diff options
author | Todd C. Miller <Todd.Miller@courtesan.com> | 2004-01-29 22:33:58 +0000 |
---|---|---|
committer | Todd C. Miller <Todd.Miller@courtesan.com> | 2004-01-29 22:33:58 +0000 |
commit | 8c84293f0fb5fe914f8d6c97dd8aa59851976b5c (patch) | |
tree | 9da56ccfcf08b38f0fc30d1180ad6846ae5f0ccf | |
parent | cac315e5b55e44bed169fb057ac9b3646676b322 (diff) | |
download | sudo-8c84293f0fb5fe914f8d6c97dd8aa59851976b5c.tar.gz |
Use the SET, CLR and ISSET macros.
-rw-r--r-- | auth/pam.c | 2 | ||||
-rw-r--r-- | auth/sudo_auth.c | 6 | ||||
-rw-r--r-- | interfaces.c | 11 | ||||
-rw-r--r-- | logging.c | 24 | ||||
-rw-r--r-- | parse.c | 8 | ||||
-rw-r--r-- | set_perms.c | 2 | ||||
-rw-r--r-- | sigaction.c | 6 | ||||
-rw-r--r-- | sudo.c | 62 | ||||
-rw-r--r-- | tgetpass.c | 8 |
9 files changed, 65 insertions, 64 deletions
diff --git a/auth/pam.c b/auth/pam.c index 377f04bc2..dc95a7aed 100644 --- a/auth/pam.c +++ b/auth/pam.c @@ -216,7 +216,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr) flags = tgetpass_flags; switch (pm->msg_style) { case PAM_PROMPT_ECHO_ON: - flags |= TGP_ECHO; + SET(flags, TGP_ECHO); case PAM_PROMPT_ECHO_OFF: /* Only override PAM prompt if it matches /^Password: ?/ */ if (strncmp(pm->msg, "Password:", 9) || (pm->msg[9] != '\0' diff --git a/auth/sudo_auth.c b/auth/sudo_auth.c index cb35774d8..7710fd87b 100644 --- a/auth/sudo_auth.c +++ b/auth/sudo_auth.c @@ -136,7 +136,7 @@ verify_user(pw, prompt) /* Set FLAG_ONEANDONLY if there is only one auth method. */ if (auth_switch[1].name == NULL) - auth_switch[0].flags |= FLAG_ONEANDONLY; + SET(auth_switch[0].flags, FLAG_ONEANDONLY); /* Initialize auth methods and unconfigure the method if necessary. */ for (auth = auth_switch; auth->name; auth++) { @@ -146,7 +146,7 @@ verify_user(pw, prompt) status = (auth->init)(pw, &prompt, auth); if (status == AUTH_FAILURE) - auth->flags &= ~FLAG_CONFIGURED; + CLR(auth->flags, FLAG_CONFIGURED); else if (status == AUTH_FATAL) /* XXX log */ exit(1); /* assume error msg already printed */ @@ -164,7 +164,7 @@ verify_user(pw, prompt) status = (auth->setup)(pw, &prompt, auth); if (status == AUTH_FAILURE) - auth->flags &= ~FLAG_CONFIGURED; + CLR(auth->flags, FLAG_CONFIGURED); else if (status == AUTH_FATAL) /* XXX log */ exit(1); /* assume error msg already printed */ diff --git a/interfaces.c b/interfaces.c index 8d0fb7936..bc2c7e9c9 100644 --- a/interfaces.c +++ b/interfaces.c @@ -130,8 +130,8 @@ load_interfaces() /* Allocate space for the interfaces list. */ for (ifa = ifaddrs; ifa != NULL; ifa = ifa -> ifa_next) { /* Skip interfaces marked "down" and "loopback". */ - if (ifa->ifa_addr == NULL || !