int sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth) { SIAENTITY *siah = NULL; int i; extern int NewArgc; extern char **NewArgv; /* Rebuild argv for sia_ses_init() */ sudo_argc = NewArgc + 1; sudo_argv = emalloc2(sudo_argc + 1, sizeof(char *)); sudo_argv[0] = "sudo"; for (i = 0; i < NewArgc; i++) sudo_argv[i + 1] = NewArgv[i]; sudo_argv[sudo_argc] = NULL; if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ttypath, 1, NULL) != SIASUCCESS) { log_error(USE_ERRNO|NO_EXIT|NO_MAIL, _("unable to initialize SIA session")); return AUTH_FATAL; } auth->data = (void *) siah; return AUTH_SUCCESS; }
/* * Initialize env based on envp. */ void env_init(char * const envp[]) { char * const *ep; size_t len; for (ep = envp; *ep != NULL; ep++) continue; len = (size_t)(ep - envp); env.env_len = len; env.env_size = len + 1 + 128; env.envp = emalloc2(env.env_size, sizeof(char *)); #ifdef ENV_DEBUG memset(env.envp, 0, env.env_size * sizeof(char *)); #endif memcpy(env.envp, envp, len * sizeof(char *)); env.envp[len] = '\0'; }
/* * Check input for ' ', '<', '>' * pause, slow, fast */ static void check_input(int ttyfd, double *speed) { fd_set *fdsr; int nready, paused = 0; struct timeval tv; char ch; ssize_t n; fdsr = (fd_set *)emalloc2(howmany(ttyfd + 1, NFDBITS), sizeof(fd_mask)); for (;;) { FD_SET(ttyfd, fdsr); tv.tv_sec = 0; tv.tv_usec = 0; nready = select(ttyfd + 1, fdsr, NULL, NULL, paused ? NULL : &tv); if (nready != 1) break; n = read(ttyfd, &ch, 1); if (n == 1) { if (paused) { paused = 0; continue; } switch (ch) { case ' ': paused = 1; break; case '<': *speed /= 2; break; case '>': *speed *= 2; break; } } } free(fdsr); }
/* * Like execve(2) but falls back to running through /bin/sh * ala execvp(3) if we get ENOEXEC. */ int sudo_execve(const char *path, char *const argv[], char *const envp[], int noexec) { /* Modify the environment as needed to disable further execve(). */ if (noexec) envp = disable_execute(envp); execve(path, argv, envp); if (errno == ENOEXEC) { int argc; char **nargv; for (argc = 0; argv[argc] != NULL; argc++) continue; nargv = emalloc2(argc + 2, sizeof(char *)); nargv[0] = "sh"; nargv[1] = (char *)path; memcpy(nargv + 2, argv + 1, argc * sizeof(char *)); execve(_PATH_BSHELL, nargv, envp); efree(nargv); } return -1; }
/* Reset user_groups based on passwd entry. */ static void reset_groups(struct passwd *pw) { #if defined(HAVE_INITGROUPS) && defined(HAVE_GETGROUPS) if (pw != sudo_user.pw) { # ifdef HAVE_SETAUTHDB aix_setauthdb(pw->pw_name); # endif if (initgroups(pw->pw_name, pw->pw_gid) == -1) log_error(USE_ERRNO|MSG_ONLY, "can't reset group vector"); efree(user_groups); user_groups = NULL; if ((user_ngroups = getgroups(0, NULL)) > 0) { user_groups = emalloc2(user_ngroups, sizeof(GETGROUPS_T)); if (getgroups(user_ngroups, user_groups) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't get group vector"); } # ifdef HAVE_SETAUTHDB aix_restoreauthdb(); # endif } #endif }
static int sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], char **command_infop[], char **argv_out[], char **user_env_out[]) { static char *command_info[32]; /* XXX */ char **edit_argv = NULL; struct sudo_nss *nss; int cmnd_status = -1, validated; volatile int info_len = 0; volatile int rval = TRUE; if (sigsetjmp(error_jmp, 1)) { /* error recovery via error(), errorx() or log_error() */ rval = -1; goto done; } /* Is root even allowed to run sudo? */ if (user_uid == 0 && !def_root_sudo) { warningx(_("sudoers specifies that root is not allowed to sudo")); goto bad; } /* Check for -C overriding def_closefrom. */ if (user_closefrom >= 0 && user_closefrom != def_closefrom) { if (!def_closefrom_override) { warningx(_("you are not permitted to use the -C option")); goto bad; } def_closefrom = user_closefrom; } set_perms(PERM_INITIAL); /* Environment variables specified on the command line. */ if (env_add != NULL && env_add[0] != NULL) sudo_user.env_vars = env_add; /* * Make a local copy of argc/argv, with special handling * for pseudo-commands and the '-i' option. */ if (argc == 0) { NewArgc = 1; NewArgv = emalloc2(NewArgc + 1, sizeof(char *)); NewArgv[0] = user_cmnd; NewArgv[1] = NULL; } else { /* Must leave an extra slot before NewArgv for bash's --login */ NewArgc = argc; NewArgv = emalloc2(NewArgc + 2, sizeof(char *)); memcpy(++NewArgv, argv, argc * sizeof(char *)); NewArgv[NewArgc] = NULL; if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) NewArgv[0] = estrdup(runas_pw->pw_shell); } /* If given the -P option, set the "preserve_groups" flag. */ if (ISSET(sudo_mode, MODE_PRESERVE_GROUPS)) def_preserve_groups = TRUE; /* Find command in path */ cmnd_status = set_cmnd(); if (cmnd_status == -1) { rval = -1; goto done; } #ifdef HAVE_SETLOCALE if (!setlocale(LC_ALL, def_sudoers_locale)) { warningx(_("unable to set locale to \"%s\", using \"C\""), def_sudoers_locale); setlocale(LC_ALL, "C"); } #endif /* * Check sudoers sources. */ validated = FLAG_NO_USER | FLAG_NO_HOST; tq_foreach_fwd(snl, nss) { validated = nss->lookup(nss, validated, pwflag); if (ISSET(validated, VALIDATE_OK)) { /* Handle "= auth" in netsvc.conf */ if (nss->ret_if_found) break; } else { /* Handle [NOTFOUND=return] */ if (nss->ret_if_notfound) break; } }
/* * Build a new environment and ether clear potentially dangerous * variables from the old one or start with a clean slate. * Also adds sudo-specific variables (SUDO_*). */ void rebuild_env(void) { char **old_envp, **ep, *cp, *ps1; char idbuf[MAX_UID_T_LEN]; unsigned int didvar; int reset_home = FALSE; /* * Either clean out the environment or reset to a safe default. */ ps1 = NULL; didvar = 0; env.env_len = 0; env.env_size = 128; old_envp = env.envp; env.envp = emalloc2(env.env_size, sizeof(char *)); #ifdef ENV_DEBUG memset(env.envp, 0, env.env_size * sizeof(char *)); #endif /* Reset HOME based on target user if configured to. */ if (ISSET(sudo_mode, MODE_RUN)) { if (def_always_set_home || ISSET(sudo_mode, MODE_RESET_HOME | MODE_LOGIN_SHELL) || (ISSET(sudo_mode, MODE_SHELL) && def_set_home)) reset_home = TRUE; } if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) { /* Pull in vars we want to keep from the old environment. */ for (ep = old_envp; *ep; ep++) { int keepit; /* Skip variables with values beginning with () (bash functions) */ if ((cp = strchr(*ep, '=')) != NULL) { if (strncmp(cp, "=() ", 3) == 0) continue; } /* * First check certain variables for '%' and '/' characters. * If no match there, check the keep list. * If nothing matched, we remove it from the environment. */ keepit = matches_env_check(*ep); if (keepit == -1) keepit = matches_env_keep(*ep); /* For SUDO_PS1 -> PS1 conversion. */ if (strncmp(*ep, "SUDO_PS1=", 8) == 0) ps1 = *ep + 5; if (keepit) { /* Preserve variable. */ switch (**ep) { case 'H': if (strncmp(*ep, "HOME=", 5) == 0) SET(didvar, DID_HOME); break; case 'L': if (strncmp(*ep, "LOGNAME=", 8) == 0) SET(didvar, DID_LOGNAME); break; case 'M': if (strncmp(*ep, "MAIL=", 5) == 0) SET(didvar, DID_MAIL); break; case 'P': if (strncmp(*ep, "PATH=", 5) == 0) SET(didvar, DID_PATH); break; case 'S': if (strncmp(*ep, "SHELL=", 6) == 0) SET(didvar, DID_SHELL); break; case 'T': if (strncmp(*ep, "TERM=", 5) == 0) SET(didvar, DID_TERM); break; case 'U': if (strncmp(*ep, "USER="******"USERNAME="******"SHELL", runas_pw->pw_shell, ISSET(didvar, DID_SHELL)); sudo_setenv("LOGNAME", runas_pw->pw_name, ISSET(didvar, DID_LOGNAME)); sudo_setenv("USER", runas_pw->pw_name, ISSET(didvar, DID_USER)); sudo_setenv("USERNAME", runas_pw->pw_name, ISSET(didvar, DID_USERNAME)); } else { if (!ISSET(didvar, DID_SHELL)) sudo_setenv("SHELL", sudo_user.pw->pw_shell, FALSE); if (!ISSET(didvar, DID_LOGNAME)) sudo_setenv("LOGNAME", user_name, FALSE); if (!ISSET(didvar, DID_USER)) sudo_setenv("USER", user_name, FALSE); if (!ISSET(didvar, DID_USERNAME)) sudo_setenv("USERNAME", user_name, FALSE); } /* If we didn't keep HOME, reset it based on target user. */ if (!ISSET(didvar, KEPT_HOME)) reset_home = TRUE; /* * Set MAIL to target user in -i mode or if MAIL is not preserved * from user's environment. */ if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, KEPT_MAIL)) { cp = _PATH_MAILDIR; if (cp[sizeof(_PATH_MAILDIR) - 2] == '/') easprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR, runas_pw->pw_name); else easprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR, runas_pw->pw_name); sudo_putenv(cp, ISSET(didvar, DID_MAIL), TRUE); } } else { /* * Copy environ entries as long as they don't match env_delete or * env_check. */ for (ep = old_envp; *ep; ep++) { int okvar; /* Skip variables with values beginning with () (bash functions) */ if ((cp = strchr(*ep, '=')) != NULL) { if (strncmp(cp, "=() ", 3) == 0) continue; } /* * First check variables against the blacklist in env_delete. * If no match there check for '%' and '/' characters. */ okvar = matches_env_delete(*ep) != TRUE; if (okvar) okvar = matches_env_check(*ep) != FALSE; if (okvar) { if (strncmp(*ep, "SUDO_PS1=", 9) == 0) ps1 = *ep + 5; else if (strncmp(*ep, "PATH=", 5) == 0) SET(didvar, DID_PATH); else if (strncmp(*ep, "TERM=", 5) == 0) SET(didvar, DID_TERM); sudo_putenv(*ep, FALSE, FALSE); } } } /* Replace the PATH envariable with a secure one? */ if (def_secure_path && !user_is_exempt()) { sudo_setenv("PATH", def_secure_path, TRUE); SET(didvar, DID_PATH); } /* * Set $USER, $LOGNAME and $USERNAME to target if "set_logname" is not * disabled. We skip this if we are running a login shell (because * they have already been set them) or sudoedit (because we want the * editor to find the user's startup files). */ if (def_set_logname && !ISSET(sudo_mode, MODE_LOGIN_SHELL|MODE_EDIT)) { if (!ISSET(didvar, KEPT_LOGNAME)) sudo_setenv("LOGNAME", runas_pw->pw_name, TRUE); if (!ISSET(didvar, KEPT_USER)) sudo_setenv("USER", runas_pw->pw_name, TRUE); if (!ISSET(didvar, KEPT_USERNAME)) sudo_setenv("USERNAME", runas_pw->pw_name, TRUE); } /* Set $HOME to target user if not preserving user's value. */ if (reset_home) sudo_setenv("HOME", runas_pw->pw_dir, TRUE); /* Provide default values for $TERM and $PATH if they are not set. */ if (!ISSET(didvar, DID_TERM)) sudo_putenv("TERM=unknown", FALSE, FALSE); if (!ISSET(didvar, DID_PATH)) sudo_setenv("PATH", _PATH_STDPATH, FALSE); /* Set PS1 if SUDO_PS1 is set. */ if (ps1 != NULL) sudo_putenv(ps1, TRUE, TRUE); /* Add the SUDO_COMMAND envariable (cmnd + args). */ if (user_args) { easprintf(&cp, "%s %s", user_cmnd, user_args); sudo_setenv("SUDO_COMMAND", cp, TRUE); efree(cp); } else { sudo_setenv("SUDO_COMMAND", user_cmnd, TRUE); } /* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */ sudo_setenv("SUDO_USER", user_name, TRUE); snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_uid); sudo_setenv("SUDO_UID", idbuf, TRUE); snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_gid); sudo_setenv("SUDO_GID", idbuf, TRUE); /* Free old environment. */ efree(old_envp); }
/* * Allocate and fill in the interfaces global variable with the * machine's ip addresses and netmasks. */ void load_interfaces() { struct ifaddrs *ifa, *ifaddrs; struct sockaddr_in *sin; #ifdef HAVE_IN6_ADDR struct sockaddr_in6 *sin6; #endif int i; if (getifaddrs(&ifaddrs)) return; /* Allocate space for the interfaces list. */ for (ifa = ifaddrs; ifa != NULL; ifa = ifa -> ifa_next) { /* Skip interfaces marked "down" and "loopback". */ if (ifa->ifa_addr == NULL || !ISSET(ifa->ifa_flags, IFF_UP) || ISSET(ifa->ifa_flags, IFF_LOOPBACK)) continue; switch(ifa->ifa_addr->sa_family) { case AF_INET: #ifdef HAVE_IN6_ADDR case AF_INET6: #endif num_interfaces++; break; } } if (num_interfaces == 0) return; interfaces = (struct interface *) emalloc2(num_interfaces, sizeof(struct interface)); /* Store the ip addr / netmask pairs. */ for (ifa = ifaddrs, i = 0; ifa != NULL; ifa = ifa -> ifa_next) { /* Skip interfaces marked "down" and "loopback". */ if (ifa->ifa_addr == NULL || !ISSET(ifa->ifa_flags, IFF_UP) || ISSET(ifa->ifa_flags, IFF_LOOPBACK)) continue; switch(ifa->ifa_addr->sa_family) { case AF_INET: sin = (struct sockaddr_in *)ifa->ifa_addr; if (sin == NULL) continue; memcpy(&interfaces[i].addr, &sin->sin_addr, sizeof(struct in_addr)); sin = (struct sockaddr_in *)ifa->ifa_netmask; if (sin == NULL) continue; memcpy(&interfaces[i].netmask, &sin->sin_addr, sizeof(struct in_addr)); interfaces[i].family = AF_INET; i++; break; #ifdef HAVE_IN6_ADDR case AF_INET6: sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; if (sin6 == NULL) continue; memcpy(&interfaces[i].addr, &sin6->sin6_addr, sizeof(struct in6_addr)); sin6 = (struct sockaddr_in6 *)ifa->ifa_netmask; if (sin6 == NULL) continue; memcpy(&interfaces[i].netmask, &sin6->sin6_addr, sizeof(struct in6_addr)); interfaces[i].family = AF_INET6; i++; break; #endif /* HAVE_IN6_ADDR */ } } #ifdef HAVE_FREEIFADDRS freeifaddrs(ifaddrs); #else efree(ifaddrs); #endif }
