--- embedaddon/sudo/plugins/sudoers/sudoers.h	2012/05/29 12:26:49	1.1.1.2
+++ embedaddon/sudo/plugins/sudoers/sudoers.h	2013/07/22 10:46:12	1.1.1.4
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1993-1996, 1998-2005, 2007-2011
+ * Copyright (c) 1993-1996, 1998-2005, 2007-2013
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -19,8 +19,8 @@
  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
  */
 
-#ifndef _SUDO_SUDOERS_H
-#define _SUDO_SUDOERS_H
+#ifndef _SUDOERS_SUDOERS_H
+#define _SUDOERS_SUDOERS_H
 
 #include <limits.h>
 #ifdef HAVE_STDBOOL_H
@@ -81,16 +81,32 @@ struct sudo_user {
     char *role;
     char *type;
 #endif
-    char *cwd;
+#ifdef HAVE_PRIV_SET
+    char *privs;
+    char *limitprivs;
+#endif
+    const char *cwd;
     char *iolog_file;
+    GETGROUPS_T *gids;
+    int   ngids;
     int   closefrom;
     int   lines;
     int   cols;
+    int   flags;
+    int   max_groups;
+    mode_t umask;
     uid_t uid;
     uid_t gid;
+    pid_t sid;
 };
 
 /*
+ * sudo_user flag values
+ */
+#define RUNAS_USER_SPECIFIED	0x01
+#define RUNAS_GROUP_SPECIFIED	0x02
+
+/*
  * Return values for sudoers_lookup(), also used as arguments for log_auth()
  * Note: cannot use '0' as a value here.
  */
@@ -102,6 +118,9 @@ struct sudo_user {
 #define FLAG_NO_USER		0x020
 #define FLAG_NO_HOST		0x040
 #define FLAG_NO_CHECK		0x080
+#define FLAG_NON_INTERACTIVE	0x100
+#define FLAG_BAD_PASSWORD	0x200
+#define FLAG_AUTH_ERROR		0x400
 
 /*
  * find_path()/load_cmnd() return values
@@ -155,9 +174,12 @@ struct sudo_user {
 #define user_name		(sudo_user.name)
 #define user_uid		(sudo_user.uid)
 #define user_gid		(sudo_user.gid)
+#define user_sid		(sudo_user.sid)
+#define user_umask		(sudo_user.umask)
 #define user_passwd		(sudo_user.pw->pw_passwd)
-#define user_uuid		(sudo_user.uuid)
 #define user_dir		(sudo_user.pw->pw_dir)
+#define user_gids		(sudo_user.gids)
+#define user_ngids		(sudo_user.ngids)
 #define user_group_list		(sudo_user.group_list)
 #define user_tty		(sudo_user.tty)
 #define user_ttypath		(sudo_user.ttypath)
@@ -178,12 +200,15 @@ struct sudo_user {
 #define user_role		(sudo_user.role)
 #define user_type		(sudo_user.type)
 #define user_closefrom		(sudo_user.closefrom)
+#define	runas_privs		(sudo_user.privs)
+#define	runas_limitprivs	(sudo_user.limitprivs)
 
 #ifdef __TANDEM
-# define ROOT_UID       65535
+# define ROOT_UID	65535
 #else
-# define ROOT_UID       0
+# define ROOT_UID	0
 #endif
+#define ROOT_GID	0
 
 /*
  * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
@@ -201,7 +226,7 @@ struct timeval;
 /*
  * Function prototypes
  */
-#define YY_DECL int yylex(void)
+#define YY_DECL int sudoerslex(void)
 
 /* goodpath.c */
 bool sudo_goodpath(const char *, struct stat *);
@@ -210,12 +235,19 @@ bool sudo_goodpath(const char *, struct stat *);
 int find_path(char *, char **, struct stat *, char *, int);
 
 /* check.c */
-int check_user(int, int);
-void remove_timestamp(bool);
+int check_user(int validate, int mode);
 bool user_is_exempt(void);
 
+/* prompt.c */
+char *expand_prompt(const char *old_prompt, const char *user, const char *host);
+
+/* timestamp.c */
+void remove_timestamp(bool);
+bool set_lectured(void);
+
 /* sudo_auth.c */
-int verify_user(struct passwd *pw, char *prompt);
+bool sudo_auth_needs_end_session(void);
+int verify_user(struct passwd *pw, char *prompt, int validated);
 int sudo_auth_begin_session(struct passwd *pw, char **user_env[]);
 int sudo_auth_end_session(struct passwd *pw);
 int sudo_auth_init(struct passwd *pw);
@@ -239,7 +271,7 @@ void restore_perms(void);
 int pam_prep_user(struct passwd *);
 
