summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/sudo/auth/afs.c5
-rw-r--r--usr.bin/sudo/auth/aix_auth.c15
-rw-r--r--usr.bin/sudo/auth/bsdauth.c11
-rw-r--r--usr.bin/sudo/auth/fwtk.c11
-rw-r--r--usr.bin/sudo/auth/kerb4.c4
-rw-r--r--usr.bin/sudo/auth/kerb5.c28
-rw-r--r--usr.bin/sudo/auth/pam.c17
-rw-r--r--usr.bin/sudo/auth/securid.c4
-rw-r--r--usr.bin/sudo/auth/securid5.c4
-rw-r--r--usr.bin/sudo/auth/sia.c4
-rw-r--r--usr.bin/sudo/auth/sudo_auth.c34
-rw-r--r--usr.bin/sudo/auth/sudo_auth.h10
-rw-r--r--usr.bin/sudo/redblack.c93
-rw-r--r--usr.bin/sudo/sudo.c2
-rw-r--r--usr.bin/sudo/testsudoers.c16
-rw-r--r--usr.bin/sudo/visudo.c36
16 files changed, 170 insertions, 124 deletions
diff --git a/usr.bin/sudo/auth/afs.c b/usr.bin/sudo/auth/afs.c
index 46951d68d23..fed48ba0673 100644
--- a/usr.bin/sudo/auth/afs.c
+++ b/usr.bin/sudo/auth/afs.c
@@ -1,5 +1,6 @@
/*
- * Copyright (c) 1999, 2001-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999, 2001-2005, 2007
+ * Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -50,7 +51,7 @@
#include <afs/kautils.h>
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: afs.c,v 1.14 2007/08/31 23:30:07 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: afs.c,v 1.15 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
int
diff --git a/usr.bin/sudo/auth/aix_auth.c b/usr.bin/sudo/auth/aix_auth.c
index 7b7eaedc5a1..14343efb014 100644
--- a/usr.bin/sudo/auth/aix_auth.c
+++ b/usr.bin/sudo/auth/aix_auth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -47,7 +47,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: aix_auth.c,v 1.22 2007/06/21 22:28:40 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: aix_auth.c,v 1.25 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
/*
@@ -75,3 +75,14 @@ aixauth_verify(pw, prompt, auth)
}
return(rval);
}
+
+int
+aixauth_cleanup(pw, auth)
+ struct passwd *pw;
+ sudo_auth *auth;
+{
+ /* Unset AUTHSTATE as it may not be correct for the runas user. */
+ sudo_unsetenv("AUTHSTATE");
+
+ return(AUTH_SUCCESS);
+}
diff --git a/usr.bin/sudo/auth/bsdauth.c b/usr.bin/sudo/auth/bsdauth.c
index e093e82ee81..aae7fd68991 100644
--- a/usr.bin/sudo/auth/bsdauth.c
+++ b/usr.bin/sudo/auth/bsdauth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2000-2005, 2007-2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -52,7 +52,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: bsdauth.c,v 1.21 2008/03/30 21:36:51 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: bsdauth.c,v 1.23 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
extern char *login_style; /* from sudo.c */
@@ -104,7 +104,6 @@ bsdauth_verify(pw, prompt, auth)
int authok = 0;
sigaction_t sa, osa;
auth_session_t *as = (auth_session_t *) auth->data;
- extern int nil_pw;
/* save old signal handler */
sigemptyset(&sa.sa_mask);
@@ -142,9 +141,6 @@ bsdauth_verify(pw, prompt, auth)
}
}
- if (!pass || *pass == '\0') /* ^C or empty password */
- nil_pw = 1;
-
if (pass) {
authok = auth_userresponse(as, pass, 1);
zero_bytes(pass, strlen(pass));
@@ -156,6 +152,9 @@ bsdauth_verify(pw, prompt, auth)
if (authok)
return(AUTH_SUCCESS);
+ if (!pass)
+ return(AUTH_INTR);
+
if ((s = auth_getvalue(as, "errormsg")) != NULL)
log_error(NO_EXIT|NO_MAIL, "%s", s);
return(AUTH_FAILURE);
diff --git a/usr.bin/sudo/auth/fwtk.c b/usr.bin/sudo/auth/fwtk.c
index 8bbf5a3d9dc..d09b132d7fa 100644
--- a/usr.bin/sudo/auth/fwtk.c
