2018-05-14 09:05:03 -06:00
|
|
|
/*
|
2019-04-29 07:21:51 -06:00
|
|
|
* SPDX-License-Identifier: ISC
|
|
|
|
|
*
|
2022-03-10 13:30:56 -07:00
|
|
|
* Copyright (c) 2004-2005, 2007-2022 Todd C. Miller <Todd.Miller@sudo.ws>
|
2018-05-14 09:05:03 -06:00
|
|
|
*
|
|
|
|
|
* Permission to use, copy, modify, and distribute this software for any
|
|
|
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
|
|
|
* copyright notice and this permission notice appear in all copies.
|
|
|
|
|
*
|
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
|
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
|
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
|
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
|
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
|
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
|
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
|
|
*/
|
|
|
|
|
|
2018-10-26 08:39:09 -06:00
|
|
|
/*
|
|
|
|
|
* This is an open source non-commercial project. Dear PVS-Studio, please check it.
|
|
|
|
|
* PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
|
|
|
|
|
*/
|
2018-10-21 08:46:05 -06:00
|
|
|
|
2018-05-14 09:05:03 -06:00
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
2023-09-25 10:13:28 -06:00
|
|
|
#include <sudoers.h>
|
|
|
|
|
#include <sudo_lbuf.h>
|
2018-05-14 09:05:03 -06:00
|
|
|
#include <gram.h>
|
|
|
|
|
|
2018-05-29 09:39:40 -06:00
|
|
|
struct sudo_file_handle {
|
|
|
|
|
FILE *fp;
|
2018-07-26 15:12:33 -06:00
|
|
|
struct sudoers_parse_tree parse_tree;
|
2018-05-29 09:39:40 -06:00
|
|
|
};
|
2018-05-14 09:05:03 -06:00
|
|
|
|
|
|
|
|
static int
|
2023-08-21 09:21:49 -06:00
|
|
|
sudo_file_close(struct sudoers_context *ctx, struct sudo_nss *nss)
|
2018-05-14 09:05:03 -06:00
|
|
|
{
|
2019-12-22 08:48:16 -07:00
|
|
|
debug_decl(sudo_file_close, SUDOERS_DEBUG_NSS);
|
2018-05-29 09:39:40 -06:00
|
|
|
struct sudo_file_handle *handle = nss->handle;
|
2018-05-14 09:05:03 -06:00
|
|
|
|
2018-05-29 09:39:40 -06:00
|
|
|
if (handle != NULL) {
|
|
|
|
|
fclose(handle->fp);
|
2018-05-14 09:05:03 -06:00
|
|
|
sudoersin = NULL;
|
|
|
|
|
|
2018-07-26 15:12:33 -06:00
|
|
|
free_parse_tree(&handle->parse_tree);
|
2018-05-29 10:10:20 -06:00
|
|
|
free(handle);
|
2018-05-29 09:39:40 -06:00
|
|
|
nss->handle = NULL;
|
2018-05-14 09:05:03 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
debug_return_int(0);
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-29 09:39:40 -06:00
|
|
|
static int
|
2023-08-21 09:21:49 -06:00
|
|
|
sudo_file_open(struct sudoers_context *ctx, struct sudo_nss *nss)
|
2018-05-29 09:39:40 -06:00
|
|
|
{
|
2019-12-22 08:48:16 -07:00
|
|
|
debug_decl(sudo_file_open, SUDOERS_DEBUG_NSS);
|
2018-05-29 09:39:40 -06:00
|
|
|
struct sudo_file_handle *handle;
|
2023-05-02 10:37:38 -06:00
|
|
|
char *outfile = NULL;
|
2018-05-29 09:39:40 -06:00
|
|
|
|
2021-08-09 15:50:25 -06:00
|
|
|
/* Note: relies on defaults being initialized early. */
|
2018-05-29 09:39:40 -06:00
|
|
|
if (def_ignore_local_sudoers)
|
|
|
|
|
debug_return_int(-1);
|
|
|
|
|
|
|
|
|
|
if (nss->handle != NULL) {
|
|
|
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR,
|
|
|
|
|
"%s: called with non-NULL handle %p", __func__, nss->handle);
|
2023-08-21 09:21:49 -06:00
|
|
|
sudo_file_close(ctx, nss);
|
2018-05-29 09:39:40 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
handle = malloc(sizeof(*handle));
|
|
|
|
|
if (handle != NULL) {
|
2023-09-27 15:16:18 -06:00
|
|
|
init_parser(ctx, NULL);
|
2023-08-21 09:21:54 -06:00
|
|
|
handle->fp = open_sudoers(ctx->parser_conf.sudoers_path, &outfile,
|
|
|
|
|
false, NULL);
|
2018-05-29 09:39:40 -06:00
|
|
|
if (handle->fp != NULL) {
|
2023-08-21 09:21:49 -06:00
|
|
|
init_parse_tree(&handle->parse_tree, NULL, NULL, ctx, nss);
|
2023-05-02 10:37:38 -06:00
|
|
|
if (outfile != NULL) {
|
|
|
|
|
/* Update path to open sudoers file. */
|
|
|
|
|
sudo_rcstr_delref(sudoers);
|
|
|
|
|
sudoers = outfile;
|
|
|
|
|
}
|
2018-05-29 09:39:40 -06:00
|
|
|
} else {
|
|
|
|
|
free(handle);
|
|
|
|
|
handle = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
nss->handle = handle;
|
|
|
|
|
debug_return_int(nss->handle ? 0 : -1);
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-14 09:05:03 -06:00
|
|
|
/*
|
2018-07-26 15:12:33 -06:00
|
|
|
* Parse and return the specified sudoers file.
