From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 30 Dec 2003 22:20:21 +0000 (+0000)
Subject: Create def_* macros for each defaults value so we no longer need
X-Git-Tag: SUDO_1_6_8~295
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6ad252765bb52044a1a664168f042f65ecc3deb3;p=sudo
Create def_* macros for each defaults value so we no longer need
the def_{flag,ival,str,list,mode} macros (which have been removed).
This is a step toward more flexible data types in def_data.in.
---
diff --git a/auth/aix_auth.c b/auth/aix_auth.c
index 84a1ccef5..1bbb0df8d 100644
--- a/auth/aix_auth.c
+++ b/auth/aix_auth.c
@@ -79,7 +79,7 @@ aixauth_verify(pw, prompt, auth)
int reenter = 1;
int rval = AUTH_FAILURE;
- pass = tgetpass(prompt, def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags);
+ pass = tgetpass(prompt, def_passwd_timeout * 60, tgetpass_flags);
if (pass) {
if (authenticate(pw->pw_name, (char *)pass, &reenter, &message) == 0)
rval = AUTH_SUCCESS;
diff --git a/auth/bsdauth.c b/auth/bsdauth.c
index 22d3d75c9..0b147d554 100644
--- a/auth/bsdauth.c
+++ b/auth/bsdauth.c
@@ -137,9 +137,9 @@ bsdauth_verify(pw, prompt, auth)
* S/Key.
*/
if ((s = auth_challenge(as)) == NULL) {
- pass = tgetpass(prompt, def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags);
+ pass = tgetpass(prompt, def_passwd_timeout * 60, tgetpass_flags);
} else {
- pass = tgetpass(s, def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags);
+ pass = tgetpass(s, def_passwd_timeout * 60, tgetpass_flags);
if (pass && *pass == '\0') {
if ((prompt = strrchr(s, '\n')))
prompt++;
@@ -154,7 +154,7 @@ bsdauth_verify(pw, prompt, auth)
while (isspace(prompt[len]) || prompt[len] == ':')
prompt[len--] = '\0';
easprintf(&s, "%s [echo on]: ", prompt);
- pass = tgetpass(s, def_ival(I_PASSWD_TIMEOUT) * 60,
+ pass = tgetpass(s, def_passwd_timeout * 60,
tgetpass_flags | TGP_ECHO);
free(s);
}
diff --git a/auth/fwtk.c b/auth/fwtk.c
index a27be0c3f..b8b19b539 100644
--- a/auth/fwtk.c
+++ b/auth/fwtk.c
@@ -130,13 +130,13 @@ fwtk_verify(pw, prompt, auth)
/* Get the password/response from the user. */
if (strncmp(resp, "challenge ", 10) == 0) {
(void) snprintf(buf, sizeof(buf), "%s\nResponse: ", &resp[10]);
- pass = tgetpass(buf, def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags);
+ pass = tgetpass(buf, def_passwd_timeout * 60, tgetpass_flags);
if (pass && *pass == '\0') {
pass = tgetpass("Response [echo on]: ",
- def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags | TGP_ECHO);
+ def_passwd_timeout * 60, tgetpass_flags | TGP_ECHO);
}
} else if (strncmp(resp, "password", 8) == 0) {
- pass = tgetpass(prompt, def_ival(I_PASSWD_TIMEOUT) * 60,
+ pass = tgetpass(prompt, def_passwd_timeout * 60,
tgetpass_flags);
} else {
warnx("%s", resp);
diff --git a/auth/pam.c b/auth/pam.c
index a55803170..114ac301c 100644
--- a/auth/pam.c
+++ b/auth/pam.c
@@ -212,7 +212,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
&& (pm->msg[9] != ' ' || pm->msg[10] != '\0')))
p = pm->msg;
/* Read the password. */
- pass = tgetpass(p, def_ival(I_PASSWD_TIMEOUT) * 60, flags);
+ pass = tgetpass(p, def_passwd_timeout * 60, flags);
pr->resp = estrdup(pass ? pass : "");
if (*pr->resp == '\0')
nil_pw = 1; /* empty password */
diff --git a/auth/rfc1938.c b/auth/rfc1938.c
index 83f65c1a0..49f0d4e39 100644
--- a/auth/rfc1938.c
+++ b/auth/rfc1938.c
@@ -143,7 +143,7 @@ rfc1938_setup(pw, promptp, auth)
new_prompt = (char *) erealloc(new_prompt, np_size);
}
- if (def_flag(I_LONG_OTP_PROMPT))
+ if (def_long_otp_prompt)
(void) snprintf(new_prompt, np_size, "%s\n%s", challenge, orig_prompt);
else
(void) snprintf(new_prompt, np_size, "%.*s [ %s ]:", op_len,
diff --git a/auth/securid5.c b/auth/securid5.c
index 1d96d6190..ff63c622c 100644
--- a/auth/securid5.c
+++ b/auth/securid5.c
@@ -184,7 +184,7 @@ securid_verify(pw, pass, auth)
int rval;
pass = (char *) tgetpass("Enter your PASSCODE: ",
- def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags);
+ def_passwd_timeout * 60, tgetpass_flags);
/* Have ACE verify password */
switch (SD_Check(*sd, pass, pw->pw_name)) {
@@ -214,7 +214,7 @@ securid_verify(pw, pass, auth)
!!! ATTENTION !!!\n\
Wait for the token code to change, \n\
then enter the new token code.\n", \
- def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags);
+ def_passwd_timeout * 60, tgetpass_flags);
if (SD_Next(*sd, pass) == ACM_OK) {
rval = AUTH_SUCCESS;
diff --git a/auth/sia.c b/auth/sia.c
index 67cf640d1..d5847fd19 100644
--- a/auth/sia.c
+++ b/auth/sia.c
@@ -90,8 +90,8 @@ sudo_collect(timeout, rendition, title, nprompts, prompts)
switch (rendition) {
case SIAFORM:
case SIAONELINER:
- if (timeout <= 0 || timeout > def_ival(I_PASSWD_TIMEOUT) * 60)
- timeout = def_ival(I_PASSWD_TIMEOUT) * 60;
+ if (timeout <= 0 || timeout > def_passwd_timeout * 60)
+ timeout = def_passwd_timeout * 60;
/*
* Substitute custom prompt if a) the sudo prompt is not "Password:"
* and b) the SIA prompt is "Password:" (so we know it is safe).
diff --git a/auth/sudo_auth.c b/auth/sudo_auth.c
index 8630fb924..6f70c0b46 100644
--- a/auth/sudo_auth.c
+++ b/auth/sudo_auth.c
@@ -113,7 +113,7 @@ verify_user(pw, prompt)
struct passwd *pw;
char *prompt;
{
- int counter = def_ival(I_PASSWD_TRIES) + 1;
+ int counter = def_passwd_tries + 1;
int success = AUTH_FAILURE;
int status;
int flags;
@@ -178,7 +178,7 @@ verify_user(pw, prompt)
#ifdef AUTH_STANDALONE
p = prompt;
#else
- p = (char *) tgetpass(prompt, def_ival(I_PASSWD_TIMEOUT) * 60,
+ p = (char *) tgetpass(prompt, def_passwd_timeout * 60,
tgetpass_flags);
if (!p || *p == '\0')
nil_pw = 1;
@@ -207,7 +207,7 @@ verify_user(pw, prompt)
/* Exit loop on nil password, but give it a chance to match first. */
if (nil_pw) {
- if (counter == def_ival(I_PASSWD_TRIES))
+ if (counter == def_passwd_tries)
exit(1);
else
break;
@@ -237,13 +237,13 @@ cleanup:
(void) sigaction(SIGTSTP, &osa, NULL);
return;
case AUTH_FAILURE:
- if (def_flag(I_MAIL_BADPASS) || def_flag(I_MAIL_ALWAYS))
+ if (def_mail_badpass || def_mail_always)
flags = 0;
else
flags = NO_MAIL;
log_error(flags, "%d incorrect password attempt%s",
- def_ival(I_PASSWD_TRIES) - counter,
- (def_ival(I_PASSWD_TRIES) - counter == 1) ? "" : "s");
+ def_passwd_tries - counter,
+ (def_passwd_tries - counter == 1) ? "" : "s");
case AUTH_FATAL:
exit(1);
}
@@ -256,11 +256,11 @@ pass_warn(fp)
{
#ifdef INSULT
- if (def_flag(I_INSULTS))
+ if (def_insults)
(void) fprintf(fp, "%s\n", INSULT);
else
#endif
- (void) fprintf(fp, "%s\n", def_str(I_BADPASS_MESSAGE));
+ (void) fprintf(fp, "%s\n", def_badpass_message);
}
void
diff --git a/check.c b/check.c
index 11845fce6..2a8cfe8d5 100644
--- a/check.c
+++ b/check.c
@@ -114,7 +114,7 @@ check_user()
lecture(); /* first time through they get a lecture */
/* Expand any escapes in the prompt. */
- prompt = expand_prompt(user_prompt ? user_prompt : def_str(I_PASSPROMPT),
+ prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt,
user_name, user_shost);
verify_user(auth_pw, prompt);
@@ -134,7 +134,7 @@ static void
lecture()
{
- if (def_flag(I_LECTURE)) {
+ if (def_lecture) {
(void) fputs("\n\
We trust you have received the usual lecture from the local System\n\
Administrator. It usually boils down to these two things:\n\
@@ -290,10 +290,10 @@ user_is_exempt()
struct group *grp;
char **gr_mem;
- if (!def_str(I_EXEMPT_GROUP))
+ if (!def_exempt_group)
return(FALSE);
- if (!(grp = getgrnam(def_str(I_EXEMPT_GROUP))))
+ if (!(grp = getgrnam(def_exempt_group)))
return(FALSE);
if (user_gid == grp->gr_gid)
@@ -318,7 +318,7 @@ build_timestamp(timestampdir, timestampfile)
char *dirparent;
int len;
- dirparent = def_str(I_TIMESTAMPDIR);
+ dirparent = def_timestampdir;
len = easprintf(timestampdir, "%s/%s", dirparent, user_name);
if (len >= MAXPATHLEN)
log_error(0, "timestamp path too long: %s", timestampdir);
@@ -327,21 +327,21 @@ build_timestamp(timestampdir, timestampfile)
* Timestamp file may be a file in the directory or NUL to use
* the directory as the timestamp.