 /* gram.y */
-int yyparse(void);
+int sudoersparse(void);
 
 /* toke.l */
 YY_DECL;
@@ -263,28 +295,29 @@ void display_privs(struct sudo_nss_list *, struct pass
 bool display_cmnd(struct sudo_nss_list *, struct passwd *);
 
 /* pwutil.c */
-void sudo_setgrent(void);
+__dso_public struct group *sudo_getgrgid(gid_t);
+__dso_public struct group *sudo_getgrnam(const char *);
+__dso_public void sudo_gr_addref(struct group *);
+__dso_public void sudo_gr_delref(struct group *);
+bool user_in_group(struct passwd *, const char *);
+struct group *sudo_fakegrnam(const char *);
+struct group_list *sudo_get_grlist(struct passwd *pw);
+struct passwd *sudo_fakepwnam(const char *, gid_t);
+struct passwd *sudo_mkpwent(const char *user, uid_t uid, gid_t gid, const char *home, const char *shell);
+struct passwd *sudo_getpwnam(const char *);
+struct passwd *sudo_getpwuid(uid_t);
 void sudo_endgrent(void);
-void sudo_setpwent(void);
 void sudo_endpwent(void);
-void sudo_setspent(void);
 void sudo_endspent(void);
-struct group_list *get_group_list(struct passwd *pw);
-void set_group_list(const char *, GETGROUPS_T *gids, int ngids);
-struct passwd *sudo_getpwnam(const char *);
-struct passwd *sudo_fakepwnamid(const char *user, uid_t uid, gid_t gid);
-struct passwd *sudo_fakepwnam(const char *, gid_t);
-struct passwd *sudo_getpwuid(uid_t);
-struct group *sudo_getgrnam(const char *);
-struct group *sudo_fakegrnam(const char *);
-struct group *sudo_getgrgid(gid_t);
-void grlist_addref(struct group_list *);
-void grlist_delref(struct group_list *);
-void gr_addref(struct group *);
-void gr_delref(struct group *);
-void pw_addref(struct passwd *);
-void pw_delref(struct passwd *);
-bool user_in_group(struct passwd *, const char *);
+void sudo_grlist_addref(struct group_list *);
+void sudo_grlist_delref(struct group_list *);
+void sudo_pw_addref(struct passwd *);
+void sudo_pw_delref(struct passwd *);
+void sudo_set_grlist(struct passwd *pw, char * const *groups,
+    char * const *gids);
+void sudo_setgrent(void);
+void sudo_setpwent(void);
+void sudo_setspent(void);
 
 /* timestr.c */
 char *get_timestr(time_t, int);
@@ -296,7 +329,8 @@ int atobool(const char *str);
 int get_boottime(struct timeval *);
 
 /* iolog.c */
-void io_nextid(char *iolog_dir, char sessid[7]);
+int io_set_max_sessid(const char *sessid);
+void io_nextid(char *iolog_dir, char *iolog_dir_fallback, char sessid[7]);
 
 /* iolog_path.c */
 char *expand_iolog_path(const char *prefix, const char *dir, const char *file,
@@ -323,10 +357,17 @@ int sudoers_hook_unsetenv(const char *name, void *clos
 char *fmt_string(const char *, const char *);
 
 /* sudoers.c */
-void plugin_cleanup(int);
-void set_fqdn(void);
 FILE *open_sudoers(const char *, bool, bool *);
+int sudoers_policy_init(void *info, char * const envp[]);
+int sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], void *closure);
+void sudoers_cleanup(void);
 
+/* policy.c */
+int sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group);
+int sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v);
+extern const char *path_ldap_conf;
+extern const char *path_ldap_secret;
+
 /* aix.c */
 void aix_restoreauthdb(void);
 void aix_setauthdb(char *user);
@@ -347,7 +388,6 @@ extern int long_list;
 extern int sudo_mode;
 extern uid_t timestamp_uid;
 extern sudo_conv_t sudo_conv;
-extern sudo_printf_t sudo_printf;
 #endif
 
-#endif /* _SUDO_SUDOERS_H */
+#endif /* _SUDOERS_SUDOERS_H */