);
}
break;
do {
rv = waitpid(pid, &status, 0);
} while (rv == -1 && errno == EINTR);
+ sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
_exit(0);
}
static int
should_mail(int status)
{
+ debug_decl(should_mail, SUDO_DEBUG_LOGGING)
- return def_mail_always || ISSET(status, VALIDATE_ERROR) ||
+ debug_return_bool(def_mail_always || ISSET(status, VALIDATE_ERROR) ||
(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
- (def_mail_no_perms && !ISSET(status, VALIDATE_OK));
+ (def_mail_no_perms && !ISSET(status, VALIDATE_OK)));
}
#define LL_TTY_STR "TTY="
char *errstr = NULL;
char *evstr = NULL;
char *line, sessid[7], *tsid = NULL;
+ debug_decl(new_logline, SUDO_DEBUG_LOGGING)
/* A TSID may be a sudoers-style session ID or a free-form string. */
if (sudo_user.iolog_file != NULL) {
}
}
- return line;
+ debug_return_str(line);
toobig:
errorx(1, _("internal error: insufficient space for log line"));
}
char *indent = "";
char *beg = line;
char *end;
+ debug_decl(writeln_wrap, SUDO_DEBUG_LOGGING)
/*
* Print out line with word wrap around maxlen characters.
/* Print remainder, if any. */
if (len)
fprintf(fp, "%s%s\n", indent, beg);
+
+ debug_return;
}
struct member *m;
struct alias *a;
int rval, matched = UNSPEC;
+ debug_decl(_userlist_matches, SUDO_DEBUG_MATCH)
tq_foreach_rev(list, m) {
switch (m->type) {
if (matched != UNSPEC)
break;
}
- return matched;
+ debug_return_bool(matched);
}
int
int rval;
int user_matched = UNSPEC;
int group_matched = UNSPEC;
+ debug_decl(_runaslist_matches, SUDO_DEBUG_MATCH)
if (runas_pw != NULL) {
/* If no runas user or runas group listed in sudoers, use default. */
if (tq_empty(user_list) && tq_empty(group_list))
- return userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw);
+ debug_return_int(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
tq_foreach_rev(user_list, m) {
switch (m->type) {
}
if (user_matched == DENY || group_matched == DENY)
- return DENY;
+ debug_return_int(DENY);
if (user_matched == group_matched || runas_gr == NULL)
- return user_matched;
- return UNSPEC;
+ debug_return_int(user_matched);
+ debug_return_int(UNSPEC);
}
int
struct member *m;
struct alias *a;
int rval, matched = UNSPEC;
+ debug_decl(_hostlist_matches, SUDO_DEBUG_MATCH)
tq_foreach_rev(list, m) {
switch (m->type) {
if (matched != UNSPEC)
break;
}
- return matched;
+ debug_return_bool(matched);
}
int
{
struct member *m;
int matched = UNSPEC;
+ debug_decl(_cmndlist_matches, SUDO_DEBUG_MATCH)
tq_foreach_rev(list, m) {
matched = cmnd_matches(m);
if (matched != UNSPEC)
break;
}
- return matched;
+ debug_return_bool(matched);
}
int
struct alias *a;
struct sudo_command *c;
int rval, matched = UNSPEC;
+ debug_decl(cmnd_matches, SUDO_DEBUG_MATCH)
switch (m->type) {
case ALL:
matched = !m->negated;
break;
}
- return matched;
+ debug_return_bool(matched);
}
static int
char *sudoers_args;
{
int flags = 0;
+ debug_decl(command_args_match, SUDO_DEBUG_MATCH)
/*
* If no args specified in sudoers, any user args are allowed.
*/
if (!sudoers_args ||
(!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)))
- return TRUE;
+ debug_return_bool(TRUE);
/*
* If args are specified in sudoers, they must match the user args.
* If running as sudoedit, all args are assumed to be paths.
if (strcmp(sudoers_cmnd, "sudoedit") == 0)
flags = FNM_PATHNAME;
if (fnmatch(sudoers_args, user_args ? user_args : "", flags) == 0)
- return TRUE;
+ debug_return_bool(TRUE);
}
- return FALSE;
+ debug_return_bool(FALSE);
}
/*
int
command_matches(char *sudoers_cmnd, char *sudoers_args)
{
+ debug_decl(command_matches, SUDO_DEBUG_MATCH)
+
/* Check for pseudo-commands */
if (sudoers_cmnd[0] != '/') {
/*
*/
if (strcmp(sudoers_cmnd, "sudoedit") != 0 ||
strcmp(user_cmnd, "sudoedit") != 0)
- return FALSE;
+ debug_return_bool(FALSE);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(sudoers_cmnd);
- return TRUE;
+ debug_return_bool(TRUE);
} else
- return FALSE;
+ debug_return_bool(FALSE);
}
if (has_meta(sudoers_cmnd)) {
* use glob(3) and/or fnmatch(3) to do the matching.
*/
if (def_fast_glob)
- return command_matches_fnmatch(sudoers_cmnd, sudoers_args);
- return command_matches_glob(sudoers_cmnd, sudoers_args);
+ debug_return_bool(command_matches_fnmatch(sudoers_cmnd, sudoers_args));
+ debug_return_bool(command_matches_glob(sudoers_cmnd, sudoers_args));
}
- return command_matches_normal(sudoers_cmnd, sudoers_args);
+ debug_return_bool(command_matches_normal(sudoers_cmnd, sudoers_args));
}
static int
command_matches_fnmatch(char *sudoers_cmnd, char *sudoers_args)
{
+ debug_decl(command_matches_fnmatch, SUDO_DEBUG_MATCH)
+
/*
* Return true if fnmatch(3) succeeds AND
* a) there are no args in sudoers OR
* else return false.
*/
if (fnmatch(sudoers_cmnd, user_cmnd, FNM_PATHNAME) != 0)
- return FALSE;
+ debug_return_bool(FALSE);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
if (safe_cmnd)
free(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
- return TRUE;
- } else
- return FALSE;
+ debug_return_bool(TRUE);
+ }
+ debug_return_bool(FALSE);
}
static int
size_t dlen;
char **ap, *base, *cp;
glob_t gl;
+ debug_decl(command_matches_glob, SUDO_DEBUG_MATCH)
/*
* First check to see if we can avoid the call to glob(3).
if ((base = strrchr(sudoers_cmnd, '/')) != NULL) {
base++;
if (!has_meta(base) && strcmp(user_base, base) != 0)
- return FALSE;
+ debug_return_bool(FALSE);
}
}
/*
#define GLOB_FLAGS (GLOB_NOSORT | GLOB_MARK | GLOB_BRACE | GLOB_TILDE)
if (glob(sudoers_cmnd, GLOB_FLAGS, NULL, &gl) != 0 || gl.gl_pathc == 0) {
globfree(&gl);
- return FALSE;
+ debug_return_bool(FALSE);
}
/* For each glob match, compare basename, st_dev and st_ino. */
for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) {
dlen = strlen(cp);
if (cp[dlen - 1] == '/') {
if (command_matches_dir(cp, dlen))
- return TRUE;
+ debug_return_bool(TRUE);
continue;
}
}
globfree(&gl);
if (cp == NULL)
- return FALSE;
+ debug_return_bool(FALSE);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(user_cmnd);
- return TRUE;
+ debug_return_bool(TRUE);
}
- return FALSE;
+ debug_return_bool(FALSE);
}
static int
struct stat sudoers_stat;
char *base;
size_t dlen;
+ debug_decl(command_matches_normal, SUDO_DEBUG_MATCH)
/* If it ends in '/' it is a directory spec. */
dlen = strlen(sudoers_cmnd);
if (sudoers_cmnd[dlen - 1] == '/')
- return command_matches_dir(sudoers_cmnd, dlen);
+ debug_return_bool(command_matches_dir(sudoers_cmnd, dlen));
/* Only proceed if user_base and basename(sudoers_cmnd) match */
if ((base = strrchr(sudoers_cmnd, '/')) == NULL)
base++;
if (strcmp(user_base, base) != 0 ||
stat(sudoers_cmnd, &sudoers_stat) == -1)
- return FALSE;
+ debug_return_bool(FALSE);
/*
* Return true if inode/device matches AND
if (user_stat != NULL &&
(user_stat->st_dev != sudoers_stat.st_dev ||
user_stat->st_ino != sudoers_stat.st_ino))
- return FALSE;
+ debug_return_bool(FALSE);
if (command_args_match(sudoers_cmnd, sudoers_args)) {
efree(safe_cmnd);
safe_cmnd = estrdup(sudoers_cmnd);
- return TRUE;
+ debug_return_bool(TRUE);
}
- return FALSE;
+ debug_return_bool(FALSE);
}
/*
struct dirent *dent;
char buf[PATH_MAX];
DIR *dirp;
+ debug_decl(command_matches_dir, SUDO_DEBUG_MATCH)
/*
* Grot through directory entries, looking for user_base.
*/
dirp = opendir(sudoers_dir);
if (dirp == NULL)
- return FALSE;
+ debug_return_bool(FALSE);
if (strlcpy(buf, sudoers_dir, sizeof(buf)) >= sizeof(buf)) {
closedir(dirp);
- return FALSE;
+ debug_return_bool(FALSE);
}
while ((dent = readdir(dirp)) != NULL) {
/* ignore paths > PATH_MAX (XXX - log) */
}
closedir(dirp);
- return dent != NULL;
+ debug_return_bool(dent != NULL);
}
/*
int
hostname_matches(char *shost, char *lhost, char *pattern)
{
+ debug_decl(hostname_matches, SUDO_DEBUG_MATCH)
+
if (has_meta(pattern)) {
if (strchr(pattern, '.'))
- return !fnmatch(pattern, lhost, FNM_CASEFOLD);
+ debug_return_bool(!fnmatch(pattern, lhost, FNM_CASEFOLD));
else
- return !fnmatch(pattern, shost, FNM_CASEFOLD);
+ debug_return_bool(!fnmatch(pattern, shost, FNM_CASEFOLD));
} else {
if (strchr(pattern, '.'))
- return !strcasecmp(lhost, pattern);
+ debug_return_bool(!strcasecmp(lhost, pattern));
else
- return !strcasecmp(shost, pattern);
+ debug_return_bool(!strcasecmp(shost, pattern));
}
}
int
userpw_matches(char *sudoers_user, char *user, struct passwd *pw)
{
+ debug_decl(userpw_matches, SUDO_DEBUG_MATCH)
+
if (pw != NULL && *sudoers_user == '#') {
uid_t uid = (uid_t) atoi(sudoers_user + 1);
if (uid == pw->pw_uid)
- return TRUE;
+ debug_return_bool(TRUE);
}
- return strcmp(sudoers_user, user) == 0;
+ debug_return_bool(strcmp(sudoers_user, user) == 0);
}
/*
int
group_matches(char *sudoers_group, struct group *gr)
{
+ debug_decl(group_matches, SUDO_DEBUG_MATCH)
+
if (*sudoers_group == '#') {
gid_t gid = (gid_t) atoi(sudoers_group + 1);
if (gid == gr->gr_gid)
- return TRUE;
+ debug_return_bool(TRUE);
}
- return strcmp(gr->gr_name, sudoers_group) == 0;
+ debug_return_bool(strcmp(gr->gr_name, sudoers_group) == 0);
}
/*
{
int matched = FALSE;
struct passwd *pw0 = NULL;
+ debug_decl(usergr_matches, SUDO_DEBUG_MATCH)
/* make sure we have a valid usergroup, sudo style */
if (*group++ != '%')
if (pw0 != NULL)
pw_delref(pw0);
- return matched;
+ debug_return_bool(matched);
}
/*
#ifdef HAVE_GETDOMAINNAME
static int initialized;
#endif
+ debug_decl(netgr_matches, SUDO_DEBUG_MATCH)
/* make sure we have a valid netgroup, sudo style */
if (*netgr++ != '+')
- return FALSE;
+ debug_return_bool(FALSE);
#ifdef HAVE_GETDOMAINNAME
/* get the domain name (if any) */
#ifdef HAVE_INNETGR
if (innetgr(netgr, lhost, user, domain))
- return TRUE;
+ debug_return_bool(TRUE);
else if (lhost != shost && innetgr(netgr, shost, user, domain))
- return TRUE;
+ debug_return_bool(TRUE);
#endif /* HAVE_INNETGR */
- return FALSE;
+ debug_return_bool(FALSE);
}
int j;
#endif
int family;
+ debug_decl(addr_matches_if, SUDO_DEBUG_MATCH)
#ifdef HAVE_IN6_ADDR
if (inet_pton(AF_INET6, n, &addr.ip6) > 0) {
if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
(ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
== addr.ip4.s_addr)
- return TRUE;
+ debug_return_bool(TRUE);
break;
#ifdef HAVE_IN6_ADDR
case AF_INET6:
if (memcmp(ifp->addr.ip6.s6_addr, addr.ip6.s6_addr,
sizeof(addr.ip6.s6_addr)) == 0)
- return TRUE;
+ debug_return_bool(TRUE);
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
if ((ifp->addr.ip6.s6_addr[j] & ifp->netmask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
break;
}
if (j == sizeof(addr.ip6.s6_addr))
- return TRUE;
+ debug_return_bool(TRUE);
#endif
}
}
- return FALSE;
+ debug_return_bool(FALSE);
}
static int
int j;
#endif
int family;
+ debug_decl(addr_matches_if, SUDO_DEBUG_MATCH)
#ifdef HAVE_IN6_ADDR
if (inet_pton(AF_INET6, n, &addr.ip6) > 0)
switch(family) {
case AF_INET:
if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
- return TRUE;
+ debug_return_bool(TRUE);
#ifdef HAVE_IN6_ADDR
case AF_INET6:
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
break;
}
if (j == sizeof(addr.ip6.s6_addr))
- return TRUE;
+ debug_return_bool(TRUE);
#endif /* HAVE_IN6_ADDR */
}
}
- return FALSE;
+ debug_return_bool(FALSE);
}
/*
{
char *m;
int retval;
+ debug_decl(addr_matches, SUDO_DEBUG_MATCH)
/* If there's an explicit netmask, use it. */
if ((m = strchr(n, '/'))) {
} else
retval = addr_matches_if(n);
- return retval;
+ debug_return_bool(retval);
}
int
sudo_file_open(struct sudo_nss *nss)
{
+ debug_decl(sudo_file_open, SUDO_DEBUG_NSS)
+
if (def_ignore_local_sudoers)
- return -1;
+ debug_return_int(-1);
nss->handle = open_sudoers(sudoers_file, FALSE, NULL);
- return nss->handle ? 0 : -1;
+ debug_return_int(nss->handle ? 0 : -1);
}
int
sudo_file_close(struct sudo_nss *nss)
{
+ debug_decl(sudo_file_close, SUDO_DEBUG_NSS)
+
/* Free parser data structures and close sudoers file. */
init_parser(NULL, 0);
if (nss->handle != NULL) {
nss->handle = NULL;
yyin = NULL;
}
- return 0;
+ debug_return_int(0);
}
/*
int
sudo_file_parse(struct sudo_nss *nss)
{
+ debug_decl(sudo_file_close, SUDO_DEBUG_NSS)
+
if (nss->handle == NULL)
- return -1;
+ debug_return_int(-1);
init_parser(sudoers_file, 0);
yyin = nss->handle;
if (yyparse() != 0 || parse_error) {
log_error(NO_EXIT, _("parse error in %s near line %d"),
errorfile, errorlineno);
- return -1;
+ debug_return_int(-1);
}
- return 0;
+ debug_return_int(0);
}
/*
int
sudo_file_setdefs(struct sudo_nss *nss)
{
+ debug_decl(sudo_file_setdefs, SUDO_DEBUG_NSS)
+
if (nss->handle == NULL)
- return -1;
+ debug_return_int(-1);
if (!update_defaults(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER))
- return -1;
- return 0;
+ debug_return_int(-1);
+ debug_return_int(0);
}
/*
struct cmndtag *tags = NULL;
struct privilege *priv;
struct userspec *us;
+ debug_decl(sudo_file_lookup, SUDO_DEBUG_NSS)
if (nss->handle == NULL)
- return validated;
+ debug_return_int(validated);
/*
* Only check the actual command if pwflag is not set.
SET(validated, FLAG_CHECK_USER);
else if (pwcheck == never || nopass == TRUE)
def_authenticate = FALSE;
- return validated;
+ debug_return_int(validated);
}
/* Need to be runas user while stat'ing things. */
def_authenticate = !tags->nopasswd;
}
restore_perms();
- return validated;
+ debug_return_int(validated);
}
#define TAG_CHANGED(t) \
struct lbuf *lbuf)
{
struct member *m;
+ debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS)
#ifdef HAVE_SELINUX
if (cs->role)
m = cs->cmnd;
print_member(lbuf, m->name, m->type, m->negated,
CMNDALIAS);
+ debug_return;
}
static int
struct privilege *priv;
struct cmndtag tags;
int nfound = 0;
+ debug_decl(sudo_file_display_priv_short, SUDO_DEBUG_NSS)
tq_foreach_fwd(&us->privileges, priv) {
if (hostlist_matches(&priv->hostlist) != ALLOW)
}
lbuf_append(lbuf, "\n");
}
- return nfound;
+ debug_return_int(nfound);
}
static int
struct privilege *priv;
struct cmndtag tags;
int nfound = 0;
+ debug_decl(sudo_file_display_priv_long, SUDO_DEBUG_NSS)
tq_foreach_fwd(&us->privileges, priv) {
if (hostlist_matches(&priv->hostlist) != ALLOW)
nfound++;
}
}
- return nfound;
+ debug_return_int(nfound);
}
int
{
struct userspec *us;
int nfound = 0;
+ debug_decl(sudo_file_display_priv, SUDO_DEBUG_NSS)
if (nss->handle == NULL)
goto done;
nfound += sudo_file_display_priv_short(pw, us, lbuf);
}
done:
- return nfound;
+ debug_return_int(nfound);
}
/*
struct defaults *d;
char *prefix;
int nfound = 0;
+ debug_decl(sudo_file_display_defaults, SUDO_DEBUG_NSS)
if (nss->handle == NULL)
goto done;
nfound++;
}
done:
- return nfound;
+ debug_return_int(nfound);
}
/*
struct lbuf *lbuf)
{
int nfound = 0;
+ debug_decl(sudo_file_display_bound_defaults, SUDO_DEBUG_NSS)
/* XXX - should only print ones that match what the user can do. */
nfound += display_bound_defaults(DEFAULTS_RUNAS, lbuf);
nfound += display_bound_defaults(DEFAULTS_CMND, lbuf);
- return nfound;
+ debug_return_int(nfound);
}
/*
struct member *m, *binding = NULL;
char *dsep;
int atype, nfound = 0;
+ debug_decl(display_bound_defaults, SUDO_DEBUG_NSS)
switch (dtype) {
case DEFAULTS_HOST:
dsep = "!";
break;
default:
- return -1;
+ debug_return_int(-1);
}
tq_foreach_fwd(&defaults, d) {
if (d->type != dtype)
lbuf_append(lbuf, "%s%s", d->op == FALSE ? "!" : "", d->var);
}
- return nfound;
+ debug_return_int(nfound);
}
int
struct userspec *us;
int rval = 1;
int host_match, runas_match, cmnd_match;
+ debug_decl(sudo_file_display_cmnd, SUDO_DEBUG_NSS)
if (nss->handle == NULL)
goto done;
rval = 0;
}
done:
- return rval;
+ debug_return_int(rval);
}
/*
struct alias *a;
struct member *m;
struct sudo_command *c;
+ debug_decl(_print_member, SUDO_DEBUG_NSS)
switch (type) {
case ALL:
lbuf_append(lbuf, "%s%s", negated ? "!" : "", name);
break;
}
+ debug_return;
}
static void
size_t nsize, psize, csize, gsize, dsize, ssize, total;
struct cache_item *item;
struct passwd *newpw;
+ debug_decl(make_pwitem, SUDO_DEBUG_NSS)
/* If shell field is empty, expand to _PATH_BSHELL. */
pw_shell = (pw->pw_shell == NULL || pw->pw_shell[0] == '\0')
item->d.pw = newpw;
item->refcnt = 1;
- return item;
+ debug_return_ptr(item);
}
void
pw_addref(struct passwd *pw)
{
+ debug_decl(pw_addref, SUDO_DEBUG_NSS)
ptr_to_item(pw)->refcnt++;
+ debug_return;
}
static void
pw_delref_item(void *v)
{
struct cache_item *item = v;
+ debug_decl(pw_delref_item, SUDO_DEBUG_NSS)
if (--item->refcnt == 0)
efree(item);
+
+ debug_return;
}
void
pw_delref(struct passwd *pw)
{
+ debug_decl(pw_delref, SUDO_DEBUG_NSS)
pw_delref_item(ptr_to_item(pw));
+ debug_return;
}
/*
{
struct cache_item key, *item;
struct rbnode *node;
+ debug_decl(sudo_getpwuid, SUDO_DEBUG_NSS)
key.k.uid = uid;
if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
#endif
done:
item->refcnt++;
- return item->d.pw;
+ debug_return_ptr(item->d.pw);
}
/*
struct cache_item key, *item;
struct rbnode *node;
size_t len;
+ debug_decl(sudo_getpwnam, SUDO_DEBUG_NSS)
key.k.name = (char *) name;
if ((node = rbfind(pwcache_byname, &key)) != NULL) {
#endif
done:
item->refcnt++;
- return item->d.pw;
+ debug_return_ptr(item->d.pw);
}
/*
struct rbnode *node;
size_t len, namelen;
int i;
+ debug_decl(sudo_fakepwnam, SUDO_DEBUG_NSS)
namelen = strlen(user);
len = sizeof(*item) + sizeof(*pw) + namelen + 1 /* pw_name */ +
}
}
item->refcnt++;
- return pw;
+ debug_return_ptr(pw);
}
/*
void
sudo_setpwent(void)
{
+ debug_decl(sudo_setpwent, SUDO_DEBUG_NSS)
+
setpwent();
if (pwcache_byuid == NULL)
pwcache_byuid = rbcreate(cmp_pwuid);
if (pwcache_byname == NULL)
pwcache_byname = rbcreate(cmp_pwnam);
+
+ debug_return;
}
void
sudo_freepwcache(void)
{
+ debug_decl(sudo_freepwcache, SUDO_DEBUG_NSS)
+
if (pwcache_byuid != NULL) {
rbdestroy(pwcache_byuid, pw_delref_item);
pwcache_byuid = NULL;
rbdestroy(pwcache_byname, pw_delref_item);
pwcache_byname = NULL;
}
+
+ debug_return;
}
void
sudo_endpwent(void)
{
+ debug_decl(sudo_endpwent, SUDO_DEBUG_NSS)
+
endpwent();
sudo_freepwcache();
+
+ debug_return;
}
/*
size_t nsize, psize, nmem, total, len;
struct cache_item *item;
struct group *newgr;
+ debug_decl(make_gritem, SUDO_DEBUG_NSS)
/* Allocate in one big chunk for easy freeing. */
nsize = psize = nmem = 0;
item->d.gr = newgr;
item->refcnt = 1;
- return item;
+ debug_return_ptr(item);
}
#ifdef HAVE_UTMPX_H
struct cache_item *item;
struct group_list *grlist;
struct group *grp;
+ debug_decl(make_grlist_item, SUDO_DEBUG_NSS)
#ifdef HAVE_SETAUTHDB
aix_setauthdb((char *) user);
aix_restoreauthdb();
#endif
- return item;
+ debug_return_ptr(item);
}
void
gr_addref(struct group *gr)
{
+ debug_decl(gr_addref, SUDO_DEBUG_NSS)
ptr_to_item(gr)->refcnt++;
+ debug_return;
}
static void
gr_delref_item(void *v)
{
struct cache_item *item = v;
+ debug_decl(gr_delref_item, SUDO_DEBUG_NSS)
if (--item->refcnt == 0)
efree(item);
+
+ debug_return;
}
void
gr_delref(struct group *gr)
{
+ debug_decl(gr_delref, SUDO_DEBUG_NSS)
gr_delref_item(ptr_to_item(gr));
+ debug_return;
}
/*
{
struct cache_item key, *item;
struct rbnode *node;
+ debug_decl(sudo_getgrgid, SUDO_DEBUG_NSS)
key.k.gid = gid;
if ((node = rbfind(grcache_bygid, &key)) != NULL) {
}
done:
item->refcnt++;
- return item->d.gr;
+ debug_return_ptr(item->d.gr);
}
/*
struct cache_item key, *item;
struct rbnode *node;
size_t len;
+ debug_decl(sudo_getgrnam, SUDO_DEBUG_NSS)
key.k.name = (char *) name;
if ((node = rbfind(grcache_byname, &key)) != NULL) {
}
done:
item->refcnt++;
- return item->d.gr;
+ debug_return_ptr(item->d.gr);
}
/*
struct rbnode *node;
size_t len, namelen;
int i;
+ debug_decl(sudo_fakegrnam, SUDO_DEBUG_NSS)
namelen = strlen(group);
len = sizeof(*item) + sizeof(*gr) + namelen + 1;
}
}
item->refcnt++;
- return gr;
+ debug_return_ptr(gr);
}
void
grlist_addref(struct group_list *grlist)
{
+ debug_decl(gr_addref, SUDO_DEBUG_NSS)
ptr_to_item(grlist)->refcnt++;
+ debug_return;
}
static void
grlist_delref_item(void *v)
{
struct cache_item *item = v;
+ debug_decl(gr_delref_item, SUDO_DEBUG_NSS)
if (--item->refcnt == 0)
efree(item);
+
+ debug_return;
}
void
grlist_delref(struct group_list *grlist)
{
+ debug_decl(gr_delref, SUDO_DEBUG_NSS)
grlist_delref_item(ptr_to_item(grlist));
+ debug_return;
}
void
sudo_setgrent(void)
{
+ debug_decl(sudo_setgrent, SUDO_DEBUG_NSS)
+
setgrent();
if (grcache_bygid == NULL)
grcache_bygid = rbcreate(cmp_grgid);
grcache_byname = rbcreate(cmp_grnam);
if (grlist_cache == NULL)
grlist_cache = rbcreate(cmp_grnam);
+
+ debug_return;
}
void
sudo_freegrcache(void)
{
+ debug_decl(sudo_freegrcache, SUDO_DEBUG_NSS)
+
if (grcache_bygid != NULL) {
rbdestroy(grcache_bygid, gr_delref_item);
grcache_bygid = NULL;
rbdestroy(grlist_cache, grlist_delref_item);
grlist_cache = NULL;
}
+
+ debug_return;
}
void
sudo_endgrent(void)
{
+ debug_decl(sudo_endgrent, SUDO_DEBUG_NSS)
+
endgrent();
sudo_freegrcache();
+
+ debug_return;
}
struct group_list *
size_t len;
GETGROUPS_T *gids;
int ngids;
+ debug_decl(get_group_list, SUDO_DEBUG_NSS)
key.k.name = pw->pw_name;
if ((node = rbfind(grlist_cache, &key)) != NULL) {
gids = emalloc2(ngids, sizeof(GETGROUPS_T));
if (getgrouplist(pw->pw_name, pw->pw_gid, gids, &ngids) == -1) {
efree(gids);
- return NULL;
+ debug_return_ptr(NULL);
}
}
if (ngids > 0) {
}
done:
item->refcnt++;
- return item->d.grlist;
+ debug_return_ptr(item->d.grlist);
}
void
{
struct cache_item key, *item;
struct rbnode *node;
+ debug_decl(set_group_list, SUDO_DEBUG_NSS)
/*
* Cache group db entry if it doesn't already exist
errorx(1, "unable to cache group list for %s, already exists",
user);
}
+ debug_return;
}
int
struct group_list *grlist;
struct group *grp = NULL;
int i, matched = FALSE;
+ debug_decl(user_in_group, SUDO_DEBUG_NSS)
if ((grlist = get_group_list(pw)) != NULL) {
/*
gr_delref(grp);
grlist_delref(grlist);
}
- return matched;
+ debug_return_bool(matched);
}
#include "missing.h"
#include "alloc.h"
+#include "sudo_debug.h"
#include "redblack.h"
static void rbrepair(struct rbtree *, struct rbnode *);
rbcreate(int (*compar)(const void *, const void*))
{
struct rbtree *tree;
+ debug_decl(rbcreate, SUDO_DEBUG_RBTREE)
tree = (struct rbtree *) emalloc(sizeof(*tree));
tree->compar = compar;
tree->root.color = black;
tree->root.data = NULL;
- return tree;
+ debug_return_ptr(tree);
}
/*
rotate_left(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *child;
+ debug_decl(rotate_left, SUDO_DEBUG_RBTREE)
child = node->right;
node->right = child->left;
node->parent->right = child;
child->left = node;
node->parent = child;
+
+ debug_return;
}
/*
rotate_right(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *child;
+ debug_decl(rotate_right, SUDO_DEBUG_RBTREE)
child = node->left;
node->left = child->right;
node->parent->right = child;
child->right = node;
node->parent = child;
+
+ debug_return;
}
/*
struct rbnode *node = rbfirst(tree);
struct rbnode *parent = rbroot(tree);
int res;
+ debug_decl(rbinsert, SUDO_DEBUG_RBTREE)
/* Find correct insertion point. */
while (node != rbnil(tree)) {
parent = node;
if ((res = tree->compar(data, node->data)) == 0)
- return node;
+ debug_return_ptr(node);
node = res < 0 ? node->left : node->right;
}
}
}
rbfirst(tree)->color = black; /* first node is always black */
- return NULL;
+ debug_return_ptr(NULL);
}
/*
{
struct rbnode *node = rbfirst(tree);
int res;
+ debug_decl(rbfind, SUDO_DEBUG_RBTREE)
while (node != rbnil(tree)) {
if ((res = tree->compar(key, node->data)) == 0)
- return node;
+ debug_return_ptr(node);
node = res < 0 ? node->left : node->right;
}
- return NULL;
+ debug_return_ptr(NULL);
}
/*
int (*func)(void *, void *), void *cookie, enum rbtraversal order)
{
int error;
+ debug_decl(rbapply_node, SUDO_DEBUG_RBTREE)
if (node != rbnil(tree)) {
if (order == preorder)
if ((error = func(node->data, cookie)) != 0)
- return error;
+ debug_return_int(error);
if ((error = rbapply_node(tree, node->left, func, cookie, order)) != 0)
- return error;
+ debug_return_int(error);
if (order == inorder)
if ((error = func(node->data, cookie)) != 0)