*/
- if (def_flag(I_TTY_TICKETS)) {
+ if (def_tty_tickets) {
char *p;
if ((p = strrchr(user_tty, '/')))
p++;
else
p = user_tty;
- if (def_flag(I_TARGETPW))
+ if (def_targetpw)
len = easprintf(timestampfile, "%s/%s/%s:%s", dirparent, user_name,
p, *user_runas);
else
len = easprintf(timestampfile, "%s/%s/%s", dirparent, user_name, p);
if (len >= MAXPATHLEN)
log_error(0, "timestamp path too long: %s", timestampfile);
- } else if (def_flag(I_TARGETPW)) {
+ } else if (def_targetpw) {
len = easprintf(timestampfile, "%s/%s/%s", dirparent, user_name,
*user_runas);
if (len >= MAXPATHLEN)
@@ -362,7 +362,7 @@ timestamp_status(timestampdir, timestampfile, user, make_dirs)
{
struct stat sb;
time_t now;
- char *dirparent = def_str(I_TIMESTAMPDIR);
+ char *dirparent = def_timestampdir;
int status = TS_ERROR; /* assume the worst */
if (timestamp_uid != 0)
@@ -498,17 +498,17 @@ timestamp_status(timestampdir, timestampfile, user, make_dirs)
*/
if (status == TS_OLD) {
/* Negative timeouts only expire manually (sudo -k). */
- if (def_ival(I_TIMESTAMP_TIMEOUT) < 0 && sb.st_mtime != 0)
+ if (def_timestamp_timeout < 0 && sb.st_mtime != 0)
status = TS_CURRENT;
else {
now = time(NULL);
- if (def_ival(I_TIMESTAMP_TIMEOUT) &&
- now - sb.st_mtime < 60 * def_ival(I_TIMESTAMP_TIMEOUT)) {
+ if (def_timestamp_timeout &&
+ now - sb.st_mtime < 60 * def_timestamp_timeout) {
/*
* Check for bogus time on the stampfile. The clock may
* have been set back or someone could be trying to spoof us.
*/
- if (sb.st_mtime > now + 60 * def_ival(I_TIMESTAMP_TIMEOUT) * 2) {
+ if (sb.st_mtime > now + 60 * def_timestamp_timeout * 2) {
log_error(NO_EXIT,
"timestamp too far in the future: %20.20s",
4 + ctime(&sb.st_mtime));
diff --git a/def_data.h b/def_data.h
index 9e9c5e44b..7ea14cbda 100644
--- a/def_data.h
+++ b/def_data.h
@@ -1,59 +1,118 @@
+#define def_syslog_ifac (sudo_defs_table[0].sd_un.ival)
#define I_SYSLOG_IFAC 0
+#define def_syslog_igoodpri (sudo_defs_table[1].sd_un.ival)
#define I_SYSLOG_IGOODPRI 1
+#define def_syslog_ibadpri (sudo_defs_table[2].sd_un.ival)
#define I_SYSLOG_IBADPRI 2
+#define def_syslog (sudo_defs_table[3].sd_un.str)
#define I_SYSLOG 3
+#define def_syslog_goodpri (sudo_defs_table[4].sd_un.str)
#define I_SYSLOG_GOODPRI 4
+#define def_syslog_badpri (sudo_defs_table[5].sd_un.str)
#define I_SYSLOG_BADPRI 5
+#define def_long_otp_prompt (sudo_defs_table[6].sd_un.flag)
#define I_LONG_OTP_PROMPT 6
+#define def_ignore_dot (sudo_defs_table[7].sd_un.flag)
#define I_IGNORE_DOT 7
+#define def_mail_always (sudo_defs_table[8].sd_un.flag)
#define I_MAIL_ALWAYS 8
+#define def_mail_badpass (sudo_defs_table[9].sd_un.flag)
#define I_MAIL_BADPASS 9
+#define def_mail_no_user (sudo_defs_table[10].sd_un.flag)
#define I_MAIL_NO_USER 10
+#define def_mail_no_host (sudo_defs_table[11].sd_un.flag)
#define I_MAIL_NO_HOST 11
+#define def_mail_no_perms (sudo_defs_table[12].sd_un.flag)
#define I_MAIL_NO_PERMS 12
+#define def_tty_tickets (sudo_defs_table[13].sd_un.flag)
#define I_TTY_TICKETS 13
+#define def_lecture (sudo_defs_table[14].sd_un.flag)
#define I_LECTURE 14
+#define def_authenticate (sudo_defs_table[15].sd_un.flag)
#define I_AUTHENTICATE 15
+#define def_root_sudo (sudo_defs_table[16].sd_un.flag)
#define I_ROOT_SUDO 16
+#define def_log_host (sudo_defs_table[17].sd_un.flag)
#define I_LOG_HOST 17
+#define def_log_year (sudo_defs_table[18].sd_un.flag)
#define I_LOG_YEAR 18
+#define def_shell_noargs (sudo_defs_table[19].sd_un.flag)
#define I_SHELL_NOARGS 19
+#define def_set_home (sudo_defs_table[20].sd_un.flag)
#define I_SET_HOME 20
+#define def_always_set_home (sudo_defs_table[21].sd_un.flag)
#define I_ALWAYS_SET_HOME 21
+#define def_path_info (sudo_defs_table[22].sd_un.flag)
#define I_PATH_INFO 22
+#define def_fqdn (sudo_defs_table[23].sd_un.flag)
#define I_FQDN 23
+#define def_insults (sudo_defs_table[24].sd_un.flag)
#define I_INSULTS 24
+#define def_requiretty (sudo_defs_table[25].sd_un.flag)
#define I_REQUIRETTY 25
+#define def_env_editor (sudo_defs_table[26].sd_un.flag)
#define I_ENV_EDITOR 26
+#define def_rootpw (sudo_defs_table[27].sd_un.flag)
#define I_ROOTPW 27
+#define def_runaspw (sudo_defs_table[28].sd_un.flag)
#define I_RUNASPW 28
+#define def_targetpw (sudo_defs_table[29].sd_un.flag)
#define I_TARGETPW 29
+#define def_use_loginclass (sudo_defs_table[30].sd_un.flag)
#define I_USE_LOGINCLASS 30
+#define def_set_logname (sudo_defs_table[31].sd_un.flag)
#define I_SET_LOGNAME 31
+#define def_stay_setuid (sudo_defs_table[32].sd_un.flag)
#define I_STAY_SETUID 32
+#define def_env_reset (sudo_defs_table[33].sd_un.flag)
#define I_ENV_RESET 33
+#define def_preserve_groups (sudo_defs_table[34].sd_un.flag)
#define I_PRESERVE_GROUPS 34
+#define def_loglinelen (sudo_defs_table[35].sd_un.ival)
#define I_LOGLINELEN 35
+#define def_timestamp_timeout (sudo_defs_table[36].sd_un.ival)
#define I_TIMESTAMP_TIMEOUT 36
+#define def_passwd_timeout (sudo_defs_table[37].sd_un.ival)
#define I_PASSWD_TIMEOUT 37
+#define def_passwd_tries (sudo_defs_table[38].sd_un.ival)
#define I_PASSWD_TRIES 38
+#define def_umask (sudo_defs_table[39].sd_un.mode)
#define I_UMASK 39
+#define def_logfile (sudo_defs_table[40].sd_un.str)