+++ b/usr.bin/sudo/auth/fwtk.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -50,7 +50,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: fwtk.c,v 1.27 2005/02/12 22:56:07 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: fwtk.c,v 1.29 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
int
@@ -95,7 +95,6 @@ fwtk_verify(pw, prompt, auth)
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
char resp[128]; /* Response from the server */
int error;
- extern int nil_pw;
/* Send username to authentication server. */
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
@@ -127,10 +126,8 @@ restart:
return(AUTH_FATAL);
}
if (!pass) { /* ^C or error */
- nil_pw = 1;
- return(AUTH_FAILURE);
- } else if (*pass == '\0') /* empty password */
- nil_pw = 1;
+ return(AUTH_INTR);
+ }
/* Send the user's response to the server */
(void) snprintf(buf, sizeof(buf), "response '%s'", pass);
diff --git a/usr.bin/sudo/auth/kerb4.c b/usr.bin/sudo/auth/kerb4.c
index 9179ee33137..2f6c1099c9c 100644
--- a/usr.bin/sudo/auth/kerb4.c
+++ b/usr.bin/sudo/auth/kerb4.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -48,7 +48,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: kerb4.c,v 1.15 2007/08/31 23:30:07 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: kerb4.c,v 1.16 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
int
diff --git a/usr.bin/sudo/auth/kerb5.c b/usr.bin/sudo/auth/kerb5.c
index 72693a88df8..5e17685bc06 100644
--- a/usr.bin/sudo/auth/kerb5.c
+++ b/usr.bin/sudo/auth/kerb5.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -54,7 +54,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: kerb5.c,v 1.34 2008/02/13 22:17:14 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: kerb5.c,v 1.36 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
#ifdef HAVE_HEIMDAL
@@ -74,6 +74,24 @@ static struct _sudo_krb5_data {
} sudo_krb5_data = { NULL, NULL, NULL };
typedef struct _sudo_krb5_data *sudo_krb5_datap;
+#ifndef HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC
+static krb5_error_code
+krb5_get_init_creds_opt_alloc(context, opts)
+ krb5_context context;
+ krb5_get_init_creds_opt **opts;
+{
+ *opts = emalloc(sizeof(krb5_get_init_creds_opt));
+ return 0;
+}
+
+static void
+krb5_get_init_creds_opt_free(opts)
+ krb5_get_init_creds_opt *opts;
+{
+ free(opts);
+}
+#endif
+
int
kerb5_init(pw, promptp, auth)
struct passwd *pw;
@@ -220,10 +238,10 @@ kerb5_verify(pw, pass, auth)
done:
if (opts) {
-#ifdef HAVE_HEIMDAL
- krb5_get_init_creds_opt_free(opts);
-#else
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_FREE_TWO_ARGS
krb5_get_init_creds_opt_free(sudo_context, opts);
+#else
+ krb5_get_init_creds_opt_free(opts);
#endif
}
if (creds)
diff --git a/usr.bin/sudo/auth/pam.c b/usr.bin/sudo/auth/pam.c
index e0dd059b011..af448de7071 100644
--- a/usr.bin/sudo/auth/pam.c
+++ b/usr.bin/sudo/auth/pam.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -72,12 +72,13 @@
#endif
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: pam.c,v 1.62 2008/02/22 20:19:34 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: pam.c,v 1.64 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
static int sudo_conv __P((int, PAM_CONST struct pam_message **,
struct pam_response **, void *));
static char *def_prompt;
+static int gotintr;
#ifndef PAM_DATA_SILENT
#define PAM_DATA_SILENT 0
@@ -162,6 +163,10 @@ pam_verify(pw, prompt, auth)
}
/* FALLTHROUGH */
case PAM_AUTH_ERR:
+ if (gotintr) {
+ /* error or ^C from tgetpass() */
+ return(AUTH_INTR);
+ }
case PAM_MAXTRIES:
