===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sudo/Attic/defaults.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- src/usr.bin/sudo/Attic/defaults.c	1999/12/10 06:45:11	1.2
+++ src/usr.bin/sudo/Attic/defaults.c	2000/01/24 04:22:53	1.3
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2000 Todd C. Miller <Todd.Miller@courtesan.com>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -53,7 +53,7 @@
 #include "sudo.h"
 
 #ifndef lint
-static const char rcsid[] = "$Sudo: defaults.c,v 1.13 1999/12/02 20:31:24 millert Exp $";
+static const char rcsid[] = "$Sudo: defaults.c,v 1.17 2000/01/17 23:46:24 millert Exp $";
 #endif /* lint */
 
 /*
@@ -106,130 +106,141 @@
 static int store_syslogfac __P((char *, struct sudo_defs_types *, int));
 static int store_syslogpri __P((char *, struct sudo_defs_types *, int));
 static int store_mode __P((char *, struct sudo_defs_types *, int));
+static int store_pwflag __P((char *, struct sudo_defs_types *, int));
 
 /*
  * Table describing compile-time and run-time options.
  */
 struct sudo_defs_types sudo_defs_table[] = {
     {
-	"syslog_ifac", T_INT, { 0 },
-	NULL
+	"syslog_ifac", T_INT, NULL
     }, {
-	"syslog_igoodpri", T_INT, { 0 },
-	NULL
+	"syslog_igoodpri", T_INT, NULL
     }, {
-	"syslog_ibadpri", T_INT, { 0 },
-	NULL
+	"syslog_ibadpri", T_INT, NULL
     }, {
-	"syslog", T_LOGFAC|T_BOOL, { 0 },
+	"syslog", T_LOGFAC|T_BOOL,
 	"Syslog facility if syslog is being used for logging: %s"
     }, {
-	"syslog_goodpri", T_LOGPRI, { 0 },
+	"syslog_goodpri", T_LOGPRI,
 	"Syslog priority to use when user authenticates successfully: %s"
     }, {
-	"syslog_badpri", T_LOGPRI, { 0 },
+	"syslog_badpri", T_LOGPRI,
 	"Syslog priority to use when user authenticates unsuccessfully: %s"
     }, {
-	"long_otp_prompt", T_FLAG, { 0 },
+	"long_otp_prompt", T_FLAG,
 	"Put OTP prompt on its own line"
     }, {
-	"ignore_dot", T_FLAG, { 0 },
+	"ignore_dot", T_FLAG,
 	"Ignore '.' in $PATH"
     }, {
-	"mail_always", T_FLAG, { 0 },
+	"mail_always", T_FLAG,
 	"Always send mail when sudo is run"
     }, {
-	"mail_no_user", T_FLAG, { 0 },
+	"mail_no_user", T_FLAG,
 	"Send mail if the user is not in sudoers"
     }, {
-	"mail_no_host", T_FLAG, { 0 },
+	"mail_no_host", T_FLAG,
 	"Send mail if the user is not in sudoers for this host"
     }, {
-	"mail_no_perms", T_FLAG, { 0 },
+	"mail_no_perms", T_FLAG,
 	"Send mail if the user is not allowed to run a command"
     }, {
-	"tty_tickets", T_FLAG, { 0 },
+	"tty_tickets", T_FLAG,
 	"Use a separate timestamp for each user/tty combo"
     }, {
-	"lecture", T_FLAG, { 0 },
+	"lecture", T_FLAG,
 	"Lecture user the first time they run sudo"
     }, {
-	"authenticate", T_FLAG, { 0 },
+	"authenticate", T_FLAG,
 	"Require users to authenticate by default"
     }, {
-	"root_sudo", T_FLAG, { 0 },
+	"root_sudo", T_FLAG,
 	"Root may run sudo"
     }, {
-	"log_host", T_FLAG, { 0 },
+	"log_host", T_FLAG,
 	"Log the hostname in the (non-syslog) log file"
     }, {