#define I_LOGFILE 40
+#define def_mailerpath (sudo_defs_table[41].sd_un.str)
#define I_MAILERPATH 41
+#define def_mailerflags (sudo_defs_table[42].sd_un.str)
#define I_MAILERFLAGS 42
+#define def_mailto (sudo_defs_table[43].sd_un.str)
#define I_MAILTO 43
+#define def_mailsub (sudo_defs_table[44].sd_un.str)
#define I_MAILSUB 44
+#define def_badpass_message (sudo_defs_table[45].sd_un.str)
#define I_BADPASS_MESSAGE 45
+#define def_timestampdir (sudo_defs_table[46].sd_un.str)
#define I_TIMESTAMPDIR 46
+#define def_timestampowner (sudo_defs_table[47].sd_un.str)
#define I_TIMESTAMPOWNER 47
+#define def_exempt_group (sudo_defs_table[48].sd_un.str)
#define I_EXEMPT_GROUP 48
+#define def_passprompt (sudo_defs_table[49].sd_un.str)
#define I_PASSPROMPT 49
+#define def_runas_default (sudo_defs_table[50].sd_un.str)
#define I_RUNAS_DEFAULT 50
+#define def_editor (sudo_defs_table[51].sd_un.str)
#define I_EDITOR 51
+#define def_env_check (sudo_defs_table[52].sd_un.list)
#define I_ENV_CHECK 52
+#define def_env_delete (sudo_defs_table[53].sd_un.list)
#define I_ENV_DELETE 53
+#define def_env_keep (sudo_defs_table[54].sd_un.list)
#define I_ENV_KEEP 54
+#define def_listpw_i (sudo_defs_table[55].sd_un.ival)
#define I_LISTPW_I 55
+#define def_verifypw_i (sudo_defs_table[56].sd_un.ival)
#define I_VERIFYPW_I 56
+#define def_listpw (sudo_defs_table[57].sd_un.str)
#define I_LISTPW 57
+#define def_verifypw (sudo_defs_table[58].sd_un.str)
#define I_VERIFYPW 58
diff --git a/defaults.c b/defaults.c
index 5304f62c2..f56fd3d9f 100644
--- a/defaults.c
+++ b/defaults.c
@@ -385,57 +385,57 @@ init_defaults()
/* First initialize the flags. */
#ifdef LONG_OTP_PROMPT
- def_flag(I_LONG_OTP_PROMPT) = TRUE;
+ def_long_otp_prompt = TRUE;
#endif
#ifdef IGNORE_DOT_PATH
- def_flag(I_IGNORE_DOT) = TRUE;
+ def_ignore_dot = TRUE;
#endif
#ifdef ALWAYS_SEND_MAIL
- def_flag(I_MAIL_ALWAYS) = TRUE;
+ def_mail_always = TRUE;
#endif
#ifdef SEND_MAIL_WHEN_NO_USER
- def_flag(I_MAIL_NO_USER) = TRUE;
+ def_mail_no_user = TRUE;
#endif
#ifdef SEND_MAIL_WHEN_NO_HOST
- def_flag(I_MAIL_NO_HOST) = TRUE;
+ def_mail_no_host = TRUE;
#endif
#ifdef SEND_MAIL_WHEN_NOT_OK
- def_flag(I_MAIL_NO_PERMS) = TRUE;
+ def_mail_no_perms = TRUE;
#endif
#ifdef USE_TTY_TICKETS
- def_flag(I_TTY_TICKETS) = TRUE;
+ def_tty_tickets = TRUE;
#endif
#ifndef NO_LECTURE
- def_flag(I_LECTURE) = TRUE;
+ def_lecture = TRUE;
#endif
#ifndef NO_AUTHENTICATION
- def_flag(I_AUTHENTICATE) = TRUE;
+ def_authenticate = TRUE;
#endif
#ifndef NO_ROOT_SUDO
- def_flag(I_ROOT_SUDO) = TRUE;
+ def_root_sudo = TRUE;
#endif
#ifdef HOST_IN_LOG
- def_flag(I_LOG_HOST) = TRUE;
+ def_log_host = TRUE;
#endif
#ifdef SHELL_IF_NO_ARGS
- def_flag(I_SHELL_NOARGS) = TRUE;
+ def_shell_noargs = TRUE;
#endif
#ifdef SHELL_SETS_HOME
- def_flag(I_SET_HOME) = TRUE;
+ def_set_home = TRUE;
#endif
#ifndef DONT_LEAK_PATH_INFO
- def_flag(I_PATH_INFO) = TRUE;
+ def_path_info = TRUE;
#endif
#ifdef FQDN
- def_flag(I_FQDN) = TRUE;
+ def_fqdn = TRUE;
#endif
#ifdef USE_INSULTS
- def_flag(I_INSULTS) = TRUE;
+ def_insults = TRUE;
#endif
#ifdef ENV_EDITOR
- def_flag(I_ENV_EDITOR) = TRUE;
+ def_env_editor = TRUE;
#endif
- def_flag(I_SET_LOGNAME) = TRUE;
+ def_set_logname = TRUE;
/* Syslog options need special care since they both strings and ints */
#if (LOGGING & SLOG_SYSLOG)
@@ -452,33 +452,33 @@ init_defaults()
/* Then initialize the int-like things. */
#ifdef SUDO_UMASK
- def_mode(I_UMASK) = SUDO_UMASK;
+ def_umask = SUDO_UMASK;
#else
- def_mode(I_UMASK) = 0777;
+ def_umask = 0777;
#endif
- def_ival(I_LOGLINELEN) = MAXLOGFILELEN;
- def_ival(I_TIMESTAMP_TIMEOUT) = TIMEOUT;
- def_ival(I_PASSWD_TIMEOUT) = PASSWORD_TIMEOUT;
- def_ival(I_PASSWD_TRIES) = TRIES_FOR_PASSWORD;
+ def_loglinelen = MAXLOGFILELEN;
+ def_timestamp_timeout = TIMEOUT;
+ def_passwd_timeout = PASSWORD_TIMEOUT;
+ def_passwd_tries = TRIES_FOR_PASSWORD;
/* Now do the strings */
- def_str(I_MAILTO) = estrdup(MAILTO);
- def_str(I_MAILSUB) = estrdup(MAILSUBJECT);
- def_str(I_BADPASS_MESSAGE) = estrdup(INCORRECT_PASSWORD);
- def_str(I_TIMESTAMPDIR) = estrdup(_PATH_SUDO_TIMEDIR);
- def_str(I_PASSPROMPT) = estrdup(PASSPROMPT);
- def_str(I_RUNAS_DEFAULT) = estrdup(RUNAS_DEFAULT);
+ def_mailto = estrdup(MAILTO);
+ def_mailsub = estrdup(MAILSUBJECT);
+ def_badpass_message = estrdup(INCORRECT_PASSWORD);
+ def_timestampdir = estrdup(_PATH_SUDO_TIMEDIR);
+ def_passprompt = estrdup(PASSPROMPT);
+ def_runas_default = estrdup(RUNAS_DEFAULT);
#ifdef _PATH_SUDO_SENDMAIL
- def_str(I_MAILERPATH) = estrdup(_PATH_SUDO_SENDMAIL);
- def_str(I_MAILERFLAGS) = estrdup("-t");
+ def_mailerpath = estrdup(_PATH_SUDO_SENDMAIL);
+ def_mailerflags = estrdup("-t");
#endif
#if (LOGGING & SLOG_FILE)
- def_str(I_LOGFILE) = estrdup(_PATH_SUDO_LOGFILE);
+ def_logfile = estrdup(_PATH_SUDO_LOGFILE);
#endif
#ifdef EXEMPTGROUP
- def_str(I_EXEMPT_GROUP) = estrdup(EXEMPTGROUP);
+ def_exempt_group = estrdup(EXEMPTGROUP);
#endif
- def_str(I_EDITOR) = estrdup(EDITOR);
+ def_editor = estrdup(EDITOR);
/* Finally do the lists (currently just environment tables). */
init_envtables();
@@ -489,7 +489,7 @@ init_defaults()
* value changes we get the change.
