=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sudo/Attic/check.c,v retrieving revision 1.13 retrieving revision 1.14 diff -c -r1.13 -r1.14 *** src/usr.bin/sudo/Attic/check.c 2005/05/31 21:13:43 1.13 --- src/usr.bin/sudo/Attic/check.c 2007/07/26 16:10:15 1.14 *************** *** 1,5 **** /* ! * Copyright (c) 1993-1996,1998-2004 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above --- 1,5 ---- /* ! * Copyright (c) 1993-1996,1998-2005 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above *************** *** 18,24 **** * Materiel Command, USAF, under agreement number F39502-99-1-0512. */ ! #include "config.h" #include #include --- 18,24 ---- * Materiel Command, USAF, under agreement number F39502-99-1-0512. */ ! #include #include #include *************** *** 56,66 **** #include #include #include #include "sudo.h" #ifndef lint ! static const char rcsid[] = "$Sudo: check.c,v 1.226 2004/09/08 15:48:23 millert Exp $"; #endif /* lint */ /* Status codes for timestamp_status() */ --- 56,69 ---- #include #include #include + #ifndef HAVE_TIMESPEC + # include + #endif #include "sudo.h" #ifndef lint ! __unused static const char rcsid[] = "$Sudo: check.c,v 1.223.2.9 2007/07/06 19:52:13 millert Exp $"; #endif /* lint */ /* Status codes for timestamp_status() */ *************** *** 70,75 **** --- 73,82 ---- #define TS_NOFILE 3 #define TS_ERROR 4 + /* Flags for timestamp_status() */ + #define TS_MAKE_DIRS 1 + #define TS_REMOVE 2 + static void build_timestamp __P((char **, char **)); static int timestamp_status __P((char *, char *, char *, int)); static char *expand_prompt __P((char *, char *, char *)); *************** *** 81,88 **** * verify who he/she is. */ void ! check_user(override) ! int override; { char *timestampdir = NULL; char *timestampfile = NULL; --- 88,95 ---- * verify who he/she is. */ void ! check_user(validated) ! int validated; { char *timestampdir = NULL; char *timestampfile = NULL; *************** *** 93,100 **** return; build_timestamp(×tampdir, ×tampfile); ! status = timestamp_status(timestampdir, timestampfile, user_name, TRUE); ! if (override || status != TS_CURRENT) { lecture(status); /* Expand any escapes in the prompt. */ --- 100,108 ---- return; build_timestamp(×tampdir, ×tampfile); ! status = timestamp_status(timestampdir, timestampfile, user_name, ! TS_MAKE_DIRS); ! if (status != TS_CURRENT || ISSET(validated, FLAG_CHECK_USER)) { lecture(status); /* Expand any escapes in the prompt. */ *************** *** 103,113 **** verify_user(auth_pw, prompt); } ! if (status != TS_ERROR) update_timestamp(timestampdir, timestampfile); ! free(timestampdir); ! if (timestampfile) ! free(timestampfile); } /* --- 111,121 ---- verify_user(auth_pw, prompt); } ! /* Only update timestamp if user was validated. */ ! if (status != TS_ERROR && ISSET(validated, VALIDATE_OK)) update_timestamp(timestampdir, timestampfile); ! efree(timestampdir); ! efree(timestampfile); } /* *************** *** 129,134 **** --- 137,143 ---- if (def_lecture_file && (fp = fopen(def_lecture_file, "r")) != NULL) { while ((nread = fread(buf, sizeof(char), sizeof(buf), fp)) != 0) fwrite(buf, nread, 1, stderr); + fclose(fp); } else { (void) fputs("\n\ We trust you have received the usual lecture from the local System\n\ *************** *** 349,359 **** * Check the timestamp file and directory and return their status. */ static int ! timestamp_status(timestampdir, timestampfile, user, make_dirs) char *timestampdir; char *timestampfile; char *user; ! int make_dirs; { struct stat sb; time_t now; --- 358,368 ---- * Check the timestamp file and directory and return their status. */ static int ! timestamp_status(timestampdir, timestampfile, user, flags) char *timestampdir; char *timestampfile; char *user; ! int flags; { struct stat sb; time_t now; *************** *** 373,379 **** if (lstat(dirparent, &sb) == 0) { if (!S_ISDIR(sb.st_mode)) log_error(NO_EXIT, "%s exists but is not a directory (0%o)", ! dirparent, sb.st_mode); else if (sb.st_uid != timestamp_uid) log_error(NO_EXIT, "%s owned by uid %lu, should be uid %lu", dirparent, (unsigned long) sb.st_uid, --- 382,388 ---- if (lstat(dirparent, &sb) == 0) { if (!S_ISDIR(sb.st_mode)) log_error(NO_EXIT, "%s exists but is not a directory (0%o)", ! dirparent, (unsigned int) sb.st_mode); else if (sb.st_uid != timestamp_uid) log_error(NO_EXIT, "%s owned by uid %lu, should be uid %lu", dirparent, (unsigned long) sb.st_uid, *************** *** 381,387 **** else if ((sb.st_mode & 0000022)) log_error(NO_EXIT, "%s writable by non-owner (0%o), should be mode 0700", ! dirparent, sb.st_mode); else { if ((sb.st_mode & 0000777) != 0700) (void) chmod(dirparent, 0700); --- 390,396 ---- else if ((sb.st_mode & 0000022)) log_error(NO_EXIT, "%s