From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 21 Feb 2013 12:03:52 +0000 (-0500)
Subject: Use userpw_matches() for username matching so #uid works for
X-Git-Tag: SUDO_1_8_7~1^2~211
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1da8739c38c8943d4d60c86ee3a0995a29aa7738;p=sudo

Use userpw_matches() for username matching so #uid works for
sudoRunAsUser.
---

diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c
index 7b3e1c100..167aa5858 100644
--- a/plugins/sudoers/ldap.c
+++ b/plugins/sudoers/ldap.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003-2011 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2003-2013 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * This code is derived from software contributed by Aaron Spangler.
  *
@@ -746,7 +746,7 @@ sudo_ldap_check_runas_user(LDAP *ld, LDAPMessage *entry)
 	    }
 	    /* FALLTHROUGH */
 	default:
-	    if (strcasecmp(val, runas_pw->pw_name) == 0)
+	    if (userpw_matches(val, runas_pw->pw_name, runas_pw))
 		ret = true;
 	    break;
 	}
diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c
index cd9eb58f8..b5cbd21b3 100644
--- a/plugins/sudoers/sssd.c
+++ b/plugins/sudoers/sssd.c
@@ -471,7 +471,7 @@ sudo_sss_check_runas_user(struct sudo_sss_handle *handle, struct sss_sudo_rule *
 	    /* FALLTHROUGH */
 	    sudo_debug_printf(SUDO_DEBUG_DEBUG, "FALLTHROUGH");
 	default:
-	    if (strcasecmp(val, runas_pw->pw_name) == 0) {
+	    if (userpw_matches(val, runas_pw->pw_name, runas_pw)) {
 		sudo_debug_printf(SUDO_DEBUG_DEBUG,
 		    "%s == %s (pw_name) => match", val, runas_pw->pw_name);
 		ret = true;