embedaddon/sudo/plugins/sudoers/parse.h - diff

Return to parse.h CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

Diff for /embedaddon/sudo/plugins/sudoers/parse.h between versions 1.1.1.4 and 1.1.1.5

version 1.1.1.4, 2013/07/22 10:46:12	version 1.1.1.5, 2014/06/15 16:12:54
Line 1	Line 1
/*	/*
* Copyright (c) 1996, 1998-2000, 2004, 2007-2013	* Copyright (c) 1996, 1998-2000, 2004, 2007-2014
* Todd C. Miller <Todd.Miller@courtesan.com>	* Todd C. Miller <Todd.Miller@courtesan.com>
*	*
* Permission to use, copy, modify, and distribute this software for any	* Permission to use, copy, modify, and distribute this software for any
Line 34	Line 34
#define SUDO_DIGEST_INVALID 4	#define SUDO_DIGEST_INVALID 4

struct sudo_digest {	struct sudo_digest {
int digest_type;	unsigned int digest_type;
char *digest_str;	char *digest_str;
};	};

Line 53 struct sudo_command {	Line 53 struct sudo_command {
* Possible values: true, false, IMPLIED, UNSPEC.	* Possible values: true, false, IMPLIED, UNSPEC.
*/	*/
struct cmndtag {	struct cmndtag {
__signed int nopasswd: 3;	signed int nopasswd: 3;
__signed int noexec: 3;	signed int noexec: 3;
__signed int setenv: 3;	signed int setenv: 3;
__signed int log_input: 3;	signed int log_input: 3;
__signed int log_output: 3;	signed int log_output: 3;
};	};

/*	/*
Line 84 struct solaris_privs_info {	Line 84 struct solaris_privs_info {
* modelled after the yacc grammar.	* modelled after the yacc grammar.
*	*
* Other than the alias struct, which is stored in a red-black tree,	* Other than the alias struct, which is stored in a red-black tree,
* the data structure used is basically a doubly-linked tail queue without	* the data structure used is a doubly-linked tail queue. While sudoers
* a separate head struct--the first entry acts as the head where the prev	* is being parsed, a headless tail queue is used where the first entry
* pointer does double duty as the tail pointer. This makes it possible	* acts as the head and the prev pointer does double duty as the tail pointer.
* to trivally append sub-lists. In addition, the prev pointer is always	* This makes it possible to trivally append sub-lists. In addition, the prev
* valid (even if it points to itself). Unlike a circle queue, the next	* pointer is always valid (even if it points to itself). Unlike a circle
* pointer of the last entry is NULL and does not point back to the head.	* queue, the next pointer of the last entry is NULL and does not point back
*	* to the head. When the tail queue is finalized, it is converted to a
* Note that each list struct must contain a "prev" and "next" pointer as	* normal BSD tail queue.
* the first two members of the struct (in that order).
*/	*/

/*	/*
* Tail queue list head structure.	* Tail queue list head structure.
*/	*/
TQ_DECLARE(defaults)	TAILQ_HEAD(defaults_list, defaults);
TQ_DECLARE(userspec)	TAILQ_HEAD(userspec_list, userspec);
TQ_DECLARE(member)	TAILQ_HEAD(member_list, member);
TQ_DECLARE(privilege)	TAILQ_HEAD(privilege_list, privilege);
TQ_DECLARE(cmndspec)	TAILQ_HEAD(cmndspec_list, cmndspec);