writable by non-owner (0%o), should be mode 0700", ! dirparent, (unsigned int) sb.st_mode); else { if ((sb.st_mode & 0000777) != 0700) (void) chmod(dirparent, 0700); *************** *** 391,397 **** log_error(NO_EXIT|USE_ERRNO, "can't stat %s", dirparent); } else { /* No dirparent, try to make one. */ ! if (make_dirs) { if (mkdir(dirparent, S_IRWXU)) log_error(NO_EXIT|USE_ERRNO, "can't mkdir %s", dirparent); --- 400,406 ---- log_error(NO_EXIT|USE_ERRNO, "can't stat %s", dirparent); } else { /* No dirparent, try to make one. */ ! if (ISSET(flags, TS_MAKE_DIRS)) { if (mkdir(dirparent, S_IRWXU)) log_error(NO_EXIT|USE_ERRNO, "can't mkdir %s", dirparent); *************** *** 420,426 **** status = TS_MISSING; } else log_error(NO_EXIT, "%s exists but is not a directory (0%o)", ! timestampdir, sb.st_mode); } else if (sb.st_uid != timestamp_uid) log_error(NO_EXIT, "%s owned by uid %lu, should be uid %lu", timestampdir, (unsigned long) sb.st_uid, --- 429,435 ---- status = TS_MISSING; } else log_error(NO_EXIT, "%s exists but is not a directory (0%o)", ! timestampdir, (unsigned int) sb.st_mode); } else if (sb.st_uid != timestamp_uid) log_error(NO_EXIT, "%s owned by uid %lu, should be uid %lu", timestampdir, (unsigned long) sb.st_uid, *************** *** 428,434 **** else if ((sb.st_mode & 0000022)) log_error(NO_EXIT, "%s writable by non-owner (0%o), should be mode 0700", ! timestampdir, sb.st_mode); else { if ((sb.st_mode & 0000777) != 0700) (void) chmod(timestampdir, 0700); --- 437,443 ---- else if ((sb.st_mode & 0000022)) log_error(NO_EXIT, "%s writable by non-owner (0%o), should be mode 0700", ! timestampdir, (unsigned int) sb.st_mode); else { if ((sb.st_mode & 0000777) != 0700) (void) chmod(timestampdir, 0700); *************** *** 441,449 **** /* * If there is no user ticket dir, AND we are in tty ticket mode, ! * AND the make_dirs flag is set, create the user ticket dir. */ ! if (status == TS_MISSING && timestampfile && make_dirs) { if (mkdir(timestampdir, S_IRWXU) == -1) { status = TS_ERROR; log_error(NO_EXIT|USE_ERRNO, "can't mkdir %s", timestampdir); --- 450,458 ---- /* * If there is no user ticket dir, AND we are in tty ticket mode, ! * AND the TS_MAKE_DIRS flag is set, create the user ticket dir. */ ! if (status == TS_MISSING && timestampfile && ISSET(flags, TS_MAKE_DIRS)) { if (mkdir(timestampdir, S_IRWXU) == -1) { status = TS_ERROR; log_error(NO_EXIT|USE_ERRNO, "can't mkdir %s", timestampdir); *************** *** 460,466 **** if (!S_ISREG(sb.st_mode)) { status = TS_ERROR; log_error(NO_EXIT, "%s exists but is not a regular file (0%o)", ! timestampfile, sb.st_mode); } else { /* If bad uid or file mode, complain and kill the bogus file. */ if (sb.st_uid != timestamp_uid) { --- 469,475 ---- if (!S_ISREG(sb.st_mode)) { status = TS_ERROR; log_error(NO_EXIT, "%s exists but is not a regular file (0%o)", ! timestampfile, (unsigned int) sb.st_mode); } else { /* If bad uid or file mode, complain and kill the bogus file. */ if (sb.st_uid != timestamp_uid) { *************** *** 472,478 **** } else if ((sb.st_mode & 0000022)) { log_error(NO_EXIT, "%s writable by non-owner (0%o), should be mode 0600", ! timestampfile, sb.st_mode); (void) unlink(timestampfile); } else { /* If not mode 0600, fix it. */ --- 481,487 ---- } else if ((sb.st_mode & 0000022)) { log_error(NO_EXIT, "%s writable by non-owner (0%o), should be mode 0600", ! timestampfile, (unsigned int) sb.st_mode); (void) unlink(timestampfile); } else { /* If not mode 0600, fix it. */ *************** *** 489,497 **** } /* ! * If the file/dir exists, check its mtime. */ ! if (status == TS_OLD) { /* Negative timeouts only expire manually (sudo -k). */ if (def_timestamp_timeout < 0 && sb.st_mtime != 0) status = TS_CURRENT; --- 498,506 ---- } /* ! * If the file/dir exists and we are not removing it, check its mtime. */ ! if (status == TS_OLD && !ISSET(flags, TS_REMOVE)) { /* Negative timeouts only expire manually (sudo -k). */ if (def_timestamp_timeout < 0 && sb.st_mtime != 0) status = TS_CURRENT; *************** *** 536,542 **** int status; build_timestamp(×tampdir, ×tampfile); ! status = timestamp_status(timestampdir, timestampfile, user_name, FALSE); if (status == TS_OLD || status == TS_CURRENT) { path = timestampfile ? timestampfile : timestampdir; if (remove) { --- 545,552 ---- int status; build_timestamp(×tampdir, ×tampfile); ! status = timestamp_status(timestampdir, timestampfile, user_name, ! TS_REMOVE); if (status == TS_OLD || status == TS_CURRENT) { path = timestampfile ? timestampfile : timestampdir; if (remove) { *************** *** 556,562 **** } } ! free(timestampdir); ! if (timestampfile) ! free(timestampfile); } --- 566,571 ---- } } ! efree(timestampdir); ! efree(timestampfile); }