- return error;
+ debug_return_int(error);
if ((error = rbapply_node(tree, node->right, func, cookie, order)) != 0)
- return error;
+ debug_return_int(error);
if (order == postorder)
if ((error = func(node->data, cookie)) != 0)
- return error;
+ debug_return_int(error);
}
- return 0;
+ debug_return_int(0);
}
/*
rbsuccessor(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *succ;
+ debug_decl(rbsuccessor, SUDO_DEBUG_RBTREE)
if ((succ = node->right) != rbnil(tree)) {
while (succ->left != rbnil(tree))
if (succ == rbroot(tree))
succ = rbnil(tree);
}
- return succ;
+ debug_return_ptr(succ);
}
/*
static void
_rbdestroy(struct rbtree *tree, struct rbnode *node, void (*destroy)(void *))
{
+ debug_decl(_rbdestroy, SUDO_DEBUG_RBTREE)
if (node != rbnil(tree)) {
_rbdestroy(tree, node->left, destroy);
_rbdestroy(tree, node->right, destroy);
destroy(node->data);
efree(node);
}
+ debug_return;
}
/*
void
rbdestroy(struct rbtree *tree, void (*destroy)(void *))
{
+ debug_decl(rbdestroy, SUDO_DEBUG_RBTREE)
_rbdestroy(tree, rbfirst(tree), destroy);
efree(tree);
+ debug_return;
}
/*
{
struct rbnode *x, *y;
void *data = z->data;
+ debug_decl(rbdelete, SUDO_DEBUG_RBTREE)
if (z->left == rbnil(tree) || z->right == rbnil(tree))
y = z;
}
free(z);
- return data;
+ debug_return_ptr(data);
}
/*
rbrepair(struct rbtree *tree, struct rbnode *node)
{
struct rbnode *sibling;
+ debug_decl(rbrepair, SUDO_DEBUG_RBTREE)
while (node->color == black && node != rbroot(tree)) {
if (node == node->parent->left) {
}
}
node->color = black;
+
+ debug_return;
}
void
rewind_perms(void)
{
+ debug_decl(rewind_perms, SUDO_DEBUG_PERMS)
+
while (perm_stack_depth > 1)
restore_perms();
grlist_delref(perm_stack[0].grlist);
+
+ debug_return;
}
#ifdef HAVE_SETRESUID
struct perm_state *state, *ostate = NULL;
const char *errstr;
int noexit;
+ debug_decl(set_perms, SUDO_DEBUG_PERMS)
noexit = ISSET(perm, PERM_NOEXIT);
CLR(perm, PERM_MASK);
done:
perm_stack_depth++;
- return 1;
+ debug_return_bool(1);
bad:
/* XXX - better warnings inline */
warningx("%s: %s", errstr,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
- return 0;
+ debug_return_bool(0);
exit(1);
}
restore_perms(void)
{
struct perm_state *state, *ostate;
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS)
if (perm_stack_depth < 2)
- return;
+ debug_return;
state = &perm_stack[perm_stack_depth - 1];
ostate = &perm_stack[perm_stack_depth - 2];
}
}
grlist_delref(state->grlist);
- return;
+ debug_return;
bad:
exit(1);
struct perm_state *state, *ostate = NULL;
const char *errstr;
int noexit;
+ debug_decl(set_perms, SUDO_DEBUG_PERMS)
noexit = ISSET(perm, PERM_NOEXIT);
CLR(perm, PERM_MASK);
done:
perm_stack_depth++;
- return 1;
+ debug_return_bool(1);
bad:
/* XXX - better warnings inline */
warningx("%s: %s", errstr,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
- return 0;
+ debug_return_bool(0);
exit(1);
}
restore_perms(void)
{
struct perm_state *state, *ostate;
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS)
if (perm_stack_depth < 2)
- return;
+ debug_return;
state = &perm_stack[perm_stack_depth - 1];
ostate = &perm_stack[perm_stack_depth - 2];
}
}
grlist_delref(state->grlist);
- return;
+ debug_return;
bad:
exit(1);
struct perm_state *state, *ostate = NULL;
const char *errstr;
int noexit;
+ debug_decl(set_perms, SUDO_DEBUG_PERMS)
noexit = ISSET(perm, PERM_NOEXIT);
CLR(perm, PERM_MASK);
done:
perm_stack_depth++;
- return 1;
+ debug_return_bool(1);
bad:
/* XXX - better warnings inline */
warningx("%s: %s", errstr,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
- return 0;
+ debug_return_bool(0);
exit(1);
}
restore_perms(void)
{
struct perm_state *state, *ostate;
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS)
if (perm_stack_depth < 2)
- return;
+ debug_return;
state = &perm_stack[perm_stack_depth - 1];
ostate = &perm_stack[perm_stack_depth - 2];
goto bad;
}
grlist_delref(state->grlist);
- return;
+ debug_return;
bad:
exit(1);
struct perm_state *state, *ostate = NULL;
const char *errstr;
int noexit;
+ debug_decl(set_perms, SUDO_DEBUG_PERMS)
noexit = ISSET(perm, PERM_NOEXIT);
CLR(perm, PERM_MASK);
done:
perm_stack_depth++;
- return 1;
+ debug_return_bool(1);
bad:
/* XXX - better warnings inline */
warningx("%s: %s", errstr,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
- return 0;
+ debug_return_bool(0);
exit(1);
}
restore_perms(void)
{
struct perm_state *state, *ostate;
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS)
if (perm_stack_depth < 2)
- return;
+ debug_return;
state = &perm_stack[perm_stack_depth - 1];
ostate = &perm_stack[perm_stack_depth - 2];
warning("setuid(%d)", (int)ostate->ruid);
goto bad;
}
- return;
+ debug_return;
bad:
exit(1);
{
struct passwd *pw;
struct group_list *grlist;
+ debug_decl(runas_setgroups, SUDO_DEBUG_PERMS)
if (def_preserve_groups) {
grlist_addref(user_group_list);
- return user_group_list;
+ debug_return_ptr(user_group_list);
}
pw = runas_pw ? runas_pw : sudo_user.pw;
#endif
if (sudo_setgroups(grlist->ngids, grlist->gids) < 0)
log_error(USE_ERRNO|MSG_ONLY, _("unable to set runas group vector"));
- return grlist;
+ debug_return_ptr(grlist);
}
int saw_ldap = FALSE;
int got_match = FALSE;
static struct sudo_nss_list snl;
+ debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
if ((fp = fopen(_PATH_NSSWITCH_CONF, "r")) == NULL)
goto nomatch;
if (tq_empty(&snl))
tq_append(&snl, &sudo_nss_file);
- return &snl;
+ debug_return_ptr(&snl);
}
#else /* HAVE_LDAP && _PATH_NSSWITCH_CONF */
int saw_ldap = FALSE;
int got_match = FALSE;
static struct sudo_nss_list snl;
+ debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
if ((fp = fopen(_PATH_NETSVC_CONF, "r")) == NULL)
goto nomatch;
if (tq_empty(&snl))
tq_append(&snl, &sudo_nss_file);
- return &snl;
+ debug_return_ptr(&snl);
}
# else /* !_PATH_NETSVC_CONF && !_PATH_NSSWITCH_CONF */
sudo_read_nss(void)
{
static struct sudo_nss_list snl;
+ debug_decl(sudo_read_nss, SUDO_DEBUG_NSS)
# ifdef HAVE_LDAP
tq_append(&snl, &sudo_nss_ldap);
# endif
tq_append(&snl, &sudo_nss_file);
- return &snl;
+ debug_return_ptr(&snl);
}
# endif /* !HAVE_LDAP || !_PATH_NETSVC_CONF */
{
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
+ debug_decl(output, SUDO_DEBUG_NSS)
/* Call conversation function */
memset(&msg, 0, sizeof(msg));
msg.msg = buf;
memset(&repl, 0, sizeof(repl));
if (sudo_conv(1, &msg, &repl) == -1)
- return 0;
- return (int)strlen(buf);
+ debug_return_int(0);
+ debug_return_int(strlen(buf));
}
/*
struct sudo_nss *nss;
struct lbuf defs, privs;
int count, olen;
+ debug_decl(display_privs, SUDO_DEBUG_NSS)
lbuf_init(&defs, output, 4, NULL, sudo_user.cols);
lbuf_init(&privs, output, 4, NULL, sudo_user.cols);
lbuf_destroy(&defs);
lbuf_destroy(&privs);
+
+ debug_return;
}
/*
display_cmnd(struct sudo_nss_list *snl, struct passwd *pw)
{
struct sudo_nss *nss;
+ debug_decl(display_cmnd, SUDO_DEBUG_NSS)
tq_foreach_fwd(snl, nss) {
if (nss->display_cmnd(nss, pw) == 0)
- return TRUE;
+ debug_return_bool(TRUE);
}
- return FALSE;
+ debug_return_bool(FALSE);
}
struct passwd *list_pw;
struct interface *interfaces;
int long_list;
-int debug_level;
uid_t timestamp_uid;
extern int errorlineno;
extern int parse_error;
volatile int sources = 0;
sigaction_t sa;
struct sudo_nss *nss;
+ debug_decl(sudoers_policy_open, SUDO_DEBUG_PLUGIN)
if (!sudo_conv)
sudo_conv = conversation;
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
rewind_perms();
- return -1;
+ debug_return_bool(-1);
}
bindtextdomain("sudoers", LOCALEDIR);
}
if (sources == 0) {
warningx(_("no valid sudoers sources found, quitting"));
- return -1;
+ debug_return_bool(-1);
}
/* XXX - collect post-sudoers parse settings into a function */
restore_perms();
- return TRUE;
+ debug_return_bool(TRUE);
}
static void
sudoers_policy_close(int exit_status, int error_code)
{
+ debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN)
+
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
- return;
+ debug_return;
}
/* We do not currently log the exit status. */
gr_delref(runas_gr);
if (user_group_list != NULL)
grlist_delref(user_group_list);
+
+ debug_return;
}
/*
static int
sudoers_policy_init_session(struct passwd *pwd)
{
+ debug_decl(sudoers_policy_init, SUDO_DEBUG_PLUGIN)
+
if (sigsetjmp(error_jmp, 1)) {
/* called via error(), errorx() or log_error() */
return -1;
}
- return sudo_auth_begin_session(pwd);
+ debug_return_bool(sudo_auth_begin_session(pwd));
}
static int
int cmnd_status = -1, validated;
volatile int info_len = 0;
volatile int rval = TRUE;
+ debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
/* error recovery via error(), errorx() or log_error() */
sudo_endpwent();
sudo_endgrent();
- return rval;
+ debug_return_bool(rval);
}
static int
sudoers_policy_check(int argc, char * const argv[], char *env_add[],
char **command_infop[], char **argv_out[], char **user_env_out[])
{
+ debug_decl(sudoers_policy_check, SUDO_DEBUG_PLUGIN)
+
if (!ISSET(sudo_mode, MODE_EDIT))
SET(sudo_mode, MODE_RUN);
- return sudoers_policy_main(argc, argv, 0, env_add, command_infop,
- argv_out, user_env_out);
+ debug_return_bool(sudoers_policy_main(argc, argv, 0, env_add, command_infop,
+ argv_out, user_env_out));
}
static int
sudoers_policy_validate(void)
{
+ debug_decl(sudoers_policy_validate, SUDO_DEBUG_PLUGIN)
+
user_cmnd = "validate";
SET(sudo_mode, MODE_VALIDATE);
- return sudoers_policy_main(0, NULL, I_VERIFYPW, NULL, NULL, NULL, NULL);
+ debug_return_bool(sudoers_policy_main(0, NULL, I_VERIFYPW, NULL, NULL, NULL, NULL));
}
static void
sudoers_policy_invalidate(int remove)
{
+ debug_decl(sudoers_policy_invalidate, SUDO_DEBUG_PLUGIN)
+
user_cmnd = "kill";
if (sigsetjmp(error_jmp, 1) == 0) {
remove_timestamp(remove);
plugin_cleanup(0);
}
+
+ debug_return;
}
static int
const char *list_user)
{
int rval;
+ debug_decl(sudoers_policy_list, SUDO_DEBUG_PLUGIN)
user_cmnd = "list";
if (argc)
list_pw = sudo_getpwnam(list_user);
if (list_pw == NULL) {
warningx(_("unknown user: %s"), list_user);
- return -1;
+ debug_return_bool(-1);
}
}
rval = sudoers_policy_main(argc, argv, I_LISTPW, NULL, NULL, NULL, NULL);
list_pw = NULL;
}
- return rval;
+ debug_return_bool(rval);
}
/*
init_vars(char * const envp[])
{
char * const * ep;
+ debug_decl(init_vars, SUDO_DEBUG_PLUGIN)
#ifdef HAVE_TZSET
(void) tzset(); /* set the timezone if applicable */
sudo_defs_table[I_RUNAS_DEFAULT].callback = cb_runas_default;
/* It is now safe to use log_error() and set_perms() */
+ debug_return;
}
/*
{
int rval;
char *path = user_path;
+ debug_decl(set_cmnd, SUDO_DEBUG_PLUGIN)
/* Resolve the path and return. */
rval = FOUND;
if (!update_defaults(SETDEF_CMND))
log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
- return rval;
+ debug_return_int(rval);
}
/*
struct stat statbuf;
FILE *fp = NULL;
int rootstat;
+ debug_decl(open_sudoers, SUDO_DEBUG_PLUGIN)
/*
* Fix the mode and group on sudoers file from old default.