/* * Allocate and fill in the interfaces global variable with the * machine's ip addresses and netmasks. */ void load_interfaces() { struct ifconf *ifconf; struct ifreq *ifr, ifr_tmp; struct sockaddr_in *sin; int sock, n, i; size_t len = sizeof(struct ifconf) + BUFSIZ; char *previfname = "", *ifconf_buf = NULL; #ifdef _ISC struct strioctl strioctl; #endif /* _ISC */ sock = socket(AF_INET, SOCK_DGRAM, 0); if (sock < 0) error(1, "cannot open socket"); /* * Get interface configuration or return (leaving num_interfaces == 0) */ for (;;) { ifconf_buf = erealloc(ifconf_buf, len); ifconf = (struct ifconf *) ifconf_buf; ifconf->ifc_len = len - sizeof(struct ifconf); ifconf->ifc_buf = (caddr_t) (ifconf_buf + sizeof(struct ifconf)); #ifdef _ISC STRSET(SIOCGIFCONF, (caddr_t) ifconf, len); if (ioctl(sock, I_STR, (caddr_t) &strioctl) < 0) { #else /* Note that some kernels return EINVAL if the buffer is too small */ if (ioctl(sock, SIOCGIFCONF, (caddr_t) ifconf) < 0 && errno != EINVAL) { #endif /* _ISC */ efree(ifconf_buf); (void) close(sock); return; } /* Break out of loop if we have a big enough buffer. */ if (ifconf->ifc_len + sizeof(struct ifreq) < len) break; len += BUFSIZ; } /* Allocate space for the maximum number of interfaces that could exist. */ if ((n = ifconf->ifc_len / sizeof(struct ifreq)) == 0) return; interfaces = (struct interface *) emalloc2(n, sizeof(struct interface)); /* For each interface, store the ip address and netmask. */ for (i = 0; i < ifconf->ifc_len; ) { /* Get a pointer to the current interface. */ ifr = (struct ifreq *) &ifconf->ifc_buf[i]; /* Set i to the subscript of the next interface. */ i += sizeof(struct ifreq); #ifdef HAVE_SA_LEN if (ifr->ifr_addr.sa_len > sizeof(ifr->ifr_addr)) i += ifr->ifr_addr.sa_len - sizeof(struct sockaddr); #endif /* HAVE_SA_LEN */ /* Skip duplicates and interfaces with NULL addresses. */ sin = (struct sockaddr_in *) &ifr->ifr_addr; if (sin->sin_addr.s_addr == 0 || strncmp(previfname, ifr->ifr_name, sizeof(ifr->ifr_name) - 1) == 0) continue; if (ifr->ifr_addr.sa_family != AF_INET) continue; #ifdef SIOCGIFFLAGS zero_bytes(&ifr_tmp, sizeof(ifr_tmp)); strncpy(ifr_tmp.ifr_name, ifr->ifr_name, sizeof(ifr_tmp.ifr_name) - 1); if (ioctl(sock, SIOCGIFFLAGS, (caddr_t) &ifr_tmp) < 0) #endif ifr_tmp = *ifr; /* Skip interfaces marked "down" and "loopback". */ if (!ISSET(ifr_tmp.ifr_flags, IFF_UP) || ISSET(ifr_tmp.ifr_flags, IFF_LOOPBACK)) continue; sin = (struct sockaddr_in *) &ifr->ifr_addr; interfaces[num_interfaces].addr.ip4.s_addr = sin->sin_addr.s_addr; /* Stash the name of the interface we saved. */ previfname = ifr->ifr_name; /* Get the netmask. */ zero_bytes(&ifr_tmp, sizeof(ifr_tmp)); strncpy(ifr_tmp.ifr_name, ifr->ifr_name, sizeof(ifr_tmp.ifr_name) - 1); #ifdef SIOCGIFNETMASK #ifdef _ISC STRSET(SIOCGIFNETMASK, (caddr_t) &ifr_tmp, sizeof(ifr_tmp)); if (ioctl(sock, I_STR, (caddr_t) &strioctl) == 0) { #else if (ioctl(sock, SIOCGIFNETMASK, (caddr_t) &ifr_tmp) == 0) { #endif /* _ISC */ sin = (struct sockaddr_in *) &ifr_tmp.ifr_addr; interfaces[num_interfaces].netmask.ip4.s_addr = sin->sin_addr.s_addr; } else { #else { #endif /* SIOCGIFNETMASK */ if (IN_CLASSC(interfaces[num_interfaces].addr.ip4.s_addr)) interfaces[num_interfaces].netmask.ip4.s_addr = htonl(IN_CLASSC_NET); else if (IN_CLASSB(interfaces[num_interfaces].addr.ip4.s_addr)) interfaces[num_interfaces].netmask.ip4.s_addr = htonl(IN_CLASSB_NET); else interfaces[num_interfaces].netmask.ip4.s_addr = htonl(IN_CLASSA_NET); } /* Only now can we be sure it was a good/interesting interface. */ interfaces[num_interfaces].family = AF_INET; num_interfaces++; } /* If the expected size < real size, realloc the array. */ if (n != num_interfaces) { if (num_interfaces != 0) interfaces = (struct interface *) erealloc3(interfaces, num_interfaces, sizeof(struct interface)); else efree(interfaces); } efree(ifconf_buf); (void) close(sock); } #else /* !SIOCGIFCONF || STUB_LOAD_INTERFACES */ /* * Stub function for those without SIOCGIFCONF */ void load_interfaces() { return; } #endif /* SIOCGIFCONF && !STUB_LOAD_INTERFACES */ void dump_interfaces() { int i; #ifdef HAVE_IN6_ADDR char addrbuf[INET6_ADDRSTRLEN], maskbuf[INET6_ADDRSTRLEN]; #endif puts("Local IP address and netmask pairs:"); for (i = 0; i < num_interfaces; i++) { switch(interfaces[i].family) { case AF_INET: printf("\t%s / ", inet_ntoa(interfaces[i].addr.ip4)); puts(inet_ntoa(interfaces[i].netmask.ip4)); break; #ifdef HAVE_IN6_ADDR case AF_INET6: inet_ntop(AF_INET6, &interfaces[i].addr.ip6, addrbuf, sizeof(addrbuf)); inet_ntop(AF_INET6, &interfaces[i].netmask.ip6, maskbuf, sizeof(maskbuf)); printf("\t%s / %s\n", addrbuf, maskbuf); break; #endif /* HAVE_IN6_ADDR */ } } }
/* * Load the specified plugin and run its init function. * Returns -1 if unable to open the plugin, else it returns * the value from the plugin's init function. */ int group_plugin_load(char *plugin_info) { struct stat sb; char *args, path[PATH_MAX]; char **argv = NULL; int len, rc = -1; debug_decl(group_plugin_load, SUDO_DEBUG_UTIL) /* * Fill in .so path and split out args (if any). */ if ((args = strpbrk(plugin_info, " \t")) != NULL) { len = snprintf(path, sizeof(path), "%s%.*s", (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", (int)(args - plugin_info), plugin_info); args++; } else { len = snprintf(path, sizeof(path), "%s%s", (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info); } if (len <= 0 || len >= sizeof(path)) { errno = ENAMETOOLONG; warning("%s%s", (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info); goto done; } /* Sanity check plugin path. */ if (stat(path, &sb) != 0) { warning("%s", path); goto done; } if (sb.st_uid != ROOT_UID) { warningx(_("%s must be owned by uid %d"), path, ROOT_UID); goto done; } if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) { warningx(_("%s must only be writable by owner"), path); goto done; } /* Open plugin and map in symbol. */ group_handle = dlopen(path, RTLD_LAZY|RTLD_GLOBAL); if (!group_handle) { warningx(_("unable to dlopen %s: %s"), path, dlerror()); goto done; } group_plugin = dlsym(group_handle, "group_plugin"); if (group_plugin == NULL) { warningx(_("unable to find symbol \"group_plugin\" in %s"), path); goto done; } if (GROUP_API_VERSION_GET_MAJOR(group_plugin->version) != GROUP_API_VERSION_MAJOR) { warningx(_("%s: incompatible group plugin major version %d, expected %d"), path, GROUP_API_VERSION_GET_MAJOR(group_plugin->version), GROUP_API_VERSION_MAJOR); goto done; } /* * Split args into a vector if specified. */ if (args != NULL) { int ac = 0; bool wasblank = true; char *cp; for (cp = args; *cp != '\0'; cp++) { if (isblank((unsigned char)*cp)) { wasblank = true; } else if (wasblank) { wasblank = false; ac++; } } if (ac != 0) { argv = emalloc2(ac, sizeof(char *)); ac = 0; for ((cp = strtok(args, " \t")); cp; (cp = strtok(NULL, " \t"))) argv[ac++] = cp; } } rc = (group_plugin->init)(GROUP_API_VERSION, sudo_printf, argv); done: efree(argv); if (rc != true) { if (group_handle != NULL) { dlclose(group_handle); group_handle = NULL; group_plugin = NULL; } } debug_return_bool(rc); }
int main(int argc, char *argv[]) { int ch, idx, plen, nready, interactive = 0, listonly = 0; const char *id, *user = NULL, *pattern = NULL, *tty = NULL, *decimal = "."; char path[PATH_MAX], buf[LINE_MAX], *cp, *ep; double seconds, to_wait, speed = 1.0, max_wait = 0; FILE *lfile; fd_set *fdsw; sigaction_t sa; size_t len, nbytes, nread, off; ssize_t nwritten; #if !defined(HAVE_GETPROGNAME) && !defined(HAVE___PROGNAME) setprogname(argc > 0 ? argv[0] : "sudoreplay"); #endif #ifdef HAVE_SETLOCALE setlocale(LC_ALL, ""); decimal = localeconv()->decimal_point; #endif while ((ch = getopt(argc, argv, "d:f:hlm:s:V")) != -1) { switch(ch) { case 'd': session_dir = optarg; break; case 'f': /* Set the replay filter. */ replay_filter = 0; for (cp = strtok(optarg, ","); cp; cp = strtok(NULL, ",")) { if (strcmp(cp, "stdout") == 0) SET(replay_filter, 1 << IOFD_STDOUT); else if (strcmp(cp, "stderr") == 0) SET(replay_filter, 1 << IOFD_STDERR); else if (strcmp(cp, "ttyout") == 0) SET(replay_filter, 1 << IOFD_TTYOUT); else errorx(1, "invalid filter option: %s", optarg); } break; case 'h': help(); /* NOTREACHED */ case 'l': listonly = 1; break; case 'm': errno = 0; max_wait = strtod(optarg, &ep); if (*ep != '\0' || errno != 0) errorx(1, "invalid max wait: %s", optarg); break; case 's': errno = 0; speed = strtod(optarg, &ep); if (*ep != '\0' || errno != 0) errorx(1, "invalid speed factor: %s", optarg); break; case 'V': (void) printf("%s version %s\n", getprogname(), PACKAGE_VERSION); exit(0); default: usage(1); /* NOTREACHED */ } } argc -= optind; argv += optind; if (listonly) exit(list_sessions(argc, argv, pattern, user, tty)); if (argc != 1) usage(1); /* 6 digit ID in base 36, e.g. 01G712AB */ id = argv[0]; if (!VALID_ID(id)) errorx(1, "invalid ID %s", id); plen = snprintf(path, sizeof(path), "%s/%.2s/%.2s/%.2s/timing", session_dir, id, &id[2], &id[4]); if (plen <= 0 || plen >= sizeof(path)) errorx(1, "%s/%.2s/%.2s/%.2s/%.2s/timing: %s", session_dir, id, &id[2], &id[4], strerror(ENAMETOOLONG)); plen -= 7; /* Open files for replay, applying replay filter for the -f flag. */ for (idx = 0; idx < IOFD_MAX; idx++) { if (ISSET(replay_filter, 1 << idx) || idx == IOFD_TIMING) { io_fds[idx].v = open_io_fd(path, plen, io_fnames[idx]); if (io_fds[idx].v == NULL) error(1, "unable to open %s", path); } } /* Read log file. */ path[plen] = '\0'; strlcat(path, "/log", sizeof(path)); lfile = fopen(path, "r"); if (lfile == NULL) error(1, "unable to open %s", path); cp = NULL; len = 0; /* Pull out command (third line). */ if (getline(&cp, &len, lfile) == -1 || getline(&cp, &len, lfile) == -1 || getline(&cp, &len, lfile) == -1) { errorx(1, "invalid log file %s", path); } printf("Replaying sudo session: %s", cp); free(cp); fclose(lfile); fflush(stdout); zero_bytes(&sa, sizeof(sa)); sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESETHAND; sa.sa_handler = cleanup; (void) sigaction(SIGINT, &sa, NULL); (void) sigaction(SIGKILL, &sa, NULL); (void) sigaction(SIGTERM, &sa, NULL); (void) sigaction(SIGHUP, &sa, NULL); sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_IGN; (void) sigaction(SIGTSTP, &sa, NULL); (void) sigaction(SIGQUIT, &sa, NULL); /* XXX - read user input from /dev/tty and set STDOUT to raw if not a pipe */ /* Set stdin to raw mode if it is a tty */ interactive = isatty(STDIN_FILENO); if (interactive) { ch = fcntl(STDIN_FILENO, F_GETFL, 0); if (ch != -1) (void) fcntl(STDIN_FILENO, F_SETFL, ch | O_NONBLOCK); if (!term_raw(STDIN_FILENO, 1)) error(1, "cannot set tty to raw mode"); } fdsw = (fd_set *)emalloc2(howmany(STDOUT_FILENO + 1, NFDBITS), sizeof(fd_mask)); /* * Timing file consists of line of the format: "%f %d\n" */ #ifdef HAVE_ZLIB_H while (gzgets(io_fds[IOFD_TIMING].g, buf, sizeof(buf)) != NULL) { #else while (fgets(buf, sizeof(buf), io_fds[IOFD_TIMING].f) != NULL) { #endif if (!parse_timing(buf, decimal, &idx, &seconds, &nbytes)) errorx(1, "invalid timing file line: %s", buf); if (interactive) check_input(STDIN_FILENO, &speed); /* Adjust delay using speed factor and clamp to max_wait */ to_wait = seconds / speed; if (max_wait && to_wait > max_wait) to_wait = max_wait; delay(to_wait); /* Even if we are not relaying, we still have to delay. */ if (io_fds[idx].v == NULL) continue; /* All output is sent to stdout. */ while (nbytes != 0) { if (nbytes > sizeof(buf)) len = sizeof(buf); else len = nbytes; #ifdef HAVE_ZLIB_H nread = gzread(io_fds[idx].g, buf, len); #else nread = fread(buf, 1, len, io_fds[idx].f); #endif nbytes -= nread; off = 0; do { /* no stdio, must be unbuffered */ nwritten = write(STDOUT_FILENO, buf + off, nread - off); if (nwritten == -1) { if (errno == EINTR) continue; if (errno == EAGAIN) { FD_SET(STDOUT_FILENO, fdsw); do { nready = select(STDOUT_FILENO + 1, NULL, fdsw, NULL, NULL); } while (nready == -1 && errno == EINTR); if (nready == 1) continue; } error(1, "writing to standard output"); } off += nwritten; } while (nread > off); } } term_restore(STDIN_FILENO, 1); exit(0); } static void delay(double secs) { struct timespec ts, rts; int rval; /* * Typical max resolution is 1/HZ but we can't portably check that. * If the interval is small enough, just ignore it. */ if (secs < 0.0001) return; rts.tv_sec = secs; rts.tv_nsec = (secs - (double) rts.tv_sec) * 1000000000.0; do { memcpy(&ts, &rts, sizeof(ts)); rval = nanosleep(&ts, &rts); } while (rval == -1 && errno == EINTR); if (rval == -1) error(1, "nanosleep: tv_sec %ld, tv_nsec %ld", ts.tv_sec, ts.tv_nsec); } static void * open_io_fd(char *path, int len, const char *suffix) { path[len] = '\0'; strlcat(path, suffix, PATH_MAX); #ifdef HAVE_ZLIB_H return gzopen(path, "r"); #else return fopen(path, "r"); #endif }
