diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2008-11-14 11:58:09 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2008-11-14 11:58:09 +0000 |
| commit | 4dcc6f61d2ac432522cb0d8249ced4b2437da0a5 (patch) | |
| tree | 7b176ffeeb7bda768ae52a14198616c2982e1231 /usr.bin/sudo/auth | |
| parent | b947682bc3ae9dc4a24d5a2c48e88d01ecd53b63 (diff) | |
Upgrade to sudo 1.7. See the WHATSNEW files for details.
Diffstat (limited to 'usr.bin/sudo/auth')
| -rw-r--r-- | usr.bin/sudo/auth/API | 2 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/afs.c | 3 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/aix_auth.c | 2 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/bsdauth.c | 6 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/dce.c | 2 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/fwtk.c | 23 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/kerb4.c | 4 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/kerb5.c | 4 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/pam.c | 10 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/passwd.c | 2 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/rfc1938.c | 9 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/secureware.c | 2 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/securid.c | 11 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/securid5.c | 31 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/sia.c | 4 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/sudo_auth.c | 7 | ||||
| -rw-r--r-- | usr.bin/sudo/auth/sudo_auth.h | 4 |
17 files changed, 53 insertions, 73 deletions
diff --git a/usr.bin/sudo/auth/API b/usr.bin/sudo/auth/API index d586c640a92..fd183fe8421 100644 --- a/usr.bin/sudo/auth/API +++ b/usr.bin/sudo/auth/API @@ -10,7 +10,7 @@ typedef struct sudo_auth { short flags; /* various flags, see below */ short status; /* status from verify routine */ char *name; /* name of the method in string form */ - VOID *data; /* method-specific data pointer */ + void *data; /* method-specific data pointer */ int (*init) __P((struct passwd *pw, char **prompt, sudo_auth *auth)); int (*setup) __P((struct passwd *pw, char **prompt, sudo_auth *auth)); diff --git a/usr.bin/sudo/auth/afs.c b/usr.bin/sudo/auth/afs.c index 9118326b40c..46951d68d23 100644 --- a/usr.bin/sudo/auth/afs.c +++ b/usr.bin/sudo/auth/afs.c @@ -46,12 +46,11 @@ #include "sudo.h" #include "sudo_auth.h" -#undef VOID #include <afs/stds.h> #include <afs/kautils.h> #ifndef lint -__unused static const char rcsid[] = "$Sudo: afs.c,v 1.10.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: afs.c,v 1.14 2007/08/31 23:30:07 millert Exp $"; #endif /* lint */ int diff --git a/usr.bin/sudo/auth/aix_auth.c b/usr.bin/sudo/auth/aix_auth.c index 168f358740e..7b7eaedc5a1 100644 --- a/usr.bin/sudo/auth/aix_auth.c +++ b/usr.bin/sudo/auth/aix_auth.c @@ -47,7 +47,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: aix_auth.c,v 1.18.2.3 2007/06/21 22:29:15 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: aix_auth.c,v 1.22 2007/06/21 22:28:40 millert Exp $"; #endif /* lint */ /* diff --git a/usr.bin/sudo/auth/bsdauth.c b/usr.bin/sudo/auth/bsdauth.c index a881bf93795..e093e82ee81 100644 --- a/usr.bin/sudo/auth/bsdauth.c +++ b/usr.bin/sudo/auth/bsdauth.c @@ -52,7 +52,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: bsdauth.c,v 1.16.