/*	/*
* Structure describing a user specification and list thereof.	* Structure describing a user specification and list thereof.
*/	*/
struct userspec {	struct userspec {
struct userspec prev, next;	TAILQ_ENTRY(userspec) entries;
struct member_list users; /* list of users */	struct member_list users; /* list of users */
struct privilege_list privileges; /* list of privileges */	struct privilege_list privileges; /* list of privileges */
};	};
Line 117 struct userspec {	Line 116 struct userspec {
* Structure describing a privilege specification.	* Structure describing a privilege specification.
*/	*/
struct privilege {	struct privilege {
struct privilege prev, next;	TAILQ_ENTRY(privilege) entries;
struct member_list hostlist; /* list of hosts */	struct member_list hostlist; /* list of hosts */
struct cmndspec_list cmndlist; /* list of Cmnd_Specs */	struct cmndspec_list cmndlist; /* list of Cmnd_Specs */
};	};
Line 126 struct privilege {	Line 125 struct privilege {
* Structure describing a linked list of Cmnd_Specs.	* Structure describing a linked list of Cmnd_Specs.
*/	*/
struct cmndspec {	struct cmndspec {
struct cmndspec prev, next;	TAILQ_ENTRY(cmndspec) entries;
struct member_list runasuserlist; /* list of runas users */	struct member_list runasuserlist; / list of runas users */
struct member_list runasgrouplist; /* list of runas groups */	struct member_list runasgrouplist; / list of runas groups */
struct member cmnd; / command to allow/deny */	struct member cmnd; / command to allow/deny */
char digest; / optional command digest */
struct cmndtag tags; /* tag specificaion */	struct cmndtag tags; /* tag specificaion */
#ifdef HAVE_SELINUX	#ifdef HAVE_SELINUX
char role, type; /* SELinux role and type */	char role, type; /* SELinux role and type */
Line 144 struct cmndspec {	Line 142 struct cmndspec {
* Generic structure to hold users, hosts, commands.	* Generic structure to hold users, hosts, commands.
*/	*/
struct member {	struct member {
struct member prev, next;	TAILQ_ENTRY(member) entries;
char name; / member name */	char name; / member name */
short type; /* type (see gram.h) */	short type; /* type (see gram.h) */
short negated; /* negated via '!'? */	short negated; /* negated via '!'? */
Line 170 struct alias {	Line 168 struct alias {
* Structure describing a Defaults entry and a list thereof.	* Structure describing a Defaults entry and a list thereof.
*/	*/
struct defaults {	struct defaults {
struct defaults prev, next;	TAILQ_ENTRY(defaults) entries;
char var; / variable name */	char var; / variable name */
char val; / variable value */	char val; / variable value */
struct member_list binding; /* user/host/runas binding */	struct member_list binding; / user/host/runas binding */
int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */	int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */
int op; /* true, false, '+', '-' */	int op; /* true, false, '+', '-' */
};	};
Line 202 void init_parser(const char *, bool);	Line 200 void init_parser(const char *, bool);
bool addr_matches(char *n);	bool addr_matches(char *n);

/* match.c */	/* match.c */
bool command_matches(char sudoers_cmnd, char sudoers_args, struct sudo_digest *digest);	bool command_matches(const char sudoers_cmnd, const char sudoers_args, const struct sudo_digest *digest);
bool group_matches(char sudoers_group, struct group gr);	bool group_matches(const char sudoers_group, const struct group gr);
bool hostname_matches(char shost, char lhost, char *pattern);	bool hostname_matches(const char shost, const char lhost, const char *pattern);
bool netgr_matches(char netgr, char lhost, char shost, char user);	bool netgr_matches(const char netgr, const char lhost, const char shost, const char user);
bool usergr_matches(char group, char user, struct passwd *pw);	bool usergr_matches(const char group, const char user, const struct passwd *pw);
bool userpw_matches(char sudoers_user, char user, struct passwd *pw);	bool userpw_matches(const char sudoers_user, const char user, const struct passwd *pw);
int cmnd_matches(struct member *m);	int cmnd_matches(const struct member *m);
int cmndlist_matches(struct member_list *list);	int cmndlist_matches(const struct member_list *list);
int hostlist_matches(struct member_list *list);	int hostlist_matches(const struct member_list *list);
int runaslist_matches(struct member_list user_list, struct member_list group_list, struct member matching_user, struct member matching_group);	int runaslist_matches(const struct member_list user_list, const struct member_list group_list, struct member matching_user, struct member matching_group);
int userlist_matches(struct passwd pw, struct member_list list);	int userlist_matches(const struct passwd pw, const struct member_list list);

/* toke.c */	/* toke.c */
void init_lexer(void);	void init_lexer(void);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.4
changed lines
	Added in v.1.1.1.5