}
restore_perms(); /* change back to root */
- return fp;
+ debug_return_ptr(fp);
}
#ifdef HAVE_LOGIN_CAP_H
set_loginclass(struct passwd *pw)
{
int errflags;
+ debug_decl(set_loginclass, SUDO_DEBUG_PLUGIN)
/*
* Don't make it a fatal error if the user didn't specify the login
if (!lc)
lc = login_getclass(NULL); /* needed for login_getstyle() later */
}
+ debug_return;
}
#else
static void
struct hostent *hp;
#endif
char *p;
+ debug_decl(set_fqdn, SUDO_DEBUG_PLUGIN)
#ifdef HAVE_GETADDRINFO
zero_bytes(&hint, sizeof(hint));
user_shost = estrndup(user_host, (size_t)(p - user_host));
else
user_shost = user_host;
+ debug_return;
}
/*
* Get passwd entry for the user we are going to run commands as
* and store it in runas_pw. By default, commands run as "root".
*/
-void
+static void
set_runaspw(const char *user)
{
+ debug_decl(set_runaspw, SUDO_DEBUG_PLUGIN)
+
if (runas_pw != NULL)
pw_delref(runas_pw);
if (*user == '#') {
if ((runas_pw = sudo_getpwnam(user)) == NULL)
log_error(NO_MAIL|MSG_ONLY, _("unknown user: %s"), user);
}
+ debug_return;
}
/*
static void
set_runasgr(const char *group)
{
+ debug_decl(set_runasgr, SUDO_DEBUG_PLUGIN)
+
if (runas_gr != NULL)
gr_delref(runas_gr);
if (*group == '#') {
if ((runas_gr = sudo_getgrnam(group)) == NULL)
log_error(NO_MAIL|MSG_ONLY, _("unknown group: %s"), group);
}
+ debug_return;
}
/*
struct sudo_nss *nss;
if (!gotsignal) {
+ debug_decl(plugin_cleanup, SUDO_DEBUG_PLUGIN)
if (snl != NULL) {
tq_foreach_fwd(snl, nss)
nss->close(nss);
group_plugin_unload();
sudo_endpwent();
sudo_endgrent();
+ debug_return;
}
}
static int
sudoers_policy_version(int verbose)
{
+ debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN)
+
if (sigsetjmp(error_jmp, 1)) {
/* error recovery via error(), errorx() or log_error() */
- return -1;
+ debug_return_bool(-1);
}
sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"),
dump_interfaces(interfaces_string);
sudo_printf(SUDO_CONV_INFO_MSG, "\n");
}
- return TRUE;
+ debug_return_bool(TRUE);
}
static int
{
char * const *cur;
const char *p, *groups = NULL;
+ const char *debug_file = NULL, *debug_flags = NULL;
int flags = 0;
+ debug_decl(deserialize_info, SUDO_DEBUG_PLUGIN)
#define MATCHES(s, v) (strncmp(s, v, sizeof(v) - 1) == 0)
user_closefrom = atoi(*cur + sizeof("closefrom=") - 1);
continue;
}
- if (MATCHES(*cur, "debug_level=")) {
- debug_level = atoi(*cur + sizeof("debug_level=") - 1);
+ if (MATCHES(*cur, "debug_file=")) {
+ debug_file = *cur + sizeof("debug_file=") - 1;
+ continue;
+ }
+ if (MATCHES(*cur, "debug_flags=")) {
+ debug_flags = *cur + sizeof("debug_flags=") - 1;
continue;
}
if (MATCHES(*cur, "runas_user=")) {
efree(gids);
}
+ /* Setup debugging if indicated. */
+ if (debug_file != NULL && debug_flags != NULL) {
+ sudo_debug_init(debug_file, debug_flags);
+ for (cur = settings; *cur != NULL; cur++)
+ sudo_debug_printf(SUDO_DEBUG_INFO, "settings: %s", *cur);
+ for (cur = user_info; *cur != NULL; cur++)
+ sudo_debug_printf(SUDO_DEBUG_INFO, "user_info: %s", *cur);
+ }
+
#undef MATCHES
return flags;
}
{
char *cp, **nargv, *editor_path = NULL;
int ac, i, nargc, wasblank;
+ debug_decl(resolve_editor, SUDO_DEBUG_PLUGIN)
editor = estrdup(editor); /* becomes part of argv_out */
if (cp == NULL ||
find_path(cp, &editor_path, NULL, getenv("PATH"), 0) != FOUND) {
efree(editor);
- return NULL;
+ debug_return_str(NULL);
}
nargv = (char **) emalloc2(nargc + 1 + nfiles + 1, sizeof(char *));
for (ac = 0; cp != NULL && ac < nargc; ac++) {
nargv[ac] = NULL;
*argv_out = nargv;
- return editor_path;
+ debug_return_str(editor_path);
}
/*
find_editor(int nfiles, char **files, char ***argv_out)
{
char *cp, *editor, *editor_path = NULL, **ev, *ev0[4];
+ debug_decl(find_editor, SUDO_DEBUG_PLUGIN)
/*
* If any of SUDO_EDITOR, VISUAL or EDITOR are set, choose the first one.
audit_failure(NewArgv, _("%s: command not found"), editor);
warningx(_("%s: command not found"), editor);
}
- return editor_path;
+ debug_return_str(editor_path);
}
#ifdef USE_ADMIN_FLAG
struct stat statbuf;
char flagfile[PATH_MAX];
int fd, n;
+ debug_decl(create_admin_success_flag, SUDO_DEBUG_PLUGIN)
/* Check whether the user is in the admin group. */
if (!user_in_group(sudo_user.pw, "admin"))
- return;
+ debug_return;
/* Build path to flag file. */
n = snprintf(flagfile, sizeof(flagfile), "%s/.sudo_as_admin_successful",
user_dir);
if (n <= 0 || n >= sizeof(flagfile))
- return;
+ debug_return;
/* Create admin flag file if it doesn't already exist. */
set_perms(PERM_USER);
close(fd);
}
restore_perms();
+ debug_return;
}
#else /* !USE_ADMIN_FLAG */
static void
#include "logging.h"
#include "sudo_nss.h"
#include "sudo_plugin.h"
+#include "sudo_debug.h"
#define DEFAULT_TEXT_DOMAIN "sudoers"
#include "gettext.h"
/* A lexical scanner generated by flex */
/* Scanner skeleton version:
- * $Header: /cvs/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
+ * $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
*/
#define FLEX_SCANNER
struct stat sb;
struct path_list *pl, *first = NULL;
struct path_list **sorted = NULL;
+ debug_decl(switch_dir, SUDO_DEBUG_PARSER)
if (!(dir = opendir(dirpath))) {
if (errno != ENOENT) {
}
done:
efree(dirpath);
- return path;
+ debug_return_str(path);
bad:
while (first != NULL) {
pl = first;
efree(sorted);
efree(dirpath);
efree(path);
- return NULL;
+ debug_return_str(NULL);
}
#define MAX_SUDOERS_DEPTH 128
init_lexer(void)
{
struct path_list *pl;
+ debug_decl(init_lexer, SUDO_DEBUG_PARSER)
while (idepth) {
idepth--;
sawspace = FALSE;
continued = FALSE;
prev_state = INITIAL;
+
+ debug_return;
}
static int
{
struct path_list *pl;
FILE *fp;
+ debug_decl(_push_include, SUDO_DEBUG_PARSER)
/* push current state onto stack */
if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) {
yyerror(_("too many levels of includes"));
- return FALSE;
+ debug_return_bool(FALSE);
}
istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack,
sizeof(*istack) * istacksize);
if (istack == NULL) {
yyerror(_("unable to allocate memory"));
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
- return FALSE;
+ debug_return_bool(FALSE);
}
while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
/* Unable to open path in includedir, go to next one, if any. */
efree(path);
if ((pl = istack[idepth].more) == NULL)
- return FALSE;
+ debug_return_bool(FALSE);
path = pl->path;
istack[idepth].more = pl->next;
efree(pl);
} else {
yyerror(_("unable to allocate memory"));
}
- return FALSE;
+ debug_return_bool(FALSE);
}
istack[idepth].more = NULL;
}
sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
- return TRUE;
+ debug_return_bool(TRUE);
}
static int
{
struct path_list *pl;
FILE *fp;
+ debug_decl(pop_include, SUDO_DEBUG_PARSER)
if (idepth == 0)
- return FALSE;
+ debug_return_bool(FALSE);
if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
sudolineno = istack[idepth].lineno;
keepopen = istack[idepth].keepopen;
}
- return TRUE;
+ debug_return_bool(TRUE);
}
static char *
char *cp, *ep, *path;
int len = 0, subst = 0;
size_t shost_len = 0;
+ debug_decl(parse_include, SUDO_DEBUG_PARSER)
/* Pull out path from #include line. */
cp = base + sizeof("#include");
len += (int)(ep - cp);
if ((path = malloc(len + 1)) == NULL) {
yyerror(_("unable to allocate memory"));
- return NULL;
+ debug_return_str(NULL);
}
if (subst) {
/* substitute for %h */
if (*ep != '\0')
yyless((int)(ep - base));
- return path;
+ debug_return_str(path);
}
#ifdef TRACELEXER
/* realloc() to size + COMMANDARGINC to make room for command args */
#define COMMANDARGINC 64
-#define LEXTRACE(msg) do { \
- if (trace_print != NULL) \
- (*trace_print)(msg); \
+/*
+ * XXX - want to use debug file for lexer tracing, e.g.
+ * sudo_debug_printf2(SUDO_DEBUG_PARSER|SUDO_DEBUG_DEBUG, "%s", msg);
+ * but need to add buffering so that it is line oriented.