*/
if (user_runas == NULL)
- user_runas = &def_str(I_RUNAS_DEFAULT);
+ user_runas = &def_runas_default;
firsttime = 0;
}
diff --git a/defaults.h b/defaults.h
index 58ea8a484..216323eb1 100644
--- a/defaults.h
+++ b/defaults.h
@@ -106,15 +106,6 @@ struct sudo_defs_types {
#define I_GOODPRI I_SYSLOG_IGOODPRI
#define I_BADPRI I_SYSLOG_IBADPRI
-/*
- * Macros for accessing sudo_defs_table.
- */
-#define def_flag(_i) (sudo_defs_table[(_i)].sd_un.flag)
-#define def_ival(_i) (sudo_defs_table[(_i)].sd_un.ival)
-#define def_str(_i) (sudo_defs_table[(_i)].sd_un.str)
-#define def_list(_i) (sudo_defs_table[(_i)].sd_un.list)
-#define def_mode(_i) (sudo_defs_table[(_i)].sd_un.mode)
-
/*
* Prototypes
*/
diff --git a/env.c b/env.c
index 88f2ffa19..156aecb05 100644
--- a/env.c
+++ b/env.c
@@ -293,13 +293,13 @@ rebuild_env(sudo_mode, envp)
*/
ps1 = NULL;
didvar = 0;
- if (def_flag(I_ENV_RESET)) {
+ if (def_env_reset) {
int keepit;
/* Pull in vars we want to keep from the old environment. */
for (ep = envp; *ep; ep++) {
keepit = 0;
- for (cur = def_list(I_ENV_KEEP); cur; cur = cur->next) {
+ for (cur = def_env_keep; cur; cur = cur->next) {
len = strlen(cur->value);
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
@@ -374,7 +374,7 @@ rebuild_env(sudo_mode, envp)
okvar = 1;
/* Skip anything listed in env_delete. */
- for (cur = def_list(I_ENV_DELETE); cur && okvar; cur = cur->next) {
+ for (cur = def_env_delete; cur && okvar; cur = cur->next) {
len = strlen(cur->value);
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
@@ -389,7 +389,7 @@ rebuild_env(sudo_mode, envp)
}
/* Check certain variables for '%' and '/' characters. */
- for (cur = def_list(I_ENV_CHECK); cur && okvar; cur = cur->next) {
+ for (cur = def_env_check; cur && okvar; cur = cur->next) {
len = strlen(cur->value);
/* Deal with '*' wildcard */
if (cur->value[len - 1] == '*') {
@@ -427,7 +427,7 @@ rebuild_env(sudo_mode, envp)
#endif
/* Set $USER and $LOGNAME to target if "set_logname" is true. */
- if (def_flag(I_SET_LOGNAME) && runas_pw->pw_name) {
+ if (def_set_logname && runas_pw->pw_name) {
insert_env(format_env("LOGNAME", runas_pw->pw_name), 1);
insert_env(format_env("USER", runas_pw->pw_name), 1);
}
@@ -467,15 +467,15 @@ init_envtables()
for (p = initial_badenv_table; *p; p++) {
cur = emalloc(sizeof(struct list_member));
cur->value = estrdup(*p);
- cur->next = def_list(I_ENV_DELETE);
- def_list(I_ENV_DELETE) = cur;
+ cur->next = def_env_delete;
+ def_env_delete = cur;
}
/* Fill in "env_check" variable. */
for (p = initial_checkenv_table; *p; p++) {
cur = emalloc(sizeof(struct list_member));
cur->value = estrdup(*p);
- cur->next = def_list(I_ENV_CHECK);
- def_list(I_ENV_CHECK) = cur;
+ cur->next = def_env_check;
+ def_env_check = cur;
}
}
diff --git a/find_path.c b/find_path.c
index 087ceb8b3..e3e85c8e9 100644
--- a/find_path.c
+++ b/find_path.c
@@ -151,7 +151,7 @@ find_path(infile, outfile, path)
*/
if (!result && checkdot) {
result = sudo_goodpath(infile);
- if (result && def_flag(I_IGNORE_DOT))
+ if (result && def_ignore_dot)
return(NOT_FOUND_DOT);
}
diff --git a/logging.c b/logging.c
index 8b48caad8..1e2995e40 100644
--- a/logging.c
+++ b/logging.c
@@ -116,7 +116,7 @@ mysyslog(pri, fmt, va_alist)
va_start(ap);
#endif
#ifdef LOG_NFACILITIES
- openlog("sudo", 0, def_ival(I_LOGFAC));
+ openlog("sudo", 0, def_syslog_ifac);
#else
openlog("sudo", 0);
#endif
@@ -200,30 +200,30 @@ do_logfile(msg)
size_t maxlen;
oldmask = umask(077);
- maxlen = def_ival(I_LOGLINELEN) > 0 ? def_ival(I_LOGLINELEN) : 0;
- fp = fopen(def_str(I_LOGFILE), "a");
+ maxlen = def_loglinelen > 0 ? def_loglinelen : 0;
+ fp = fopen(def_logfile, "a");
(void) umask(oldmask);
if (fp == NULL) {
easprintf(&full_line, "Can't open log file: %s: %s",
- def_str(I_LOGFILE), strerror(errno));
+ def_logfile, strerror(errno));
send_mail(full_line);
free(full_line);
} else if (!lock_file(fileno(fp), SUDO_LOCK)) {
easprintf(&full_line, "Can't lock log file: %s: %s",
- def_str(I_LOGFILE), strerror(errno));
+ def_logfile, strerror(errno));
send_mail(full_line);
free(full_line);
} else {
- if (def_ival(I_LOGLINELEN) == 0) {
+ if (def_loglinelen == 0) {
/* Don't pretty-print long log file lines (hard to grep) */
- if (def_flag(I_LOG_HOST))
+ if (def_log_host)
(void) fprintf(fp, "%s : %s : HOST=%s : %s\n", get_timestr(),
user_name, user_shost, msg);
else
(void) fprintf(fp, "%s : %s : %s\n", get_timestr(),
user_name, msg);
} else {
- if (def_flag(I_LOG_HOST))
+ if (def_log_host)
easprintf(&full_line, "%s : %s : HOST=%s : %s", get_timestr(),
user_name, user_shost, msg);
else
@@ -299,9 +299,9 @@ log_auth(status, inform_user)
int pri;
if (status & VALIDATE_OK)
- pri = def_ival(I_GOODPRI);
+ pri = def_syslog_igoodpri;
else
- pri = def_ival(I_BADPRI);
+ pri = def_syslog_ibadpri;
/* Set error message, if any. */
if (status & VALIDATE_OK)
@@ -342,9 +342,9 @@ log_auth(status, inform_user)
/*
* Log via syslog and/or a file.
*/
- if (def_str(I_SYSLOG))
+ if (def_syslog)
do_syslog(pri, logline);
- if (def_str(I_LOGFILE))
+ if (def_logfile)
do_logfile(logline);
free(logline);
@@ -423,9 +423,9 @@ log_error(va_alist)
/*
* Log to syslog and/or a file.
