From 33e31855aef740f1ef025708697d47d02b76e7ee Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sat, 21 Aug 2010 08:48:13 -0400 Subject: [PATCH] Move get_auth() into check.c where it is actually used. --HG-- branch : 1.7 --- check.c | 39 +++++++++++++++++++++++++++++++++++---- sudo.c | 34 ---------------------------------- 2 files changed, 35 insertions(+), 38 deletions(-) diff --git a/check.c b/check.c index 96af763b1..e73167cc3 100644 --- a/check.c +++ b/check.c @@ -90,6 +90,7 @@ static char *expand_prompt __P((char *, char *, char *)); static void lecture __P((int)); static void update_timestamp __P((char *, char *)); static int tty_is_devpts __P((const char *)); +static struct passwd *get_authpw __P((void)); /* * This function only returns if the user can successfully @@ -128,6 +129,8 @@ check_user(validated, mode) TS_MAKE_DIRS); if (status != TS_CURRENT || ISSET(validated, FLAG_CHECK_USER)) { + struct passwd *auth_pw; + /* Bail out if we are non-interactive and a password is required */ if (ISSET(mode, MODE_NONINTERACTIVE)) errorx(1, "sorry, a password is required to run %s", getprogname()); @@ -156,17 +159,15 @@ check_user(validated, mode) prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt, user_name, user_shost); + auth_pw = get_authpw(); verify_user(auth_pw, prompt); + pw_delref(auth_pw); } /* Only update timestamp if user was validated. */ if (ISSET(validated, VALIDATE_OK) && !ISSET(mode, MODE_INVALIDATE) && status != TS_ERROR) update_timestamp(timestampdir, timestampfile); efree(timestampdir); efree(timestampfile); - if (auth_pw != NULL) { - pw_delref(auth_pw); - auth_pw = NULL; - } } /* @@ -697,3 +698,33 @@ tty_is_devpts(tty) #endif /* __linux__ */ return retval; } + +/* + * Get passwd entry for the user we are going to authenticate as. + * By default, this is the user invoking sudo. In the most common + * case, this matches sudo_user.pw or runas_pw. + */ +static struct passwd * +get_authpw() +{ + struct passwd *pw; + + if (def_rootpw) { + if ((pw = sudo_getpwuid(0)) == NULL) + log_error(0, "unknown uid: 0"); + } else if (def_runaspw) { + if ((pw = sudo_getpwnam(def_runas_default)) == NULL) + log_error(0, "unknown user: %s", def_runas_default); + } else if (def_targetpw) { + if (runas_pw->pw_name == NULL) + log_error(NO_MAIL|MSG_ONLY, "unknown uid: %lu", + (unsigned long) runas_pw->pw_uid); + pw_addref(runas_pw); + pw = runas_pw; + } else { + pw_addref(sudo_user.pw); + pw = sudo_user.pw; + } + + return(pw); +} diff --git a/sudo.c b/sudo.c index 974191081..72a63ff4c 100644 --- a/sudo.c +++ b/sudo.c @@ -122,7 +122,6 @@ static void set_project __P((struct passwd *)); static void set_runasgr __P((char *)); static void set_runaspw __P((char *)); static void show_version __P((void)); -static struct passwd *get_authpw __P((void)); static void create_admin_success_flag __P((void)); extern int sudo_edit __P((int, char **, char **)); int run_command __P((const char *path, char *argv[], char *envp[], uid_t uid, int dowait)); /* XXX should be in sudo.h */ @@ -428,9 +427,6 @@ main(argc, argv, envp) /* Build a new environment that avoids any nasty bits. */ rebuild_env(def_noexec); - /* Fill in passwd struct based on user we are authenticating as. */ - auth_pw = get_authpw(); - /* Require a password if sudoers says so. */ if (def_authenticate) check_user(validated, sudo_mode); @@ -1304,36 +1300,6 @@ set_runasgr(group) } } -/* - * Get passwd entry for the user we are going to authenticate as. - * By default, this is the user invoking sudo. In the most common - * case, this matches sudo_user.pw or runas_pw. - */ -static struct passwd * -get_authpw() -{ - struct passwd *pw; - - if (def_rootpw) { - if ((pw = sudo_getpwuid(0)) == NULL) - log_error(0, "unknown uid: 0"); - } else if (def_runaspw) { - if ((pw = sudo_getpwnam(def_runas_default)) == NULL) - log_error(0, "unknown user: %s", def_runas_default); - } else if (def_targetpw) { - if (runas_pw->pw_name == NULL) - log_error(NO_MAIL|MSG_ONLY, "unknown uid: %lu", - (unsigned long) runas_pw->pw_uid); - pw_addref(runas_pw); - pw = runas_pw; - } else { - pw_addref(sudo_user.pw); - pw = sudo_user.pw; - } - - return(pw); -} - /* * Cleanup hook for error()/errorx() */ -- 2.40.0