Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sudo-project
GitHub Repository: sudo-project/sudo
 Path: blob/main/plugins/sudoers/file.c
1532 views
1
/*

2
 * SPDX-License-Identifier: ISC

3
 *

4
 * Copyright (c) 2004-2005, 2007-2022 Todd C. Miller <[email protected]>

5
 *

6
 * Permission to use, copy, modify, and distribute this software for any

7
 * purpose with or without fee is hereby granted, provided that the above

8
 * copyright notice and this permission notice appear in all copies.

9
 *

10
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

11
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

12
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

13
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

14
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

15
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

16
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

17
 */

18


19
#include <config.h>

20


21
#include <stdio.h>

22
#include <stdlib.h>

23


24
#include <sudoers.h>

25
#include <sudo_lbuf.h>

26
#include <gram.h>

27


28
struct sudo_file_handle {

29
    FILE *fp;

30
    struct sudoers_parse_tree parse_tree;

31
};

32


33
static int

34
sudo_file_close(struct sudoers_context *ctx, struct sudo_nss *nss)

35
{

36
    debug_decl(sudo_file_close, SUDOERS_DEBUG_NSS);

37
    struct sudo_file_handle *handle = nss->handle;

38


39
    if (handle != NULL) {

40
	fclose(handle->fp);

41
	sudoersin = NULL;

42


43
	free_parse_tree(&handle->parse_tree);

44
	free(handle);

45
	nss->handle = NULL;

46
    }

47


48
    debug_return_int(0);

49
}

50


51
static int

52
sudo_file_open(struct sudoers_context *ctx, struct sudo_nss *nss)

53
{

54
    debug_decl(sudo_file_open, SUDOERS_DEBUG_NSS);

55
    struct sudo_file_handle *handle;

56
    char *outfile = NULL;

57


58
    /* Note: relies on defaults being initialized early. */

59
    if (def_ignore_local_sudoers)

60
	debug_return_int(-1);

61


62
    if (nss->handle != NULL) {

63
	sudo_debug_printf(SUDO_DEBUG_ERROR,

64
	    "%s: called with non-NULL handle %p", __func__, nss->handle);

65
	sudo_file_close(ctx, nss);

66
    }

67


68
    handle = malloc(sizeof(*handle));

69
    if (handle != NULL) {

70
	init_parser(ctx, NULL);

71
	handle->fp = open_sudoers(ctx->parser_conf.sudoers_path, &outfile,

72
	    false, NULL);

73
	if (handle->fp != NULL) {

74
	    init_parse_tree(&handle->parse_tree, NULL, NULL, ctx, nss);

75
	    if (outfile != NULL) {

76
		/* Update path to open sudoers file. */

77
		sudo_rcstr_delref(sudoers);

78
		sudoers = outfile;

79
	    }

80
	} else {

81
	    free(handle);

82
	    handle = NULL;

83
	}

84
    }

85
    nss->handle = handle;

86
    debug_return_int(nss->handle ? 0 : -1);

87
}

88


89
/*

90
 * Parse and return the specified sudoers file.

91
 */

92
static struct sudoers_parse_tree *

93
sudo_file_parse(struct sudoers_context *ctx, const struct sudo_nss *nss)

94
{

95
    debug_decl(sudo_file_close, SUDOERS_DEBUG_NSS);

96
    struct sudo_file_handle *handle = nss->handle;

97
    int error;

98


99
    if (handle == NULL || handle->fp == NULL) {

100
	sudo_debug_printf(SUDO_DEBUG_ERROR, "%s: called with NULL %s",

101
	    __func__, handle ? "file pointer" : "handle");

102
	debug_return_ptr(NULL);

103
    }

104


105
    sudoersin = handle->fp;

106
    error = sudoersparse();

107
    if (error || (parse_error && !sudoers_error_recovery())) {

108
	/* unrecoverable error */

109
	debug_return_ptr(NULL);

110
    }

111


112
    /* Move parsed sudoers policy to nss handle. */

113
    reparent_parse_tree(&handle->parse_tree);

114


115
    debug_return_ptr(&handle->parse_tree);

116
}

117


118
/*

119
 * No need for explicit sudoers queries, the parse function handled it.

120
 */

121
static int

122
sudo_file_query(struct sudoers_context *ctx, const struct sudo_nss *nss,

123
    struct passwd *pw)

124
{

125
    debug_decl(sudo_file_query, SUDOERS_DEBUG_NSS);

126
    debug_return_int(0);

127
}

128


129
/*

130
 * No need to get defaults for sudoers file, the parse function handled it.

131
 */

132
static int

133
sudo_file_getdefs(struct sudoers_context *ctx, const struct sudo_nss *nss)

134
{

135
    debug_decl(sudo_file_getdefs, SUDOERS_DEBUG_NSS);

136
    debug_return_int(0);

137
}

138


139
/* sudo_nss implementation */

140
struct sudo_nss sudo_nss_file = {

141
    { NULL, NULL },

142
    "sudoers",

143
    sudo_file_open,

144
    sudo_file_close,

145
    sudo_file_parse,

146
    sudo_file_query,

147
    sudo_file_getdefs

148
};

149


150