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: bsdauth.c,v 1.21 2008/03/30 21:36:51 millert Exp $"; #endif /* lint */ extern char *login_style; /* from sudo.c */ @@ -88,7 +88,7 @@ bsdauth_init(pw, promptp, auth) return(AUTH_FATAL); } - auth->data = (VOID *) as; + auth->data = (void *) as; return(AUTH_SUCCESS); } @@ -146,7 +146,7 @@ bsdauth_verify(pw, prompt, auth) nil_pw = 1; if (pass) { - authok = auth_userresponse(as, (char *)pass, 1); + authok = auth_userresponse(as, pass, 1); zero_bytes(pass, strlen(pass)); } diff --git a/usr.bin/sudo/auth/dce.c b/usr.bin/sudo/auth/dce.c index a27303b0a9d..f8ddcbae5d9 100644 --- a/usr.bin/sudo/auth/dce.c +++ b/usr.bin/sudo/auth/dce.c @@ -65,7 +65,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: dce.c,v 1.11.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: dce.c,v 1.14 2005/02/12 22:56:07 millert Exp $"; #endif /* lint */ static int check_dce_status __P((error_status_t, char *)); diff --git a/usr.bin/sudo/auth/fwtk.c b/usr.bin/sudo/auth/fwtk.c index 4e365fc6456..8bbf5a3d9dc 100644 --- a/usr.bin/sudo/auth/fwtk.c +++ b/usr.bin/sudo/auth/fwtk.c @@ -41,11 +41,6 @@ #ifdef HAVE_UNISTD_H # include <unistd.h> #endif /* HAVE_UNISTD_H */ -#ifdef HAVE_ERR_H -# include <err.h> -#else -# include "emul/err.h" -#endif /* HAVE_ERR_H */ #include <pwd.h> #include <auth.h> @@ -55,7 +50,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: fwtk.c,v 1.23.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: fwtk.c,v 1.27 2005/02/12 22:56:07 millert Exp $"; #endif /* lint */ int @@ -68,22 +63,22 @@ fwtk_init(pw, promptp, auth) char resp[128]; /* Response from the server */ if ((confp = cfg_read("sudo")) == (Cfg *)-1) { - warnx("cannot read fwtk config"); + warningx("cannot read fwtk config"); return(AUTH_FATAL); } if (auth_open(confp)) { - warnx("cannot connect to authentication server"); + warningx("cannot connect to authentication server"); return(AUTH_FATAL); } /* Get welcome message from auth server */ if (auth_recv(resp, sizeof(resp))) { - warnx("lost connection to authentication server"); + warningx("lost connection to authentication server"); return(AUTH_FATAL); } if (strncmp(resp, "Authsrv ready", 13) != 0) { - warnx("authentication server error:\n%s", resp); + warningx("authentication server error:\n%s", resp); return(AUTH_FATAL); } @@ -106,7 +101,7 @@ fwtk_verify(pw, prompt, auth) (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name); restart: if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { - warnx("lost connection to authentication server"); + warningx("lost connection to authentication server"); return(AUTH_FATAL); } @@ -128,7 +123,7 @@ restart: strlcpy(buf, "response dummy", sizeof(buf)); goto restart; } else { - warnx("%s", resp); + warningx("%s", resp); return(AUTH_FATAL); } if (!pass) { /* ^C or error */ @@ -140,7 +135,7 @@ restart: /* Send the user's response to the server */ (void) snprintf(buf, sizeof(buf), "response '%s'", pass); if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { - warnx("lost connection to authentication server"); + warningx("lost connection to authentication server"); error = AUTH_FATAL; goto done; } @@ -152,7 +147,7 @@ restart: /* Main loop prints "Permission Denied" or insult. */ if (strcmp(resp, "Permission Denied.") != 0) - warnx("%s", resp); + warningx("%s", resp); error = AUTH_FAILURE; done: zero_bytes(pass, strlen(pass)); diff --git a/usr.bin/sudo/auth/kerb4.c b/usr.bin/sudo/auth/kerb4.c index 60d22ca3cae..9179ee33137 100644 --- a/usr.bin/sudo/auth/kerb4.c +++ b/usr.bin/sudo/auth/kerb4.c @@ -48,7 +48,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: kerb4.c,v 1.11.