From f68cc2f6282fa93d77738ba8e83f595efafb9b85 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 17 Jan 2000 04:05:18 +0000
Subject: [PATCH] Add "listpw" and "verifypw" options.

---
 defaults.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++--
 defaults.h | 10 +++++++
 parse.c    | 14 ++++-----
 sudo.c     |  4 +--
 sudo.h     | 10 +++----
 5 files changed, 104 insertions(+), 17 deletions(-)

diff --git a/defaults.c b/defaults.c
index aa81dc5d4..d01eaea5c 100644
--- a/defaults.c
+++ b/defaults.c
@@ -106,6 +106,7 @@ static int store_str __P((char *, struct sudo_defs_types *, int));
 static int store_syslogfac __P((char *, struct sudo_defs_types *, int));
 static int store_syslogpri __P((char *, struct sudo_defs_types *, int));
 static int store_mode __P((char *, struct sudo_defs_types *, int));
+static int store_pwflag __P((char *, struct sudo_defs_types *, int));
 
 /*
  * Table describing compile-time and run-time options.
@@ -225,6 +226,16 @@ struct sudo_defs_types sudo_defs_table[] = {
     }, {
 	"secure_path", T_STR|T_BOOL,
 	"Value to override user's $PATH with: %s"
+    }, {
+	"listpw_i", T_INT, NULL
+    }, {
+	"verifypw_i", T_INT, NULL
+    }, {
+	"listpw", T_PWFLAG,
+	"When to require a password for 'list' pseudocommand: %s"
+    }, {
+	"verifypw", T_PWFLAG,
+	"When to require a password for 'verify' pseudocommand: %s"
     }, {
 	NULL, 0, NULL
     }
@@ -248,6 +259,7 @@ dump_defaults()
 		case T_STR:
 		case T_LOGFAC:
 		case T_LOGPRI:
+		case T_PWFLAG:
 		    if (cur->sd_un.str) {
 			(void) printf(cur->desc, cur->sd_un.str);
 			putchar('\n');
@@ -355,6 +367,19 @@ set_default(var, val, op)
 		return(FALSE);
 	    }
 	    break;
+	case T_PWFLAG:
+	    if (!store_pwflag(val, cur, op)) {
+		if (val)
+		    (void) fprintf(stderr,
+			"%s: value '%s' is invalid for option '%s'\n", Argv[0],
+			val, var);
+		else
+		    (void) fprintf(stderr,
+			"%s: no value specified for `%s' on line %d\n", Argv[0],
+			var, sudolineno);
+		return(FALSE);
+	    }
+	    break;
 	case T_STR:
 	    if (!val) {
 		/* Check for bogus boolean usage or lack of a value. */
@@ -447,6 +472,7 @@ init_defaults()
 		case T_STR:
 		case T_LOGFAC:
 		case T_LOGPRI:
+		case T_PWFLAG:
 		    if (def->sd_un.str) {
 			free(def->sd_un.str);
 			def->sd_un.str = NULL;
@@ -509,6 +535,10 @@ init_defaults()
     (void) store_syslogpri(PRI_FAILURE, &sudo_defs_table[I_BADPRISTR], TRUE);
 #endif
 
+    /* Password flags also have a string and integer component. */
+    (void) store_pwflag("any", &sudo_defs_table[I_LISTPWSTR], TRUE);
+    (void) store_pwflag("all", &sudo_defs_table[I_VERIFYPWSTR], TRUE);
+
     /* Then initialize the int-like things. */
 #ifdef SUDO_UMASK
     def_mode(I_UMASK) = SUDO_UMASK;
@@ -598,8 +628,10 @@ store_syslogfac(val, def, op)
     struct strmap *fac;
 
     if (op == FALSE) {
-	free(def->sd_un.str);
-	def->sd_un.str = NULL;
+	if (def->sd_un.str) {
+	    free(def->sd_un.str);
+	    def->sd_un.str = NULL;
+	}
 	return(TRUE);
     }
 #ifdef LOG_NFACILITIES
@@ -679,3 +711,50 @@ store_mode(val, def, op)
     }
     return(TRUE);
 }
+
+static int
+store_pwflag(val, def, op)
+    char *val;
+    struct sudo_defs_types *def;
+    int op;
+{
+    int isub, flags;
+
+    if (strcmp(def->name, "verifypw") == 0)
+	isub = I_VERIFYPW;
+    else
+	isub = I_LISTPW;
+
+    /* Handle !foo. */
+    if (op == FALSE) {
+	if (def->sd_un.str) {
+	    free(def->sd_un.str);
+	    def->sd_un.str = NULL;
+	}
+	def->sd_un.str = estrdup("never");
+	sudo_defs_table[isub].sd_un.ival = PWCHECK_NEVER;
+	return(TRUE);
+    }
+    if (!val)
+	return(FALSE);
+
+    /* Convert strings to integer values. */
+    if (strcmp(val, "all") == 0)
+	flags = PWCHECK_ALL;
+    else if (strcmp(val, "any") == 0)
+	flags = PWCHECK_ANY;
+    else if (strcmp(val, "never") == 0)
+	flags = PWCHECK_NEVER;
+    else if (strcmp(val, "always") == 0)
+	flags = PWCHECK_ALWAYS;
+    else
+	return(FALSE);
+
+    /* Store both name and number. */
+    if (def->sd_un.str)
+	free(def->sd_un.str);
+    def->sd_un.str = estrdup(val);
+    sudo_defs_table[isub].sd_un.ival = flags;
+
+    return(TRUE);
+}
diff --git a/defaults.h b/defaults.h
index 9828fdf90..d3082f1d7 100644
--- a/defaults.h
+++ b/defaults.h
@@ -69,6 +69,8 @@ struct sudo_defs_types {
 #define T_LOGFAC	0x005
 #undef T_LOGPRI
 #define T_LOGPRI	0x006
+#undef T_PWFLAG
+#define T_PWFLAG	0x007
 #undef T_MASK
 #define T_MASK		0x0FF
 #undef T_BOOL
@@ -129,6 +131,14 @@ struct sudo_defs_types {
 #define	I_RUNAS_DEF	37	/* default user to run commands as */
 #define	I_SECURE_PATH	38	/* set $PATH to this if not NULL */
 
