--- embedaddon/sudo/plugins/sudoers/defaults.c	2012/05/29 12:26:49	1.1.1.2
+++ embedaddon/sudo/plugins/sudoers/defaults.c	2013/07/22 10:46:12	1.1.1.4
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999-2005, 2007-2011
+ * Copyright (c) 1999-2005, 2007-2013
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -22,7 +22,6 @@
 #include <config.h>
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef STDC_HEADERS
 # include <stdlib.h>
@@ -422,6 +421,11 @@ init_defaults(void)
     def_env_reset = ENV_RESET;
     def_set_logname = true;
     def_closefrom = STDERR_FILENO + 1;
+#ifdef NO_PAM_SESSION
+    def_pam_session = false;
+#else
+    def_pam_session = true;
+#endif
 
     /* Syslog options need special care since they both strings and ints */
 #if (LOGGING & SLOG_SYSLOG)
@@ -452,7 +456,7 @@ init_defaults(void)
 
     /* Now do the strings */
     def_mailto = estrdup(MAILTO);
-    def_mailsub = estrdup(_(MAILSUBJECT));
+    def_mailsub = estrdup(N_(MAILSUBJECT));
     def_badpass_message = estrdup(_(INCORRECT_PASSWORD));
     def_timestampdir = estrdup(_PATH_SUDO_TIMEDIR);
     def_passprompt = estrdup(_(PASSPROMPT));
@@ -485,7 +489,7 @@ init_defaults(void)
  * Update the defaults based on what was set by sudoers.
  * Pass in an OR'd list of which default types to update.
  */
-int
+bool
 update_defaults(int what)
 {
     struct defaults *def;
@@ -500,14 +504,25 @@ update_defaults(int what)
 		    rc = false;
 		break;
 	    case DEFAULTS_USER:
+#if 1
+		if (ISSET(what, SETDEF_USER)) {
+		    int m;
+		    m = userlist_matches(sudo_user.pw, &def->binding);
+		    if (m == ALLOW) {
+			if (!set_default(def->var, def->val, def->op))
+			    rc = false;
+		    }
+		}
+#else
 		if (ISSET(what, SETDEF_USER) &&
 		    userlist_matches(sudo_user.pw, &def->binding) == ALLOW &&
 		    !set_default(def->var, def->val, def->op))
 		    rc = false;
+#endif
 		break;
 	    case DEFAULTS_RUNAS:
 		if (ISSET(what, SETDEF_RUNAS) &&
-		    runaslist_matches(&def->binding, NULL) == ALLOW &&
+		    runaslist_matches(&def->binding, NULL, NULL, NULL) == ALLOW &&
 		    !set_default(def->var, def->val, def->op))
 		    rc = false;
 		break;
@@ -523,6 +538,54 @@ update_defaults(int what)
 		    !set_default(def->var, def->val, def->op))
 		    rc = false;
 		break;
+	}
+    }
+    debug_return_bool(rc);
+}
+
+/*
+ * Check the defaults entries without actually setting them.
+ * Pass in an OR'd list of which default types to check.
+ */
+bool
+check_defaults(int what, bool quiet)
+{
+    struct sudo_defs_types *cur;
+    struct defaults *def;
+    bool rc = true;
+    debug_decl(check_defaults, SUDO_DEBUG_DEFAULTS)
+
+    tq_foreach_fwd(&defaults, def) {
+	switch (def->type) {
+	    case DEFAULTS:
+		if (!ISSET(what, SETDEF_GENERIC))
+		    continue;
+		break;
+	    case DEFAULTS_USER:
+		if (!ISSET(what, SETDEF_USER))
+		    continue;
+		break;
+	    case DEFAULTS_RUNAS:
+		if (!ISSET(what, SETDEF_RUNAS))
+		    continue;
+		break;
+	    case DEFAULTS_HOST:
+		if (!ISSET(what, SETDEF_HOST))
+		    continue;
+		break;
+	    case DEFAULTS_CMND:
+		if (!ISSET(what, SETDEF_CMND))
+		    continue;
+		break;
+	}
+	for (cur = sudo_defs_table; cur->name != NULL; cur++) {
+	    if (strcmp(def->var, cur->name) == 0)
+		break;
+	}
+	if (cur->name == NULL) {
+	    if (!quiet)
+		warningx(_("unknown defaults entry `%s'"), def->var);
+	    rc = false;
 	}
     }
     debug_return_bool(rc);