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: kerb4.c,v 1.15 2007/08/31 23:30:07 millert Exp $"; #endif /* lint */ int @@ -68,7 +68,7 @@ kerb4_init(pw, promptp, auth) return(AUTH_FAILURE); /* Stash a pointer to the realm (used in kerb4_verify) */ - auth->data = (VOID *) realm; + auth->data = (void *) realm; return(AUTH_SUCCESS); } diff --git a/usr.bin/sudo/auth/kerb5.c b/usr.bin/sudo/auth/kerb5.c index 89d43a7dd85..72693a88df8 100644 --- a/usr.bin/sudo/auth/kerb5.c +++ b/usr.bin/sudo/auth/kerb5.c @@ -54,7 +54,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: kerb5.c,v 1.23.2.8 2008/02/13 22:17:41 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: kerb5.c,v 1.34 2008/02/13 22:17:14 millert Exp $"; #endif /* lint */ #ifdef HAVE_HEIMDAL @@ -87,7 +87,7 @@ kerb5_init(pw, promptp, auth) char cache_name[64]; char *pname; - auth->data = (VOID *) &sudo_krb5_data; /* Stash all our data here */ + auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */ #ifdef HAVE_KRB5_INIT_SECURE_CONTEXT error = krb5_init_secure_context(&(sudo_krb5_data.sudo_context)); diff --git a/usr.bin/sudo/auth/pam.c b/usr.bin/sudo/auth/pam.c index b2fe41a7456..e0dd059b011 100644 --- a/usr.bin/sudo/auth/pam.c +++ b/usr.bin/sudo/auth/pam.c @@ -72,11 +72,11 @@ #endif #ifndef lint -__unused static const char rcsid[] = "$Sudo: pam.c,v 1.43.2.10 2008/02/22 20:19:45 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: pam.c,v 1.62 2008/02/22 20:19:34 millert Exp $"; #endif /* lint */ static int sudo_conv __P((int, PAM_CONST struct pam_message **, - struct pam_response **, VOID *)); + struct pam_response **, void *)); static char *def_prompt; #ifndef PAM_DATA_SILENT @@ -96,7 +96,7 @@ pam_init(pw, promptp, auth) /* Initial PAM setup */ if (auth != NULL) - auth->data = (VOID *) &pam_status; + auth->data = (void *) &pam_status; pam_conv.conv = sudo_conv; pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh); if (pam_status != PAM_SUCCESS) { @@ -244,7 +244,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr) int num_msg; PAM_CONST struct pam_message **msg; struct pam_response **response; - VOID *appdata_ptr; + void *appdata_ptr; { struct pam_response *pr; PAM_CONST struct pam_message *pm; @@ -266,7 +266,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr) prompt = def_prompt; /* Is the sudo prompt standard? (If so, we'l just use PAM's) */ - std_prompt = strncmp(def_prompt, "Password:", 9) == 0 && + std_prompt = strncmp(def_prompt, "Password:", 9) == 0 && (def_prompt[9] == '\0' || (def_prompt[9] == ' ' && def_prompt[10] == '\0')); diff --git a/usr.bin/sudo/auth/passwd.c b/usr.bin/sudo/auth/passwd.c index ffd12e33ed1..7746a7016aa 100644 --- a/usr.bin/sudo/auth/passwd.c +++ b/usr.bin/sudo/auth/passwd.c @@ -47,7 +47,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: passwd.c,v 1.14.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: passwd.c,v 1.17 2005/02/12 22:56:07 millert Exp $"; #endif /* lint */ #define DESLEN 13 diff --git a/usr.bin/sudo/auth/rfc1938.c b/usr.bin/sudo/auth/rfc1938.c index 079985bbeb5..8da824b32a2 100644 --- a/usr.bin/sudo/auth/rfc1938.c +++ b/usr.bin/sudo/auth/rfc1938.c @@ -42,11 +42,6 @@ #ifdef HAVE_UNISTD_H # include <unistd.h> #endif /* HAVE_UNISTD_H */ -#ifdef HAVE_ERR_H -# include <err.h> -#else -# include "emul/err.h" -#endif /* HAVE_ERR_H */ #include <pwd.h> #if defined(HAVE_SKEY) @@ -69,7 +64,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: rfc1938.c,v 1.16.