case PAM_PERM_DENIED:
return(AUTH_FAILURE);
@@ -251,7 +256,6 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
const char *prompt;
char *pass;
int n, flags, std_prompt;
- extern int nil_pw;
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
return(PAM_CONV_ERR);
@@ -286,14 +290,11 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
pass = tgetpass(prompt, def_passwd_timeout * 60, flags);
if (pass == NULL) {
/* We got ^C instead of a password; abort quickly. */
- nil_pw = 1;
+ gotintr = 1;
goto err;
}
pr->resp = estrdup(pass);
- if (*pr->resp == '\0')
- nil_pw = 1; /* empty password */
- else
- zero_bytes(pass, strlen(pass));
+ zero_bytes(pass, strlen(pass));
break;
case PAM_TEXT_INFO:
if (pm->msg)
diff --git a/usr.bin/sudo/auth/securid.c b/usr.bin/sudo/auth/securid.c
index f70142b0a58..8ec7bbeff7c 100644
--- a/usr.bin/sudo/auth/securid.c
+++ b/usr.bin/sudo/auth/securid.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -54,7 +54,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: securid.c,v 1.17 2007/08/31 23:30:07 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: securid.c,v 1.18 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
union config_record configure;
diff --git a/usr.bin/sudo/auth/securid5.c b/usr.bin/sudo/auth/securid5.c
index 254211460d3..db254c2f51a 100644
--- a/usr.bin/sudo/auth/securid5.c
+++ b/usr.bin/sudo/auth/securid5.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2002 Michael Stroucken <michael@stroucken.org>
*
* Permission to use, copy, modify, and distribute this software for any
@@ -56,7 +56,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: securid5.c,v 1.12 2007/08/31 23:30:07 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: securid5.c,v 1.13 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
/*
diff --git a/usr.bin/sudo/auth/sia.c b/usr.bin/sudo/auth/sia.c
index af379cac208..852e8c77dc5 100644
--- a/usr.bin/sudo/auth/sia.c
+++ b/usr.bin/sudo/auth/sia.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -50,7 +50,7 @@
#include "sudo_auth.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: sia.c,v 1.18 2007/08/31 23:30:07 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: sia.c,v 1.19 2008/11/09 14:13:13 millert Exp $";
#endif /* lint */
static int sudo_collect __P((int, int, uchar_t *, int, prompt_t *));
diff --git a/usr.bin/sudo/auth/sudo_auth.c b/usr.bin/sudo/auth/sudo_auth.c
index eb0b04a8030..509f26ff5b0 100644
--- a/usr.bin/sudo/auth/sudo_auth.c
+++ b/usr.bin/sudo/auth/sudo_auth.c
@@ -53,7 +53,7 @@
#include "insults.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: sudo_auth.c,v 1.37 2008/03/02 14:31:57 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: sudo_auth.c,v 1.38 2008/11/07 17:45:52 millert Exp $";
#endif /* lint */
sudo_auth auth_switch[] = {
@@ -88,8 +88,6 @@ sudo_auth auth_switch[] = {
AUTH_ENTRY(0, NULL, NULL, NULL, NULL, NULL)
};
-int nil_pw; /* I hate resorting to globals like this... */
-
void
verify_user(pw, prompt)
struct passwd *pw;
@@ -156,14 +154,11 @@ verify_user(pw, prompt)
}
/* Get the password unless the auth function will do it for us */
- nil_pw = 0;
#ifdef AUTH_STANDALONE
p = prompt;
#else
p = (char *) tgetpass(prompt, def_passwd_timeout * 60,
tgetpass_flags);
- if (!p || *p == '\0')
- nil_pw = 1;
#endif /* AUTH_STANDALONE */
/* Call authentication functions. */
@@ -186,15 +181,6 @@ verify_user(pw, prompt)
if (p)
zero_bytes(p, strlen(p));
#endif
-
- /* Exit loop on nil password, but give it a chance to match first. */