+/* Integer versions of list/verify options */
+#define I_LISTPW	39
+#define I_VERIFYPW	40
+
+/* String versions of list/verify options */
+#define I_LISTPWSTR	41
+#define I_VERIFYPWSTR	42
+
 /*
  * Macros for accessing sudo_defs_table.
  */
diff --git a/parse.c b/parse.c
index 9080da0b3..5d3a0cc49 100644
--- a/parse.c
+++ b/parse.c
@@ -129,7 +129,7 @@ sudoers_lookup(pwflags)
     init_parser();
 
     /* For most pwflags to be useful we need to keep more state around. */
-    if (pwflags && !(pwflags & PWCHECK_NEVER))
+    if (pwflags && pwflags != PWCHECK_NEVER && pwflags != PWCHECK_ALWAYS)
 	keepall = TRUE;
 
     /* Need to be root while stat'ing things in the parser. */
@@ -167,7 +167,7 @@ sudoers_lookup(pwflags)
     if (pwflags) {
 	int nopass, found;
 
-	if ((pwflags & PWCHECK_NEVER) || !def_flag(I_AUTHENTICATE))
+	if (pwflags == PWCHECK_NEVER || !def_flag(I_AUTHENTICATE))
 	    nopass = FLAG_NOPASS;
 	else
 	    nopass = -1;
@@ -175,12 +175,10 @@ sudoers_lookup(pwflags)
 	while (top) {
 	    if (host_matches == TRUE) {
 		found = 1;
-		if (!(pwflags & PWCHECK_RUNAS) || runas_matches == TRUE) {
-		    if ((pwflags & PWCHECK_ANY) && no_passwd == TRUE)
-			nopass = FLAG_NOPASS;
-		    else if ((pwflags & PWCHECK_ALL) && nopass != 0)
-			nopass = (no_passwd == TRUE) ? FLAG_NOPASS : 0;
-		}
+		if (pwflags == PWCHECK_ANY && no_passwd == TRUE)
+		    nopass = FLAG_NOPASS;
+		else if (pwflags == PWCHECK_ALL && nopass != 0)
+		    nopass = (no_passwd == TRUE) ? FLAG_NOPASS : 0;
 	    }
 	    top--;
 	}
diff --git a/sudo.c b/sudo.c
index ccace3db3..d320c8bad 100644
--- a/sudo.c
+++ b/sudo.c
@@ -237,7 +237,7 @@ main(argc, argv)
 		break;
 	    case MODE_VALIDATE:
 		user_cmnd = "validate";
-		sudoers_flags = PWCHECK_ALL | PWCHECK_RUNAS;
+		sudoers_flags = def_ival(I_VERIFYPW);
 		break;
 	    case MODE_KILL:
 	    case MODE_INVALIDATE:
@@ -251,7 +251,7 @@ main(argc, argv)
 	    case MODE_LIST:
 		user_cmnd = "list";
 		printmatches = 1;
-		sudoers_flags = PWCHECK_ANY;
+		sudoers_flags = def_ival(I_LISTPW);
 		break;
 	}
 
diff --git a/sudo.h b/sudo.h
index 26e47a13a..504b97324 100644
--- a/sudo.h
+++ b/sudo.h
@@ -149,12 +149,12 @@ struct sudo_user {
  *  PASSWD_NEVER:  user never has to give a passwd
  *  PASSWD_ALL:    no passwd needed if all entries for host have NOPASSWD flag
  *  PASSWD_ANY:    no passwd needed if any entry for host has a NOPASSWD flag
- *  PWCHECK_RUNAS: require that runas_matches be TRUE
+ *  PASSWD_ALWAYS: passwd always needed
  */
-#define PWCHECK_NEVER	001
-#define PWCHECK_ALL	002
-#define PWCHECK_ANY	004
-#define PWCHECK_RUNAS	010
+#define PWCHECK_NEVER	0x01
+#define PWCHECK_ALL	0x02
+#define PWCHECK_ANY	0x04
+#define PWCHECK_ALWAYS	0x08
 
 /*
  * Function prototypes
-- 
2.49.0