(ifa->ifa_flags & IFF_UP) || - (ifa->ifa_flags & IFF_LOOPBACK)) + if (ifa->ifa_addr == NULL || !ISSET(ifa->ifa_flags, IFF_UP) || + ISSET(ifa->ifa_flags, IFF_LOOPBACK)) continue; switch(ifa->ifa_addr->sa_family) { @@ -149,8 +149,8 @@ load_interfaces() /* Store the ip addr / netmask pairs. */ for (ifa = ifaddrs, i = 0; ifa != NULL; ifa = ifa -> ifa_next) { /* Skip interfaces marked "down" and "loopback". */ - if (ifa->ifa_addr == NULL || !(ifa->ifa_flags & IFF_UP) || - (ifa->ifa_flags & IFF_LOOPBACK)) + if (ifa->ifa_addr == NULL || !ISSET(ifa->ifa_flags, IFF_UP) || + ISSET(ifa->ifa_flags, IFF_LOOPBACK)) continue; switch(ifa->ifa_addr->sa_family) { @@ -257,7 +257,8 @@ load_interfaces() ifr_tmp = *ifr; /* Skip interfaces marked "down" and "loopback". */ - if (!(ifr_tmp.ifr_flags & IFF_UP) || (ifr_tmp.ifr_flags & IFF_LOOPBACK)) + if (!ISSET(ifr_tmp.ifr_flags, IFF_UP) || + ISSET(ifr_tmp.ifr_flags, IFF_LOOPBACK)) continue; sin = (struct sockaddr_in *) &ifr->ifr_addr; @@ -298,19 +298,19 @@ log_auth(status, inform_user) char *logline; int pri; - if (status & VALIDATE_OK) + if (ISSET(status, VALIDATE_OK)) pri = def_syslog_goodpri; else pri = def_syslog_badpri; /* Set error message, if any. */ - if (status & VALIDATE_OK) + if (ISSET(status, VALIDATE_OK)) message = ""; - else if (status & FLAG_NO_USER) + else if (ISSET(status, FLAG_NO_USER)) message = "user NOT in sudoers ; "; - else if (status & FLAG_NO_HOST) + else if (ISSET(status, FLAG_NO_HOST)) message = "user NOT authorized on host ; "; - else if (status & VALIDATE_NOT_OK) + else if (ISSET(status, VALIDATE_NOT_OK)) message = "command not allowed ; "; else message = "unknown error ; "; @@ -322,14 +322,14 @@ log_auth(status, inform_user) mail_auth(status, logline); /* send mail based on status */ /* Inform the user if they failed to authenticate. */ - if (inform_user && (status & VALIDATE_NOT_OK)) { - if (status & FLAG_NO_USER) + if (inform_user && ISSET(status, VALIDATE_NOT_OK)) { + if (ISSET(status, FLAG_NO_USER)) (void) fprintf(stderr, "%s is not in the sudoers file. %s", user_name, "This incident will be reported.\n"); - else if (status & FLAG_NO_HOST) + else if (ISSET(status, FLAG_NO_HOST)) (void) fprintf(stderr, "%s is not allowed to run sudo on %s. %s", user_name, user_shost, "This incident will be reported.\n"); - else if (status & FLAG_NO_CHECK) + else if (ISSET(status, FLAG_NO_CHECK)) (void) fprintf(stderr, "Sorry, user %s may not run sudo on %s.\n", user_name, user_shost); else @@ -573,11 +573,11 @@ mail_auth(status, line) else { mail_mask = VALIDATE_ERROR; if (def_mail_no_user) - mail_mask |= FLAG_NO_USER; + SET(mail_mask, FLAG_NO_USER); if (def_mail_no_host) - mail_mask |= FLAG_NO_HOST; + SET(mail_mask, FLAG_NO_HOST); if (def_mail_no_perms) - mail_mask |= VALIDATE_NOT_OK; + SET(mail_mask, VALIDATE_NOT_OK); } if ((status & mail_mask) != 0) @@ -171,11 +171,11 @@ sudoers_lookup(pwflag) else error = VALIDATE_NOT_OK | FLAG_NOPASS; if (pwcheck) { - error |= FLAG_NO_CHECK; + SET(error, FLAG_NO_CHECK); } else { - error |= FLAG_NO_HOST; + SET(error, FLAG_NO_HOST); if (!top) - error |= FLAG_NO_USER; + SET(error, FLAG_NO_USER); } /* @@ -210,7 +210,7 @@ sudoers_lookup(pwflag) } else { while (top) { if (host_matches == TRUE) { - error &= ~FLAG_NO_HOST; + CLR(error, FLAG_NO_HOST); if (runas_matches == TRUE) { if (cmnd_matches == TRUE) { /* diff --git a/set_perms.c b/set_perms.c index 8126fedcf..590e01822 100644 --- a/set_perms.c +++ b/set_perms.c @@ -411,7 +411,7 @@ runas_setup() */ flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; if (!def_preserve_groups) - flags |= LOGIN_SETGROUP; + SET(flags, LOGIN_SETGROUP); else if (setgid(runas_pw->pw_gid)) perror("cannot set gid to runas gid"); error = setusercontext(lc, runas_pw, diff --git a/sigaction.c b/sigaction.c index 03069e6c8..4df5d7204 100644 --- a/sigaction.c +++ b/sigaction.c @@ -97,7 +97,7 @@ sigaddset(set, signo) return(-1); } - *set |= sigmask(signo); + SET(*set, sigmask(signo)); return(0); } @@ -112,7 +112,7 @@ sigdelset(set, signo) return(-1); } - *set &= ~(sigmask(signo)); + CLR(*set, sigmask(signo)); return(0); } @@ -122,7 +122,7 @@ sigismember(set, signo) int signo; { - return(*set & sigmask(signo)); + return(ISSET(*set, sigmask(signo))); } int @@ -220,9 +220,9 @@ main(argc, argv, envp) load_interfaces(); pwflag = 0; - if (sudo_mode & MODE_SHELL) + if (ISSET(sudo_mode, MODE_SHELL)) user_cmnd = "shell"; - else if (sudo_mode & MODE_EDIT) + else if (ISSET(sudo_mode, MODE_EDIT)) user_cmnd = "sudoedit"; else switch (sudo_mode) { @@ -308,7 +308,7 @@ main(argc, argv, envp) exit(0); } - if (validated & VALIDATE_ERROR) + if (ISSET(validated, VALIDATE_ERROR)) log_error(0, "parse error in %s near line %d", _PATH_SUDOERS, errorlineno); @@ -321,17 +321,17 @@ main(argc, argv, envp) } /* If given the -P option, set the "preserve_groups" flag. */ - if (sudo_mode & MODE_PRESERVE_GROUPS) + if (ISSET(sudo_mode, MODE_PRESERVE_GROUPS)) def_preserve_groups = TRUE; /* If no command line args and "set_home" is not set, error out. */ - if ((sudo_mode & MODE_IMPLIED_SHELL) && !def_shell_noargs) + if (ISSET(sudo_mode, MODE_IMPLIED_SHELL) && !def_shell_noargs) usage(1); /* May need to set $HOME to target user if we are running a command. */ - if ((sudo_mode & MODE_RUN) && (def_always_set_home || - ((sudo_mode & MODE_SHELL) && def_set_home))) - sudo_mode |= MODE_RESET_HOME; + if (ISSET(sudo_mode, MODE_RUN) && (def_always_set_home || + (ISSET(sudo_mode, MODE_SHELL) && def_set_home))) + SET(sudo_mode, MODE_RESET_HOME); /* Bail if a tty is required and we don't have one. */ if (def_requiretty) { @@ -345,8 +345,8 @@ main(argc, argv, envp) auth_pw = get_authpw(); /* Require a password if sudoers says so. */ - if (!