- if (nil_pw) {
- if (counter == def_passwd_tries)
- exit(1);
- else
- break;
- }
-
if (!ISSET(tgetpass_flags, TGP_ASKPASS))
pass_warn(stderr);
}
@@ -219,14 +205,18 @@ cleanup:
case AUTH_SUCCESS:
(void) sigaction(SIGTSTP, &osa, NULL);
return;
+ case AUTH_INTR:
case AUTH_FAILURE:
- if (def_mail_badpass || def_mail_always)
- flags = 0;
- else
- flags = NO_MAIL;
- log_error(flags, "%d incorrect password attempt%s",
- def_passwd_tries - counter,
- (def_passwd_tries - counter == 1) ? "" : "s");
+ if (counter != def_passwd_tries) {
+ if (def_mail_badpass || def_mail_always)
+ flags = 0;
+ else
+ flags = NO_MAIL;
+ log_error(flags, "%d incorrect password attempt%s",
+ def_passwd_tries - counter,
+ (def_passwd_tries - counter == 1) ? "" : "s");
+ }
+ /* FALLTHROUGH */
case AUTH_FATAL:
exit(1);
}
diff --git a/usr.bin/sudo/auth/sudo_auth.h b/usr.bin/sudo/auth/sudo_auth.h
index 74b82f4a9f5..5214fb1a57d 100644
--- a/usr.bin/sudo/auth/sudo_auth.h
+++ b/usr.bin/sudo/auth/sudo_auth.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2005 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2008 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -13,7 +13,7 @@
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
- * $Sudo: sudo_auth.h,v 1.23 2007/08/31 23:30:07 millert Exp $
+ * $Sudo: sudo_auth.h,v 1.27 2008/11/18 12:54:51 millert Exp $
*/
#ifndef SUDO_AUTH_H
@@ -22,7 +22,8 @@
/* Auth function return values. */
#define AUTH_SUCCESS 0
#define AUTH_FAILURE 1
-#define AUTH_FATAL 2
+#define AUTH_INTR 2
+#define AUTH_FATAL 3
typedef struct sudo_auth {
short flags; /* various flags, see below */
@@ -57,6 +58,7 @@ int sia_setup __P((struct passwd *pw, char **prompt, sudo_auth *auth));
int sia_verify __P((struct passwd *pw, char *prompt, sudo_auth *auth));
int sia_cleanup __P((struct passwd *pw, sudo_auth *auth));
int aixauth_verify __P((struct passwd *pw, char *pass, sudo_auth *auth));
+int aixauth_cleanup __P((struct passwd *pw, sudo_auth *auth));
int bsdauth_init __P((struct passwd *pw, char **prompt, sudo_auth *auth));
int bsdauth_verify __P((struct passwd *pw, char *prompt, sudo_auth *auth));
int bsdauth_cleanup __P((struct passwd *pw, sudo_auth *auth));
@@ -99,7 +101,7 @@ int securid_verify __P((struct passwd *pw, char *pass, sudo_auth *auth));
#elif defined(HAVE_AIXAUTH)
# define AUTH_STANDALONE \
AUTH_ENTRY(0, "aixauth", \
- NULL, NULL, aixauth_verify, NULL)
+ NULL, NULL, aixauth_verify, aixauth_cleanup)
#elif defined(HAVE_FWTK)
# define AUTH_STANDALONE \
AUTH_ENTRY(0, "fwtk", \
diff --git a/usr.bin/sudo/redblack.c b/usr.bin/sudo/redblack.c
index eba310a4427..555e9385f30 100644
--- a/usr.bin/sudo/redblack.c
+++ b/usr.bin/sudo/redblack.c
@@ -18,6 +18,8 @@
* Adapted from the following code written by Emin Martinian:
* http://web.mit.edu/~emin/www/source_code/red_black_tree/index.html
*
+ * Copyright (c) 2001 Emin Martinian
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that neither the name of Emin
* Martinian nor the names of any contributors are be used to endorse or
@@ -56,7 +58,7 @@
#include "redblack.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: redblack.c,v 1.8 2008/11/09 14:13:12 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: redblack.c,v 1.10 2008/11/22 15:01:25 millert Exp $";
#endif /* lint */
static void rbrepair __P((struct rbtree *, struct rbnode *));
@@ -367,59 +369,45 @@ rbdestroy(tree, destroy)
}
/*
- * Delete victim from tree and return its data pointer.
