/*
* Get passwd entry for the user we are going to authenticate as.
* By default, this is the user invoking sudo. In the most common
* case, this matches sudo_user.pw or runas_pw.
*/
static struct passwd *
get_authpw(int mode)
{
struct passwd *pw;
debug_decl(get_authpw, SUDO_DEBUG_AUTH)
if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
/* In list mode we always prompt for the user's password. */
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
} else {
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
log_fatal(0, N_("unknown uid: %u"), ROOT_UID);
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_fatal(0, N_("unknown user: %s"), def_runas_default);
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL)
log_fatal(NO_MAIL|MSG_ONLY, N_("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
sudo_pw_addref(runas_pw);
pw = runas_pw;
} else {
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
}
}
debug_return_ptr(pw);
}
/*
* Get passwd entry for the user we are going to authenticate as.
* By default, this is the user invoking sudo. In the most common
* case, this matches sudo_user.pw or runas_pw.
*/
static struct passwd *
get_authpw(int mode)
{
struct passwd *pw = NULL;
debug_decl(get_authpw, SUDOERS_DEBUG_AUTH)
if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
/* In list mode we always prompt for the user's password. */
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
} else {
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL) {
log_warningx(SLOG_SEND_MAIL, N_("unknown uid: %u"), ROOT_UID);
}
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL) {
log_warningx(SLOG_SEND_MAIL,
N_("unknown user: %s"), def_runas_default);
}
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL) {
/* This should never be NULL as we fake up the passwd struct */
log_warningx(SLOG_RAW_MSG, N_("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
} else {
sudo_pw_addref(runas_pw);
pw = runas_pw;
}
} else {
sudo_pw_addref(sudo_user.pw);
pw = sudo_user.pw;
}
}
debug_return_ptr(pw);
}