*/
- if (def_str(I_SYSLOG))
- do_syslog(def_ival(I_BADPRI), logline);
- if (def_str(I_LOGFILE))
+ if (def_syslog)
+ do_syslog(def_syslog_ibadpri, logline);
+ if (def_logfile)
do_logfile(logline);
free(message);
@@ -461,7 +461,7 @@ send_mail(line)
#endif
/* Just return if mailer is disabled. */
- if (!def_str(I_MAILERPATH) || !def_str(I_MAILTO))
+ if (!def_mailerpath || !def_mailto)
return;
(void) sigemptyset(&set);
@@ -490,8 +490,8 @@ send_mail(line)
(void) close(pfd[1]);
/* Build up an argv based the mailer path and flags */
- mflags = estrdup(def_str(I_MAILERFLAGS));
- mpath = estrdup(def_str(I_MAILERPATH));
+ mflags = estrdup(def_mailerflags);
+ mpath = estrdup(def_mailerpath);
if ((argv[0] = strrchr(mpath, ' ')))
argv[0]++;
else
@@ -529,8 +529,8 @@ send_mail(line)
/* Pipes are all setup, send message via sendmail. */
(void) fprintf(mail, "To: %s\nFrom: %s\nSubject: ",
- def_str(I_MAILTO), user_name);
- for (p = def_str(I_MAILSUB); *p; p++) {
+ def_mailto, user_name);
+ for (p = def_mailsub; *p; p++) {
/* Expand escapes in the subject */
if (*p == '%' && *(p+1) != '%') {
switch (*(++p)) {
@@ -567,16 +567,16 @@ mail_auth(status, line)
int mail_mask;
/* If any of these bits are set in status, we send mail. */
- if (def_flag(I_MAIL_ALWAYS))
+ if (def_mail_always)
mail_mask =
VALIDATE_ERROR|VALIDATE_OK|FLAG_NO_USER|FLAG_NO_HOST|VALIDATE_NOT_OK;
else {
mail_mask = VALIDATE_ERROR;
- if (def_flag(I_MAIL_NO_USER))
+ if (def_mail_no_user)
mail_mask |= FLAG_NO_USER;
- if (def_flag(I_MAIL_NO_HOST))
+ if (def_mail_no_host)
mail_mask |= FLAG_NO_HOST;
- if (def_flag(I_MAIL_NO_PERMS))
+ if (def_mail_no_perms)
mail_mask |= VALIDATE_NOT_OK;
}
@@ -618,7 +618,7 @@ get_timestr()
struct tm *timeptr;
timeptr = localtime(&now);
- if (def_flag(I_LOG_YEAR))
+ if (def_log_year)
s = "%h %e %T %Y";
else
s = "%h %e %T";
@@ -631,7 +631,7 @@ get_timestr()
#endif /* HAVE_STRFTIME */
s = ctime(&now) + 4; /* skip day of the week */
- if (def_flag(I_LOG_YEAR))
+ if (def_log_year)
s[20] = '\0'; /* avoid the newline */
else
s[15] = '\0'; /* don't care about year */
diff --git a/mkdefaults b/mkdefaults
index 82ef6bdfd..819cdc04d 100755
--- a/mkdefaults
+++ b/mkdefaults
@@ -71,6 +71,19 @@ close(HEADER);
close(CFILE);
sub print_record {
+ my ($v, $defname);
+ # each variable gets a macro to access its value
+ for ($type) {
+ if (/^T_U?INT/) { $v = "ival"; }
+ elsif (/^(T_STR|T_PWFLAG|T_LOG)/) { $v = "str"; }
+ elsif (/^T_FLAG/) { $v = "flag"; }
+ elsif (/^T_MODE/) { $v = "mode"; }
+ elsif (/^T_LIST/) { $v = "list"; }
+ else { die "$0: unknown defaults type: $type\n"; }
+ }
+ printf HEADER "#define %-24s(sudo_defs_table[$count].sd_un.${v})\n",
+ "def_${var}";
+
$defname = "I_" . uc($var);
printf HEADER "#define %-24s%d", $defname, $count;
#print HEADER "\t/* $desc */" if defined($desc);
diff --git a/parse.c b/parse.c
index 20ae461dd..25087687e 100644
--- a/parse.c
+++ b/parse.c
@@ -159,7 +159,7 @@ sudoers_lookup(pwflag)
* wait until now to set this.
*/
if (pwflag)
- pwcheck = (pwflag == -1) ? PWCHECK_NEVER : def_ival(pwflag);
+ pwcheck = (pwflag == -1) ? PWCHECK_NEVER : sudo_defs_table[pwflag].sd_un.ival;
else
pwcheck = 0;
@@ -167,7 +167,7 @@ sudoers_lookup(pwflag)
* Assume the worst. If the stack is empty the user was
* not mentioned at all.
*/
- if (def_flag(I_AUTHENTICATE))
+ if (def_authenticate)
error = VALIDATE_NOT_OK;
else
error = VALIDATE_NOT_OK | FLAG_NOPASS;
@@ -188,7 +188,7 @@ sudoers_lookup(pwflag)
if (pwcheck) {
int found;
- if (pwcheck == PWCHECK_NEVER || !def_flag(I_AUTHENTICATE))
+ if (pwcheck == PWCHECK_NEVER || !def_authenticate)
nopass = FLAG_NOPASS;
found = 0;
while (top) {
diff --git a/parse.yacc b/parse.yacc
index 31e8c1c04..bcbe21fc5 100644
--- a/parse.yacc
+++ b/parse.yacc
@@ -127,7 +127,7 @@ int top = 0, stacksize = 0;
match[top].cmnd = -1; \
match[top].host = -1; \
match[top].runas = -1; \
- match[top].nopass = def_flag(I_AUTHENTICATE) ? -1 : TRUE; \
+ match[top].nopass = def_authenticate ? -1 : TRUE; \
top++; \
} while (0)
@@ -366,7 +366,7 @@ privilege : hostlist '=' cmndspeclist {
*/
host_matches = -1;
runas_matches = -1;
- if (def_flag(I_AUTHENTICATE))
+ if (def_authenticate)
no_passwd = -1;
else
no_passwd = TRUE;
@@ -501,7 +501,7 @@ runasspec : /* empty */ {
*/
if (runas_matches == -1)
runas_matches = (strcmp(*user_runas,
- def_str(I_RUNAS_DEFAULT)) == 0);
+ def_runas_default) == 0);
}
| RUNAS runaslist {
runas_matches = ($2 == TRUE ? TRUE : FALSE);
@@ -1052,13 +1052,13 @@ list_matches()
} while ((p = strtok(NULL, ", ")));
(void) fputs(") ", stdout);
} else {
- (void) printf("(%s) ", def_str(I_RUNAS_DEFAULT));
+ (void) printf("(%s) ", def_runas_default);
}
/* Is a password required? */
- if (cm_list[count].nopasswd == TRUE && def_flag(I_AUTHENTICATE))
+ if (cm_list[count].nopasswd == TRUE && def_authenticate)
(void) fputs("NOPASSWD: ", stdout);
- else if (cm_list[count].nopasswd == FALSE && !def_flag(I_AUTHENTICATE))
+ else if (cm_list[count].nopasswd == FALSE && !def_authenticate)
(void) fputs("PASSWD: ", stdout);
/* Print the actual command or expanded Cmnd_Alias. */
diff --git a/set_perms.c b/set_perms.c
index 5f7a0b00c..0b4e9455c 100644
--- a/set_perms.c
+++ b/set_perms.c
@@ -121,7 +121,7 @@ set_perms_posix(perm)
case PERM_RUNAS:
/* headed for exec(), assume euid == 0 */
runas_setup();
- if (def_flag(I_STAY_SETUID))
+ if (def_stay_setuid)
error = seteuid(runas_pw->pw_uid);
else
error = setuid(runas_pw->pw_uid);
@@ -194,7 +194,7 @@ set_perms_suid(perm)
case PERM_RUNAS:
/* headed for exec(), assume euid == 0 */
runas_setup();
- error = setresuid(def_flag(I_STAY_SETUID) ?
+ error = setresuid(def_stay_setuid ?
user_uid : runas_pw->pw_uid,
runas_pw->pw_uid, runas_pw->pw_uid);
if (error)
@@ -266,7 +266,7 @@ set_perms_suid(perm)
case PERM_RUNAS:
/* headed for exec(), assume euid == 0 */
runas_setup();
- error = setreuid(def_flag(I_STAY_SETUID) ?
+ error = setreuid(def_stay_setuid ?
user_uid : runas_pw->pw_uid,
runas_pw->pw_uid);
if (error)
@@ -382,7 +382,7 @@ runas_setup()
#endif /* HAVE_PAM */
#ifdef HAVE_LOGIN_CAP_H
- if (def_flag(I_USE_LOGINCLASS)) {
+ if (def_use_loginclass) {
/*
* We don't have setusercontext() set the user since we
* may only want to set the effective uid. Depending on
@@ -390,7 +390,7 @@ runas_setup()
* setusercontext() to call initgroups().