+ * Delete node 'z' from the tree and return its data pointer.
*/
-void *
-rbdelete(tree, victim)
- struct rbtree *tree;
- struct rbnode *victim;
+void *rbdelete(tree, z)
+ struct rbtree* tree;
+ struct rbnode* z;
{
- struct rbnode *pred, *succ;
- void *data;
+ struct rbnode *x, *y;
+ void *data = z->data;
- if (victim->left != rbnil(tree) && victim->right != rbnil(tree)) {
- succ = rbsuccessor(tree, victim);
- pred = succ->left == rbnil(tree) ? succ->right : succ->left;
- if (succ->parent == rbroot(tree)) {
- pred->parent = rbroot(tree);
- rbfirst(tree) = pred;
- } else {
- if (succ == succ->parent->left)
- succ->parent->left = pred;
- else
- succ->parent->right = pred;
- }
- if ((succ->color == black))
- rbrepair(tree, pred);
-
- succ->left = victim->left;
- succ->right = victim->right;
- succ->parent = victim->parent;
- succ->color = victim->color;
- victim->left->parent = victim->right->parent = succ;
- if (victim == victim->parent->left)
- victim->parent->left = succ;
- else
- victim->parent->right = succ;
- data = victim->data;
- efree(victim);
+ if (z->left == rbnil(tree) || z->right == rbnil(tree))
+ y = z;
+ else
+ y = rbsuccessor(tree, z);
+ x = (y->left == rbnil(tree)) ? y->right : y->left;
+
+ if ((x->parent = y->parent) == rbroot(tree)) {
+ rbfirst(tree) = x;
} else {
- pred = victim->left == rbnil(tree) ? victim->right : victim->left;
- if (victim->parent == rbroot(tree)) {
- pred->parent = rbroot(tree);
- rbfirst(tree) = pred;
- } else {
- if (victim == victim->parent->left)
- victim->parent->left = pred;
- else
- victim->parent->right = pred;
- }
- if (victim->color == black)
- rbrepair(tree, pred);
- data = victim->data;
- efree(victim);
+ if (y == y->parent->left)
+ y->parent->left = x;
+ else
+ y->parent->right = x;
+ }
+ if (y->color == black)
+ rbrepair(tree, x);
+ if (y != z) {
+ y->left = z->left;
+ y->right = z->right;
+ y->parent = z->parent;
+ y->color = z->color;
+ z->left->parent = z->right->parent = y;
+ if (z == z->parent->left)
+ z->parent->left = y;
+ else
+ z->parent->right = y;
}
- return(data);
+ free(z);
+
+ return (data);
}
/*
@@ -433,7 +421,7 @@ rbrepair(tree, node)
{
struct rbnode *sibling;
- while (node->color == black && node != rbfirst(tree)) {
+ while (node->color == black) {
if (node == node->parent->left) {
sibling = node->parent->right;
if (sibling->color == red) {
@@ -456,7 +444,7 @@ rbrepair(tree, node)
node->parent->color = black;
sibling->right->color = black;
rotate_left(tree, node->parent);
- return; /* XXX */
+ break;
}
} else { /* if (node == node->parent->right) */
sibling = node->parent->left;
@@ -480,9 +468,8 @@ rbrepair(tree, node)
node->parent->color = black;
sibling->left->color = black;
rotate_right(tree, node->parent);
- return; /* XXX */
+ break;
}
}
}
- node->color = black;
}
diff --git a/usr.bin/sudo/sudo.c b/usr.bin/sudo/sudo.c
index e8c6b0c7ba9..7191ee14a68 100644
--- a/usr.bin/sudo/sudo.c
+++ b/usr.bin/sudo/sudo.c
@@ -102,7 +102,7 @@