-	"log_year", T_FLAG, { 0 },
+	"log_year", T_FLAG,
 	"Log the year in the (non-syslog) log file"
     }, {
-	"set_home", T_FLAG, { 0 },
+	"shell_noargs", T_FLAG,
+	"If sudo is invoked with no arguments, start a shell"
+    }, {
+	"set_home", T_FLAG,
 	"Set $HOME to the target user when starting a shell with -s"
     }, {
-	"path_info", T_FLAG, { 0 },
+	"path_info", T_FLAG,
 	"Allow some information gathering to give useful error messages"
     }, {
-	"fqdn", T_FLAG, { 0 },
+	"fqdn", T_FLAG,
 	"Require fully-qualified hsotnames in the sudoers file"
     }, {
-	"insults", T_FLAG, { 0 },
+	"insults", T_FLAG,
 	"Insult the user when they enter an incorrect password"
     }, {
-	"requiretty", T_FLAG, { 0 },
+	"requiretty", T_FLAG,
 	"Only allow the user to run sudo if they have a tty"
     }, {
-	"loglinelen", T_INT|T_BOOL, { 0 },
+	"loglinelen", T_INT|T_BOOL,
 	"Length at which to wrap log file lines (0 for no wrap): %d"
     }, {
-	"timestamp_timeout", T_INT|T_BOOL, { 0 },
+	"timestamp_timeout", T_INT|T_BOOL,
 	"Authentication timestamp timeout: %d minutes"
     }, {
-	"passwd_timeout", T_INT|T_BOOL, { 0 },
+	"passwd_timeout", T_INT|T_BOOL,
 	"Password prompt timeout: %d minutes"
     }, {
-	"passwd_tries", T_INT, { 0 },
+	"passwd_tries", T_INT,
 	"Number of tries to enter a password: %d"
     }, {
-	"umask", T_MODE|T_BOOL, { 0 },
+	"umask", T_MODE|T_BOOL,
 	"Umask to use or 0777 to use user's: 0%o"
     }, {
-	"logfile", T_STR|T_BOOL|T_PATH, { 0 },
+	"logfile", T_STR|T_BOOL|T_PATH,
 	"Path to log file: %s"
     }, {
-	"mailerpath", T_STR|T_BOOL|T_PATH, { 0 },
+	"mailerpath", T_STR|T_BOOL|T_PATH,
 	"Path to mail program: %s"
     }, {
-	"mailerflags", T_STR|T_BOOL, { 0 },
+	"mailerflags", T_STR|T_BOOL,
 	"Flags for mail program: %s"
     }, {
-	"mailto", T_STR|T_BOOL, { 0 },
+	"mailto", T_STR|T_BOOL,
 	"Address to send mail to: %s"
     }, {
-	"mailsub", T_STR, { 0 },
+	"mailsub", T_STR,
 	"Subject line for mail messages: %s"
     }, {
-	"badpass_message", T_STR, { 0 },
+	"badpass_message", T_STR,
 	"Incorrect password message: %s"
     }, {
-	"timestampdir", T_STR|T_PATH, { 0 },
+	"timestampdir", T_STR|T_PATH,
 	"Path to authentication timestamp dir: %s"
     }, {
-	"exempt_group", T_STR|T_BOOL, { 0 },
+	"exempt_group", T_STR|T_BOOL,
 	"Users in this group are exempt from password and PATH requirements: %s"
     }, {
-	"passprompt", T_STR, { 0 },
+	"passprompt", T_STR,
 	"Default password prompt: %s"
     }, {
-	"runas_default", T_STR, { 0 },
+	"runas_default", T_STR,
 	"Default user to run commands as: %s"
     }, {
-	"secure_path", T_STR|T_BOOL, { 0 },
+	"secure_path", T_STR|T_BOOL,
 	"Value to override user's $PATH with: %s"
     }, {
-	NULL, 0, { 0 }, NULL
+	"listpw_i", T_INT, NULL
+    }, {
+	"verifypw_i", T_INT, NULL
+    }, {
+	"listpw", T_PWFLAG,
+	"When to require a password for 'list' pseudocommand: %s"
+    }, {
+	"verifypw", T_PWFLAG,
+	"When to require a password for 'verify' pseudocommand: %s"
+    }, {
+	NULL, 0, NULL
     }
 };
 
