Imported Upstream version 1.8.7

[debian/sudo] / plugins / sudoers / defaults.c

diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
index 5046ec2e70ebfefebdf826af4813b0ec8ff69498..277cf3f06a1a42c56205989aa3241b18a546c855 100644 (file)
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999-2005, 2007-2011
+ * Copyright (c) 1999-2005, 2007-2013
  *     Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -22,7 +22,6 @@
 #include <config.h>
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef STDC_HEADERS
 # include <stdlib.h>
@@ -422,6 +421,11 @@ init_defaults(void)
     def_env_reset = ENV_RESET;
     def_set_logname = true;
     def_closefrom = STDERR_FILENO + 1;
+#ifdef NO_PAM_SESSION
+    def_pam_session = false;
+#else
+    def_pam_session = true;
+#endif
 
     /* Syslog options need special care since they both strings and ints */
 #if (LOGGING & SLOG_SYSLOG)
@@ -452,7 +456,7 @@ init_defaults(void)
 
     /* Now do the strings */
     def_mailto = estrdup(MAILTO);
-    def_mailsub = estrdup(_(MAILSUBJECT));
+    def_mailsub = estrdup(N_(MAILSUBJECT));
     def_badpass_message = estrdup(_(INCORRECT_PASSWORD));
     def_timestampdir = estrdup(_PATH_SUDO_TIMEDIR);
     def_passprompt = estrdup(_(PASSPROMPT));
@@ -485,7 +489,7 @@ init_defaults(void)
  * Update the defaults based on what was set by sudoers.
  * Pass in an OR'd list of which default types to update.
  */
-int
+bool
 update_defaults(int what)
 {
     struct defaults *def;
@@ -500,14 +504,25 @@ update_defaults(int what)
                    rc = false;
                break;
            case DEFAULTS_USER:
+#if 1
+               if (ISSET(what, SETDEF_USER)) {
+                   int m;
+                   m = userlist_matches(sudo_user.pw, &def->binding);
+                   if (m == ALLOW) {
+                       if (!set_default(def->var, def->val, def->op))
+                           rc = false;
+                   }
+               }
+#else
                if (ISSET(what, SETDEF_USER) &&
                    userlist_matches(sudo_user.pw, &def->binding) == ALLOW &&
                    !set_default(def->var, def->val, def->op))
                    rc = false;
+#endif
                break;
            case DEFAULTS_RUNAS:
                if (ISSET(what, SETDEF_RUNAS) &&
-                   runaslist_matches(&def->binding, NULL) == ALLOW &&
+                   runaslist_matches(&def->binding, NULL, NULL, NULL) == ALLOW &&
                    !set_default(def->var, def->val, def->op))
                    rc = false;
                break;
@@ -528,6 +543,54 @@ update_defaults(int what)
     debug_return_bool(rc);
 }
 
+/*
+ * Check the defaults entries without actually setting them.
+ * Pass in an OR'd list of which default types to check.
+ */
+bool
+check_defaults(int what, bool quiet)
+{
+    struct sudo_defs_types *cur;
+    struct defaults *def;
+    bool rc = true;
+    debug_decl(check_defaults, SUDO_DEBUG_DEFAULTS)
+
+    tq_foreach_fwd(&defaults, def) {
+       switch (def->type) {
+           case DEFAULTS:
+               if (!ISSET(what, SETDEF_GENERIC))
+                   continue;
+               break;
+           case DEFAULTS_USER:
+               if (!ISSET(what, SETDEF_USER))
+                   continue;
+               break;
+           case DEFAULTS_RUNAS:
+               if (!ISSET(what, SETDEF_RUNAS))
+                   continue;
+               break;
+           case DEFAULTS_HOST:
+               if (!ISSET(what, SETDEF_HOST))
+                   continue;
+               break;
+           case DEFAULTS_CMND:
+               if (!ISSET(what, SETDEF_CMND))
+                   continue;
+               break;
+       }
+       for (cur = sudo_defs_table; cur->name != NULL; cur++) {
+           if (strcmp(def->var, cur->name) == 0)
+               break;
+       }
+       if (cur->name == NULL) {
+           if (!quiet)
+               warningx(_("unknown defaults entry `%s'"), def->var);
+           rc = false;
+       }
+    }
+    debug_return_bool(rc);
+}
+
 static bool
 store_int(char *val, struct sudo_defs_types *def, int op)
 {
@@ -790,10 +853,8 @@ list_op(char *val, size_t len, struct sudo_defs_types *def, enum list_ops op)
 
     /* Add new node to the head of the list. */
     if (op == add) {
-       cur = emalloc(sizeof(struct list_member));
-       cur->value = emalloc(len + 1);
-       (void) memcpy(cur->value, val, len);
-       cur->value[len] = '\0';
+       cur = ecalloc(1, sizeof(struct list_member));
+       cur->value = estrndup(val, len);
        cur->next = def->sd_un.list;
        def->sd_un.list = cur;
     }