*/
flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY;
- if (!def_flag(I_PRESERVE_GROUPS))
+ if (!def_preserve_groups)
flags |= LOGIN_SETGROUP;
else if (setgid(runas_pw->pw_gid))
perror("cannot set gid to runas gid");
@@ -411,7 +411,7 @@ runas_setup()
/*
* Initialize group vector unless asked not to.
*/
- if (!def_flag(I_PRESERVE_GROUPS) &&
+ if (!def_preserve_groups &&
initgroups(*user_runas, runas_pw->pw_gid) < 0)
perror("cannot set group vector");
#endif /* HAVE_INITGROUPS */
diff --git a/sudo.c b/sudo.c
index 2b4f35fb7..45d9a9374 100644
--- a/sudo.c
+++ b/sudo.c
@@ -271,7 +271,7 @@ main(argc, argv, envp)
*/
#if !defined(HAVE_SETRESUID) && !defined(HAVE_SETREUID) && \
!defined(NO_SAVED_IDS) && defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
- if (!def_flag(I_STAY_SETUID) && set_perms == set_perms_posix) {
+ if (!def_stay_setuid && set_perms == set_perms_posix) {
if (setuid(0)) {
perror("setuid(0)");
exit(1);
@@ -300,16 +300,16 @@ main(argc, argv, envp)
/*
* Look up the timestamp dir owner if one is specified.
*/
- if (def_str(I_TIMESTAMPOWNER)) {
+ if (def_timestampowner) {
struct passwd *pw;
- if (*def_str(I_TIMESTAMPOWNER) == '#')
- pw = getpwuid(atoi(def_str(I_TIMESTAMPOWNER) + 1));
+ if (*def_timestampowner == '#')
+ pw = getpwuid(atoi(def_timestampowner + 1));
else
- pw = getpwnam(def_str(I_TIMESTAMPOWNER));
+ pw = getpwnam(def_timestampowner);
if (!pw)
log_error(0, "timestamp owner (%s): No such user",
- def_str(I_TIMESTAMPOWNER));
+ def_timestampowner);
timestamp_uid = pw->pw_uid;
}
@@ -324,7 +324,7 @@ main(argc, argv, envp)
errorlineno);
/* Is root even allowed to run sudo? */
- if (user_uid == 0 && !def_flag(I_ROOT_SUDO)) {
+ if (user_uid == 0 && !def_root_sudo) {
(void) fprintf(stderr,
"Sorry, %s has been configured to not allow root to run it.\n",
getprogname());
@@ -333,19 +333,19 @@ main(argc, argv, envp)
/* If given the -P option, set the "preserve_groups" flag. */
if (sudo_mode & MODE_PRESERVE_GROUPS)
- def_flag(I_PRESERVE_GROUPS) = TRUE;
+ def_preserve_groups = TRUE;
/* If no command line args and "set_home" is not set, error out. */
- if ((sudo_mode & MODE_IMPLIED_SHELL) && !def_flag(I_SHELL_NOARGS))
+ if ((sudo_mode & MODE_IMPLIED_SHELL) && !def_shell_noargs)
usage(1);
/* May need to set $HOME to target user if we are running a command. */
- if ((sudo_mode & MODE_RUN) && (def_flag(I_ALWAYS_SET_HOME) ||
- ((sudo_mode & MODE_SHELL) && def_flag(I_SET_HOME))))
+ if ((sudo_mode & MODE_RUN) && (def_always_set_home ||
+ ((sudo_mode & MODE_SHELL) && def_set_home)))
sudo_mode |= MODE_RESET_HOME;
/* Bail if a tty is required and we don't have one. */
- if (def_flag(I_REQUIRETTY)) {
+ if (def_requiretty) {
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) == -1)
log_error(NO_MAIL, "sorry, you must have a tty to run sudo");
else
@@ -389,8 +389,8 @@ main(argc, argv, envp)
}
/* Override user's umask if configured to do so. */
- if (def_ival(I_UMASK) != 0777)
- (void) umask(def_mode(I_UMASK));
+ if (def_umask != 0777)
+ (void) umask(def_umask);
/* Restore coredumpsize resource limit. */
#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
@@ -430,7 +430,7 @@ main(argc, argv, envp)
log_auth(validated, 1);
exit(1);
} else if (validated & VALIDATE_NOT_OK) {
- if (def_flag(I_PATH_INFO)) {
+ if (def_path_info) {
/*
* We'd like to not leak path info at all here, but that can
* *really* confuse the users. To really close the leak we'd
@@ -492,7 +492,7 @@ init_vars(sudo_mode)
user_host = user_shost = "localhost";
else {
user_host = estrdup(thost);
- if (def_flag(I_FQDN)) {
+ if (def_fqdn) {
/* Defer call to set_fqdn() until log_error() is safe. */
user_shost = user_host;
} else {
@@ -546,7 +546,7 @@ init_vars(sudo_mode)
/*
* Must defer set_fqdn() until it is safe to call log_error()
*/
- if (def_flag(I_FQDN))
+ if (def_fqdn)
set_fqdn();
if (nohostname)
@@ -691,7 +691,7 @@ parse_args(argc, argv)
usage(1);
login_class = NewArgv[1];
- def_flag(I_USE_LOGINCLASS) = TRUE;
+ def_use_loginclass = TRUE;
NewArgc--;
NewArgv++;
@@ -992,14 +992,14 @@ get_authpw()
{
struct passwd *pw;
- if (def_ival(I_ROOTPW)) {
+ if (def_rootpw) {
if ((pw = sudo_getpwuid(0)) == NULL)
log_error(0, "uid 0 does not exist in the passwd file!");
- } else if (def_ival(I_RUNASPW)) {
- if ((pw = sudo_getpwnam(def_str(I_RUNAS_DEFAULT))) == NULL)
+ } else if (def_runaspw) {
+ if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_error(0, "user %s does not exist in the passwd file!",
- def_str(I_RUNAS_DEFAULT));
- } else if (def_ival(I_TARGETPW)) {
+ def_runas_default);
+ } else if (def_targetpw) {
if (**user_runas == '#') {
if ((pw = sudo_getpwuid(atoi(*user_runas + 1))) == NULL)
log_error(0, "uid %s does not exist in the passwd file!",
diff --git a/sudo.tab.c b/sudo.tab.c
index 87f881d1c..b908aa5dd 100644
--- a/sudo.tab.c
+++ b/sudo.tab.c
@@ -1,10 +1,10 @@
#ifndef lint
/*static char yysccsid[] = "from: @(#)yaccpar 1.9 (Berkeley) 02/21/93";*/
static char yyrcsid[]
-#if __GNUC__ == 2
+#if __GNUC__ >= 2
__attribute__ ((unused))
-#endif /* __GNUC__ == 2 */
- = "$OpenBSD: skeleton.c,v 1.19 2002/12/03 21:34:21 mickey Exp $";
+#endif /* __GNUC__ >= 2 */
+ = "$OpenBSD: skeleton.c,v 1.22 2003/11/25 20:00:15 espie Exp $";
#endif
#include <stdlib.h>
#define YYBYACC 1
@@ -18,7 +18,7 @@ static char yyrcsid[]
#define YYPREFIX "yy"
#line 2 "parse.yacc"
/*
- * Copyright (c) 1996, 1998-2001 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1996, 1998-2003 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* This code is derived from software contributed by Chris Jepeway.