/* * Command line argument parsing. * Sets nargc and nargv which corresponds to the argc/argv we'll use * for the command to be run (if we are running one). */ int parse_args(int argc, char **argv, int *nargc, char ***nargv, char ***settingsp, char ***env_addp) { int mode = 0; /* what mode is sudo to be run in? */ int flags = 0; /* mode flags */ int valid_flags, ch; int i, j; char *cp, **env_add, **settings; int nenv = 0; int env_size = 32; env_add = emalloc2(env_size, sizeof(char *)); /* Pass progname to plugin so it can call setprogname() */ sudo_settings[ARG_PROGNAME].value = getprogname(); /* First, check to see if we were invoked as "sudoedit". */ if (strcmp(getprogname(), "sudoedit") == 0) { mode = MODE_EDIT; sudo_settings[ARG_SUDOEDIT].value = "true"; } /* Load local IP addresses and masks. */ if (get_net_ifs(&cp) > 0) sudo_settings[ARG_NET_ADDRS].value = cp; /* Returns true if the last option string was "--" */ #define got_end_of_args (optind > 1 && argv[optind - 1][0] == '-' && \ argv[optind - 1][1] == '-' && argv[optind - 1][2] == '\0') /* Returns true if next option is an environment variable */ #define is_envar (optind < argc && argv[optind][0] != '/' && \ strchr(argv[optind], '=') != NULL) /* Flags allowed when running a command */ valid_flags = MODE_BACKGROUND|MODE_PRESERVE_ENV|MODE_RESET_HOME| MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_SHELL; /* XXX - should fill in settings at the end to avoid dupes */ for (;;) { /* * We disable arg permutation for GNU getopt(). * Some trickiness is required to allow environment variables * to be interspersed with command line options. */ if ((ch = getopt(argc, argv, "+Aa:bC:c:D:Eeg:HhiKklnPp:r:Sst:U:u:Vv")) != -1) { switch (ch) { case 'A': SET(tgetpass_flags, TGP_ASKPASS); break; #ifdef HAVE_BSD_AUTH_H case 'a': sudo_settings[ARG_BSDAUTH_TYPE].value = optarg; break; #endif case 'b': SET(flags, MODE_BACKGROUND); break; case 'C': if (atoi(optarg) < 3) { warningx(_("the argument to -C must be a number greater than or equal to 3")); usage(1); } sudo_settings[ARG_CLOSEFROM].value = optarg; break; #ifdef HAVE_LOGIN_CAP_H case 'c': sudo_settings[ARG_LOGIN_CLASS].value = optarg; break; #endif case 'D': if ((debug_level = atoi(optarg)) < 1 || debug_level > 9) { warningx(_("the argument to -D must be between 1 and 9 inclusive")); usage(1); } sudo_settings[ARG_DEBUG_LEVEL].value = optarg; break; case 'E': sudo_settings[ARG_PRESERVE_ENVIRONMENT].value = "true"; break; case 'e': if (mode && mode != MODE_EDIT) usage_excl(1); mode = MODE_EDIT; sudo_settings[ARG_SUDOEDIT].value = "true"; valid_flags = MODE_NONINTERACTIVE; break; case 'g': runas_group = optarg; sudo_settings[ARG_RUNAS_GROUP].value = optarg; break; case 'H': sudo_settings[ARG_SET_HOME].value = "true"; break; case 'h': if (mode && mode != MODE_HELP) { if (strcmp(getprogname(), "sudoedit") != 0) usage_excl(1); } mode = MODE_HELP; valid_flags = 0; break; case 'i': sudo_settings[ARG_LOGIN_SHELL].value = "true"; SET(flags, MODE_LOGIN_SHELL); break; case 'k': sudo_settings[ARG_IGNORE_TICKET].value = "true"; break; case 'K': sudo_settings[ARG_IGNORE_TICKET].value = "true"; if (mode && mode != MODE_KILL) usage_excl(1); mode = MODE_KILL; valid_flags = 0; break; case 'l': if (mode) { if (mode == MODE_LIST) SET(flags, MODE_LONG_LIST); else usage_excl(1); } mode = MODE_LIST; valid_flags = MODE_NONINTERACTIVE|MODE_LONG_LIST; break; case 'n': SET(flags, MODE_NONINTERACTIVE); sudo_settings[ARG_NONINTERACTIVE].value = "true"; break; case 'P': sudo_settings[ARG_PRESERVE_GROUPS].value = "true"; break; case 'p': sudo_settings[ARG_PROMPT].value = optarg; break; #ifdef HAVE_SELINUX case 'r': sudo_settings[ARG_SELINUX_ROLE].value = optarg; break; case 't': sudo_settings[ARG_SELINUX_TYPE].value = optarg; break; #endif case 'S': SET(tgetpass_flags, TGP_STDIN); break; case 's': sudo_settings[ARG_USER_SHELL].value = "true"; SET(flags, MODE_SHELL); break; case 'U': if ((getpwnam(optarg)) == NULL) errorx(1, _("unknown user: %s"), optarg); list_user = optarg; break; case 'u': runas_user = optarg; sudo_settings[ARG_RUNAS_USER].value = optarg; break; case 'v': if (mode && mode != MODE_VALIDATE) usage_excl(1); mode = MODE_VALIDATE; valid_flags = MODE_NONINTERACTIVE; break; case 'V': if (mode && mode != MODE_VERSION) usage_excl(1); mode = MODE_VERSION; valid_flags = 0; break; default: usage(1); } } else if (!got_end_of_args && is_envar) { if (nenv == env_size - 2) { env_size *= 2; env_add = erealloc3(env_add, env_size, sizeof(char *)); } env_add[nenv++] = argv[optind]; /* Crank optind and resume getopt. */ optind++; } else { /* Not an option or an environment variable -- we're done. */ break; } } env_add[nenv] = NULL; argc -= optind; argv += optind; if (!mode) { /* Defer -k mode setting until we know whether it is a flag or not */ if (sudo_settings[ARG_IGNORE_TICKET].value != NULL) { if (argc == 0) { mode = MODE_INVALIDATE; /* -k by itself */ sudo_settings[ARG_IGNORE_TICKET].value = NULL; valid_flags = 0; } } if (!mode) mode = MODE_RUN; /* running a command */ } if (argc > 0 && mode == MODE_LIST) mode = MODE_CHECK; if (ISSET(flags, MODE_LOGIN_SHELL)) { if (ISSET(flags, MODE_SHELL)) { warningx(_("you may not specify both the `-i' and `-s' options")); usage(1); } if (ISSET(flags, MODE_PRESERVE_ENV)) { warningx(_("you may not specify both the `-i' and `-E' options")); usage(1); } SET(flags, MODE_SHELL); } if ((flags & valid_flags) != flags) usage(1); if (mode == MODE_EDIT && (ISSET(flags, MODE_PRESERVE_ENV) || env_add[0] != NULL)) { if (ISSET(mode, MODE_PRESERVE_ENV)) warningx(_("the `-E' option is not valid in edit mode")); if (env_add[0] != NULL) warningx(_("you may not specify environment variables in edit mode")); usage(1); } if ((runas_user != NULL || runas_group != NULL) && !ISSET(mode, MODE_EDIT | MODE_RUN | MODE_CHECK | MODE_VALIDATE)) { usage(1); } if (list_user != NULL && mode != MODE_LIST && mode != MODE_CHECK) { warningx(_("the `-U' option may only be used with the `-l' option")); usage(1); } if (ISSET(tgetpass_flags, TGP_STDIN) && ISSET(tgetpass_flags, TGP_ASKPASS)) { warningx(_("the `-A' and `-S' options may not be used together")); usage(1); } if ((argc == 0 && mode == MODE_EDIT) || (argc > 0 && !ISSET(mode, MODE_RUN | MODE_EDIT | MODE_CHECK))) usage(1); if (argc == 0 && mode == MODE_RUN && !ISSET(flags, MODE_SHELL)) { SET(flags, (MODE_IMPLIED_SHELL | MODE_SHELL)); sudo_settings[ARG_IMPLIED_SHELL].value = "true"; } if (mode == MODE_HELP) help(); /* * For shell mode we need to rewrite argv */ if (ISSET(mode, MODE_RUN) && ISSET(flags, MODE_SHELL)) { char **av; int ac; if (argc == 0) { /* just the shell */ ac = argc + 1; av = emalloc2(ac + 1, sizeof(char *)); memcpy(av + 1, argv, argc * sizeof(char *)); } else { /* shell -c "command" */ char *cmnd, *src, *dst; size_t cmnd_size = (size_t) (argv[argc - 1] - argv[0]) + strlen(argv[argc - 1]) + 1; cmnd = dst = emalloc2(cmnd_size, 2); for (av = argv; *av != NULL; av++) { for (src = *av; *src != '\0'; src++) { /* quote potential meta characters */ if (!isalnum((unsigned char)*src) && *src != '_' && *src != '-') *dst++ = '\\'; *dst++ = *src; } *dst++ = ' '; } if (cmnd != dst) dst--; /* replace last space with a NUL */ *dst = '\0'; ac = 3; av = emalloc2(ac + 1, sizeof(char *)); av[1] = "-c"; av[2] = cmnd; } av[0] = (char *)user_details.shell; /* plugin may override shell */ av[ac] = NULL; argv = av; argc = ac; } /* * Format setting_pairs into settings array. */ settings = emalloc2(NUM_SETTINGS + 1, sizeof(char *)); for (i = 0, j = 0; i < NUM_SETTINGS; i++) { if (sudo_settings[i].value) { sudo_debug(9, "settings: %s=%s", sudo_settings[i].name, sudo_settings[i].value); settings[j] = fmt_string(sudo_settings[i].name, sudo_settings[i].value); if (settings[j] == NULL) errorx(1, _("unable to allocate memory")); j++; } } settings[j] = NULL; if (mode == MODE_EDIT) { #if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID) /* Must have the command in argv[0]. */ argc++; argv--; argv[0] = "sudoedit"; #else errorx(1, _("sudoedit is not supported on this platform")); #endif } *settingsp = settings; *env_addp = env_add; *nargc = argc; *nargv = argv; return mode | flags; }