+ */
+#define LEXTRACE(msg) do { \
+ if (trace_print != NULL) \
+ (*trace_print)(msg); \
} while (0);
#endif /* _SUDO_TOKE_H */
struct stat sb;
struct path_list *pl, *first = NULL;
struct path_list **sorted = NULL;
+ debug_decl(switch_dir, SUDO_DEBUG_PARSER)
if (!(dir = opendir(dirpath))) {
if (errno != ENOENT) {
}
done:
efree(dirpath);
- return path;
+ debug_return_str(path);
bad:
while (first != NULL) {
pl = first;
efree(sorted);
efree(dirpath);
efree(path);
- return NULL;
+ debug_return_str(NULL);
}
#define MAX_SUDOERS_DEPTH 128
init_lexer(void)
{
struct path_list *pl;
+ debug_decl(init_lexer, SUDO_DEBUG_PARSER)
while (idepth) {
idepth--;
sawspace = FALSE;
continued = FALSE;
prev_state = INITIAL;
+
+ debug_return;
}
static int
{
struct path_list *pl;
FILE *fp;
+ debug_decl(_push_include, SUDO_DEBUG_PARSER)
/* push current state onto stack */
if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) {
yyerror(_("too many levels of includes"));
- return FALSE;
+ debug_return_bool(FALSE);
}
istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack,
sizeof(*istack) * istacksize);
if (istack == NULL) {
yyerror(_("unable to allocate memory"));
- return FALSE;
+ debug_return_bool(FALSE);
}
}
if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
- return FALSE;
+ debug_return_bool(FALSE);
}
while ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
/* Unable to open path in includedir, go to next one, if any. */
efree(path);
if ((pl = istack[idepth].more) == NULL)
- return FALSE;
+ debug_return_bool(FALSE);
path = pl->path;
istack[idepth].more = pl->next;
efree(pl);
} else {
yyerror(_("unable to allocate memory"));
}
- return FALSE;
+ debug_return_bool(FALSE);
}
istack[idepth].more = NULL;
}
sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
- return TRUE;
+ debug_return_bool(TRUE);
}
static int
{
struct path_list *pl;
FILE *fp;
+ debug_decl(pop_include, SUDO_DEBUG_PARSER)
if (idepth == 0)
- return FALSE;
+ debug_return_bool(FALSE);
if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
sudolineno = istack[idepth].lineno;
keepopen = istack[idepth].keepopen;
}
- return TRUE;
+ debug_return_bool(TRUE);
}
static char *
char *cp, *ep, *path;
int len = 0, subst = 0;
size_t shost_len = 0;
+ debug_decl(parse_include, SUDO_DEBUG_PARSER)
/* Pull out path from #include line. */
cp = base + sizeof("#include");
len += (int)(ep - cp);
if ((path = malloc(len + 1)) == NULL) {
yyerror(_("unable to allocate memory"));
- return NULL;
+ debug_return_str(NULL);
}
if (subst) {
/* substitute for %h */
if (*ep != '\0')
yyless((int)(ep - base));
- return path;
+ debug_return_str(path);
}
#ifdef TRACELEXER
# include <malloc.h>
#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
#include <ctype.h>
+
#include "sudoers.h"
#include "parse.h"
#include "toke.h"
static int arg_len = 0;
static int arg_size = 0;
-static unsigned char
+static int
hexchar(const char *s)
{
- int i;
- int result = 0;
+ int i, result = 0;
+ debug_decl(hexchar, SUDO_DEBUG_PARSER)
s += 2; /* skip \\x */
for (i = 0; i < 2; i++) {
s++;
}
}
- return (unsigned char)result;
+ debug_return_int(result);
}
int
fill_txt(const char *src, int len, int olen)
{
char *dst;
+ debug_decl(fill_txt, SUDO_DEBUG_PARSER)
dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
if (dst == NULL) {
yyerror(_("unable to allocate memory"));
- return FALSE;
+ debug_return_bool(FALSE);
}
yylval.string = dst;
}
}
*dst = '\0';
- return TRUE;
+ debug_return_bool(TRUE);
}
int
append(const char *src, int len)
{
int olen = 0;
+ debug_decl(append, SUDO_DEBUG_PARSER)
if (yylval.string != NULL)
olen = strlen(yylval.string);
- return fill_txt(src, len, olen);
+ debug_return_bool(fill_txt(src, len, olen));
}
#define SPECIAL(c) \
{
char *dst;
int i;
+ debug_decl(fill_cmnd, SUDO_DEBUG_PARSER)
arg_len = arg_size = 0;
dst = yylval.command.cmnd = (char *) malloc(len + 1);
if (yylval.command.cmnd == NULL) {
yyerror(_("unable to allocate memory"));
- return FALSE;
+ debug_return_bool(FALSE);
}
/* Copy the string and collapse any escaped sudo-specific characters. */
*dst = '\0';
yylval.command.args = NULL;
- return TRUE;
+ debug_return_bool(TRUE);
}
int
{
int new_len;
char *p;
+ debug_decl(fill_args, SUDO_DEBUG_PARSER)
if (yylval.command.args == NULL) {
addspace = 0;
if (p == NULL) {
efree(yylval.command.args);
yyerror(_("unable to allocate memory"));
- return FALSE;
+ debug_return_bool(FALSE);
} else
yylval.command.args = p;
}
*p++ = ' ';
if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) {
yyerror(_("fill_args: buffer overflow")); /* paranoia */
- return FALSE;
+ debug_return_bool(FALSE);
}
arg_len = new_len;
- return TRUE;
+ debug_return_bool(TRUE);
}
/*
ipv6_valid(const char *s)
{
int nmatch = 0;
+ debug_decl(ipv6_valid, SUDO_DEBUG_PARSER)
for (; *s != '\0'; s++) {
if (s[0] == ':' && s[1] == ':') {
nmatch = 0; /* reset if we hit netmask */
}
- return nmatch <= 1;
+ debug_return_bool(nmatch <= 1);
}
conversation.o: $(srcdir)/conversation.c $(top_builddir)/config.h \
$(srcdir)/sudo.h $(top_builddir)/pathnames.h \
$(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
- $(incdir)/fileops.h $(incdir)/list.h $(incdir)/gettext.h \
- $(incdir)/sudo_plugin.h
+ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h $(incdir)/sudo_plugin.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/conversation.c
error.o: $(srcdir)/error.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/error.h $(incdir)/gettext.h
exec.o: $(srcdir)/exec.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h $(srcdir)/sudo_exec.h $(incdir)/sudo_plugin.h \
- $(srcdir)/sudo_plugin_int.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/sudo_exec.h \
+ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/exec.c
exec_pty.o: $(srcdir)/exec_pty.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h $(srcdir)/sudo_exec.h $(incdir)/sudo_plugin.h \
- $(srcdir)/sudo_plugin_int.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/sudo_exec.h \
+ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/exec_pty.c
get_pty.o: $(srcdir)/get_pty.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/get_pty.c
load_plugins.o: $(srcdir)/load_plugins.c $(top_builddir)/config.h \
$(top_srcdir)/compat/dlfcn.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h \
$(incdir)/alloc.h $(incdir)/error.h $(incdir)/fileops.h \
- $(incdir)/list.h $(incdir)/gettext.h $(incdir)/sudo_plugin.h \
- $(srcdir)/sudo_plugin_int.h
+ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \
+ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h \
+ $(incdir)/sudo_debug.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/load_plugins.c
net_ifs.o: $(srcdir)/net_ifs.c $(top_builddir)/config.h $(incdir)/missing.h \
- $(incdir)/alloc.h $(incdir)/error.h $(incdir)/gettext.h
+ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/sudo_debug.h \
+ $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/net_ifs.c
parse_args.o: $(srcdir)/parse_args.c $(top_builddir)/config.h ./sudo_usage.h \
$(srcdir)/sudo.h $(top_builddir)/pathnames.h $(incdir)/missing.h \
$(incdir)/alloc.h $(incdir)/error.h $(incdir)/fileops.h \
- $(incdir)/list.h $(incdir)/gettext.h $(incdir)/lbuf.h
+ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \
+ $(incdir)/lbuf.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/parse_args.c
preload.o: $(srcdir)/preload.c $(top_builddir)/config.h $(incdir)/sudo_plugin.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/preload.c
selinux.o: $(srcdir)/selinux.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/selinux.c
sesh.o: $(srcdir)/sesh.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/gettext.h
sudo.o: $(srcdir)/sudo.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(incdir)/sudo_plugin.h \
$(srcdir)/sudo_plugin_int.h ./sudo_usage.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudo.c
sudo_edit.o: $(srcdir)/sudo_edit.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudo_edit.c
sudo_noexec.lo: $(srcdir)/sudo_noexec.c $(top_builddir)/config.h \
$(incdir)/missing.h
tgetpass.o: $(srcdir)/tgetpass.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/tgetpass.c
-ttysize.o: $(srcdir)/ttysize.c $(top_builddir)/config.h $(incdir)/missing.h
+ttysize.o: $(srcdir)/ttysize.c $(top_builddir)/config.h $(incdir)/missing.h \
+ $(incdir)/sudo_debug.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/ttysize.c
utmp.o: $(srcdir)/utmp.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/alloc.h \
$(incdir)/error.h $(incdir)/fileops.h $(incdir)/list.h \
- $(incdir)/gettext.h $(srcdir)/sudo_exec.h
+ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/sudo_exec.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/utmp.c
#include "sudo.h"
#include "sudo_plugin.h"
-#include "sudo_debug.h"
extern int tgetpass_flags; /* XXX */
struct command_status cstat;
sigaction_t sa;
pid_t child;
+ debug_decl(fork_cmnd, SUDO_DEBUG_EXEC)
zero_bytes(&sa, sizeof(sa));
sigemptyset(&sa.sa_mask);
restore_signals();
if (exec_setup(details, NULL, -1) == TRUE) {
/* headed for execve() */
+ sudo_debug_execve(SUDO_DEBUG_INFO, details->command,
+ details->argv, details->envp);
if (details->closefrom >= 0)
closefrom(details->closefrom);
#ifdef HAVE_SELINUX
else
#endif
my_execve(details->command, details->argv, details->envp);
+ sudo_debug_printf(SUDO_DEBUG_SYSERR, "unable to exec %s: %s",
+ details->command, strerror(errno));
}
cstat.type = CMD_ERRNO;
cstat.val = errno;
send(sv[1], &cstat, sizeof(cstat), 0);
+ sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 1);
_exit(1);
}
- return child;
+ debug_return_int(child);
}
static struct signal_state {
save_signals(void)
{
struct signal_state *ss;
+ debug_decl(save_signals, SUDO_DEBUG_EXEC)
for (ss = saved_signals; ss->signo != -1; ss++)
sigaction(ss->signo, NULL, &ss->sa);
+
+ debug_return;
}
/*
restore_signals(void)
{
struct signal_state *ss;
+ debug_decl(restore_signals, SUDO_DEBUG_EXEC)
for (ss = saved_signals; ss->signo != -1; ss++)
sigaction(ss->signo, &ss->sa, NULL);
+
+ debug_return;
}
/*
fd_set *fdsr, *fdsw;
sigaction_t sa;
pid_t child;
+ debug_decl(sudo_execve, SUDO_DEBUG_EXEC)
/* If running in background mode, fork and exit. */
if (ISSET(details->flags, CD_BACKGROUND)) {
cstat->type = CMD_ERRNO;
cstat->val = errno;
return -1;
+ debug_return_int(-1);
case 0:
/* child continues without controlling terminal */
(void)setpgid(0, 0);
break;
default:
/* parent exits (but does not flush buffers) */
+ sudo_debug_exit_int(__func__, __FILE__, __LINE__,
+ sudo_debug_subsys, 0);
_exit(0);
}
}
log_io = TRUE;
if (ISSET(details->flags, CD_SET_UTMP))
utmp_user = details->utmp_user ? details->utmp_user : user_details.username;
- sudo_debug(8, "allocate pty for I/O logging");
+ sudo_debug_printf(SUDO_DEBUG_INFO, "allocate pty for I/O logging");
pty_setup(details->euid, user_details.tty, utmp_user);
}
if (cstat->type == CMD_WSTATUS) {
if (WIFSTOPPED(cstat->val)) {
/* Suspend parent and tell child how to resume on return. */
- sudo_debug(8, "child stopped, suspending parent");
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "child stopped, suspending parent");
n = suspend_parent(WSTOPSIG(cstat->val));
schedule_signal(n);
continue;
efree(sigfwd);
}
- return cstat->type == CMD_ERRNO ? -1 : 0;
+ debug_return_int(cstat->type == CMD_ERRNO ? -1 : 0);
}
/*
ssize_t nread;
int status;
pid_t pid;
+ debug_decl(handle_signals, SUDO_DEBUG_EXEC)
for (;;) {
/* read signal pipe */
/* If pipe is empty, we are done. */
if (errno == EAGAIN)
break;
- sudo_debug(9, "error reading signal pipe %s", strerror(errno));
+ sudo_debug_printf(SUDO_DEBUG_SYSERR, "error reading signal pipe %s",
+ strerror(errno));
cstat->type = CMD_ERRNO;
cstat->val = errno;
- return -1;
+ debug_return_int(-1);
}
- sudo_debug(9, "received signal %d", signo);
+ sudo_debug_printf(SUDO_DEBUG_DIAG, "received signal %d", signo);
if (signo == SIGCHLD) {
/*
* If logging I/O, child is the intermediate process,
/* Child has exited, we are done. */
cstat->type = CMD_WSTATUS;
cstat->val = status;
- return 0;
+ debug_return_int(0);
}
}
/* Else we get ECONNRESET on sv[0] if child dies. */
}
}
}
- return 1;
+ debug_return_int(1);
}
/*
struct sigforward *sigfwd;
struct command_status cstat;
ssize_t nsent;
+ debug_decl(forward_signals, SUDO_DEBUG_EXEC)
while (!tq_empty(&sigfwd_list)) {
sigfwd = tq_first(&sigfwd_list);
- sudo_debug(9, "sending signal %d to child over backchannel",
- sigfwd->signo);