@@ -51,6 +51,10 @@ static char yyrcsid[]
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
*/
/*
@@ -141,7 +145,7 @@ int top = 0, stacksize = 0;
match[top].cmnd = -1; \
match[top].host = -1; \
match[top].runas = -1; \
- match[top].nopass = def_flag(I_AUTHENTICATE) ? -1 : TRUE; \
+ match[top].nopass = def_authenticate ? -1 : TRUE; \
top++; \
} while (0)
@@ -227,14 +231,14 @@ yyerror(s)
}
parse_error = TRUE;
}
-#line 214 "parse.yacc"
+#line 218 "parse.yacc"
typedef union {
char *string;
int BOOLEAN;
struct sudo_command command;
int tok;
} YYSTYPE;
-#line 238 "sudo.tab.c"
+#line 242 "sudo.tab.c"
#define COMMAND 257
#define ALIAS 258
#define DEFVAR 259
@@ -642,7 +646,7 @@ short *yyss;
short *yysslim;
YYSTYPE *yyvs;
int yystacksize;
-#line 865 "parse.yacc"
+#line 869 "parse.yacc"
#define MOREALIASES (32)
aliasinfo *aliases = NULL;
@@ -829,13 +833,13 @@ list_matches()
} while ((p = strtok(NULL, ", ")));
(void) fputs(") ", stdout);
} else {
- (void) printf("(%s) ", def_str(I_RUNAS_DEFAULT));
+ (void) printf("(%s) ", def_runas_default);
}
/* Is a password required? */
- if (cm_list[count].nopasswd == TRUE && def_flag(I_AUTHENTICATE))
+ if (cm_list[count].nopasswd == TRUE && def_authenticate)
(void) fputs("NOPASSWD: ", stdout);
- else if (cm_list[count].nopasswd == FALSE && !def_flag(I_AUTHENTICATE))
+ else if (cm_list[count].nopasswd == FALSE && !def_authenticate)
(void) fputs("PASSWD: ", stdout);
/* Print the actual command or expanded Cmnd_Alias. */
@@ -992,7 +996,7 @@ init_parser()
if (printmatches == TRUE)
expand_match_list();
}
-#line 944 "sudo.tab.c"
+#line 948 "sudo.tab.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
@@ -1186,85 +1190,85 @@ yyreduce:
switch (yyn)
{
case 3:
-#line 265 "parse.yacc"
+#line 269 "parse.yacc"
{ ; }
break;
case 4:
-#line 267 "parse.yacc"
+#line 271 "parse.yacc"
{ yyerrok; }
break;
case 5:
-#line 268 "parse.yacc"
+#line 272 "parse.yacc"
{ push; }
break;
case 6:
-#line 268 "parse.yacc"
+#line 272 "parse.yacc"
{
while (top && user_matches != TRUE)
pop;
}
break;
case 7:
-#line 273 "parse.yacc"
+#line 277 "parse.yacc"
{ ; }
break;
case 8:
-#line 275 "parse.yacc"
+#line 279 "parse.yacc"
{ ; }
break;
case 9:
-#line 277 "parse.yacc"
+#line 281 "parse.yacc"
{ ; }
break;
case 10:
-#line 279 "parse.yacc"
+#line 283 "parse.yacc"
{ ; }
break;
case 11:
-#line 281 "parse.yacc"
+#line 285 "parse.yacc"
{ ; }
break;
case 13:
-#line 287 "parse.yacc"
+#line 291 "parse.yacc"
{
defaults_matches = TRUE;
}
break;
case 14:
-#line 290 "parse.yacc"
+#line 294 "parse.yacc"
{ push; }
break;
case 15:
-#line 290 "parse.yacc"
+#line 294 "parse.yacc"
{
defaults_matches = user_matches;
pop;
}
break;
case 16:
-#line 294 "parse.yacc"
+#line 298 "parse.yacc"
{ push; }
break;
case 17:
-#line 294 "parse.yacc"
+#line 298 "parse.yacc"
{
defaults_matches = yyvsp[0].BOOLEAN == TRUE;
pop;
}
break;
case 18:
-#line 298 "parse.yacc"
+#line 302 "parse.yacc"
{ push; }
break;
case 19:
-#line 298 "parse.yacc"
+#line 302 "parse.yacc"
{
defaults_matches = host_matches;
pop;
}
break;
case 22:
-#line 308 "parse.yacc"
+#line 312 "parse.yacc"
{
if (defaults_matches == TRUE &&
!set_default(yyvsp[0].string, NULL, TRUE)) {
@@ -1275,7 +1279,7 @@ case 22:
}
break;
case 23:
-#line 316 "parse.yacc"
+#line 320 "parse.yacc"
{
if (defaults_matches == TRUE &&
!set_default(yyvsp[0].string, NULL, FALSE)) {
@@ -1286,7 +1290,7 @@ case 23:
}
break;
case 24:
-#line 324 "parse.yacc"
+#line 328 "parse.yacc"
{
if (defaults_matches == TRUE &&
!set_default(yyvsp[-2].string, yyvsp[0].string, TRUE)) {
@@ -1298,7 +1302,7 @@ case 24:
}
break;
case 25:
-#line 333 "parse.yacc"
+#line 337 "parse.yacc"
{
if (defaults_matches == TRUE &&
!set_default(yyvsp[-2].string, yyvsp[0].string, '+')) {
@@ -1310,7 +1314,7 @@ case 25:
}
break;
case 26:
-#line 342 "parse.yacc"
+#line 346 "parse.yacc"
{
if (defaults_matches == TRUE &&
!set_default(yyvsp[-2].string, yyvsp[0].string, '-')) {
@@ -1322,7 +1326,7 @@ case 26:
}
break;
case 29:
-#line 357 "parse.yacc"
+#line 361 "parse.yacc"
{
/*
* We already did a push if necessary in
@@ -1331,34 +1335,34 @@ case 29:
*/
host_matches = -1;
runas_matches = -1;
- if (def_flag(I_AUTHENTICATE))
+ if (def_authenticate)
no_passwd = -1;
else
no_passwd = TRUE;
}
break;
case 30:
-#line 372 "parse.yacc"
+#line 376 "parse.yacc"
{
if (yyvsp[0].BOOLEAN != -1)
host_matches = yyvsp[0].BOOLEAN;
}
break;
case 31:
-#line 376 "parse.yacc"
+#line 380 "parse.yacc"
{
if (yyvsp[0].BOOLEAN != -1)
host_matches = ! yyvsp[0].BOOLEAN;
}
break;
case 32:
-#line 382 "parse.yacc"
+#line 386 "parse.yacc"
{
yyval.BOOLEAN = TRUE;
}
break;
case 33:
-#line 385 "parse.yacc"
+#line 389 "parse.yacc"
{
if (addr_matches(yyvsp[0].string))
yyval.BOOLEAN = TRUE;
@@ -1368,7 +1372,7 @@ case 33:
}
break;
case 34:
-#line 392 "parse.yacc"
+#line 396 "parse.yacc"
{
if (netgr_matches(yyvsp[0].string, user_host, user_shost, NULL))
yyval.BOOLEAN = TRUE;
@@ -1378,7 +1382,7 @@ case 34:
}
break;
case 35:
-#line 399 "parse.yacc"
+#line 403 "parse.yacc"
{
if (hostname_matches(user_shost, user_host, yyvsp[0].string) == 0)
yyval.BOOLEAN = TRUE;
@@ -1388,7 +1392,7 @@ case 35:
}
break;
case 36:
-#line 406 "parse.yacc"
+#line 410 "parse.yacc"
{
aliasinfo *aip = find_alias(yyvsp[0].string, HOST_ALIAS);
@@ -1413,7 +1417,7 @@ case 36:
}
break;
case 39:
-#line 434 "parse.yacc"
+#line 438 "parse.yacc"
{
/*
* Push the entry onto the stack if it is worth
@@ -1441,14 +1445,14 @@ case 39:
}
break;
case 40:
-#line 461 "parse.yacc"
+#line 465 "parse.yacc"
{
if (yyvsp[0].BOOLEAN != -1)
cmnd_matches = yyvsp[0].BOOLEAN;
}
break;
case 41:
-#line 465 "parse.yacc"
+#line 469 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1460,14 +1464,14 @@ case 41:
}
break;
case 42:
-#line 473 "parse.yacc"
+#line 477 "parse.yacc"
{
if (yyvsp[0].BOOLEAN != -1)
cmnd_matches = ! yyvsp[0].BOOLEAN;
}
break;
case 43:
-#line 479 "parse.yacc"
+#line 483 "parse.yacc"
{
if (printmatches == TRUE && host_matches == TRUE &&
user_matches == TRUE) {
@@ -1489,21 +1493,21 @@ case 43:
*/
if (runas_matches == -1)
runas_matches = (strcmp(*user_runas,
- def_str(I_RUNAS_DEFAULT)) == 0);
+ def_runas_default) == 0);
}
break;
case 44:
-#line 502 "parse.yacc"
+#line 506 "parse.yacc"
{
runas_matches = (yyvsp[0].BOOLEAN == TRUE ? TRUE : FALSE);
}
break;
case 45:
-#line 507 "parse.yacc"