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: rfc1938.c,v 1.20 2005/02/12 22:56:07 millert Exp $"; #endif /* lint */ int @@ -113,7 +108,7 @@ rfc1938_setup(pw, promptp, auth) */ if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) { if (IS_ONEANDONLY(auth)) { - warnx("you do not exist in the %s database", auth->name); + warningx("you do not exist in the %s database", auth->name); return(AUTH_FATAL); } else { return(AUTH_FAILURE); diff --git a/usr.bin/sudo/auth/secureware.c b/usr.bin/sudo/auth/secureware.c index 435957d5321..d398a60d5de 100644 --- a/usr.bin/sudo/auth/secureware.c +++ b/usr.bin/sudo/auth/secureware.c @@ -54,7 +54,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: secureware.c,v 1.10.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: secureware.c,v 1.13 2005/02/12 22:56:07 millert Exp $"; #endif /* lint */ int diff --git a/usr.bin/sudo/auth/securid.c b/usr.bin/sudo/auth/securid.c index b16d44fa868..f70142b0a58 100644 --- a/usr.bin/sudo/auth/securid.c +++ b/usr.bin/sudo/auth/securid.c @@ -44,11 +44,6 @@ #ifdef HAVE_UNISTD_H # include <unistd.h> #endif /* HAVE_UNISTD_H */ -#ifdef HAVE_ERR_H -# include <err.h> -#else -# include "emul/err.h" -#endif /* HAVE_ERR_H */ #include <pwd.h> #include <sdi_athd.h> @@ -59,7 +54,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: securid.c,v 1.12.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: securid.c,v 1.17 2007/08/31 23:30:07 millert Exp $"; #endif /* lint */ union config_record configure; @@ -72,7 +67,7 @@ securid_init(pw, promptp, auth) { static struct SD_CLIENT sd_dat; /* SecurID data block */ - auth->data = (VOID *) &sd_dat; /* For method-specific data */ + auth->data = (void *) &sd_dat; /* For method-specific data */ if (creadcfg() == 0) return(AUTH_SUCCESS); @@ -94,7 +89,7 @@ securid_setup(pw, promptp, auth) strlcpy(sd->username, pw->pw_name, 32); return(AUTH_SUCCESS); } else { - warnx("unable to contact the SecurID server"); + warningx("unable to contact the SecurID server"); return(AUTH_FATAL); } } diff --git a/usr.bin/sudo/auth/securid5.c b/usr.bin/sudo/auth/securid5.c index b6585c3f01b..254211460d3 100644 --- a/usr.bin/sudo/auth/securid5.c +++ b/usr.bin/sudo/auth/securid5.c @@ -45,11 +45,6 @@ #ifdef HAVE_UNISTD_H # include <unistd.h> #endif /* HAVE_UNISTD_H */ -#ifdef HAVE_ERR_H -# include <err.h> -#else -# include "emul/err.h" -#endif /* HAVE_ERR_H */ #include <pwd.h> /* Needed for SecurID v5.0 Authentication on UNIX */ @@ -61,7 +56,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: securid5.c,v 1.6.2.2 2007/06/12 00:56:44 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: securid5.c,v 1.12 2007/08/31 23:30:07 millert Exp $"; #endif /* lint */ /* @@ -84,13 +79,13 @@ securid_init(pw, promptp, auth) { static SDI_HANDLE sd_dat; /* SecurID handle */ - auth->data = (VOID *) &sd_dat; /* For method-specific data */ + auth->data = (void *) &sd_dat; /* For method-specific data */ /* Start communications */ if (AceInitialize() != SD_FALSE) return(AUTH_SUCCESS); - warnx("failed to initialise the ACE API library"); + warningx("failed to initialise the ACE API library"); return(AUTH_FATAL); } @@ -118,7 +113,7 @@ securid_setup(pw, promptp, auth) /* Re-initialize SecurID every time. */ if (SD_Init(sd) != ACM_OK) { - warnx("unable to contact the SecurID server"); + warningx("unable to contact the SecurID server"); return(AUTH_FATAL); } @@ -127,23 +122,23 @@ securid_setup(pw, promptp, auth) switch (retval) { case ACM_OK: - warnx("User ID locked for SecurID Authentication"); + warningx("User ID locked for SecurID Authentication"); return(AUTH_SUCCESS); case ACE_UNDEFINED_USERNAME: - warnx("invalid username length for