X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=plugins%2Fsudoers%2Fparse.h;h=a892e97b38ac8512a18e6aca76f0ac0648859ef2;hb=e8db7f6eea9b35527ddd4532affabd18a30549b5;hp=3f7c451aeb41e857a9b09c3cca6949a4cb391e2e;hpb=98b9fd63cd28a3636a7cd24641b8f497eaadcd50;p=debian%2Fsudo

diff --git a/plugins/sudoers/parse.h b/plugins/sudoers/parse.h
index 3f7c451..a892e97 100644
--- a/plugins/sudoers/parse.h
+++ b/plugins/sudoers/parse.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 1998-2000, 2004, 2007-2011
+ * Copyright (c) 1996, 1998-2000, 2004, 2007-2013
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -15,8 +15,8 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#ifndef _SUDO_PARSE_H
-#define _SUDO_PARSE_H
+#ifndef _SUDOERS_PARSE_H
+#define _SUDOERS_PARSE_H
 
 #undef UNSPEC
 #define UNSPEC	-1
@@ -27,17 +27,30 @@
 #undef IMPLIED
 #define IMPLIED	 2
 
+#define SUDO_DIGEST_SHA224	0
+#define SUDO_DIGEST_SHA256	1
+#define SUDO_DIGEST_SHA384	2
+#define SUDO_DIGEST_SHA512	3
+#define SUDO_DIGEST_INVALID	4
+
+struct sudo_digest {
+    int digest_type;
+    char *digest_str;
+};
+
 /*
- * A command with args. XXX - merge into struct member.
+ * A command with option args and digest.
+ * XXX - merge into struct member
  */
 struct sudo_command {
     char *cmnd;
     char *args;
+    struct sudo_digest *digest;
 };
 
 /*
  * Tags associated with a command.
- * Possible values: true, false, UNSPEC.
+ * Possible values: true, false, IMPLIED, UNSPEC.
  */
 struct cmndtag {
     __signed int nopasswd: 3;
@@ -117,6 +130,7 @@ struct cmndspec {
     struct member_list runasuserlist;	/* list of runas users */
     struct member_list runasgrouplist;	/* list of runas groups */
     struct member *cmnd;		/* command to allow/deny */
+    char *digest;			/* optional command digest */
     struct cmndtag tags;		/* tag specificaion */
 #ifdef HAVE_SELINUX
     char *role, *type;			/* SELinux role and type */
@@ -148,7 +162,7 @@ struct runascontainer {
 struct alias {
     char *name;				/* alias name */
     unsigned short type;		/* {USER,HOST,RUNAS,CMND}ALIAS */
-    unsigned short seqno;		/* sequence number */
+    bool used;				/* "used" flag for cycle detection */
     struct member_list members;		/* list of alias members */
 };
 
@@ -170,35 +184,43 @@ struct defaults {
 extern struct userspec_list userspecs;
 extern struct defaults_list defaults;
 
-/*
- * Alias sequence number to avoid loops.
- */
-extern unsigned int alias_seqno;
-
-/*
- * Prototypes
- */
-char *alias_add(char *, int, struct member *);
-bool addr_matches(char *);
-int cmnd_matches(struct member *);
-int cmndlist_matches(struct member_list *);
-bool command_matches(char *, char *);
-int hostlist_matches(struct member_list *);
-bool hostname_matches(char *, char *, char *);
-bool netgr_matches(char *, char *, char *, char *);
+/* alias.c */
 bool no_aliases(void);
-int runaslist_matches(struct member_list *, struct member_list *, struct member **, struct member **);
-int userlist_matches(struct passwd *, struct member_list *);
-bool usergr_matches(char *, char *, struct passwd *);
-bool userpw_matches(char *, char *, struct passwd *);
-bool group_matches(char *, struct group *);
-struct alias *alias_find(char *, int);
-struct alias *alias_remove(char *, int);
-void alias_free(void *);
-void alias_apply(int (*)(void *, void *), void *);
+char *alias_add(char *name, int type, struct member *members);
+int alias_compare(const void *a1, const void *a2);
+struct alias *alias_get(char *name, int type);
+struct alias *alias_remove(char *name, int type);
+void alias_apply(int (*func)(void *, void *), void *cookie);
+void alias_free(void *a);
+void alias_put(struct alias *a);
 void init_aliases(void);
-void init_lexer(void);
+
+/* gram.c */
 void init_parser(const char *, bool);
-int alias_compare(const void *, const void *);
 
-#endif /* _SUDO_PARSE_H */
+/* match_addr.c */
+bool addr_matches(char *n);
+
+/* match.c */
+bool command_matches(char *sudoers_cmnd, char *sudoers_args, struct sudo_digest *digest);
+bool group_matches(char *sudoers_group, struct group *gr);
+bool hostname_matches(char *shost, char *lhost, char *pattern);
+bool netgr_matches(char *netgr, char *lhost, char *shost, char *user);
+bool usergr_matches(char *group, char *user, struct passwd *pw);
+bool userpw_matches(char *sudoers_user, char *user, struct passwd *pw);
+int cmnd_matches(struct member *m);
+int cmndlist_matches(struct member_list *list);
+int hostlist_matches(struct member_list *list);
+int runaslist_matches(struct member_list *user_list, struct member_list *group_list, struct member **matching_user, struct member **matching_group);
+int userlist_matches(struct passwd *pw, struct member_list *list);
+
+/* toke.c */
+void init_lexer(void);
+
+/* hexchar.c */
+int hexchar(const char *s);
+
+/* base64.c */
+size_t base64_decode(const char *str, unsigned char *dst, size_t dsize);
+
+#endif /* _SUDOERS_PARSE_H */