|
2018-05-14 09:05:03 -06:00
|
|
|
*/
|
2018-07-26 15:12:33 -06:00
|
|
|
static struct sudoers_parse_tree *
|
2023-08-21 09:21:49 -06:00
|
|
|
sudo_file_parse(struct sudoers_context *ctx, const struct sudo_nss *nss)
|
2018-05-14 09:05:03 -06:00
|
|
|
{
|
2019-12-22 08:48:16 -07:00
|
|
|
debug_decl(sudo_file_close, SUDOERS_DEBUG_NSS);
|
2018-05-29 09:39:40 -06:00
|
|
|
struct sudo_file_handle *handle = nss->handle;
|
2020-08-07 14:20:21 -06:00
|
|
|
int error;
|
2018-05-14 09:05:03 -06:00
|
|
|
|
2018-05-29 09:39:40 -06:00
|
|
|
if (handle == NULL || handle->fp == NULL) {
|
|
|
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR, "%s: called with NULL %s",
|
|
|
|
|
__func__, handle ? "file pointer" : "handle");
|
2018-07-26 15:12:33 -06:00
|
|
|
debug_return_ptr(NULL);
|
2018-05-29 09:39:40 -06:00
|
|
|
}
|
2018-05-14 09:05:03 -06:00
|
|
|
|
2018-05-29 09:39:40 -06:00
|
|
|
sudoersin = handle->fp;
|
2020-08-07 14:20:21 -06:00
|
|
|
error = sudoersparse();
|
2023-05-08 17:03:31 -06:00
|
|
|
if (error || (parse_error && !sudoers_error_recovery())) {
|
2022-03-10 13:30:56 -07:00
|
|
|
/* unrecoverable error */
|
|
|
|
|
debug_return_ptr(NULL);
|
2018-05-14 09:05:03 -06:00
|
|
|
}
|
|
|
|
|
|
2018-07-26 15:12:33 -06:00
|
|
|
/* Move parsed sudoers policy to nss handle. */
|
|
|
|
|
reparent_parse_tree(&handle->parse_tree);
|
2018-05-14 09:05:03 -06:00
|
|
|
|
2018-07-26 15:12:33 -06:00
|
|
|
debug_return_ptr(&handle->parse_tree);
|
2018-05-14 09:05:03 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2018-07-26 15:12:33 -06:00
|
|
|
* No need for explicit sudoers queries, the parse function handled it.
|
2018-05-14 09:05:03 -06:00
|
|
|
*/
|
2018-07-26 15:12:33 -06:00
|
|
|
static int
|
2023-08-21 09:21:49 -06:00
|
|
|
sudo_file_query(struct sudoers_context *ctx, const struct sudo_nss *nss,
|
|
|
|
|
struct passwd *pw)
|
2018-05-14 09:05:03 -06:00
|
|
|
{
|
2019-12-22 08:48:16 -07:00
|
|
|
debug_decl(sudo_file_query, SUDOERS_DEBUG_NSS);
|
2018-07-26 15:12:33 -06:00
|
|
|
debug_return_int(0);
|
2018-05-14 09:05:03 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2018-07-26 15:12:33 -06:00
|
|
|
* No need to get defaults for sudoers file, the parse function handled it.
|
2018-05-14 09:05:03 -06:00
|
|
|
*/
|
2018-07-26 15:12:33 -06:00
|
|
|
static int
|
2023-08-21 09:21:49 -06:00
|
|
|
sudo_file_getdefs(struct sudoers_context *ctx, const struct sudo_nss *nss)
|
2018-05-14 09:05:03 -06:00
|
|
|
{
|
2019-12-22 08:48:16 -07:00
|
|
|
debug_decl(sudo_file_getdefs, SUDOERS_DEBUG_NSS);
|
2018-07-26 15:12:33 -06:00
|
|
|
debug_return_int(0);
|
2018-05-14 09:05:03 -06:00
|
|
|
}
|
2018-05-28 07:35:51 -06:00
|
|
|
|
|
|
|
|
/* sudo_nss implementation */
|
|
|
|
|
struct sudo_nss sudo_nss_file = {
|
|
|
|
|
{ NULL, NULL },
|
2022-03-09 12:38:25 -07:00
|
|
|
"sudoers",
|
2018-05-28 07:35:51 -06:00
|
|
|
sudo_file_open,
|
|
|
|
|
sudo_file_close,
|
|
|
|
|
sudo_file_parse,
|
|
|
|
|
sudo_file_query,
|
|
|
|
|
sudo_file_getdefs
|
|
|
|
|
};
|