SecurID"); + warningx("invalid username length for SecurID"); return(AUTH_FATAL); case ACE_ERR_INVALID_HANDLE: - warnx("invalid Authentication Handle for SecurID"); + warningx("invalid Authentication Handle for SecurID"); return(AUTH_FATAL); case ACM_ACCESS_DENIED: - warnx("SecurID communication failed"); + warningx("SecurID communication failed"); return(AUTH_FATAL); default: - warnx("unknown SecurID error"); + warningx("unknown SecurID error"); return(AUTH_FATAL); } } @@ -179,17 +174,17 @@ securid_verify(pw, pass, auth) break; case ACE_UNDEFINED_PASSCODE: - warnx("invalid passcode length for SecurID"); + warningx("invalid passcode length for SecurID"); rval = AUTH_FATAL; break; case ACE_UNDEFINED_USERNAME: - warnx("invalid username length for SecurID"); + warningx("invalid username length for SecurID"); rval = AUTH_FATAL; break; case ACE_ERR_INVALID_HANDLE: - warnx("invalid Authentication Handle for SecurID"); + warningx("invalid Authentication Handle for SecurID"); rval = AUTH_FATAL; break; @@ -228,7 +223,7 @@ then enter the new token code.\n", \ break; default: - warnx("unknown SecurID error"); + warningx("unknown SecurID error"); rval = AUTH_FATAL; break; } diff --git a/usr.bin/sudo/auth/sia.c b/usr.bin/sudo/auth/sia.c index d35a59d340c..af379cac208 100644 --- a/usr.bin/sudo/auth/sia.c +++ b/usr.bin/sudo/auth/sia.c @@ -50,7 +50,7 @@ #include "sudo_auth.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: sia.c,v 1.14.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: sia.c,v 1.18 2007/08/31 23:30:07 millert Exp $"; #endif /* lint */ static int sudo_collect __P((int, int, uchar_t *, int, prompt_t *)); @@ -108,7 +108,7 @@ sia_setup(pw, promptp, auth) return(AUTH_FATAL); } - auth->data = (VOID *) siah; + auth->data = (void *) siah; return(AUTH_SUCCESS); } diff --git a/usr.bin/sudo/auth/sudo_auth.c b/usr.bin/sudo/auth/sudo_auth.c index a3cb56b66d7..eb0b04a8030 100644 --- a/usr.bin/sudo/auth/sudo_auth.c +++ b/usr.bin/sudo/auth/sudo_auth.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com> + * Copyright (c) 1999-2005, 2008 Todd C. Miller <Todd.Miller@courtesan.com> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -53,7 +53,7 @@ #include "insults.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: sudo_auth.c,v 1.33.2.2 2007/06/12 01:28:42 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: sudo_auth.c,v 1.37 2008/03/02 14:31:57 millert Exp $"; #endif /* lint */ sudo_auth auth_switch[] = { @@ -195,7 +195,8 @@ verify_user(pw, prompt) break; } - pass_warn(stderr); + if (!ISSET(tgetpass_flags, TGP_ASKPASS)) + pass_warn(stderr); } cleanup: diff --git a/usr.bin/sudo/auth/sudo_auth.h b/usr.bin/sudo/auth/sudo_auth.h index f3b224e161a..74b82f4a9f5 100644 --- a/usr.bin/sudo/auth/sudo_auth.h +++ b/usr.bin/sudo/auth/sudo_auth.h @@ -13,7 +13,7 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * - * $Sudo: sudo_auth.h,v 1.20.2.2 2007/06/12 01:28:42 millert Exp $ + * $Sudo: sudo_auth.h,v 1.23 2007/08/31 23:30:07 millert Exp $ */ #ifndef SUDO_AUTH_H @@ -28,7 +28,7 @@ typedef struct sudo_auth { short flags; /* various flags, see below */ short status; /* status from verify routine */ char *name; /* name of the method as a string */ - VOID *data; /* method-specific data pointer */ + void *data; /* method-specific data pointer */ int (*init) __P((struct passwd *pw, char **prompt, struct sudo_auth *auth)); int (*setup) __P((struct passwd *pw, char **prompt, struct sudo_auth *auth)); int (*verify) __P((struct passwd *pw, char *p, struct sudo_auth *auth)); |