#include "version.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: sudo.c,v 1.499 2008/11/11 18:28:08 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: sudo.c,v 1.500 2008/11/18 15:57:09 millert Exp $";
#endif /* lint */
/*
diff --git a/usr.bin/sudo/testsudoers.c b/usr.bin/sudo/testsudoers.c
index e75994a2cfd..0eaf1d737cf 100644
--- a/usr.bin/sudo/testsudoers.c
+++ b/usr.bin/sudo/testsudoers.c
@@ -71,7 +71,7 @@
#endif /* HAVE_FNMATCH */
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: testsudoers.c,v 1.127 2008/11/09 14:13:12 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: testsudoers.c,v 1.128 2008/11/19 17:01:20 millert Exp $";
#endif /* lint */
@@ -100,6 +100,13 @@ struct passwd *(*my_getpwuid) __P((uid_t)) = getpwuid;
extern char *optarg;
extern int optind;
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+extern char *malloc_options;
+#endif
+#ifdef YYDEBUG
+extern int yydebug;
+#endif
+
int print_alias __P((void *, void *));
void dump_sudoers __P((void));
void print_defaults __P((void));
@@ -133,8 +140,11 @@ main(argc, argv)
char *p, *grfile, *pwfile, *runas_group, *runas_user;
char hbuf[MAXHOSTNAMELEN + 1];
int ch, dflag, rval, matched;
-#ifdef YYDEBUG
- extern int yydebug;
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+ malloc_options = "AFGJPR";
+#endif
+#ifdef YYDEBUG
yydebug = 1;
#endif
diff --git a/usr.bin/sudo/visudo.c b/usr.bin/sudo/visudo.c
index 73919a1e9d6..81b57185395 100644
--- a/usr.bin/sudo/visudo.c
+++ b/usr.bin/sudo/visudo.c
@@ -87,7 +87,7 @@
#include "version.h"
#ifndef lint
-__unused static const char rcsid[] = "$Sudo: visudo.c,v 1.221 2008/11/18 15:50:53 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: visudo.c,v 1.223 2008/11/22 15:12:26 millert Exp $";
#endif /* lint */
struct sudoersfile {
@@ -150,6 +150,10 @@ main(argc, argv)
struct sudoersfile *sp;
char *args, *editor, *sudoers_path;
int ch, checkonly, quiet, strict, oldperms;
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+ extern char *malloc_options;
+ malloc_options = "AFGJPR";
+#endif
Argv = argv;
if ((Argc = argc) < 1)
@@ -913,10 +917,11 @@ check_aliases(strict)
int strict;
{
struct cmndspec *cs;
- struct member *m;
+ struct member *m, *binding;
struct privilege *priv;
struct userspec *us;
- int error = 0;
+ struct defaults *d;
+ int atype, error = 0;
/* Forward check. */
tq_foreach_fwd(&userspecs, us) {
@@ -985,6 +990,31 @@ check_aliases(strict)
}
}
}
+ tq_foreach_fwd(&defaults, d) {
+ switch (d->type) {
+ case DEFAULTS_HOST:
+ atype = HOSTALIAS;
+ break;
+ case DEFAULTS_USER:
+ atype = USERALIAS;
+ break;
+ case DEFAULTS_RUNAS:
+ atype = RUNASALIAS;
+ break;
+ case DEFAULTS_CMND:
+ atype = CMNDALIAS;
+ break;
+ default:
+ continue; /* not an alias */
+ }
+ tq_foreach_fwd(&d->binding, binding) {
+ for (m = binding; m != NULL; m = m->next) {
+ if (m->type == ALIAS)
+ (void) alias_remove(m->name, atype);
+ }
+ }
+ }
+
/* If all aliases were referenced we will have an empty tree. */
if (no_aliases())
return(0);