(validated & FLAG_NOPASS)) - check_user(validated & FLAG_CHECK_USER); + if (!ISSET(validated, FLAG_NOPASS)) + check_user(ISSET(validated, FLAG_CHECK_USER)); /* If run as root with SUDO_USER set, set sudo_user.pw to that user. */ if (user_uid == 0 && prev_user != NULL && strcmp(prev_user, "root") != 0) { @@ -359,12 +359,12 @@ main(argc, argv, envp) } /* Build a new environment that avoids any nasty bits if we have a cmnd. */ - if (sudo_mode & MODE_RUN) - new_environ = rebuild_env(envp, sudo_mode, (validated & FLAG_NOEXEC)); + if (ISSET(sudo_mode, MODE_RUN)) + new_environ = rebuild_env(envp, sudo_mode, ISSET(validated, FLAG_NOEXEC)); else new_environ = envp; - if (validated & VALIDATE_OK) { + if (ISSET(validated, VALIDATE_OK)) { /* Finally tell the user if the command did not exist. */ if (cmnd_status == NOT_FOUND_DOT) { warnx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd); @@ -400,7 +400,7 @@ main(argc, argv, envp) #endif /* RLIMIT_CORE && !SUDO_DEVEL */ /* Become specified user or root if executing a command. */ - if (sudo_mode & MODE_RUN) + if (ISSET(sudo_mode, MODE_RUN)) set_perms(PERM_FULL_RUNAS); /* Close the password and group files */ @@ -410,7 +410,7 @@ main(argc, argv, envp) /* Install the real environment. */ environ = new_environ; - if (sudo_mode & MODE_LOGIN_SHELL) { + if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) { char *p; /* Convert /bin/sh -> -sh so shell knows it is a login shell */ @@ -424,7 +424,7 @@ main(argc, argv, envp) warn("unable to change directory to %s", runas_pw->pw_dir); } - if (sudo_mode & MODE_EDIT) + if (ISSET(sudo_mode, MODE_EDIT)) exit(sudo_edit(NewArgc, NewArgv)); /* Restore signal handlers before we exec. */ @@ -434,7 +434,7 @@ main(argc, argv, envp) (void) sigaction(SIGCHLD, &saved_sa_chld, NULL); #ifndef PROFILING - if ((sudo_mode & MODE_BACKGROUND) && fork() > 0) + if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0) exit(0); else EXECV(safe_cmnd, NewArgv); /* run the command */ @@ -446,10 +446,10 @@ main(argc, argv, envp) */ warn("unable to execute %s", safe_cmnd); exit(127); - } else if ((validated & FLAG_NO_USER) || (validated & FLAG_NO_HOST)) { + } else if (ISSET(validated, FLAG_NO_USER) || (validated & FLAG_NO_HOST)) { log_auth(validated, 1); exit(1); - } else if (validated & VALIDATE_NOT_OK) { + } else if (ISSET(validated, VALIDATE_NOT_OK)) { if (def_path_info) { /* * We'd like to not leak path info at all here, but that can @@ -592,9 +592,9 @@ init_vars(sudo_mode) char **dst, **src = NewArgv; NewArgv = (char **) emalloc2((++NewArgc + 1), sizeof(char *)); - if (sudo_mode & MODE_EDIT) + if (ISSET(sudo_mode, MODE_EDIT)) NewArgv[0] = "sudoedit"; - else if (sudo_mode & MODE_LOGIN_SHELL) + else if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) NewArgv[0] = runas_pw->pw_shell; else if (user_shell && *user_shell) NewArgv[0] = user_shell; @@ -612,7 +612,7 @@ init_vars(sudo_mode) /* Resolve the path and return. */ rval = FOUND; if (sudo_mode & (MODE_RUN | MODE_EDIT)) { - if (sudo_mode & MODE_RUN) { + if (ISSET(sudo_mode, MODE_RUN)) { /* XXX - default_runas may be modified during parsing of sudoers */ set_perms(PERM_RUNAS); rval = find_path(NewArgv[0], &user_cmnd, user_path); @@ -677,7 +677,7 @@ parse_args(argc, argv) rval = MODE_RUN; if (NewArgc == 0 && rval == MODE_RUN) { /* no options and no command */ - rval |= (MODE_IMPLIED_SHELL | MODE_SHELL); + SET(rval, (MODE_IMPLIED_SHELL | MODE_SHELL)); return(rval); } @@ -732,7 +732,7 @@ parse_args(argc, argv) break; #endif case 'b': - rval |= MODE_BACKGROUND; + SET(rval, MODE_BACKGROUND); break; case 'e': rval = MODE_EDIT; @@ -747,7 +747,7 @@ parse_args(argc, argv) excl = 'v'; break; case 'i': - rval |= (MODE_LOGIN_SHELL | MODE_SHELL); + SET(rval, (MODE_LOGIN_SHELL | MODE_SHELL)); def_env_reset = TRUE; if (excl && excl != 'i') usage_excl(1); @@ -790,25 +790,25 @@ parse_args(argc, argv) excl = 'h'; break; case 's': - rval |= MODE_SHELL; + SET(rval, MODE_SHELL); if (excl && excl != 's') usage_excl(1); excl = 's'; break; case 'H': - rval |= MODE_RESET_HOME; + SET(rval, MODE_RESET_HOME); break; case 'P': - rval |= MODE_PRESERVE_GROUPS; + SET(rval, MODE_PRESERVE_GROUPS); break; case 'S': - tgetpass_flags |= TGP_STDIN; + SET(tgetpass_flags, TGP_STDIN); break; case '-': NewArgc--; NewArgv++; if (rval == MODE_RUN) - rval |= (MODE_IMPLIED_SHELL | MODE_SHELL); + SET(rval, (MODE_IMPLIED_SHELL | MODE_SHELL)); return(rval); case '\0': warnx("'-' requires an argument"); @@ -849,7 +849,7 @@ check_sudoers() if (chmod(_PATH_SUDOERS, SUDOERS_MODE) == 0) { warnx("fixed mode on %s", _PATH_SUDOERS); - statbuf.st_mode |= SUDOERS_MODE; + SET(statbuf.st_mode, SUDOERS_MODE); if (statbuf.st_gid != SUDOERS_GID) { if (!chown(_PATH_SUDOERS,(uid_t) -1,SUDOERS_GID)) { warnx("set group on %s", _PATH_SUDOERS); diff --git a/tgetpass.c b/tgetpass.c index 455fda392..699a1507e 100644 --- a/tgetpass.c +++ b/tgetpass.c @@ -152,7 +152,7 @@ tgetpass(prompt, timeout, flags) restart: /* Open /dev/tty for reading/writing if possible else use stdin/stderr. */ - if ((flags & TGP_STDIN) || + if (ISSET(flags, TGP_STDIN) || (input = output = open(_PATH_TTY, O_RDWR|O_NOCTTY)) == -1) { input = STDIN_FILENO; output = STDERR_FILENO; @@ -177,8 +177,8 @@ restart: /* Turn echo off/on as specified by flags. */ if (term_getattr(input, &oterm) == 0) { (void) memcpy(&term, &oterm, sizeof(term)); - if (!(flags & TGP_ECHO)) - term.tflags &= ~(ECHO | ECHONL); + if (!ISSET(flags, TGP_ECHO)) + CLR(term.tflags, (ECHO | ECHONL)); #ifdef VSTATUS term.c_cc[VSTATUS] = _POSIX_VDISABLE; #endif @@ -194,7 +194,7 @@ restart: pass = tgetline(input, buf, sizeof(buf), timeout); save_errno = errno; - if (!(term.tflags & ECHO)) + if (!ISSET(term.tflags, ECHO)) (void) write(output, "\n", 1); /* Restore old tty settings and signals. */ |