mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 14:25:15 +00:00
Code Issues Releases Wiki Activity

netgr_matches needs to check shost as well as host since they may be different.

Browse Source
This commit is contained in:
Todd C. Miller
2000-01-11 18:20:41 +00:00
parent 58fb4fc86b
commit 0b59a0974d
6 changed files with 27 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
parse.c
View File

@@ -426,13 +426,14 @@ usergr_matches(group, user)
/* /*
* Returns TRUE if "host" and "user" belong to the netgroup "netgr", * Returns TRUE if "host" and "user" belong to the netgroup "netgr",
* else return FALSE. Either of "host" or "user" may be NULL * else return FALSE. Either of "host", "shost" or "user" may be NULL
* in which case that argument is not checked... * in which case that argument is not checked...
*/ */
int int
netgr_matches(netgr, host, user) netgr_matches(netgr, host, shost, user)
char *netgr; char *netgr;
char *host; char *host;
char *shost;
char *user; char *user;
{ {
#ifdef HAVE_GETDOMAINNAME #ifdef HAVE_GETDOMAINNAME
@@ -457,10 +458,13 @@ netgr_matches(netgr, host, user)
#endif /* HAVE_GETDOMAINNAME */ #endif /* HAVE_GETDOMAINNAME */
#ifdef HAVE_INNETGR #ifdef HAVE_INNETGR
return(innetgr(netgr, host, user, domain)); if (innetgr(netgr, host, user, domain))
#else return(TRUE);
return(FALSE); else if (host != shost && innetgr(netgr, shost, user, domain))
return(TRUE);
#endif /* HAVE_INNETGR */ #endif /* HAVE_INNETGR */
return(FALSE);
} }
/* /*

2
parse.h
View File

@@ -109,7 +109,7 @@ extern int top;
*/ */
int addr_matches __P((char *)); int addr_matches __P((char *));
int command_matches __P((char *, char *, char *, char *)); int command_matches __P((char *, char *, char *, char *));
int netgr_matches __P((char *, char *, char *)); int netgr_matches __P((char *, char *, char *, char *));
int usergr_matches __P((char *, char *)); int usergr_matches __P((char *, char *));
#endif /* _SUDO_PARSE_H */ #endif /* _SUDO_PARSE_H */

6
parse.yacc
View File

@@ -354,7 +354,7 @@ host : ALL {
free($1); free($1);
} }
| NETGROUP { | NETGROUP {
if (netgr_matches($1, user_host, NULL)) if (netgr_matches($1, user_host, user_shost, NULL))
$$ = TRUE; $$ = TRUE;
else else
$$ = -1; $$ = -1;
@@ -535,7 +535,7 @@ runasuser : WORD {
user_matches == TRUE) user_matches == TRUE)
append_runas($1, ", "); append_runas($1, ", ");
} }
if (netgr_matches($1, NULL, *user_runas)) if (netgr_matches($1, NULL, NULL, *user_runas))
$$ = TRUE; $$ = TRUE;
else else
$$ = -1; $$ = -1;
@@ -789,7 +789,7 @@ user : WORD {
free($1); free($1);
} }
| NETGROUP { | NETGROUP {
if (netgr_matches($1, NULL, user_name)) if (netgr_matches($1, NULL, NULL, user_name))
$$ = TRUE; $$ = TRUE;
else else
$$ = -1; $$ = -1;

6
sudo.tab.c
View File

@@ -1256,7 +1256,7 @@ break;
case 30: case 30:
#line 356 "parse.yacc" #line 356 "parse.yacc"
{ {
if (netgr_matches(yyvsp[0].string, user_host, NULL)) if (netgr_matches(yyvsp[0].string, user_host, user_shost, NULL))
yyval.BOOLEAN = TRUE; yyval.BOOLEAN = TRUE;
else else
yyval.BOOLEAN = -1; yyval.BOOLEAN = -1;
@@ -1475,7 +1475,7 @@ case 49:
user_matches == TRUE) user_matches == TRUE)
append_runas(yyvsp[0].string, ", "); append_runas(yyvsp[0].string, ", ");
} }
if (netgr_matches(yyvsp[0].string, NULL, *user_runas)) if (netgr_matches(yyvsp[0].string, NULL, NULL, *user_runas))
yyval.BOOLEAN = TRUE; yyval.BOOLEAN = TRUE;
else else
yyval.BOOLEAN = -1; yyval.BOOLEAN = -1;
@@ -1757,7 +1757,7 @@ break;
case 84: case 84:
#line 791 "parse.yacc" #line 791 "parse.yacc"
{ {
if (netgr_matches(yyvsp[0].string, NULL, user_name)) if (netgr_matches(yyvsp[0].string, NULL, NULL, user_name))
yyval.BOOLEAN = TRUE; yyval.BOOLEAN = TRUE;
else else
yyval.BOOLEAN = -1; yyval.BOOLEAN = -1;

12
testsudoers.c
View File

@@ -240,9 +240,10 @@ usergr_matches(group, user)
} }
int int
netgr_matches(netgr, host, user) netgr_matches(netgr, host, shost, user)
char *netgr; char *netgr;
char *host; char *host;
char *shost;
char *user; char *user;
{ {
#ifdef HAVE_GETDOMAINNAME #ifdef HAVE_GETDOMAINNAME
@@ -268,10 +269,13 @@ netgr_matches(netgr, host, user)
#endif /* HAVE_GETDOMAINNAME */ #endif /* HAVE_GETDOMAINNAME */
#ifdef HAVE_INNETGR #ifdef HAVE_INNETGR
return(innetgr(netgr, host, user, domain)); if (innetgr(netgr, host, user, domain))
#else return(TRUE);
return(FALSE); else if (host != shost && innetgr(netgr, shost, user, domain))
return(TRUE);
#endif /* HAVE_INNETGR */ #endif /* HAVE_INNETGR */
return(FALSE);
} }
void void

6
visudo.c
View File

@@ -93,7 +93,7 @@ static RETSIGTYPE Exit __P((int));
static void setup_signals __P((void)); static void setup_signals __P((void));
int command_matches __P((char *, char *, char *, char *)); int command_matches __P((char *, char *, char *, char *));
int addr_matches __P((char *)); int addr_matches __P((char *));
int netgr_matches __P((char *, char *, char *)); int netgr_matches __P((char *, char *, char *, char *));
int usergr_matches __P((char *, char *)); int usergr_matches __P((char *, char *));
void init_parser __P((void)); void init_parser __P((void));
void yyrestart __P((FILE *)); void yyrestart __P((FILE *));
@@ -401,8 +401,8 @@ usergr_matches(g, u)
} }
int int
netgr_matches(n, h, u) netgr_matches(n, h, sh, u)
char *n, *h, *u; char *n, *h, *sh, *u;
{ {
return(TRUE); return(TRUE);
} }