mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 14:25:15 +00:00
Code Issues Releases Wiki Activity

netgr_matches needs to check shost as well as host since they may be different.

Browse Source
This commit is contained in:
Todd C. Miller
2000-01-11 18:20:41 +00:00
parent 58fb4fc86b
commit 0b59a0974d
6 changed files with 27 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
parse.c
View File

@@ -426,13 +426,14 @@ usergr_matches(group, user)
/*
* Returns TRUE if "host" and "user" belong to the netgroup "netgr",
* else return FALSE. Either of "host" or "user" may be NULL
* else return FALSE. Either of "host", "shost" or "user" may be NULL
* in which case that argument is not checked...
*/
int
netgr_matches(netgr, host, user)
netgr_matches(netgr, host, shost, user)
char *netgr;
char *host;
char *shost;
char *user;
{
#ifdef HAVE_GETDOMAINNAME
@@ -457,10 +458,13 @@ netgr_matches(netgr, host, user)
#endif /* HAVE_GETDOMAINNAME */
#ifdef HAVE_INNETGR
return(innetgr(netgr, host, user, domain));
#else
return(FALSE);
if (innetgr(netgr, host, user, domain))
return(TRUE);
else if (host != shost && innetgr(netgr, shost, user, domain))
return(TRUE);
#endif /* HAVE_INNETGR */
return(FALSE);
}
/*

2
parse.h
View File

@@ -109,7 +109,7 @@ extern int top;
*/
int addr_matches __P((char *));
int command_matches __P((char *, char *, char *, char *));
int netgr_matches __P((char *, char *, char *));
int netgr_matches __P((char *, char *, char *, char *));
int usergr_matches __P((char *, char *));
#endif /* _SUDO_PARSE_H */

6
parse.yacc
View File

@@ -354,7 +354,7 @@ host : ALL {
free($1);
}
| NETGROUP {
if (netgr_matches($1, user_host, NULL))
if (netgr_matches($1, user_host, user_shost, NULL))
$$ = TRUE;
else
$$ = -1;
@@ -535,7 +535,7 @@ runasuser : WORD {
user_matches == TRUE)
append_runas($1, ", ");
}
if (netgr_matches($1, NULL, *user_runas))
if (netgr_matches($1, NULL, NULL, *user_runas))
$$ = TRUE;
else
$$ = -1;
@@ -789,7 +789,7 @@ user : WORD {
free($1);
}
| NETGROUP {
if (netgr_matches($1, NULL, user_name))
if (netgr_matches($1, NULL, NULL, user_name))
$$ = TRUE;
else
$$ = -1;

6
sudo.tab.c
View File

@@ -1256,7 +1256,7 @@ break;
case 30:
#line 356 "parse.yacc"
{
if (netgr_matches(yyvsp[0].string, user_host, NULL))
if (netgr_matches(yyvsp[0].string, user_host, user_shost, NULL))
yyval.BOOLEAN = TRUE;
else
yyval.BOOLEAN = -1;
@@ -1475,7 +1475,7 @@ case 49:
user_matches == TRUE)
append_runas(yyvsp[0].string, ", ");
}
if (netgr_matches(yyvsp[0].string, NULL, *user_runas))
if (netgr_matches(yyvsp[0].string, NULL, NULL, *user_runas))
yyval.BOOLEAN = TRUE;
else
yyval.BOOLEAN = -1;
@@ -1757,7 +1757,7 @@ break;
case 84:
#line 791 "parse.yacc"
{
if (netgr_matches(yyvsp[0].string, NULL, user_name))
if (netgr_matches(yyvsp[0].string, NULL, NULL, user_name))
yyval.BOOLEAN = TRUE;
else
yyval.BOOLEAN = -1;

12
testsudoers.c
View File

@@ -240,9 +240,10 @@ usergr_matches(group, user)
}
int
netgr_matches(netgr, host, user)
netgr_matches(netgr, host, shost, user)
char *netgr;
char *host;
char *shost;
char *user;
{
#ifdef HAVE_GETDOMAINNAME
@@ -268,10 +269,13 @@ netgr_matches(netgr, host, user)
#endif /* HAVE_GETDOMAINNAME */
#ifdef HAVE_INNETGR
return(innetgr(netgr, host, user, domain));
#else
return(FALSE);
if (innetgr(netgr, host, user, domain))
return(TRUE);
else if (host != shost && innetgr(netgr, shost, user, domain))
return(TRUE);
#endif /* HAVE_INNETGR */
return(FALSE);
}
void

6
visudo.c
View File

@@ -93,7 +93,7 @@ static RETSIGTYPE Exit __P((int));
static void setup_signals __P((void));
int command_matches __P((char *, char *, char *, char *));
int addr_matches __P((char *));
int netgr_matches __P((char *, char *, char *));
int netgr_matches __P((char *, char *, char *, char *));
int usergr_matches __P((char *, char *));
void init_parser __P((void));
void yyrestart __P((FILE *));
@@ -401,8 +401,8 @@ usergr_matches(g, u)
}
int
netgr_matches(n, h, u)
char *n, *h, *u;
netgr_matches(n, h, sh, u)
char *n, *h, *sh, *u;
{
return(TRUE);
}