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "sending signal %d to child over backchannel", sigfwd->signo);
cstat.type = CMD_SIGNO;
cstat.val = sigfwd->signo;
do {
break;
}
}
+ debug_return;
}
/*
schedule_signal(int signo)
{
struct sigforward *sigfwd;
+ debug_decl(schedule_signal, SUDO_DEBUG_EXEC)
+
+ sudo_debug_printf(SUDO_DEBUG_DIAG, "forwarding signal %d to child", signo);
sigfwd = emalloc(sizeof(*sigfwd));
sigfwd->prev = sigfwd;
sigfwd->next = NULL;
sigfwd->signo = signo;
tq_append(&sigfwd_list, sigfwd);
+
+ debug_return;
}
/*
pipe_nonblock(int fds[2])
{
int flags, rval;
+ debug_decl(pipe_nonblock, SUDO_DEBUG_EXEC)
rval = pipe(fds);
if (rval != -1) {
}
}
- return rval;
+ debug_return_int(rval);
}
void
cleanup(int gotsignal)
{
+ debug_decl(cleanup, SUDO_DEBUG_EXEC);
+
if (!tq_empty(&io_plugins))
term_restore(io_fds[SFD_USERTTY], 0);
#ifdef HAVE_SELINUX
selinux_restore_tty();
#endif
utmp_logout(slavename, 0); /* XXX - only if CD_SET_UTMP */
+
+ debug_return;
}
/*
void
pty_setup(uid_t uid, const char *tty, const char *utmp_user)
{
+ debug_decl(pty_setup, SUDO_DEBUG_EXEC);
+
io_fds[SFD_USERTTY] = open(_PATH_TTY, O_RDWR|O_NOCTTY, 0);
if (io_fds[SFD_USERTTY] != -1) {
if (!get_pty(&io_fds[SFD_MASTER], &io_fds[SFD_SLAVE],
if (utmp_user != NULL)
utmp_login(tty, slavename, io_fds[SFD_SLAVE], utmp_user);
}
+
+ debug_return;
}
/* Call I/O plugin tty input log method. */
struct plugin_container *plugin;
sigset_t omask;
int rval = TRUE;
+ debug_decl(log_ttyin, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
-
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_ttyin) {
if (!plugin->u.io->log_ttyin(buf, n)) {
}
}
}
-
sigprocmask(SIG_SETMASK, &omask, NULL);
- return rval;
+
+ debug_return_int(rval);
}
/* Call I/O plugin stdin log method. */
struct plugin_container *plugin;
sigset_t omask;
int rval = TRUE;
+ debug_decl(log_stdin, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
-
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_stdin) {
if (!plugin->u.io->log_stdin(buf, n)) {
}
}
}
-
sigprocmask(SIG_SETMASK, &omask, NULL);
- return rval;
+
+ debug_return_int(rval);
}
/* Call I/O plugin tty output log method. */
struct plugin_container *plugin;
sigset_t omask;
int rval = TRUE;
+ debug_decl(log_ttyout, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
-
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_ttyout) {
if (!plugin->u.io->log_ttyout(buf, n)) {
}
}
}
-
sigprocmask(SIG_SETMASK, &omask, NULL);
- return rval;
+
+ debug_return_int(rval);
}
/* Call I/O plugin stdout log method. */
struct plugin_container *plugin;
sigset_t omask;
int rval = TRUE;
+ debug_decl(log_stdout, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
-
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_stdout) {
if (!plugin->u.io->log_stdout(buf, n)) {
}
}
}
-
sigprocmask(SIG_SETMASK, &omask, NULL);
- return rval;
+
+ debug_return_int(rval);
}
/* Call I/O plugin stderr log method. */
struct plugin_container *plugin;
sigset_t omask;
int rval = TRUE;
+ debug_decl(log_stderr, SUDO_DEBUG_EXEC);
sigprocmask(SIG_BLOCK, &ttyblock, &omask);
-
tq_foreach_fwd(&io_plugins, plugin) {
if (plugin->u.io->log_stderr) {
if (!plugin->u.io->log_stderr(buf, n)) {
}
}
}
-
sigprocmask(SIG_SETMASK, &omask, NULL);
- return rval;
+
+ debug_return_int(rval);
}
/*
static void
check_foreground(void)
{
+ debug_decl(check_foreground, SUDO_DEBUG_EXEC);
+
if (io_fds[SFD_USERTTY] != -1) {
foreground = tcgetpgrp(io_fds[SFD_USERTTY]) == ppgrp;
if (foreground && !tty_initialized) {
}
}
}
+
+ debug_return;
}
/*
{
sigaction_t sa, osa;
int n, oldmode = ttymode, rval = 0;
+ debug_decl(suspend_parent, SUDO_DEBUG_EXEC);
switch (signo) {
case SIGTTOU:
/* Suspend self and continue child when we resume. */
sa.sa_handler = SIG_DFL;
sigaction(signo, &sa, &osa);
- sudo_debug(8, "kill parent %d", signo);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "kill parent %d", signo);
if (killpg(ppgrp, signo) != 0)
warning("killpg(%d, %d)", (int)ppgrp, signo);
* Only modify term if we are foreground process and either
* the old tty mode was not cooked or child got SIGTT{IN,OU}
*/
- sudo_debug(8, "parent is in %s, ttymode %d -> %d",
+ sudo_debug_printf(SUDO_DEBUG_INFO, "parent is in %s, ttymode %d -> %d",
foreground ? "foreground" : "background", oldmode, ttymode);
if (ttymode != TERM_COOKED) {
break;
}
- return rval;
+ debug_return_int(rval);
}
/*
void
terminate_child(pid_t pid, int use_pgrp)
{
+ debug_decl(terminate_child, SUDO_DEBUG_EXEC);
+
/*
* Note that SIGCHLD will interrupt the sleep()
*/
if (use_pgrp) {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGHUP", pid);
killpg(pid, SIGHUP);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGTERM", pid);
killpg(pid, SIGTERM);
sleep(2);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGKILL", pid);
killpg(pid, SIGKILL);
} else {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGHUP", pid);
kill(pid, SIGHUP);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGTERM", pid);
kill(pid, SIGTERM);
sleep(2);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGKILL", pid);
kill(pid, SIGKILL);
}
+
+ debug_return;
}
static struct io_buffer *
struct io_buffer *head)
{
struct io_buffer *iob;
+ debug_decl(io_buf_new, SUDO_DEBUG_EXEC);
iob = emalloc(sizeof(*iob));
zero_bytes(iob, sizeof(*iob));
iob->wfd = wfd;
iob->action = action;
iob->next = head;
- return iob;
+
+ debug_return_ptr(iob);
}
/*
{
struct io_buffer *iob;
int n, errors = 0;
+ debug_decl(perform_io, SUDO_DEBUG_EXEC);
for (iob = iobufs; iob; iob = iob->next) {
if (iob->rfd != -1 && FD_ISSET(iob->rfd, fdsr)) {
if (errno == EAGAIN)
break;
if (errno != ENXIO && errno != EBADF) {
+ sudo_debug_printf(SUDO_DEBUG_SYSERR,
+ "error reading fd %d: %s", iob->rfd,
+ strerror(errno));
errors++;
break;
}
iob->wfd = -1;
continue;
}
- if (errno != EAGAIN)
+ if (errno != EAGAIN) {
errors++;
+ sudo_debug_printf(SUDO_DEBUG_SYSERR,
+ "error writing fd %d: %s", iob->wfd, strerror(errno));
+ }
} else {
iob->off += n;
}
cstat->type = CMD_ERRNO;
cstat->val = errno;
}
- return errors;
+ debug_return_int(errors);
}
/*
struct io_buffer *iob;
int io_pipe[3][2], n;
sigaction_t sa;
+ debug_decl(fork_pty, SUDO_DEBUG_EXEC);
ppgrp = getpgrp(); /* parent's pgrp, so child can signal us */
(void) fcntl(iob->wfd, F_SETFL, n | O_NONBLOCK);
}
- return child;
+ debug_return_int(child);
}
void
pty_close(struct command_status *cstat)
{
int n;
+ debug_decl(pty_close, SUDO_DEBUG_EXEC);
/* Flush any remaining output (the plugin already got it) */
if (io_fds[SFD_USERTTY] != -1) {
}
}
utmp_logout(slavename, cstat->type == CMD_WSTATUS ? cstat->val : 0); /* XXX - only if CD_SET_UTMP */
+ debug_return;
}
/*
fd_set_iobs(fd_set *fdsr, fd_set *fdsw)
{
struct io_buffer *iob;
+ debug_decl(fd_set_iobs, SUDO_DEBUG_EXEC);
for (iob = iobufs; iob; iob = iob->next) {
if (iob->rfd == -1 && iob->wfd == -1)
FD_SET(iob->wfd, fdsw);
}
}
+ debug_return;
}
static void
deliver_signal(pid_t pid, int signo)
{
int status;
+ debug_decl(deliver_signal, SUDO_DEBUG_EXEC);
/* Handle signal from parent. */
- sudo_debug(8, "signal %d from parent", signo);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "received signal %d from parent", signo);
switch (signo) {
case SIGALRM:
terminate_child(pid, TRUE);
killpg(pid, signo);
break;
}
+ debug_return;
}
/*
send_status(int fd, struct command_status *cstat)
{
int n = -1;
+ debug_decl(send_status, SUDO_DEBUG_EXEC);
if (cstat->type != CMD_INVALID) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "sending status message to parent: [%d, %d]",
+ cstat->type, cstat->val);
do {
n = send(fd, cstat, sizeof(*cstat), 0);
} while (n == -1 && errno == EINTR);
if (n != sizeof(*cstat)) {
- sudo_debug(8, "unable to send status to parent: %s",
- strerror(errno));
- } else {
- sudo_debug(8, "sent status to parent");
+ sudo_debug_printf(SUDO_DEBUG_SYSERR,
+ "unable to send status to parent: %s", strerror(errno));
}
cstat->type = CMD_INVALID; /* prevent re-sending */
}
- return n;
+ debug_return_int(n);
}
/*
{
int status, alive = TRUE;
pid_t pid;
+ debug_decl(handle_sigchld, SUDO_DEBUG_EXEC);
/* read child status */
do {
cstat->type = CMD_WSTATUS;
cstat->val = status;
if (WIFSTOPPED(status)) {
- sudo_debug(8, "command stopped, signal %d", WSTOPSIG(status));
+ sudo_debug_printf(SUDO_DEBUG_INFO, "command stopped, signal %d",
+ WSTOPSIG(status));
do {
child_pgrp = tcgetpgrp(io_fds[SFD_SLAVE]);
} while (child_pgrp == -1 && errno == EINTR);
if (send_status(backchannel, cstat) == -1)
return alive; /* XXX */
} else if (WIFSIGNALED(status)) {
- sudo_debug(8, "command killed, signal %d", WTERMSIG(status));
+ sudo_debug_printf(SUDO_DEBUG_INFO, "command killed, signal %d",
+ WTERMSIG(status));
} else {
- sudo_debug(8, "command exited: %d", WEXITSTATUS(status));
+ sudo_debug_printf(SUDO_DEBUG_INFO, "command exited: %d",
+ WEXITSTATUS(status));
}
}
if (!WIFSTOPPED(status))
alive = FALSE;
}
- return alive;
+ debug_return_int(alive);
}
/*
int errpipe[2], maxfd, n, status;
int alive = TRUE;
unsigned char signo;
+ debug_decl(exec_monitor, SUDO_DEBUG_EXEC);
/* Close unused fds. */
if (io_fds[SFD_MASTER] != -1)
/* Send parent status. */
send_status(backchannel, &cstat);
}
+ sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 1);
_exit(1);
bad:
- return errno;
+ debug_return_int(errno);
}
/*
struct timeval tv;
fd_set *fdsr, *fdsw;
int nready, nwriters, maxfd = -1;
+ debug_decl(flush_output, SUDO_DEBUG_EXEC);
/* Determine maxfd */
for (iob = iobufs; iob; iob = iob->next) {
maxfd = iob->wfd;
}
if (maxfd == -1)
- return;
+ debug_return;
fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
fdsw = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
}
efree(fdsr);
efree(fdsw);
+ debug_return;
}
/*
exec_pty(struct command_details *details)
{
pid_t self = getpid();
+ debug_decl(exec_pty, SUDO_DEBUG_EXEC);
/* Set child process group here too to avoid a race. */
setpgid(0, self);
if (io_fds[SFD_STDERR] != io_fds[SFD_SLAVE])
close(io_fds[SFD_STDERR]);
+ sudo_debug_execve(SUDO_DEBUG_INFO, details->command,
+ details->argv, details->envp);
+
if (details->closefrom >= 0)
closefrom(details->closefrom);
#ifdef HAVE_SELINUX
else
#endif
my_execve(details->command, details->argv, details->envp);
+ debug_return;
}
/*
#ifdef TIOCGWINSZ
struct winsize wsize;
pid_t pgrp;
+ debug_decl(exec_pty, SUDO_DEBUG_EXEC);
if (ioctl(src, TIOCGWINSZ, &wsize) == 0) {
ioctl(dst, TIOCSWINSZ, &wsize);
if ((pgrp = tcgetpgrp(dst)) != -1)
killpg(pgrp, SIGWINCH);
}
+
+ debug_return;
#endif
}
static int
safe_close(int fd)
{
+ debug_decl(safe_close, SUDO_DEBUG_EXEC);
+
/* Avoid closing /dev/tty or std{in,out,err}. */
if (fd < 3 || fd == io_fds[SFD_USERTTY]) {
errno = EINVAL;
return -1;
}
- return close(fd);
+ debug_return_int(fd);
}
{
struct group *gr;
gid_t ttygid = -1;
+ int rval = 0;
+ debug_decl(get_pty, SUDO_DEBUG_PTY)
if ((gr = getgrnam("tty")) != NULL)
ttygid = gr->gr_gid;
- if (openpty(master, slave, name, NULL, NULL) != 0)
- return 0;
- if (chown(name, ttyuid, ttygid) != 0)
- return 0;
- return 1;
+ if (openpty(master, slave, name, NULL, NULL) == 0) {
+ if (chown(name, ttyuid, ttygid) == 0)
+ rval = 1;
+ }
+
+ debug_return_bool(rval);
}
#elif defined(HAVE__GETPTY)
get_pty(int *master, int *slave, char *name, size_t namesz, uid_t ttyuid)
{
char *line;
+ int rval = 0;
+ debug_decl(get_pty, SUDO_DEBUG_PTY)
/* IRIX-style dynamic ptys (may fork) */
line = _getpty(master, O_RDWR, S_IRUSR|S_IWUSR|S_IWGRP, 0);
- if (line == NULL)
- return 0;
- *slave = open(line, O_RDWR|O_NOCTTY, 0);
- if (*slave == -1) {
- close(*master);
- return 0;
+ if (line != NULL) {
+ *slave = open(line, O_RDWR|O_NOCTTY, 0);
+ if (*slave != -1) {
+ (void) chown(line, ttyuid, -1);
+ strlcpy(name, line, namesz);
+ rval = 1;
+ } else {
+ close(*master);
+ *master = -1;
+ }
}
- (void) chown(line, ttyuid, -1);
- strlcpy(name, line, namesz);
- return 1;
+ debug_return_bool(rval);
}
#elif defined(HAVE_GRANTPT)
# ifndef HAVE_POSIX_OPENPT
get_pty(int *master, int *slave, char *name, size_t namesz, uid_t ttyuid)
{
char *line;
+ int rval = 0;
+ debug_decl(get_pty, SUDO_DEBUG_PTY)
*master = posix_openpt(O_RDWR|O_NOCTTY);
- if (*master == -1)
- return 0;
-
- (void) grantpt(*master); /* may fork */
- if (unlockpt(*master) != 0) {
- close(*master);
- return 0;
- }
- line = ptsname(*master);
- if (line == NULL) {
- close(*master);
- return 0;
- }
- *slave = open(line, O_RDWR|O_NOCTTY, 0);
- if (*slave == -1) {
- close(*master);
