--- embedaddon/sudo/plugins/sudoers/sudo_nss.c 2012/02/21 16:23:02 1.1.1.1 +++ embedaddon/sudo/plugins/sudoers/sudo_nss.c 2012/05/29 12:26:49 1.1.1.2 @@ -58,10 +58,11 @@ sudo_read_nss(void) { FILE *fp; char *cp; - int saw_files = FALSE; - int saw_ldap = FALSE; - int got_match = FALSE; + bool saw_files = false; + bool saw_ldap = false; + bool got_match = false; static struct sudo_nss_list snl; + debug_decl(sudo_read_nss, SUDO_DEBUG_NSS) if ((fp = fopen(_PATH_NSSWITCH_CONF, "r")) == NULL) goto nomatch; @@ -79,16 +80,16 @@ sudo_read_nss(void) for ((cp = strtok(cp + 8, " \t")); cp != NULL; (cp = strtok(NULL, " \t"))) { if (strcasecmp(cp, "files") == 0 && !saw_files) { tq_append(&snl, &sudo_nss_file); - got_match = TRUE; + got_match = true; } else if (strcasecmp(cp, "ldap") == 0 && !saw_ldap) { tq_append(&snl, &sudo_nss_ldap); - got_match = TRUE; + got_match = true; } else if (strcasecmp(cp, "[NOTFOUND=return]") == 0 && got_match) { /* NOTFOUND affects the most recent entry */ - tq_last(&snl)->ret_if_notfound = TRUE; - got_match = FALSE; + tq_last(&snl)->ret_if_notfound = true; + got_match = false; } else - got_match = FALSE; + got_match = false; } /* Only parse the first "sudoers:" line */ break; @@ -100,7 +101,7 @@ nomatch: if (tq_empty(&snl)) tq_append(&snl, &sudo_nss_file); - return &snl; + debug_return_ptr(&snl); } #else /* HAVE_LDAP && _PATH_NSSWITCH_CONF */ @@ -116,10 +117,11 @@ sudo_read_nss(void) { FILE *fp; char *cp, *ep; - int saw_files = FALSE; - int saw_ldap = FALSE; - int got_match = FALSE; + bool saw_files = false; + bool saw_ldap = false; + bool got_match = false; static struct sudo_nss_list snl; + debug_decl(sudo_read_nss, SUDO_DEBUG_NSS) if ((fp = fopen(_PATH_NETSVC_CONF, "r")) == NULL) goto nomatch; @@ -147,15 +149,15 @@ sudo_read_nss(void) if (!saw_files && strncasecmp(cp, "files", 5) == 0 && (isspace((unsigned char)cp[5]) || cp[5] == '\0')) { tq_append(&snl, &sudo_nss_file); - got_match = TRUE; + got_match = true; ep = &cp[5]; } else if (!saw_ldap && strncasecmp(cp, "ldap", 4) == 0 && (isspace((unsigned char)cp[4]) || cp[4] == '\0')) { tq_append(&snl, &sudo_nss_ldap); - got_match = TRUE; + got_match = true; ep = &cp[4]; } else { - got_match = FALSE; + got_match = false; } /* check for = auth qualifier */ @@ -165,7 +167,7 @@ sudo_read_nss(void) cp++; if (strncasecmp(cp, "auth", 4) == 0 && (isspace((unsigned char)cp[4]) || cp[4] == '\0')) { - tq_last(&snl)->ret_if_found = TRUE; + tq_last(&snl)->ret_if_found = true; } } } @@ -179,7 +181,7 @@ nomatch: if (tq_empty(&snl)) tq_append(&snl, &sudo_nss_file); - return &snl; + debug_return_ptr(&snl); } # else /* !_PATH_NETSVC_CONF && !_PATH_NSSWITCH_CONF */ @@ -191,13 +193,14 @@ struct sudo_nss_list * sudo_read_nss(void) { static struct sudo_nss_list snl; + debug_decl(sudo_read_nss, SUDO_DEBUG_NSS) # ifdef HAVE_LDAP tq_append(&snl, &sudo_nss_ldap); # endif tq_append(&snl, &sudo_nss_file); - return &snl; + debug_return_ptr(&snl); } # endif /* !HAVE_LDAP || !_PATH_NETSVC_CONF */ @@ -209,6 +212,7 @@ output(const char *buf) { struct sudo_conv_message msg; struct sudo_conv_reply repl; + debug_decl(output, SUDO_DEBUG_NSS) /* Call conversation function */ memset(&msg, 0, sizeof(msg)); @@ -216,8 +220,8 @@ output(const char *buf) msg.msg = buf; memset(&repl, 0, sizeof(repl)); if (sudo_conv(1, &msg, &repl) == -1) - return 0; - return (int)strlen(buf); + debug_return_int(0); + debug_return_int(strlen(buf)); } /* @@ -230,6 +234,7 @@ display_privs(struct sudo_nss_list *snl, struct passwd struct sudo_nss *nss; struct lbuf defs, privs; int count, olen; + debug_decl(display_privs, SUDO_DEBUG_NSS) lbuf_init(&defs, output, 4, NULL, sudo_user.cols); lbuf_init(&privs, output, 4, NULL, sudo_user.cols); @@ -277,21 +282,24 @@ display_privs(struct sudo_nss_list *snl, struct passwd lbuf_destroy(&defs); lbuf_destroy(&privs); + + debug_return; } /* * Check user_cmnd against sudoers and print the matching entry if the * command is allowed. - * Returns TRUE if the command is allowed, else FALSE. + * Returns true if the command is allowed, else false. */ -int +bool display_cmnd(struct sudo_nss_list *snl, struct passwd *pw) { struct sudo_nss *nss; + debug_decl(display_cmnd, SUDO_DEBUG_NSS) tq_foreach_fwd(snl, nss) { if (nss->display_cmnd(nss, pw) == 0) - return TRUE; + debug_return_bool(true); } - return FALSE; + debug_return_bool(false); }