static char *expand_prompt(char *, char *, char *);
static void lecture(int);
static void update_timestamp(char *, char *);
-static int tty_is_devpts(const char *);
+static bool tty_is_devpts(const char *);
static struct passwd *get_authpw(void);
/*
- * Returns TRUE if the user successfully authenticates, else FALSE.
+ * Returns true if the user successfully authenticates, else false.
*/
int
check_user(int validated, int mode)
char *timestampfile = NULL;
char *prompt;
struct stat sb;
- int status, rval = TRUE;
- int need_pass = def_authenticate;
+ int status, rval = true;
+ bool need_pass = def_authenticate;
+ debug_decl(check_user, SUDO_DEBUG_AUTH)
/*
* Init authentication system regardless of whether we need a password.
if (user_uid == 0 || (user_uid == runas_pw->pw_uid &&
(!runas_gr || user_in_group(sudo_user.pw, runas_gr->gr_name)))
|| user_is_exempt())
- need_pass = FALSE;
+ need_pass = false;
}
}
if (!need_pass)
rval = verify_user(auth_pw, prompt);
}
/* Only update timestamp if user was validated. */
- if (rval == TRUE && ISSET(validated, VALIDATE_OK) &&
+ if (rval == true && ISSET(validated, VALIDATE_OK) &&
!ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
update_timestamp(timestampdir, timestampfile);
efree(timestampdir);
sudo_auth_cleanup(auth_pw);
pw_delref(auth_pw);
- return rval;
+ debug_return_bool(rval);
}
#define DEFAULT_LECTURE "\n" \
ssize_t nread;
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
+ debug_decl(lecture, SUDO_DEBUG_AUTH)
if (def_lecture == never ||
(def_lecture == once && status != TS_MISSING && status != TS_ERROR))
- return;
+ debug_return;
memset(&msg, 0, sizeof(msg));
memset(&repl, 0, sizeof(repl));
if (def_lecture_file && (fp = fopen(def_lecture_file, "r")) != NULL) {
while ((nread = fread(buf, sizeof(char), sizeof(buf) - 1, fp)) != 0) {
- buf[sizeof(buf) - 1] = '\0';
+ buf[nread] = '\0';
msg.msg_type = SUDO_CONV_ERROR_MSG;
msg.msg = buf;
sudo_conv(1, &msg, &repl);
msg.msg = _(DEFAULT_LECTURE);
sudo_conv(1, &msg, &repl);
}
+ debug_return;
}
/*
static void
update_timestamp(char *timestampdir, char *timestampfile)
{
+ debug_decl(update_timestamp, SUDO_DEBUG_AUTH)
+
/* If using tty timestamps but we have no tty there is nothing to do. */
if (def_tty_tickets && !user_ttypath)
- return;
+ debug_return;
if (timestamp_uid != 0)
set_perms(PERM_TIMESTAMP);
}
if (timestamp_uid != 0)
restore_perms();
+ debug_return;
}
/*
size_t len, n;
int subst;
char *p, *np, *new_prompt, *endp;
+ debug_decl(expand_prompt, SUDO_DEBUG_AUTH)
/* How much space do we need to malloc for the prompt? */
subst = 0;
} else
new_prompt = old_prompt;
- return new_prompt;
+ debug_return_str(new_prompt);
oflow:
/* We pre-allocate enough space, so this should never happen. */
/*
* Checks if the user is exempt from supplying a password.
*/
-int
+bool
user_is_exempt(void)
{
- if (!def_exempt_group)
- return FALSE;
- return user_in_group(sudo_user.pw, def_exempt_group);
+ bool rval = false;
+ debug_decl(user_is_exempt, SUDO_DEBUG_AUTH)
+
+ if (def_exempt_group)
+ rval = user_in_group(sudo_user.pw, def_exempt_group);
+ debug_return_bool(rval);
}
/*
{
char *dirparent;
int len;
+ debug_decl(build_timestamp, SUDO_DEBUG_AUTH)
dirparent = def_timestampdir;
len = easprintf(timestampdir, "%s/%s", dirparent, user_name);
} else
*timestampfile = NULL;
- return len;
+ debug_return_int(len);
bad:
log_error(0, _("timestamp path too long: %s"), *timestampfile);
- return -1;
+ debug_return_int(-1);
}
/*
time_t now;
char *dirparent = def_timestampdir;
int status = TS_ERROR; /* assume the worst */
+ debug_decl(timestamp_status, SUDO_DEBUG_AUTH)
if (timestamp_uid != 0)
set_perms(PERM_TIMESTAMP);
done:
if (timestamp_uid != 0)
restore_perms();
- return status;
+ debug_return_int(status);
}
/*
* Remove the timestamp ticket file/dir.
*/
void
-remove_timestamp(int remove)
+remove_timestamp(bool remove)
{
struct timeval tv;
char *timestampdir, *timestampfile, *path;
int status;
+ debug_decl(remove_timestamp, SUDO_DEBUG_AUTH)
if (build_timestamp(×tampdir, ×tampfile) == -1)
- return;
+ debug_return;
status = timestamp_status(timestampdir, timestampfile, user_name,
TS_REMOVE);
log_error(NO_EXIT,
_("unable to remove %s (%s), will reset to the epoch"),
path, strerror(errno));
- remove = FALSE;
+ remove = false;
}
}
if (!remove) {
error(1, _("unable to reset %s to the epoch"), path);
}
}
-
efree(timestampdir);
efree(timestampfile);
+
+ debug_return;
}
/*
- * Returns TRUE if tty lives on a devpts or /devices filesystem, else FALSE.
+ * Returns true if tty lives on a devpts or /devices filesystem, else false.
* Unlike most filesystems, the ctime of devpts nodes is not updated when
* the device node is written to, only when the inode's status changes,
* typically via the chmod, chown, link, rename, or utimes system calls.
* Since the ctime is "stable" in this case, we can stash it the tty ticket
* file and use it to determine whether the tty ticket file is stale.
*/
-static int
+static bool
tty_is_devpts(const char *tty)
{
- int retval = FALSE;
+ bool retval = false;
#ifdef __linux__
struct statfs sfs;
+ debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
#ifndef DEVPTS_SUPER_MAGIC
# define DEVPTS_SUPER_MAGIC 0x1cd1
if (statfs(tty, &sfs) == 0) {
if (sfs.f_type == DEVPTS_SUPER_MAGIC)
- retval = TRUE;
+ retval = true;
}
#elif defined(__sun) && defined(__SVR4)
struct statvfs sfs;
+ debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
if (statvfs(tty, &sfs) == 0) {
if (strcmp(sfs.f_fstr, "devices") == 0)
- retval = TRUE;
+ retval = true;
}
+#else
+ debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
#endif /* __linux__ */
- return retval;
+ debug_return_bool(retval);
}
/*
get_authpw(void)
{
struct passwd *pw;
+ debug_decl(get_authpw, SUDO_DEBUG_AUTH)
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
pw = sudo_user.pw;
}
- return pw;
+ debug_return_ptr(pw);
}