- return 0;
- }
+ if (*master != -1) {
+ (void) grantpt(*master); /* may fork */
+ if (unlockpt(*master) != 0) {
+ close(*master);
+ goto done;
+ }
+ line = ptsname(*master);
+ if (line == NULL) {
+ close(*master);
+ goto done;
+ }
+ *slave = open(line, O_RDWR|O_NOCTTY, 0);
+ if (*slave == -1) {
+ close(*master);
+ goto done;
+ }
# if defined(I_PUSH) && !defined(_AIX)
- ioctl(*slave, I_PUSH, "ptem"); /* pseudo tty emulation module */
- ioctl(*slave, I_PUSH, "ldterm"); /* line discipline module */
+ ioctl(*slave, I_PUSH, "ptem"); /* pseudo tty emulation module */
+ ioctl(*slave, I_PUSH, "ldterm"); /* line discipline module */
# endif
- (void) chown(line, ttyuid, -1);
- strlcpy(name, line, namesz);
- return 1;
+ (void) chown(line, ttyuid, -1);
+ strlcpy(name, line, namesz);
+ rval = 1;
+ }
+done:
+ debug_return_bool(rval);
}
#else /* Old-style BSD ptys */
char *bank, *cp;
struct group *gr;
gid_t ttygid = -1;
+ int rval = 0;
+ debug_decl(get_pty, SUDO_DEBUG_PTY)
if ((gr = getgrnam("tty")) != NULL)
ttygid = gr->gr_gid;
*master = open(line, O_RDWR|O_NOCTTY, 0);
if (*master == -1) {
if (errno == ENOENT)
- return 0; /* out of ptys */
+ goto done; /* out of ptys */
continue; /* already in use */
}
line[sizeof("/dev/p") - 2] = 't';
*slave = open(line, O_RDWR|O_NOCTTY, 0);
if (*slave != -1) {
strlcpy(name, line, namesz);
- return 1; /* success */
+ rval = 1; /* success */
+ goto done;
}
(void) close(*master);
}
}
- return 0;
+done:
+ debug_return(rval);
}
#endif /* HAVE_OPENPTY */
#include <ctype.h>
#include <errno.h>
+#define SUDO_ERROR_WRAP 0
+
#include "sudo.h"
#include "sudo_plugin.h"
#include "sudo_plugin_int.h"
#include "missing.h"
#include "alloc.h"
#include "error.h"
+#include "sudo_debug.h"
#define DEFAULT_TEXT_DOMAIN "sudo"
#include "gettext.h"
#endif
int ailen, i, len, num_interfaces = 0;
char *cp;
+ debug_decl(get_net_ifs, SUDO_DEBUG_NETIF)
if (getifaddrs(&ifaddrs))
- return 0;
+ debug_return_int(0);
/* Allocate space for the interfaces info string. */
for (ifa = ifaddrs; ifa != NULL; ifa = ifa -> ifa_next) {
}
}
if (num_interfaces == 0)
- return 0;
+ debug_return_int(0);
ailen = num_interfaces * 2 * INET6_ADDRSTRLEN;
*addrinfo = cp = emalloc(ailen);
#else
efree(ifaddrs);
#endif
- return num_interfaces;
+ debug_return_int(num_interfaces);
}
#elif defined(SIOCGIFCONF) && !defined(STUB_LOAD_INTERFACES)
#ifdef _ISC
struct strioctl strioctl;
#endif /* _ISC */
+ debug_decl(get_net_ifs, SUDO_DEBUG_NETIF)
sock = socket(AF_INET, SOCK_DGRAM, 0);
if (sock < 0)
/* Allocate space for the maximum number of interfaces that could exist. */
if ((n = ifconf->ifc_len / sizeof(struct ifreq)) == 0)
- return 0;
+ debug_return_int(0);
ailen = n * 2 * INET6_ADDRSTRLEN;
*addrinfo = cp = emalloc(ailen);
efree(ifconf_buf);
(void) close(sock);
- return num_interfaces;
+ debug_return_int(num_interfaces);
}
#else /* !SIOCGIFCONF || STUB_LOAD_INTERFACES */
int
get_net_ifs(char **addrinfo)
{
- return 0;
+ debug_decl(get_net_ifs, SUDO_DEBUG_NETIF)
+ debug_return_int(0);
}
#endif /* SIOCGIFCONF && !STUB_LOAD_INTERFACES */
char *cp, **env_add, **settings;
int nenv = 0;
int env_size = 32;
+ debug_decl(parse_args, SUDO_DEBUG_ARGS)
env_add = emalloc2(env_size, sizeof(char *));
settings = emalloc2(NUM_SETTINGS + 1, sizeof(char *));
for (i = 0, j = 0; i < NUM_SETTINGS; i++) {
if (sudo_settings[i].value) {
- sudo_debug(9, "settings: %s=%s", sudo_settings[i].name,
- sudo_settings[i].value);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "settings: %s=%s",
+ sudo_settings[i].name, sudo_settings[i].value);
settings[j] = fmt_string(sudo_settings[i].name,
sudo_settings[i].value);
if (settings[j] == NULL)
*env_addp = env_add;
*nargc = argc;
*nargv = argv;
- return mode | flags;
+ debug_return_int(mode | flags);
}
static int
static void
usage_excl(int fatal)
{
+ debug_decl(usage_excl, SUDO_DEBUG_ARGS)
+
warningx(_("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"));
usage(fatal);
}
struct lbuf lbuf;
int indent = 16;
const char *pname = getprogname();
+ debug_decl(help, SUDO_DEBUG_ARGS)
lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols);
if (strcmp(pname, "sudoedit") == 0)
_("stop processing command line arguments\n"));
lbuf_print(&lbuf);
lbuf_destroy(&lbuf);
+ sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 0);
exit(0);
}
audit_role_change(const security_context_t old_context,
const security_context_t new_context, const char *ttyn)
{
- int au_fd, rc;
+ int au_fd, rc = -1;
char *message;
+ debug_decl(audit_role_change, SUDO_DEBUG_SELINUX)
au_fd = audit_open();
if (au_fd == -1) {
if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT
)
error(1, _("unable to open audit system"));
- return -1;
+ } else {
+ /* audit role change using the same format as newrole(1) */
+ easprintf(&message, "newrole: old-context=%s new-context=%s",
+ old_context, new_context);
+ rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE,
+ message, NULL, NULL, ttyn, 1);
+ if (rc <= 0)
+ warning(_("unable to send audit message"));
+ efree(message);
+ close(au_fd);
}
- /* audit role change using the same format as newrole(1) */
- easprintf(&message, "newrole: old-context=%s new-context=%s",
- old_context, new_context);
- rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE,
- message, NULL, NULL, ttyn, 1);
- if (rc <= 0)
- warning(_("unable to send audit message"));
-
- efree(message);
- close(au_fd);
-
- return rc;
+ debug_return_int(rc);
}
#endif
{
int retval = 0;
security_context_t chk_tty_context = NULL;
+ debug_decl(selinux_restore_tty, SUDO_DEBUG_SELINUX)
if (se_state.ttyfd == -1 || se_state.new_tty_context == NULL)
goto skip_relabel;
freecon(chk_tty_context);
chk_tty_context = NULL;
}
- return retval;
+ debug_return_int(retval);
}
/*
security_context_t tty_con = NULL;
security_context_t new_tty_con = NULL;
int fd;
+ debug_decl(relabel_tty, SUDO_DEBUG_SELINUX)
se_state.ttyfd = ptyfd;
/* It is perfectly legal to have no tty. */
if (ptyfd == -1 && ttyn == NULL)
- return 0;
+ debug_return_int(0);
/* If sudo is not allocating a pty for the command, open current tty. */
if (ptyfd == -1) {
se_state.ttyn = ttyn;
se_state.tty_context = tty_con;
se_state.new_tty_context = new_tty_con;
- return 0;
+ debug_return_int(0);
bad:
if (se_state.ttyfd != -1 && se_state.ttyfd != ptyfd) {
se_state.ttyfd = -1;
}
freecon(tty_con);
- return -1;
+ debug_return_int(-1);
}
/*
security_context_t new_context = NULL;
context_t context = NULL;
char *typebuf = NULL;
+ debug_decl(get_exec_context, SUDO_DEBUG_SELINUX)
/* We must have a role, the type is optional (we can use the default). */
if (!role) {
warningx(_("you must specify a role for type %s"), type);
errno = EINVAL;
- return NULL;
+ goto bad;
}
if (!type) {
if (get_default_type(role, &typebuf)) {
warningx(_("unable to get default type for role %s"), role);
errno = EINVAL;
- return NULL;
+ goto bad;
}
type = typebuf;
}
#endif
context_free(context);
- return new_context;
+ debug_return_ptr(new_context);
bad:
- free(typebuf);
+ efree(typebuf);
context_free(context);
freecon(new_context);
- return NULL;
+ debug_return_ptr(NULL);
}
/*
int ptyfd)
{
int rval = -1;
+ debug_decl(selinux_setup, SUDO_DEBUG_SELINUX)
/* Store the caller's SID in old_context. */
if (getprevcon(&se_state.old_context)) {
rval = 0;
done:
- return rval;
+ debug_return_int(rval);
}
void
{
char **nargv;
int argc, serrno;
+ debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
if (setexeccon(se_state.new_context)) {
warning(_("unable to set exec context to %s"), se_state.new_context);
if (se_state.enforcing)
- return;
+ debug_return;
}
#ifdef HAVE_SETKEYCREATECON
if (setkeycreatecon(se_state.new_context)) {
warning(_("unable to set key creation context to %s"), se_state.new_context);
if (se_state.enforcing)
- return;
+ debug_return;
}
#endif /* HAVE_SETKEYCREATECON */
serrno = errno;
free(nargv);
errno = serrno;
+ debug_return;
}
int
main(int argc, char *argv[], char *envp[])
{
- int nargc, sudo_mode, exitcode = 0;
+ int nargc, ok, sudo_mode, exitcode = 0;
char **nargv, **settings, **env_add;
char **user_info, **command_info, **argv_out, **user_env_out;
struct plugin_container *plugin, *next;
struct command_details command_details;
sigset_t mask;
- int ok;
+ debug_decl(main, SUDO_DEBUG_MAIN)
+
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
- extern char *malloc_options;
- malloc_options = "AFGJPR";
+ {
+ extern char *malloc_options;
+ malloc_options = "AFGJPR";
+ }
#endif
#if !defined(HAVE_GETPROGNAME) && !defined(HAVE___PROGNAME)
/* Parse command line arguments. */
sudo_mode = parse_args(argc, argv, &nargc, &nargv, &settings, &env_add);
- sudo_debug(9, "sudo_mode %d", sudo_mode);
+ sudo_debug_printf(SUDO_DEBUG_DEBUG, "sudo_mode %d", sudo_mode);
/* Print sudo version early, in case of plugin init failure. */
if (ISSET(sudo_mode, MODE_VERSION)) {
case MODE_RUN:
ok = policy_check(&policy_plugin, nargc, nargv, env_add,
&command_info, &argv_out, &user_env_out);
- sudo_debug(8, "policy plugin returns %d", ok);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "policy plugin returns %d", ok);
if (ok != TRUE) {
if (ok == -2)
usage(1);
default:
errorx(1, _("unexpected sudo mode 0x%x"), sudo_mode);
}
+ sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
exit(exitcode);
}
fix_fds(void)
{
int miss[3], devnull = -1;
+ debug_decl(fix_fds, SUDO_DEBUG_UTIL)
/*
* stdin, stdout and stderr must be open; set them to /dev/null
if (devnull > STDERR_FILENO)
close(devnull);
}
+ debug_return;
}
/*
fill_group_list(struct user_details *ud)
{
int maxgroups, tries, rval = -1;
+ debug_decl(fill_group_list, SUDO_DEBUG_UTIL)
#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
maxgroups = (int)sysconf(_SC_NGROUPS_MAX);
ud->groups = emalloc2(ud->ngroups, sizeof(GETGROUPS_T));
rval = getgrouplist(ud->username, ud->gid, ud->groups, &ud->ngroups);
}
- return rval;
+ debug_return_int(rval);
}
static char *
char *cp, *gid_list = NULL;
size_t glsize;
int i, len;
+ debug_decl(get_user_groups, SUDO_DEBUG_UTIL)
/*
* Systems with mbr_check_membership() support more than NGROUPS_MAX
i ? "," : "", (unsigned int)ud->groups[i]);
cp += len;
}
- return gid_list;
+ debug_return_str(gid_list);
}
/*
static char **
get_user_info(struct user_details *ud)
{
- char cwd[PATH_MAX];
- char host[MAXHOSTNAMELEN];
- char **user_info, *cp;
+ char *cp, **user_info, cwd[PATH_MAX], host[MAXHOSTNAMELEN];
struct passwd *pw;
int i = 0;
+ debug_decl(get_user_info, SUDO_DEBUG_UTIL)
/* XXX - bound check number of entries */
user_info = emalloc2(32, sizeof(char *));
user_info[++i] = NULL;
- return user_info;
+ debug_return_ptr(user_info);
}
/*
long lval;
unsigned long ulval;
char *cp, *ep;
+ debug_decl(command_info_to_details, SUDO_DEBUG_UTIL)
memset(details, 0, sizeof(*details));
details->closefrom = -1;
break; \
}
+ sudo_debug_printf(SUDO_DEBUG_PCOMM, "command info from plugin:");
for (i = 0; info[i] != NULL; i++) {
- sudo_debug(9, "command info: %s", info[i]);
+ sudo_debug_printf(SUDO_DEBUG_PCOMM, " %d: %s", i, info[i]);
switch (info[i][0]) {
case 'c':
SET_STRING("chroot=", chroot)
if (details->selinux_role != NULL && is_selinux_enabled() > 0)
SET(details->flags, CD_RBAC_ENABLED);
#endif
+ debug_return;
}
/*
#if defined(__linux__) || (defined(RLIMIT_CORE) && !defined(SUDO_DEVEL))
struct rlimit rl;
#endif
+ debug_decl(disable_coredumps, SUDO_DEBUG_UTIL)
#if defined(__linux__)
/*
rl.rlim_cur = 0;
(void) setrlimit(RLIMIT_CORE, &rl);
#endif /* RLIMIT_CORE && !SUDO_DEVEL */
+ debug_return;
}
#ifdef HAVE_PROJECT_H
struct project proj;
char buf[PROJECT_BUFSZ];
int errval;
+ debug_decl(set_project, SUDO_DEBUG_UTIL)
/*
* Collect the default project for the user and settaskid
warning("getdefaultproj");
}
endprojent();
+ debug_return;
}
#endif /* HAVE_PROJECT_H */
char *cp, **ev, **nenvp;
int env_len = 0, env_size = 128;
#endif /* _PATH_SUDO_NOEXEC */
+ debug_decl(disable_execute, SUDO_DEBUG_UTIL)
#ifdef HAVE_PRIV_SET
/* Solaris privileges, remove PRIV_PROC_EXEC post-execve. */
if (priv_set(PRIV_OFF, PRIV_LIMIT, "PRIV_PROC_EXEC", NULL) == 0)
- return;
+ debug_return;
warning(_("unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"));
#endif /* HAVE_PRIV_SET */
details->envp = nenvp;
#endif /* _PATH_SUDO_NOEXEC */
+ debug_return;
}
/*
{
int rval = FALSE;
struct passwd *pw;
+ debug_decl(exec_setup, SUDO_DEBUG_EXEC)
#ifdef HAVE_SETAUTHDB
aix_setauthdb(IDtouser(details->euid));
rval = TRUE;
done:
- return rval;
