From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 14 Apr 2010 10:38:32 +0000 (-0400)
Subject: Add workaround for the lack of the environ pointer on Mac OS X
X-Git-Tag: SUDO_1_8_0~721
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fb87c040ccae2d8b350cd48a413d9b42169d8814;p=sudo

Add workaround for the lack of the environ pointer on Mac OS X
in dlopen()ed modules.  Use of environ in the sudoers plugin should
ultimately be removed but this will do for the moment.
---

diff --git a/config.h.in b/config.h.in
index 85fbb7779..24ded52fc 100644
--- a/config.h.in
+++ b/config.h.in
@@ -587,6 +587,9 @@
 /* Define to 1 if you have the `_innetgr' function. */
 #undef HAVE__INNETGR
 
+/* Define to 1 if you have the `_NSGetEnviron' function. */
+#undef HAVE__NSGETENVIRON
+
 /* Define to 1 if your crt0.o defines the __progname symbol for you. */
 #undef HAVE___PROGNAME
 
diff --git a/configure b/configure
index 0eb782c19..52693fa27 100755
--- a/configure
+++ b/configure
@@ -13089,6 +13089,100 @@ done
 		CHECKSHADOW="false"
 		test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
 		: ${with_logincap='yes'}
+
+for ac_func in _NSGetEnviron
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+  echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+  cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
+   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+#define $ac_func innocuous_$ac_func
+
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func (); below.
+    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+    <limits.h> exists even on freestanding compilers.  */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $ac_func
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $ac_func ();
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined __stub_$ac_func || defined __stub___$ac_func
+choke me
+#endif
+
+int
+main ()
+{
+return $ac_func ();
+  ;
+  return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+  (eval "$ac_link") 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest$ac_exeext &&
+       $as_test_x conftest$ac_exeext; then
+  eval "$as_ac_var=yes"
+else
+  echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	eval "$as_ac_var=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+      conftest$ac_exeext conftest.$ac_ext
+fi
+ac_res=`eval echo '${'$as_ac_var'}'`
+	       { echo "$as_me:$LINENO: result: $ac_res" >&5
+echo "${ECHO_T}$ac_res" >&6; }
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+  cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
 		;;
     *-*-nextstep*)
 		# lockf() on is broken on the NeXT -- use flock instead
diff --git a/configure.in b/configure.in
index e12a4ad7b..ae01054a4 100644
--- a/configure.in
+++ b/configure.in
@@ -1741,6 +1741,7 @@ case "$host" in
 		CHECKSHADOW="false"
 		test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
 		: ${with_logincap='yes'}
+		AC_CHECK_FUNCS(_NSGetEnviron)
 		;;
     *-*-nextstep*)
 		# lockf() on is broken on the NeXT -- use flock instead
diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c
index 91093b4c8..956127faf 100644
--- a/plugins/sudoers/env.c
+++ b/plugins/sudoers/env.c
@@ -43,6 +43,9 @@
 #ifdef HAVE_UNISTD_H
 # include <unistd.h>
 #endif /* HAVE_UNISTD_H */
+#ifdef HAVE__NSGETENVIRON
+#include <crt_externs.h>
+#endif
 #include <ctype.h>
 #include <errno.h>
 #include <pwd.h>
@@ -101,7 +104,12 @@ struct environment {
 static void sudo_setenv(const char *, const char *, int);
 static void sudo_putenv(char *, int, int);
 
+/* XXX - should not need to muck with environ, use envp from env_init */
+#ifdef HAVE__NSGETENVIRON
+char **environ;			/* global environment */
+#else
 extern char **environ;		/* global environment */
+#endif
 
 /*
  * Copy of the sudo-managed environment.
@@ -218,6 +226,10 @@ env_init(char * const envp[])
     size_t len;
     int rval = -1;
 
+#ifdef HAVE__NSGETENVIRON
+    environ = _NSGetEnviron();
+#endif
+
     for (ep = envp; *ep != NULL; ep++)
 	continue;
     len = (size_t)(ep - envp);