[svn-upgrade] Integrating new upstream version, shadow (4.0.3)

libmisc/Makefile.am

@@ -49,7 +49,6 @@ libmisc_la_SOURCES = \
 	setupenv.c \
 	shell.c \
 	strtoday.c \
-	suauth.c \
 	sub.c \
 	sulog.c \
 	ttytype.c \

libmisc/Makefile.in

@@ -157,7 +157,6 @@ libmisc_la_SOURCES = \
 	setupenv.c \
 	shell.c \
 	strtoday.c \
-	suauth.c \
 	sub.c \
 	sulog.c \
 	ttytype.c \
@@ -184,8 +183,8 @@ am_libmisc_la_OBJECTS = addgrps.lo age.lo basename.lo chkname.lo \
 	login_desrpc.lo login_krb.lo loginprompt.lo mail.lo motd.lo \
 	myname.lo nscd.lo obscure.lo pam_pass.lo pwd2spwd.lo \
 	pwdcheck.lo pwd_init.lo rlogin.lo salt.lo setugid.lo setup.lo \
-	setupenv.lo shell.lo strtoday.lo suauth.lo sub.lo sulog.lo \
-	ttytype.lo tz.lo ulimit.lo utmp.lo valid.lo xmalloc.lo
+	setupenv.lo shell.lo strtoday.lo sub.lo sulog.lo ttytype.lo \
+	tz.lo ulimit.lo utmp.lo valid.lo xmalloc.lo
 libmisc_la_OBJECTS = $(am_libmisc_la_OBJECTS)
 DEFAULT_INCLUDES =  -I. -I$(srcdir) -I$(top_builddir)
 CPPFLAGS = @CPPFLAGS@
@@ -211,11 +210,11 @@ depcomp = $(SHELL) $(top_srcdir)/depcomp
 @AMDEP_TRUE@	$(DEPDIR)/rlogin.Plo $(DEPDIR)/salt.Plo \
 @AMDEP_TRUE@	$(DEPDIR)/setugid.Plo $(DEPDIR)/setup.Plo \
 @AMDEP_TRUE@	$(DEPDIR)/setupenv.Plo $(DEPDIR)/shell.Plo \
-@AMDEP_TRUE@	$(DEPDIR)/strtoday.Plo $(DEPDIR)/suauth.Plo \
-@AMDEP_TRUE@	$(DEPDIR)/sub.Plo $(DEPDIR)/sulog.Plo \
-@AMDEP_TRUE@	$(DEPDIR)/ttytype.Plo $(DEPDIR)/tz.Plo \
-@AMDEP_TRUE@	$(DEPDIR)/ulimit.Plo $(DEPDIR)/utmp.Plo \
-@AMDEP_TRUE@	$(DEPDIR)/valid.Plo $(DEPDIR)/xmalloc.Plo
+@AMDEP_TRUE@	$(DEPDIR)/strtoday.Plo $(DEPDIR)/sub.Plo \
+@AMDEP_TRUE@	$(DEPDIR)/sulog.Plo $(DEPDIR)/ttytype.Plo \
+@AMDEP_TRUE@	$(DEPDIR)/tz.Plo $(DEPDIR)/ulimit.Plo \
+@AMDEP_TRUE@	$(DEPDIR)/utmp.Plo $(DEPDIR)/valid.Plo \
+@AMDEP_TRUE@	$(DEPDIR)/xmalloc.Plo
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
 LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \
@@ -317,7 +316,6 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/setupenv.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/shell.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strtoday.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/suauth.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/sub.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/sulog.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ttytype.Plo@am__quote@