@@ -251,6 +262,7 @@
 		case T_STR:
 		case T_LOGFAC:
 		case T_LOGPRI:
+		case T_PWFLAG:
 		    if (cur->sd_un.str) {
 			(void) printf(cur->desc, cur->sd_un.str);
 			putchar('\n');
@@ -358,6 +370,19 @@
 		return(FALSE);
 	    }
 	    break;
+	case T_PWFLAG:
+	    if (!store_pwflag(val, cur, op)) {
+		if (val)
+		    (void) fprintf(stderr,
+			"%s: value '%s' is invalid for option '%s'\n", Argv[0],
+			val, var);
+		else
+		    (void) fprintf(stderr,
+			"%s: no value specified for `%s' on line %d\n", Argv[0],
+			var, sudolineno);
+		return(FALSE);
+	    }
+	    break;
 	case T_STR:
 	    if (!val) {
 		/* Check for bogus boolean usage or lack of a value. */
@@ -450,6 +475,7 @@
 		case T_STR:
 		case T_LOGFAC:
 		case T_LOGPRI:
+		case T_PWFLAG:
 		    if (def->sd_un.str) {
 			free(def->sd_un.str);
 			def->sd_un.str = NULL;
@@ -492,6 +518,9 @@
 #ifdef HOST_IN_LOG
     def_flag(I_LOG_HOST) = TRUE;
 #endif
+#ifdef SHELL_IF_NO_ARGS
+    def_flag(I_SHELL_NOARGS) = TRUE;
+#endif
 #ifdef SHELL_SETS_HOME
     def_flag(I_SET_HOME) = TRUE;
 #endif
@@ -512,6 +541,10 @@
     (void) store_syslogpri(PRI_FAILURE, &sudo_defs_table[I_BADPRISTR], TRUE);
 #endif
 
+    /* Password flags also have a string and integer component. */
+    (void) store_pwflag("any", &sudo_defs_table[I_LISTPWSTR], TRUE);
+    (void) store_pwflag("all", &sudo_defs_table[I_VERIFYPWSTR], TRUE);
+
     /* Then initialize the int-like things. */
 #ifdef SUDO_UMASK
     def_mode(I_UMASK) = SUDO_UMASK;
@@ -601,8 +634,10 @@
     struct strmap *fac;
 
     if (op == FALSE) {
-	free(def->sd_un.str);
-	def->sd_un.str = NULL;
+	if (def->sd_un.str) {
+	    free(def->sd_un.str);
+	    def->sd_un.str = NULL;
+	}
 	return(TRUE);
     }
 #ifdef LOG_NFACILITIES
@@ -680,5 +715,52 @@
 	    return(FALSE);
 	def->sd_un.mode = (mode_t)l;
     }
+    return(TRUE);
+}
+
+static int
+store_pwflag(val, def, op)
+    char *val;
+    struct sudo_defs_types *def;
+    int op;
+{
+    int isub, flags;
+
+    if (strcmp(def->name, "verifypw") == 0)
+	isub = I_VERIFYPW;
+    else
+	isub = I_LISTPW;
+
+    /* Handle !foo. */
+    if (op == FALSE) {
+	if (def->sd_un.str) {
+	    free(def->sd_un.str);
+	    def->sd_un.str = NULL;
+	}
+	def->sd_un.str = estrdup("never");
+	sudo_defs_table[isub].sd_un.ival = PWCHECK_NEVER;
+	return(TRUE);
+    }
+    if (!val)
+	return(FALSE);
+
+    /* Convert strings to integer values. */
+    if (strcmp(val, "all") == 0)
+	flags = PWCHECK_ALL;
+    else if (strcmp(val, "any") == 0)
+	flags = PWCHECK_ANY;
+    else if (strcmp(val, "never") == 0)
+	flags = PWCHECK_NEVER;
+    else if (strcmp(val, "always") == 0)
+	flags = PWCHECK_ALWAYS;
+    else
+	return(FALSE);
+
+    /* Store both name and number. */
+    if (def->sd_un.str)
+	free(def->sd_un.str);
+    def->sd_un.str = estrdup(val);
+    sudo_defs_table[isub].sd_un.ival = flags;
+
     return(TRUE);
 }