/*
- * Copyright (c) 1996, 1998-2000 Todd C. Miller <Todd.Miller@courtesan.com>
- * All rights reserved.
+ * Copyright (c) 1996, 1998-2000, 2004, 2007-2009
+ * Todd C. Miller <Todd.Miller@courtesan.com>
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
*
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * 4. Products derived from this software may not be called "Sudo" nor
- * may "Sudo" appear in their names without specific prior written
- * permission from the author.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
- * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * $Sudo: parse.h,v 1.9 2000/03/23 04:38:20 millert Exp $
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef _SUDO_PARSE_H
#define _SUDO_PARSE_H
-/*
- * Data structure used in parsing sudoers;
- * top of stack values are the ones that
- * apply when parsing is done & can be
- * accessed by *_matches macros
- */
-#define STACKINCREMENT (32)
-struct matchstack {
- int user;
- int cmnd;
- int host;
- int runas;
- int nopass;
-};
+#undef UNSPEC
+#define UNSPEC -1
+#undef DENY
+#define DENY 0
+#undef ALLOW
+#define ALLOW 1
+#undef IMPLIED
+#define IMPLIED 2
/*
- * Data structure describing a command in the
- * sudoers file.
+ * A command with args. XXX - merge into struct member.
*/
struct sudo_command {
char *cmnd;
char *args;
};
-#define user_matches (match[top-1].user)
-#define cmnd_matches (match[top-1].cmnd)
-#define host_matches (match[top-1].host)
-#define runas_matches (match[top-1].runas)
-#define no_passwd (match[top-1].nopass)
+/*
+ * Tags associated with a command.
+ * Possible valus: TRUE, FALSE, UNSPEC.
+ */
+struct cmndtag {
+ __signed char nopasswd;
+ __signed char noexec;
+ __signed char setenv;
+ __signed char extra;
+};
+
+/*
+ * SELinux-specific container struct.
+ * Currently just contains a role and type.
+ */
+struct selinux_info {
+ char *role;
+ char *type;
+};
/*
- * Structure containing command matches if "sudo -l" is used.
+ * The parses sudoers file is stored as a collection of linked lists,
+ * modelled after the yacc grammar.
+ *
+ * Other than the alias struct, which is stored in a red-black tree,
+ * the data structure used is basically a doubly-linked tail queue without
+ * a separate head struct--the first entry acts as the head where the prev
+ * pointer does double duty as the tail pointer. This makes it possible
+ * to trivally append sub-lists. In addition, the prev pointer is always
+ * valid (even if it points to itself). Unlike a circle queue, the next
+ * pointer of the last entry is NULL and does not point back to the head.
+ *
+ * Note that each list struct must contain a "prev" and "next" pointer as
+ * the first two members of the struct (in that order).
*/
-struct command_match {
- char *runas;
- size_t runas_len;
- size_t runas_size;
- char *cmnd;
- size_t cmnd_len;
- size_t cmnd_size;
- int nopasswd;
+
+/*
+ * Tail queue list head structure.
+ */
+TQ_DECLARE(defaults)
+TQ_DECLARE(userspec)
+TQ_DECLARE(member)
+TQ_DECLARE(privilege)
+TQ_DECLARE(cmndspec)
+
+/*
+ * Structure describing a user specification and list thereof.
+ */
+struct userspec {
+ struct userspec *prev, *next;
+ struct member_list users; /* list of users */
+ struct privilege_list privileges; /* list of privileges */
+};
+
+/*
+ * Structure describing a privilege specification.
+ */
+struct privilege {
+ struct privilege *prev, *next;
+ struct member_list hostlist; /* list of hosts */
+ struct cmndspec_list cmndlist; /* list of Cmnd_Specs */
+};
+
+/*
+ * Structure describing a linked list of Cmnd_Specs.
+ */
+struct cmndspec {
+ struct cmndspec *prev, *next;
+ struct member_list runasuserlist; /* list of runas users */
+ struct member_list runasgrouplist; /* list of runas groups */
+ struct member *cmnd; /* command to allow/deny */
+ struct cmndtag tags; /* tag specificaion */
+#ifdef HAVE_SELINUX
+ char *role, *type; /* SELinux role and type */
+#endif
+};
+
+/*
+ * Generic structure to hold users, hosts, commands.
+ */
+struct member {
+ struct member *prev, *next;
+ char *name; /* member name */
+ short type; /* type (see gram.h) */
+ short negated; /* negated via '!'? */
+};
+
+struct runascontainer {
+ struct member *runasusers;
+ struct member *runasgroups;
};
/*
- * Structure describing an alias match in parser.
+ * Generic structure to hold {User,Host,Runas,Cmnd}_Alias
+ * Aliases are stored in a red-black tree, sorted by name and type.
*/
-typedef struct {
- int type;
- char *name;
- int val;
-} aliasinfo;
+struct alias {
+ char *name; /* alias name */
+ unsigned short type; /* {USER,HOST,RUNAS,CMND}ALIAS */
+ unsigned short seqno; /* sequence number */
+ struct member_list members; /* list of alias members */
+};
/*
- * Structure containing Cmnd_Alias's if "sudo -l" is used.
+ * Structure describing a Defaults entry and a list thereof.
*/
-struct generic_alias {
- int type;
- char *alias;
- char *entries;
- size_t entries_size;
- size_t entries_len;
+struct defaults {
+ struct defaults *prev, *next;
+ char *var; /* variable name */
+ char *val; /* variable value */
+ struct member_list binding; /* user/host/runas binding */
+ int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */
+ int op; /* TRUE, FALSE, '+', '-' */
};
-/* The matching stack and number of entries on it. */
-extern struct matchstack *match;
-extern int top;
+/*
+ * Parsed sudoers info.
+ */
+extern struct userspec_list userspecs;
+extern struct defaults_list defaults;
+
+/*
+ * Alias sequence number to avoid loops.
+ */
+extern unsigned int alias_seqno;
/*
* Prototypes
*/
+char *alias_add __P((char *, int, struct member *));
int addr_matches __P((char *));
-int command_matches __P((char *, char *, char *, char *));
+int cmnd_matches __P((struct member *));
+int cmndlist_matches __P((struct member_list *));
+int command_matches __P((char *, char *));
+int hostlist_matches __P((struct member_list *));
int hostname_matches __P((char *, char *, char *));
int netgr_matches __P((char *, char *, char *, char *));
-int usergr_matches __P((char *, char *));
+int no_aliases __P((void));
+int runaslist_matches __P((struct member_list *, struct member_list *));
+int userlist_matches __P((struct passwd *, struct member_list *));
+int usergr_matches __P((char *, char *, struct passwd *));
+int userpw_matches __P((char *, char *, struct passwd *));
+int group_matches __P((char *, struct group *));
+struct alias *alias_find __P((char *, int));
+struct alias *alias_remove __P((char *, int));
+void alias_free __P((void *));
+void alias_apply __P((int (*)(void *, void *), void *));
+void init_aliases __P((void));
+void init_lexer __P((void));
+void init_parser __P((char *, int));
+int alias_compare __P((const void *, const void *));
#endif /* _SUDO_PARSE_H */
projects / debian / sudo / blobdiff