libmisc/suauth.c

@@ -1,201 +0,0 @@
-#include <config.h>
-
-#ifdef SU_ACCESS
-
-#include <stdio.h>
-#include <pwd.h>
-#include <grp.h>
-#include <sys/types.h>
-#include <errno.h>
-#include "prototypes.h"
-#include "defines.h"
-
-#ifndef SUAUTHFILE
-#define SUAUTHFILE "/etc/suauth"
-#endif
-
-#define	NOACTION	0
-#define	NOPWORD		1
-#define	DENY		-1
-#define	OWNPWORD	2
-
-/* Really, I could do with a few const char's here defining all the 
- * strings output to the user or the syslog. -- chris
- */
-
-static int applies(const char *, char *);
-
-int check_su_auth(const char *, const char *);
-int isgrp(const char *, const char *);
-
-static int lines = 0;
-
-extern struct passwd pwent;
-
-int
-check_su_auth(const char *actual_id, const char *wanted_id)
-{
-	int	posn, endline;
-	const	char    field[] = ":";
-	FILE    *authfile_fd;
-	char	temp[1024];
-	char	*to_users;
-	char	*from_users;
-	char	*action;
-
-	if (!(authfile_fd = fopen(SUAUTHFILE, "r"))) {
-		/*
-		 * If the file doesn't exist - default to the standard su
-		 * behaviour (no access control).  If open fails for some
-		 * other reason - maybe someone is trying to fool us with
-		 * file descriptors limit etc., so deny access.  --marekm
-		 */
-		if (errno == ENOENT)
-			return NOACTION;
-		SYSLOG((LOG_ERR, "could not open/read config file '%s': %m\n",
-			SUAUTHFILE));
-		return DENY;
-	}
-
-	while (fgets(temp, sizeof(temp), authfile_fd) != NULL) {
-		lines++;
-
-		if (temp[endline = strlen(temp) - 1] != '\n') {
-			SYSLOG((LOG_ERR,
-				"%s, line %d: line too long or missing newline",
-				SUAUTHFILE, lines));
-			continue;
-		}
-
-		while (endline > 0 && (temp[endline-1] == ' ' 
-			|| temp[endline-1] == '\t' || temp[endline-1] == '\n'))
-			endline--;
-		temp[endline] = '\0';
-
-		posn = 0;
-		while (temp[posn] == ' ' || temp[posn] == '\t')
-			posn++;
-
-		if (temp[posn] == '\n' || temp[posn] == '#' || temp[posn] == '\0') {
-			continue;
-		}
-		if (!(to_users = strtok(temp + posn, field))
-			|| !(from_users = strtok((char *)NULL, field))
-			|| !(action = strtok((char *)NULL, field))
-			|| strtok((char *)NULL, field)) {
-			SYSLOG((LOG_ERR, "%s, line %d. Bad number of fields.\n",
-				SUAUTHFILE, lines));
-			continue;
-		}
-
-		if (!applies(wanted_id, to_users))
-			continue;
-		if (!applies(actual_id, from_users))
-			continue;
-		if (!strcmp(action, "DENY")) {
-			SYSLOG((pwent.pw_uid ? LOG_NOTICE : LOG_WARN,
-				"DENIED su from `%s' to `%s' (%s)\n",
-				actual_id, wanted_id, SUAUTHFILE));
-			fprintf(stderr, _("Access to su to that account DENIED.\n"));
-			fclose(authfile_fd);
-			return DENY;
-		} else if (!strcmp(action, "NOPASS")) {
-			SYSLOG((pwent.pw_uid ? LOG_INFO : LOG_NOTICE,
-				"NO password asked for su from `%s' to `%s' (%s)\n",
-				actual_id, wanted_id, SUAUTHFILE));
-			fprintf(stderr, _("Password authentication bypassed.\n"));
-			fclose(authfile_fd);
-			return NOPWORD;
-		} else if (!strcmp(action, "OWNPASS")) {
-			SYSLOG((pwent.pw_uid ? LOG_INFO : LOG_NOTICE,
-				"su from `%s' to `%s': asking for user's own password (%s)\n",
-				actual_id, wanted_id, SUAUTHFILE));
-			fprintf(stderr, _("Please enter your OWN password as authentication.\n"));
-			fclose(authfile_fd);
-			return OWNPWORD;
-		} else {
-			SYSLOG((LOG_ERR, "%s, line %d: unrecognised action!\n",
-				SUAUTHFILE, lines));
-		}
-	}
-	fclose(authfile_fd);
-	return NOACTION;
-}
-
-static int
-applies(const char *single, char *list)
-{
-	const	char	split[] = ", ";
-	char	*tok;
-
-	int state = 0;
-
-	for (tok = strtok(list, split); tok != NULL; tok = strtok(NULL, split)) {
-
-		if (!strcmp(tok, "ALL")) {
-			if (state != 0) {
-				SYSLOG((LOG_ERR,
-					"%s, line %d: ALL in bad place\n",
-					SUAUTHFILE, lines));
-				return 0;
-			}
-			state = 1;
-		} else if (!strcmp(tok, "EXCEPT")) {
-			if (state != 1) {
-				SYSLOG((LOG_ERR,
-					"%s, line %d: EXCEPT in bas place\n",
-					SUAUTHFILE, lines));
-				return 0;
-			}
-			state = 2;
-		} else if (!strcmp(tok, "GROUP")) {
-			if ((state != 0) && (state != 2)) {
-				SYSLOG((LOG_ERR,
-					"%s, line %d: GROUP in bad place\n",
-					SUAUTHFILE, lines));
-				return 0;
-			}
-			state = (state == 0) ? 3 : 4;
-		} else {
-			switch (state) {
-				case 0: /* No control words yet */
-					if (!strcmp(tok, single))
-						return 1;
-					break;
-				case 1: /* An all */
-        		                SYSLOG((LOG_ERR, "%s, line %d: expect another token after ALL\n",
-						SUAUTHFILE, lines));
-					return 0;
-				case 2: /* All except */
-					if (!strcmp(tok, single))
-						return 0;
-					break;
-				case 3: /* Group */
-					if (isgrp(single, tok))
-						return 1;
-					break;
-				case 4: /* All except group */
-					if (isgrp(single, tok))
-						return 0;
-					/* FALL THRU */
-			}
-		}
-	}
-	if ((state != 0) && (state != 3))
-		return 1;
-	return 0;
-}
-
-int
-isgrp(const char *name, const char *group)
-{
-	struct	group	*grp;
-
-	grp = getgrnam(group);
-
-	if (!grp || !grp->gr_mem)
-		return 0;
-
-	return is_on_list(grp->gr_mem, name);
-}
-#endif /* SU_ACCESS */

libmisc/utmp.c

@@ -41,12 +41,12 @@
 #include <stdio.h>
 
 #include "rcsid.h"
-RCSID("$Id: utmp.c,v 1.9 2001/11/06 16:18:08 kloczek Exp $")
+RCSID("$Id: utmp.c,v 1.10 2002/03/08 04:30:30 kloczek Exp $")
 
 #if HAVE_UTMPX_H
-extern	struct	utmpx	utxent;
+struct utmpx utxent;
 #endif
-extern	struct	utmp	utent;
+struct utmp utent;
 
 extern	struct	utmp	*getutent();
 extern	struct	utmp	*getutline();