+#line 511 "parse.yacc"
{ ; }
break;
case 46:
-#line 508 "parse.yacc"
+#line 512 "parse.yacc"
{
/* Later entries override earlier ones. */
if (yyvsp[0].BOOLEAN != -1)
@@ -1513,11 +1517,11 @@ case 46:
}
break;
case 47:
-#line 517 "parse.yacc"
+#line 521 "parse.yacc"
{ ; }
break;
case 48:
-#line 518 "parse.yacc"
+#line 522 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1529,14 +1533,14 @@ case 48:
}
break;
case 49:
-#line 526 "parse.yacc"
+#line 530 "parse.yacc"
{
/* Set $$ to the negation of runasuser */
yyval.BOOLEAN = (yyvsp[0].BOOLEAN == -1 ? -1 : ! yyvsp[0].BOOLEAN);
}
break;
case 50:
-#line 532 "parse.yacc"
+#line 536 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1553,7 +1557,7 @@ case 50:
}
break;
case 51:
-#line 546 "parse.yacc"
+#line 550 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1570,7 +1574,7 @@ case 51:
}
break;
case 52:
-#line 560 "parse.yacc"
+#line 564 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1587,7 +1591,7 @@ case 52:
}
break;
case 53:
-#line 574 "parse.yacc"
+#line 578 "parse.yacc"
{
aliasinfo *aip = find_alias(yyvsp[0].string, RUNAS_ALIAS);
@@ -1619,7 +1623,7 @@ case 53:
}
break;
case 54:
-#line 603 "parse.yacc"
+#line 607 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1632,7 +1636,7 @@ case 54:
}
break;
case 55:
-#line 615 "parse.yacc"
+#line 619 "parse.yacc"
{
/* Inherit NOPASSWD/PASSWD status. */
if (printmatches == TRUE && host_matches == TRUE &&
@@ -1645,7 +1649,7 @@ case 55:
}
break;
case 56:
-#line 625 "parse.yacc"
+#line 629 "parse.yacc"
{
no_passwd = TRUE;
if (printmatches == TRUE && host_matches == TRUE &&
@@ -1654,7 +1658,7 @@ case 56:
}
break;
case 57:
-#line 631 "parse.yacc"
+#line 635 "parse.yacc"
{
no_passwd = FALSE;
if (printmatches == TRUE && host_matches == TRUE &&
@@ -1663,7 +1667,7 @@ case 57:
}
break;
case 58:
-#line 639 "parse.yacc"
+#line 643 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE)
@@ -1683,7 +1687,7 @@ case 58:
}
break;
case 59:
-#line 656 "parse.yacc"
+#line 660 "parse.yacc"
{
aliasinfo *aip;
@@ -1715,7 +1719,7 @@ case 59:
}
break;
case 60:
-#line 685 "parse.yacc"
+#line 689 "parse.yacc"
{
if (printmatches == TRUE) {
if (in_alias == TRUE) {
@@ -1744,11 +1748,11 @@ case 60:
}
break;
case 63:
-#line 717 "parse.yacc"
+#line 721 "parse.yacc"
{ push; }
break;
case 64:
-#line 717 "parse.yacc"
+#line 721 "parse.yacc"
{
if ((host_matches != -1 || pedantic) &&
!add_alias(yyvsp[-3].string, HOST_ALIAS, host_matches)) {
@@ -1759,7 +1763,7 @@ case 64:
}
break;
case 69:
-#line 735 "parse.yacc"
+#line 739 "parse.yacc"
{
push;
if (printmatches == TRUE) {
@@ -1772,7 +1776,7 @@ case 69:
}
break;
case 70:
-#line 744 "parse.yacc"
+#line 748 "parse.yacc"
{
if ((cmnd_matches != -1 || pedantic) &&
!add_alias(yyvsp[-3].string, CMND_ALIAS, cmnd_matches)) {
@@ -1787,11 +1791,11 @@ case 70:
}
break;
case 71:
-#line 758 "parse.yacc"
+#line 762 "parse.yacc"
{ ; }
break;
case 75:
-#line 766 "parse.yacc"
+#line 770 "parse.yacc"
{
if (printmatches == TRUE) {
in_alias = TRUE;
@@ -1803,7 +1807,7 @@ case 75:
}
break;
case 76:
-#line 774 "parse.yacc"
+#line 778 "parse.yacc"
{
if ((yyvsp[0].BOOLEAN != -1 || pedantic) &&
!add_alias(yyvsp[-3].string, RUNAS_ALIAS, yyvsp[0].BOOLEAN)) {
@@ -1817,11 +1821,11 @@ case 76:
}
break;
case 79:
-#line 791 "parse.yacc"
+#line 795 "parse.yacc"
{ push; }
break;
case 80:
-#line 791 "parse.yacc"
+#line 795 "parse.yacc"
{
if ((user_matches != -1 || pedantic) &&
!add_alias(yyvsp[-3].string, USER_ALIAS, user_matches)) {
@@ -1833,21 +1837,21 @@ case 80:
}
break;
case 83:
-#line 806 "parse.yacc"
+#line 810 "parse.yacc"
{
if (yyvsp[0].BOOLEAN != -1)
user_matches = yyvsp[0].BOOLEAN;
}
break;
case 84:
-#line 810 "parse.yacc"
+#line 814 "parse.yacc"
{
if (yyvsp[0].BOOLEAN != -1)
user_matches = ! yyvsp[0].BOOLEAN;
}
break;
case 85:
-#line 816 "parse.yacc"
+#line 820 "parse.yacc"
{
if (strcmp(yyvsp[0].string, user_name) == 0)
yyval.BOOLEAN = TRUE;
@@ -1857,7 +1861,7 @@ case 85:
}
break;
case 86:
-#line 823 "parse.yacc"
+#line 827 "parse.yacc"
{
if (usergr_matches(yyvsp[0].string, user_name))
yyval.BOOLEAN = TRUE;
@@ -1867,7 +1871,7 @@ case 86:
}
break;
case 87:
-#line 830 "parse.yacc"
+#line 834 "parse.yacc"
{
if (netgr_matches(yyvsp[0].string, NULL, NULL, user_name))
yyval.BOOLEAN = TRUE;
@@ -1877,7 +1881,7 @@ case 87:
}
break;
case 88:
-#line 837 "parse.yacc"
+#line 841 "parse.yacc"
{
aliasinfo *aip = find_alias(yyvsp[0].string, USER_ALIAS);
@@ -1902,12 +1906,12 @@ case 88:
}
break;
case 89:
-#line 859 "parse.yacc"
+#line 863 "parse.yacc"
{
yyval.BOOLEAN = TRUE;
}
break;
-#line 1859 "sudo.tab.c"
+#line 1863 "sudo.tab.c"
}
yyssp -= yym;
yystate = *yyssp;
diff --git a/visudo.c b/visudo.c
index e1fad388e..6695203b4 100644
--- a/visudo.c
+++ b/visudo.c
@@ -259,7 +259,7 @@ main(argc, argv)
if (find_path(UserEditor, &Editor, getenv("PATH")) == FOUND) {
UserEditor = Editor;
} else {
- if (def_flag(I_ENV_EDITOR)) {
+ if (def_env_editor) {
/* If we are honoring $EDITOR this is a fatal error. */
warnx("specified editor (%s) doesn't exist!", UserEditor);
Exit(-1);
@@ -275,7 +275,7 @@ main(argc, argv)
* we allow any $EDITOR or because $EDITOR is in the allowable list.
*/
Editor = EditorPath = NULL;
- if (def_flag(I_ENV_EDITOR) && UserEditor)
+ if (def_env_editor && UserEditor)
Editor = UserEditor;
else if (UserEditor) {
struct stat editor_sb;
@@ -287,7 +287,7 @@ main(argc, argv)
warn("unable to stat editor (%s)", UserEditor);
Exit(-1);
}
- EditorPath = estrdup(def_str(I_EDITOR));
+ EditorPath = estrdup(def_editor);
Editor = strtok(EditorPath, ":");
do {
/*
@@ -317,13 +317,13 @@ main(argc, argv)
}
/*
- * Can't use $EDITOR, try each element of I_EDITOR until we
+ * Can't use $EDITOR, try each element of def_editor until we
* find one that exists, is regular, and is executable.
*/
if (Editor == NULL || *Editor == '\0') {
if (EditorPath != NULL)
free(EditorPath);
- EditorPath = estrdup(def_str(I_EDITOR));
+ EditorPath = estrdup(def_editor);
Editor = strtok(EditorPath, ":");
do {
if (sudo_goodpath(Editor))
@@ -332,7 +332,7 @@ main(argc, argv)
/* Bleah, none of the editors existed! */
if (Editor == NULL || *Editor == '\0') {
- warnx("no editor found (editor path = %s)", def_str(I_EDITOR));
+ warnx("no editor found (editor path = %s)", def_editor);
Exit(-1);
}
}