From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 15 Nov 2004 17:33:52 +0000 (+0000)
Subject: Use ALIAS for the member type when storing an alias instead of
X-Git-Tag: SUDO_1_7_0~829
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d076091ab335ac421bdd8c20e254688381752813;p=sudo

Use ALIAS for the member type when storing an alias instead of
HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since match.c relies on
the more generic type.  Expand runas_matches instead of calling
user_matches() inside of it since user_matches() looks up USERALIASes,
not RUNASALIASes.
---

diff --git a/gram.y b/gram.y
index 9fe4f10cf..443733e1d 100644
--- a/gram.y
+++ b/gram.y
@@ -276,7 +276,7 @@ ophost		:	host {
 		;
 
 host		:	ALIAS {
-			    NEW_MEMBER($$, $1, HOSTALIAS);
+			    NEW_MEMBER($$, $1, ALIAS);
 			}
 		|	ALL {
 			    NEW_MEMBER($$, NULL, ALL);
@@ -346,7 +346,7 @@ oprunasuser	:	runasuser {
 		;
 
 runasuser	:	ALIAS {
-			    NEW_MEMBER($$, $1, RUNASALIAS);
+			    NEW_MEMBER($$, $1, ALIAS);
 			}
 		|	ALL {
 			    NEW_MEMBER($$, NULL, ALL);
@@ -392,7 +392,7 @@ cmnd		:	ALL {
 			    safe_cmnd = estrdup(user_cmnd);
 			}
 		|	ALIAS {
-			    NEW_MEMBER($$, $1, CMNDALIAS);
+			    NEW_MEMBER($$, $1, ALIAS);
 			}
 		|	COMMAND {
 			    struct sudo_command *c = emalloc(sizeof(*c));
@@ -486,7 +486,7 @@ opuser		:	user {
 		;
 
 user		:	ALIAS {
-			    NEW_MEMBER($$, $1, USERALIAS);
+			    NEW_MEMBER($$, $1, ALIAS);
 			}
 		|	ALL {
 			    NEW_MEMBER($$, NULL, ALL);
diff --git a/match.c b/match.c
index 3307ac431..6d77d98c0 100644
--- a/match.c
+++ b/match.c
@@ -146,9 +146,37 @@ runas_matches(pw, list)
     struct passwd *pw;
     struct member *list;
 {
+    struct member *m;
+    int rval, matched = UNSPEC;
+
     if (list == NULL)
 	return(userpw_matches(def_runas_default, pw->pw_name, pw));
-    return(user_matches(pw, list));
+
+    for (m = list; m != NULL; m = m->next) {
+	switch (m->type) {
+	    case ALIAS:
+		rval = alias_matches(m->name, RUNASALIAS, pw, NULL);
+		if (rval != UNSPEC || (rval = !strcmp(m->name, pw->pw_name)))
+		    matched = rval;
+		break;
+	    case ALL:
+		matched = !m->negated;
+		break;
+	    case NETGROUP:
+		if (netgr_matches(m->name, NULL, NULL, pw->pw_name))
+		    matched = !m->negated;
+		break;
+	    case USERGROUP:
+		if (usergr_matches(m->name, pw->pw_name, pw))
+		    matched = !m->negated;
+		break;
+	    case WORD:
+		if (userpw_matches(m->name, pw->pw_name, pw))
+		    matched = !m->negated;
+		break;
+	}
+    }
+    return(matched);
 }
 
 /*