+ debug_return_bool(rval);
}
/*
struct plugin_container *plugin;
struct command_status cstat;
int exitcode = 1;
+ debug_decl(run_command, SUDO_DEBUG_EXEC)
cstat.type = CMD_INVALID;
cstat.val = 0;
switch (cstat.type) {
case CMD_ERRNO:
/* exec_setup() or execve() returned an error. */
- sudo_debug(9, "calling policy close with errno");
+ sudo_debug_printf(SUDO_DEBUG_DEBUG, "calling policy close with errno");
policy_close(&policy_plugin, 0, cstat.val);
tq_foreach_fwd(&io_plugins, plugin) {
- sudo_debug(9, "calling I/O close with errno");
+ sudo_debug_printf(SUDO_DEBUG_DEBUG, "calling I/O close with errno");
iolog_close(plugin, 0, cstat.val);
}
exitcode = 1;
break;
case CMD_WSTATUS:
/* Command ran, exited or was killed. */
- sudo_debug(9, "calling policy close with wait status");
+ sudo_debug_printf(SUDO_DEBUG_DEBUG,
+ "calling policy close with wait status");
policy_close(&policy_plugin, cstat.val, 0);
tq_foreach_fwd(&io_plugins, plugin) {
- sudo_debug(9, "calling I/O close with wait status");
+ sudo_debug_printf(SUDO_DEBUG_DEBUG,
+ "calling I/O close with wait status");
iolog_close(plugin, cstat.val, 0);
}
if (WIFEXITED(cstat.val))
warningx(_("unexpected child termination condition: %d"), cstat.type);
break;
}
- return exitcode;
+ debug_return_int(exitcode);
}
static int
policy_open(struct plugin_container *plugin, char * const settings[],
char * const user_info[], char * const user_env[])
{
- return plugin->u.policy->open(SUDO_API_VERSION, sudo_conversation,
- _sudo_printf, settings, user_info, user_env);
+ debug_decl(policy_open, SUDO_DEBUG_PCOMM)
+ debug_return_bool(plugin->u.policy->open(SUDO_API_VERSION,
+ sudo_conversation, _sudo_printf, settings, user_info, user_env));
}
static void
policy_close(struct plugin_container *plugin, int exit_status, int error)
{
+ debug_decl(policy_close, SUDO_DEBUG_PCOMM)
plugin->u.policy->close(exit_status, error);
+ debug_return;
}
static int
policy_show_version(struct plugin_container *plugin, int verbose)
{
- return plugin->u.policy->show_version(verbose);
+ debug_decl(policy_show_version, SUDO_DEBUG_PCOMM)
+ debug_return_bool(plugin->u.policy->show_version(verbose));
}
static int
char *env_add[], char **command_info[], char **argv_out[],
char **user_env_out[])
{
- return plugin->u.policy->check_policy(argc, argv, env_add, command_info,
- argv_out, user_env_out);
+ debug_decl(policy_check, SUDO_DEBUG_PCOMM)
+ debug_return_bool(plugin->u.policy->check_policy(argc, argv, env_add,
+ command_info, argv_out, user_env_out));
}
static int
policy_list(struct plugin_container *plugin, int argc, char * const argv[],
int verbose, const char *list_user)
{
+ debug_decl(policy_list, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->list == NULL) {
warningx(_("policy plugin %s does not support listing privileges"),
plugin->name);
- return FALSE;
+ debug_return_bool(FALSE);
}
- return plugin->u.policy->list(argc, argv, verbose, list_user);
+ debug_return_bool(plugin->u.policy->list(argc, argv, verbose, list_user));
}
static int
policy_validate(struct plugin_container *plugin)
{
+ debug_decl(policy_validate, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->validate == NULL) {
warningx(_("policy plugin %s does not support the -v option"),
plugin->name);
- return FALSE;
+ debug_return_bool(FALSE);
}
- return plugin->u.policy->validate();
+ debug_return_bool(plugin->u.policy->validate());
}
static void
policy_invalidate(struct plugin_container *plugin, int remove)
{
+ debug_decl(policy_invalidate, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->invalidate == NULL) {
errorx(1, _("policy plugin %s does not support the -k/-K options"),
plugin->name);
}
plugin->u.policy->invalidate(remove);
+ debug_return;
}
static int
policy_init_session(struct plugin_container *plugin, struct passwd *pwd)
{
+ debug_decl(policy_init_session, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->init_session)
- return plugin->u.policy->init_session(pwd);
- return TRUE;
+ debug_return_bool(plugin->u.policy->init_session(pwd));
+ debug_return_bool(TRUE);
}
static int
int argc, char * const argv[], char * const user_env[])
{
int rval;
+ debug_decl(iolog_open, SUDO_DEBUG_PCOMM)
/*
* Backwards compatibility for API major 1, minor 0
_sudo_printf, settings, user_info, command_info, argc, argv,
user_env);
}
- return rval;
+ debug_return_bool(rval);
}
static void
iolog_close(struct plugin_container *plugin, int exit_status, int error)
{
+ debug_decl(iolog_close, SUDO_DEBUG_PCOMM)
plugin->u.io->close(exit_status, error);
+ debug_return;
}
static int
iolog_show_version(struct plugin_container *plugin, int verbose)
{
- return plugin->u.io->show_version(verbose);
-}
-
-/*
- * Simple debugging/logging.
- */
-void
-sudo_debug(int level, const char *fmt, ...)
-{
- va_list ap;
- char *fmt2;
-
- if (level > debug_level)
- return;
-
- /* Backet fmt with program name and a newline to make it a single write */
- easprintf(&fmt2, "%s: %s\n", getprogname(), fmt);
- va_start(ap, fmt);
- vfprintf(stderr, fmt2, ap);
- va_end(ap);
- efree(fmt2);
+ debug_decl(iolog_show_version, SUDO_DEBUG_PCOMM)
+ debug_return_bool(plugin->u.io->show_version(verbose));
}
#include "error.h"
#include "fileops.h"
#include "list.h"
+#include "sudo_debug.h"
#include "gettext.h"
#ifdef __TANDEM
/* sudo.c */
int exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
int run_command(struct command_details *details);
-void sudo_debug(int level, const char *format, ...) __printflike(2, 3);
extern int debug_level;
extern const char *list_user, *runas_user, *runas_group;
extern struct user_details user_details;
switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups)
{
int serrno = errno;
+ debug_decl(switch_user, SUDO_DEBUG_EDIT)
/* When restoring root, change euid first; otherwise change it last. */
if (euid == ROOT_UID) {
if (seteuid(euid) != 0)
error(1, "seteuid(%d)", (int)euid);
}
-
errno = serrno;
+
+ debug_return;
}
/*
struct timeval omtim;
off_t osize;
} *tf;
+ debug_decl(sudo_edit, SUDO_DEBUG_EDIT)
/*
* Set real, effective and saved uids to root.
*/
if (setuid(ROOT_UID) != 0) {
warning(_("unable to change uid to root (%u)"), ROOT_UID);
- return 1;
+ goto cleanup;
}
/*
}
if (nfiles == 0) {
warningx(_("plugin error: missing file list for sudoedit"));
- return 1;
+ goto cleanup;
}
/*
j++;
}
if ((nfiles = j) == 0)
- return 1; /* no files readable, you lose */
+ goto cleanup; /* no files readable, you lose */
/*
* Allocate space for the new argument vector and fill it in.
}
close(ofd);
}
+ debug_return_int(rval);
- return rval;
cleanup:
/* Clean up temp files and return. */
for (i = 0; i < nfiles; i++) {
if (tf[i].tfile != NULL)
unlink(tf[i].tfile);
}
- return 1;
+ debug_return_int(1);
}
#else /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */
int
sudo_edit(struct command_details *command_details)
{
- return 1;
+ debug_decl(sudo_edit, SUDO_DEBUG_EDIT)
+ debug_return_int(1);
}
#endif /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */
static const char *askpass;
static char buf[SUDO_PASS_MAX + 1];
int i, input, output, save_errno, neednl = 0, need_restart;
+ debug_decl(tgetpass, SUDO_DEBUG_CONV)
(void) fflush(stdout);
!tty_present()) {
if (askpass == NULL || getenv("DISPLAY") == NULL) {
warningx(_("no tty present and no askpass program specified"));
- return NULL;
+ debug_return_str(NULL);
}
SET(flags, TGP_ASKPASS);
}
if (ISSET(flags, TGP_ASKPASS)) {
if (askpass == NULL || *askpass == '\0')
errorx(1, _("no askpass program specified, try setting SUDO_ASKPASS"));
- return sudo_askpass(askpass, prompt);
+ debug_return_str_masked(sudo_askpass(askpass, prompt));
}
restart:
if (save_errno)
errno = save_errno;
- return pass;
+
+ debug_return_str_masked(pass);
}
/*
sigaction_t sa, saved_sa_pipe;
int pfd[2];
pid_t pid;
+ debug_decl(sudo_askpass, SUDO_DEBUG_CONV)
if (pipe(pfd) == -1)
error(1, _("unable to create pipe"));
(void) close(pfd[0]);
(void) sigaction(SIGPIPE, &saved_sa_pipe, NULL);
- return pass;
+ debug_return_str_masked(pass);
}
extern int term_erase, term_kill;
ssize_t nr = -1;
char *cp = buf;
char c = '\0';
+ debug_decl(getln, SUDO_DEBUG_CONV)
if (left == 0) {
errno = EINVAL;
- return NULL; /* sanity */
+ debug_return_str(NULL); /* sanity */
}
while (--left) {
}
}
- return nr == 1 ? buf : NULL;
+ debug_return_str_masked(nr == 1 ? buf : NULL);
}
static void
tty_present(void)
{
int fd;
+ debug_decl(tty_present, SUDO_DEBUG_UTIL)
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) != -1)
close(fd);
- return fd != -1;
+ debug_return_bool(fd != -1);
}
#include <termios.h>
#include "missing.h"
+#include "sudo_debug.h"
/* Compatibility with older tty systems. */
#if !defined(TIOCGWINSZ) && defined(TIOCGSIZE)
# define ws_row ts_lines
#endif
-void
-get_ttysize(int *rowp, int *colp)
-{
- char *p;
#ifdef TIOCGWINSZ
+static int
+get_ttysize_ioctl(int *rowp, int *colp)
+{
struct winsize wsize;
+ debug_decl(get_ttysize_ioctl, SUDO_DEBUG_EXEC)
if (ioctl(STDERR_FILENO, TIOCGWINSZ, &wsize) == 0 &&
wsize.ws_row != 0 && wsize.ws_col != 0) {
*rowp = wsize.ws_row;
*colp = wsize.ws_col;
- return;
+ debug_return_int(0);
+ }
+ debug_return_int(-1);
+}
+#else
+static int
+get_ttysize_ioctl(int *rowp, int *colp)
+{
+ return -1;
+}
+#endif /* TIOCGWINSZ */
+
+void
+get_ttysize(int *rowp, int *colp)
+{
+ debug_decl(fork_cmnd, SUDO_DEBUG_EXEC)
+
+ if (get_ttysize_ioctl(rowp, colp) == -1) {
+ char *p;
+
+ /* Fall back on $LINES and $COLUMNS. */
+ if ((p = getenv("LINES")) == NULL || (*rowp = atoi(p)) <= 0)
+ *rowp = 24;
+ if ((p = getenv("COLUMNS")) == NULL || (*colp = atoi(p)) <= 0)
+ *colp = 80;
}
-#endif
- /* Fall back on $LINES and $COLUMNS. */
- if ((p = getenv("LINES")) == NULL || (*rowp = atoi(p)) <= 0)
- *rowp = 24;
- if ((p = getenv("COLUMNS")) == NULL || (*colp = atoi(p)) <= 0)
- *colp = 80;
+ debug_return;
}
{
const char *line = new->ut_line;
size_t idlen;
+ debug_decl(utmp_setid, SUDO_DEBUG_UTMP)
/* Skip over "tty" in the id if old entry did too. */
if (old != NULL) {
idlen = sizeof(new->ut_id);
}
strncpy(new->ut_id, line, idlen);
+
+ debug_return;
}
#endif /* HAVE_GETUTXID || HAVE_GETUTID */
utmp_settime(sudo_utmp_t *ut)
{
struct timeval tv;
+ debug_decl(utmp_settime, SUDO_DEBUG_UTMP)
gettimeofday(&tv, NULL);
#else
ut->ut_time = tv.tv_sec;
#endif
+
+ debug_return;
}
/*
utmp_fill(const char *line, const char *user, sudo_utmp_t *ut_old,
sudo_utmp_t *ut_new)
{
+ debug_decl(utmp_file, SUDO_DEBUG_UTMP)
+
if (ut_old == NULL) {
memset(ut_new, 0, sizeof(*ut_new));
if (user == NULL) {
#if defined(HAVE_STRUCT_UTMPX_UT_TYPE) || defined(HAVE_STRUCT_UTMP_UT_TYPE)
ut_new->ut_type = USER_PROCESS;
#endif
+ debug_return;
}
/*
{
sudo_utmp_t utbuf, *ut_old = NULL;
int rval = FALSE;
+ debug_decl(utmp_login, SUDO_DEBUG_UTMP)
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(to_line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
rval = TRUE;
endutxent();
- return rval;
+ debug_return_int(rval);
}
int
{
int rval = FALSE;
sudo_utmp_t *ut, utbuf;
+ debug_decl(utmp_logout, SUDO_DEBUG_UTMP)
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
if (pututxline(ut) != NULL)
rval = TRUE;
}
- return rval;
+ debug_return_int(rval);
}
#else /* !HAVE_GETUTXID && !HAVE_GETUTID */
{
int slot = 1;
struct ttyent *tty;
+ debug_decl(utmp_slot, SUDO_DEBUG_UTMP)
setttyent();
while ((tty = getttyent()) != NULL) {
slot++;
}
endttyent();
- return tty ? slot : 0;
+ debug_return_int(tty ? slot : 0);
}
# else
static int
utmp_slot(const char *line, int ttyfd)
{
int sfd, slot;
+ debug_decl(utmp_slot, SUDO_DEBUG_UTMP)
/*
* Temporarily point stdin to the tty since ttyslot()
error(1, _("unable to restore stdin"));
close(sfd);
- return slot;
+ debug_return_int(slot);
}
# endif /* HAVE_GETTTYENT */
sudo_utmp_t utbuf, *ut_old = NULL;
int slot, rval = FALSE;
FILE *fp;
+ debug_decl(utmp_login, SUDO_DEBUG_UTMP)
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(to_line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
fclose(fp);
done:
- return rval;
+ debug_return_int(rval);
}
int
sudo_utmp_t utbuf;
int rval = FALSE;
FILE *fp;
+ debug_decl(utmp_logout, SUDO_DEBUG_UTMP)
if ((fp = fopen(_PATH_UTMP, "r+")) == NULL)
- return rval;
+ debug_return_int(rval);
/* Strip off /dev/ prefix from line as needed. */
if (strncmp(line, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
}
fclose(fp);
- return rval;
+ debug_return_int(rval);
}
#endif /* HAVE_GETUTXID || HAVE_GETUTID */
projects / sudo / commitdiff