diff options
Diffstat (limited to 'plugins/python')
| -rw-r--r-- | plugins/python/Makefile.in | 13 | ||||
| -rw-r--r-- | plugins/python/pyhelpers.c | 9 | ||||
| -rw-r--r-- | plugins/python/pyhelpers.h | 2 | ||||
| -rw-r--r-- | plugins/python/python_convmessage.c | 4 | ||||
| -rw-r--r-- | plugins/python/python_importblocker.c | 44 | ||||
| -rw-r--r-- | plugins/python/python_plugin_approval.c | 5 | ||||
| -rw-r--r-- | plugins/python/python_plugin_approval_multi.inc | 8 | ||||
| -rw-r--r-- | plugins/python/python_plugin_audit.c | 11 | ||||
| -rw-r--r-- | plugins/python/python_plugin_audit_multi.inc | 8 | ||||
| -rw-r--r-- | plugins/python/python_plugin_common.c | 8 | ||||
| -rw-r--r-- | plugins/python/python_plugin_group.c | 6 | ||||
| -rw-r--r-- | plugins/python/python_plugin_io.c | 23 | ||||
| -rw-r--r-- | plugins/python/python_plugin_io_multi.inc | 20 | ||||
| -rw-r--r-- | plugins/python/python_plugin_policy.c | 6 | ||||
| -rw-r--r-- | plugins/python/regress/check_python_examples.c | 101 | ||||
| -rw-r--r-- | plugins/python/regress/iohelpers.h | 10 | ||||
| -rw-r--r-- | plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout | 4 | ||||
| -rw-r--r-- | plugins/python/sudo_python_module.c | 14 |
18 files changed, 152 insertions, 144 deletions
diff --git a/plugins/python/Makefile.in b/plugins/python/Makefile.in index a4b71e57a..1510d22e7 100644 --- a/plugins/python/Makefile.in +++ b/plugins/python/Makefile.in @@ -36,6 +36,7 @@ cross_compiling = @CROSS_COMPILING@ # Compiler & tools to use CC = @CC@ LIBTOOL = @LIBTOOL@ +GREP = @GREP@ SED = @SED@ AWK = @AWK@ @@ -227,7 +228,7 @@ check-fuzzer: check: $(TEST_PROGS) check-fuzzer @if test X"$(cross_compiling)" != X"yes"; then \ - if locale -a 2>&1 | grep '^C.UTF-8$$' >/dev/null 2>&1; then \ + if locale -a 2>&1 | $(GREP) '^C.UTF-8$$' >/dev/null 2>&1; then \ LC_ALL=C.UTF-8; export LC_ALL; \ else \ LC_ALL=C; export LC_ALL; \ @@ -276,11 +277,13 @@ check_python_examples.i: $(srcdir)/regress/check_python_examples.c \ $(CC) -E -o $@ $(CPPFLAGS) $< check_python_examples.plog: check_python_examples.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/check_python_examples.c --i-file $< --output-file $@ -iohelpers.o: $(srcdir)/regress/iohelpers.c $(incdir)/sudo_compat.h \ - $(srcdir)/regress/iohelpers.h $(top_builddir)/config.h +iohelpers.o: $(srcdir)/regress/iohelpers.c $(incdir)/compat/stdbool.h \ + $(incdir)/sudo_compat.h $(srcdir)/regress/iohelpers.h \ + $(top_builddir)/config.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(HARDENING_CFLAGS) $(srcdir)/regress/iohelpers.c -iohelpers.i: $(srcdir)/regress/iohelpers.c $(incdir)/sudo_compat.h \ - $(srcdir)/regress/iohelpers.h $(top_builddir)/config.h +iohelpers.i: $(srcdir)/regress/iohelpers.c $(incdir)/compat/stdbool.h \ + $(incdir)/sudo_compat.h $(srcdir)/regress/iohelpers.h \ + $(top_builddir)/config.h $(CC) -E -o $@ $(CPPFLAGS) $< iohelpers.plog: iohelpers.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/iohelpers.c --i-file $< --output-file $@ diff --git a/plugins/python/pyhelpers.c b/plugins/python/pyhelpers.c index 2670752d8..882b31a6b 100644 --- a/plugins/python/pyhelpers.c +++ b/plugins/python/pyhelpers.c @@ -67,13 +67,6 @@ struct PythonContext py_ctx = { }; -int -py_is_sudo_log_available(void) -{ - debug_decl(py_is_sudo_log_available, PYTHON_DEBUG_INTERNAL); - debug_return_int(py_ctx.sudo_log != &_sudo_printf_default); -} - char * py_join_str_list(PyObject *py_str_list, const char *separator) { @@ -104,7 +97,7 @@ cleanup: debug_return_str(result); } -char * +static char * py_create_traceback_string(PyObject *py_traceback) { debug_decl(py_create_traceback_string, PYTHON_DEBUG_INTERNAL); diff --git a/plugins/python/pyhelpers.h b/plugins/python/pyhelpers.h index 524b14e3b..5448e1d48 100644 --- a/plugins/python/pyhelpers.h +++ b/plugins/python/pyhelpers.h @@ -22,7 +22,7 @@ #define PY_SSIZE_T_CLEAN #include <Python.h> -#include "config.h" +#include <config.h> #include "sudo_compat.h" #include "sudo_plugin.h" diff --git a/plugins/python/python_convmessage.c b/plugins/python/python_convmessage.c index 14283dcd7..7b2aa6d0e 100644 --- a/plugins/python/python_convmessage.c +++ b/plugins/python/python_convmessage.c @@ -36,8 +36,8 @@ _sudo_ConvMessage__Init(PyObject *py_self, PyObject *py_args, PyObject *py_kwarg struct sudo_conv_message conv_message = { 0, 0, NULL }; - static char *keywords[] = { "self", "msg_type", "msg", "timeout", NULL }; - if (!PyArg_ParseTupleAndKeywords(py_args ? py_args : py_empty, py_kwargs, "Ois|i:sudo.ConvMessage", keywords, + static const char *keywords[] = { "self", "msg_type", "msg", "timeout", NULL }; + if (!PyArg_ParseTupleAndKeywords(py_args ? py_args : py_empty, py_kwargs, "Ois|i:sudo.ConvMessage", (char **)keywords, &py_self, &(conv_message.msg_type), &(conv_message.msg), &(conv_message.timeout))) goto cleanup; diff --git a/plugins/python/python_importblocker.c b/plugins/python/python_importblocker.c index 2bce36c0b..109a816a4 100644 --- a/plugins/python/python_importblocker.c +++ b/plugins/python/python_importblocker.c @@ -78,17 +78,18 @@ cleanup: } static PyObject * -_sudo_ImportBlocker__find_module(PyObject *py_self, PyObject *py_args) +_sudo_ImportBlocker__find_spec(PyObject *py_self, PyObject *py_args) { - debug_decl(_sudo_ImportBlocker__find_module, PYTHON_DEBUG_C_CALLS); + debug_decl(_sudo_ImportBlocker__find_spec, PYTHON_DEBUG_C_CALLS); - PyObject *py_fullname = NULL, *py_path = NULL, *py_meta_path = NULL, - *py_meta_path_iterator = NULL, *py_finder = NULL, - *py_importer = NULL, *py_import_path = NULL; + PyObject *py_fullname = NULL, *py_path = NULL, *py_target = NULL, + *py_meta_path = NULL, *py_meta_path_iterator = NULL, + *py_finder = NULL, *py_spec = NULL, *py_loader = NULL, + *py_import_path = NULL; - py_debug_python_call("ImportBlocker", "find_module", py_args, NULL, PYTHON_DEBUG_C_CALLS); + py_debug_python_call("ImportBlocker", "find_spec", py_args, NULL, PYTHON_DEBUG_C_CALLS); - if (!PyArg_UnpackTuple(py_args, "sudo.ImportBlocker.find_module", 2, 3, &py_self, &py_fullname, &py_path)) + if (!PyArg_UnpackTuple(py_args, "sudo.ImportBlocker.find_spec", 2, 4, &py_self, &py_fullname, &py_path, &py_target)) goto cleanup; py_meta_path = PyObject_GetAttrString(py_self, "meta_path"); @@ -100,16 +101,18 @@ _sudo_ImportBlocker__find_module(PyObject *py_self, PyObject *py_args) goto cleanup; while ((py_finder = PyIter_Next(py_meta_path_iterator)) != NULL) { - py_importer = PyObject_CallMethod(py_finder, "find_module", "(OO)", - py_fullname, py_path); - if (py_importer == NULL) { + py_spec = PyObject_CallMethod(py_finder, "find_spec", "(OO)", + py_fullname, py_path, py_target); + if (py_spec == NULL) { goto cleanup; } - if (py_importer != Py_None) { // the import could be resolved - if (PyObject_HasAttrString(py_importer, "get_filename")) { + if (py_spec != Py_None && PyObject_HasAttrString(py_spec, "loader")) { + // the finder could be resolved and contains a loader + py_loader = PyObject_GetAttrString(py_spec, "loader"); + if (py_loader != NULL && PyObject_HasAttrString(py_loader, "get_filename")) { // there is a file associated with the import (.py, .so, etc) - py_import_path = PyObject_CallMethod(py_importer, "get_filename", ""); + py_import_path = PyObject_CallMethod(py_loader, "get_filename", ""); const char *import_path = PyUnicode_AsUTF8(py_import_path); sudo_debug_printf(SUDO_DEBUG_DIAG, "ImportBlocker: verifying permissions " @@ -127,32 +130,33 @@ _sudo_ImportBlocker__find_module(PyObject *py_self, PyObject *py_args) goto cleanup; } - Py_CLEAR(py_importer); + Py_CLEAR(py_spec); Py_CLEAR(py_finder); } - Py_CLEAR(py_importer); - py_importer = Py_None; - Py_INCREF(py_importer); + Py_CLEAR(py_spec); + py_spec = Py_None; + Py_INCREF(py_spec); cleanup: Py_CLEAR(py_meta_path_iterator); Py_CLEAR(py_meta_path); Py_CLEAR(py_finder); Py_CLEAR(py_import_path); + Py_CLEAR(py_loader); if (PyErr_Occurred()) { - Py_CLEAR(py_importer); + Py_CLEAR(py_spec); debug_return_ptr(NULL); } - debug_return_ptr(py_importer); + debug_return_ptr(py_spec); } static PyMethodDef _sudo_ImportBlocker_class_methods[] = { {"__init__", _sudo_ImportBlocker__Init, METH_VARARGS, ""}, - {"find_module", _sudo_ImportBlocker__find_module, METH_VARARGS, ""}, + {"find_spec", _sudo_ImportBlocker__find_spec, METH_VARARGS, ""}, {NULL, NULL, 0, NULL} }; diff --git a/plugins/python/python_plugin_approval.c b/plugins/python/python_plugin_approval.c index 31c479f19..b9c746ed4 100644 --- a/plugins/python/python_plugin_approval.c +++ b/plugins/python/python_plugin_approval.c @@ -38,6 +38,7 @@ struct ApprovalPluginContext // This also verifies compile time that the name matches the sudo plugin API. #define CALLBACK_PYNAME(func_name) ((void)CALLBACK_PLUGINFUNC(func_name), #func_name) +sudo_dso_public struct approval_plugin *python_approval_clone(void); static int python_plugin_approval_open(struct ApprovalPluginContext *approval_ctx, @@ -133,7 +134,7 @@ python_plugin_approval_check(struct ApprovalPluginContext *approval_ctx, debug_return_int(rc); } -int +static int python_plugin_approval_show_version(struct ApprovalPluginContext *approval_ctx, int verbose) { debug_decl(python_plugin_approval_show_version, PYTHON_DEBUG_CALLBACKS); @@ -175,7 +176,7 @@ static struct approval_plugin *extra_approval_plugins[] = { &python_approval7 }; -sudo_dso_public struct approval_plugin * +struct approval_plugin * python_approval_clone(void) { static size_t counter = 0; diff --git a/plugins/python/python_plugin_approval_multi.inc b/plugins/python/python_plugin_approval_multi.inc index 941c14d32..d5b15ffe6 100644 --- a/plugins/python/python_plugin_approval_multi.inc +++ b/plugins/python/python_plugin_approval_multi.inc @@ -11,7 +11,7 @@ extern struct approval_plugin APPROVAL_SYMBOL_NAME(python_approval); static struct ApprovalPluginContext PLUGIN_CTX = { { NULL }, &APPROVAL_SYMBOL_NAME(python_approval) }; -int +static int CALLBACK_CFUNC(open)(unsigned int version, sudo_conv_t conversation, sudo_printf_t sudo_printf, char * const settings[], char * const user_info[], int submit_optind, @@ -23,13 +23,13 @@ CALLBACK_CFUNC(open)(unsigned int version, sudo_conv_t conversation, submit_envp, plugin_options, errstr); } -void +static void CALLBACK_CFUNC(close)(void) { python_plugin_approval_close(&PLUGIN_CTX); } -int +static int CALLBACK_CFUNC(check)(char * const command_info[], char * const run_argv[], char * const run_envp[], const char **errstr) { @@ -37,7 +37,7 @@ CALLBACK_CFUNC(check)(char * const command_info[], char * const run_argv[], run_envp, errstr); } -int +static int CALLBACK_CFUNC(show_version)(int verbose) { return python_plugin_approval_show_version(&PLUGIN_CTX, verbose); diff --git a/plugins/python/python_plugin_audit.c b/plugins/python/python_plugin_audit.c index ac4093482..e2036ed6e 100644 --- a/plugins/python/python_plugin_audit.c +++ b/plugins/python/python_plugin_audit.c @@ -44,6 +44,7 @@ struct AuditPluginContext (void **)&CALLBACK_PLUGINFUNC(function_name)); \ } while(0) +sudo_dso_public struct audit_plugin *python_audit_clone(void); static int _call_plugin_open(struct AuditPluginContext *audit_ctx, int submit_optind, char * const submit_argv[]) @@ -126,7 +127,7 @@ python_plugin_audit_close(struct AuditPluginContext *audit_ctx, int status_type, debug_return; } -int +static int python_plugin_audit_accept(struct AuditPluginContext *audit_ctx, const char *plugin_name, unsigned int plugin_type, char * const command_info[], char * const run_argv[], @@ -164,7 +165,7 @@ cleanup: debug_return_int(rc); } -int +static int python_plugin_audit_reject(struct AuditPluginContext *audit_ctx, const char *plugin_name, unsigned int plugin_type, const char *audit_msg, char * const command_info[], const char **errstr) @@ -194,7 +195,7 @@ cleanup: debug_return_int(rc); } -int +static int python_plugin_audit_error(struct AuditPluginContext *audit_ctx, const char *plugin_name, unsigned int plugin_type, const char *audit_msg, char * const command_info[], const char **errstr) @@ -221,7 +222,7 @@ cleanup: debug_return_int(rc); } -int +static int python_plugin_audit_show_version(struct AuditPluginContext *audit_ctx, int verbose) { debug_decl(python_plugin_audit_show_version, PYTHON_DEBUG_CALLBACKS); @@ -263,7 +264,7 @@ static struct audit_plugin *extra_audit_plugins[] = { &python_audit7 }; -sudo_dso_public struct audit_plugin * +struct audit_plugin * python_audit_clone(void) { static size_t counter = 0; diff --git a/plugins/python/python_plugin_audit_multi.inc b/plugins/python/python_plugin_audit_multi.inc index 3dc8c1768..015b4d145 100644 --- a/plugins/python/python_plugin_audit_multi.inc +++ b/plugins/python/python_plugin_audit_multi.inc @@ -29,7 +29,7 @@ CALLBACK_CFUNC(close)(int status_type, int status) python_plugin_audit_close(&PLUGIN_CTX, status_type, status); } -int +static int CALLBACK_CFUNC(accept)(const char *plugin_name, unsigned int plugin_type, char * const command_info[], char * const run_argv[], char * const run_envp[], const char **errstr) @@ -38,7 +38,7 @@ CALLBACK_CFUNC(accept)(const char *plugin_name, unsigned int plugin_type, command_info, run_argv, run_envp, errstr); } -int +static int CALLBACK_CFUNC(reject)(const char *plugin_name, unsigned int plugin_type, const char *audit_msg, char * const command_info[], const char **errstr) { @@ -46,7 +46,7 @@ CALLBACK_CFUNC(reject)(const char *plugin_name, unsigned int plugin_type, audit_msg, command_info, errstr); } -int +static int CALLBACK_CFUNC(error)(const char *plugin_name, unsigned int plugin_type, const char *audit_msg, char * const command_info[], const char **errstr) { @@ -54,7 +54,7 @@ CALLBACK_CFUNC(error)(const char *plugin_name, unsigned int plugin_type, audit_msg, command_info, errstr); } -int +static int CALLBACK_CFUNC(show_version)(int verbose) { return python_plugin_audit_show_version(&PLUGIN_CTX, verbose); diff --git a/plugins/python/python_plugin_common.c b/plugins/python/python_plugin_common.c index c337dd730..a583a5e58 100644 --- a/plugins/python/python_plugin_common.c +++ b/plugins/python/python_plugin_common.c @@ -42,7 +42,7 @@ static size_t python_inittab_copy_len = 0; # define Py_FinalizeEx() (Py_Finalize(), 0) #endif -const char * +static const char * _lookup_value(char * const keyvalues[], const char *key) { debug_decl(_lookup_value, PYTHON_DEBUG_INTERNAL); @@ -101,7 +101,7 @@ _import_module(const char *path) if (strlcpy(path_copy, path, sizeof(path_copy)) >= sizeof(path_copy)) debug_return_ptr(NULL); - char *module_dir = path_copy; + const char *module_dir = path_copy; char *module_name = strrchr(path_copy, '/'); if (module_name == NULL) { module_name = path_copy; @@ -190,7 +190,7 @@ _restore_inittab(void) debug_return; } -void +static void python_plugin_handle_plugin_error_exception(PyObject **py_result, struct PluginContext *plugin_ctx) { debug_decl(python_plugin_handle_plugin_error_exception, PYTHON_DEBUG_INTERNAL); @@ -396,7 +396,7 @@ _python_plugin_register_plugin_in_py_ctx(void) debug_return_int(SUDO_RC_OK); } -int +static int _python_plugin_set_path(struct PluginContext *plugin_ctx, const char *path) { if (path == NULL) { diff --git a/plugins/python/python_plugin_group.c b/plugins/python/python_plugin_group.c index d0ea3c113..b1514c7e5 100644 --- a/plugins/python/python_plugin_group.c +++ b/plugins/python/python_plugin_group.c @@ -36,7 +36,7 @@ extern struct sudoers_group_plugin group_plugin; #define CALLBACK_PYNAME(func_name) ((void)CALLBACK_PLUGINFUNC(func_name), #func_name) -int +static int python_plugin_group_init(int version, sudo_printf_t sudo_printf, char *const plugin_options[]) { debug_decl(python_plugin_group_init, PYTHON_DEBUG_CALLBACKS); @@ -79,7 +79,7 @@ python_plugin_group_init(int version, sudo_printf_t sudo_printf, char *const plu debug_return_int(rc); } -void +static void python_plugin_group_cleanup(void) { debug_decl(python_plugin_group_cleanup, PYTHON_DEBUG_CALLBACKS); @@ -87,7 +87,7 @@ python_plugin_group_cleanup(void) python_plugin_deinit(&plugin_ctx); } -int +static int python_plugin_group_query(const char *user, const char *group, const struct passwd *pwd) { debug_decl(python_plugin_group_query, PYTHON_DEBUG_CALLBACKS); diff --git a/plugins/python/python_plugin_io.c b/plugins/python/python_plugin_io.c index b12480846..46289c361 100644 --- a/plugins/python/python_plugin_io.c +++ b/plugins/python/python_plugin_io.c @@ -44,6 +44,7 @@ struct IOPluginContext (void **)&CALLBACK_PLUGINFUNC(function_name)); \ } while(0) +sudo_dso_public struct io_plugin *python_io_clone(void); static int _call_plugin_open(struct IOPluginContext *io_ctx, int argc, char * const argv[], char * const command_info[]) @@ -75,7 +76,7 @@ _call_plugin_open(struct IOPluginContext *io_ctx, int argc, char * const argv[], debug_return_int(rc); } -int +static int python_plugin_io_open(struct IOPluginContext *io_ctx, unsigned int version, sudo_conv_t conversation, sudo_printf_t sudo_printf, char * const settings[], @@ -125,7 +126,7 @@ python_plugin_io_open(struct IOPluginContext *io_ctx, debug_return_int(rc); } -void +static void python_plugin_io_close(struct IOPluginContext *io_ctx, int exit_status, int error) { debug_decl(python_plugin_io_close, PYTHON_DEBUG_CALLBACKS); @@ -134,7 +135,7 @@ python_plugin_io_close(struct IOPluginContext *io_ctx, int exit_status, int erro debug_return; } -int +static int python_plugin_io_show_version(struct IOPluginContext *io_ctx, int verbose) { debug_decl(python_plugin_io_show_version, PYTHON_DEBUG_CALLBACKS); @@ -145,7 +146,7 @@ python_plugin_io_show_version(struct IOPluginContext *io_ctx, int verbose) verbose, PY_IO_PLUGIN_VERSION, "io")); } -int +static int python_plugin_io_log_ttyin(struct IOPluginContext *io_ctx, const char *buf, unsigned int len, const char **errstr) { debug_decl(python_plugin_io_log_ttyin, PYTHON_DEBUG_CALLBACKS); @@ -157,7 +158,7 @@ python_plugin_io_log_ttyin(struct IOPluginContext *io_ctx, const char *buf, unsi debug_return_int(rc); } -int +static int python_plugin_io_log_ttyout(struct IOPluginContext *io_ctx, const char *buf, unsigned int len, const char **errstr) { debug_decl(python_plugin_io_log_ttyout, PYTHON_DEBUG_CALLBACKS); @@ -169,7 +170,7 @@ python_plugin_io_log_ttyout(struct IOPluginContext *io_ctx, const char *buf, uns debug_return_int(rc); } -int +static int python_plugin_io_log_stdin(struct IOPluginContext *io_ctx, const char *buf, unsigned int len, const char **errstr) { debug_decl(python_plugin_io_log_stdin, PYTHON_DEBUG_CALLBACKS); @@ -181,7 +182,7 @@ python_plugin_io_log_stdin(struct IOPluginContext *io_ctx, const char *buf, unsi debug_return_int(rc); } -int +static int python_plugin_io_log_stdout(struct IOPluginContext *io_ctx, const char *buf, unsigned int len, const char **errstr) { debug_decl(python_plugin_io_log_stdout, PYTHON_DEBUG_CALLBACKS); @@ -193,7 +194,7 @@ python_plugin_io_log_stdout(struct IOPluginContext *io_ctx, const char *buf, uns debug_return_int(rc); } -int +static int python_plugin_io_log_stderr(struct IOPluginContext *io_ctx, const char *buf, unsigned int len, const char **errstr) { debug_decl(python_plugin_io_log_stderr, PYTHON_DEBUG_CALLBACKS); @@ -205,7 +206,7 @@ python_plugin_io_log_stderr(struct IOPluginContext *io_ctx, const char *buf, uns debug_return_int(rc); } -int +static int python_plugin_io_change_winsize(struct IOPluginContext *io_ctx, unsigned int line, unsigned int cols, const char **errstr) { debug_decl(python_plugin_io_change_winsize, PYTHON_DEBUG_CALLBACKS); @@ -217,7 +218,7 @@ python_plugin_io_change_winsize(struct IOPluginContext *io_ctx, unsigned int lin debug_return_int(rc); } -int +static int python_plugin_io_log_suspend(struct IOPluginContext *io_ctx, int signo, const char **errstr) { debug_decl(python_plugin_io_log_suspend, PYTHON_DEBUG_CALLBACKS); @@ -258,7 +259,7 @@ static struct io_plugin *extra_io_plugins[] = { &python_io7 }; -sudo_dso_public struct io_plugin * +struct io_plugin * python_io_clone(void) { static size_t counter = 0; diff --git a/plugins/python/python_plugin_io_multi.inc b/plugins/python/python_plugin_io_multi.inc index 2ccdb5e68..d5d58d2d2 100644 --- a/plugins/python/python_plugin_io_multi.inc +++ b/plugins/python/python_plugin_io_multi.inc @@ -10,7 +10,7 @@ extern struct io_plugin IO_SYMBOL_NAME(python_io); static struct IOPluginContext PLUGIN_CTX = { { NULL }, &IO_SYMBOL_NAME(python_io) }; -int +static int CALLBACK_CFUNC(open)( unsigned int version, sudo_conv_t conversation, sudo_printf_t sudo_printf, char * const settings[], @@ -22,55 +22,55 @@ CALLBACK_CFUNC(open)( sudo_printf, settings, user_info, command_info, argc, argv, user_env, plugin_options, errstr); } -void +static void CALLBACK_CFUNC(close)(int exit_status, int error) { python_plugin_io_close(&PLUGIN_CTX, exit_status, error); } -int +static int CALLBACK_CFUNC(show_version)(int verbose) { return python_plugin_io_show_version(&PLUGIN_CTX, verbose); } -int +static int CALLBACK_CFUNC(log_ttyin)(const char *buf, unsigned int len, const char **errstr) { return python_plugin_io_log_ttyin(&PLUGIN_CTX, buf, len, errstr); } -int +static int CALLBACK_CFUNC(log_ttyout)(const char *buf, unsigned int len, const char **errstr) { return python_plugin_io_log_ttyout(&PLUGIN_CTX, buf, len, errstr); } -int +static int CALLBACK_CFUNC(log_stdin)(const char *buf, unsigned int len, const char **errstr) { return python_plugin_io_log_stdin(&PLUGIN_CTX, buf, len, errstr); } -int +static int CALLBACK_CFUNC(log_stdout)(const char *buf, unsigned int len, const char **errstr) { return python_plugin_io_log_stdout(&PLUGIN_CTX, buf, len, errstr); } -int +static int CALLBACK_CFUNC(log_stderr)(const char *buf, unsigned int len, const char **errstr) { return python_plugin_io_log_stderr(&PLUGIN_CTX, buf, len, errstr); } -int +static int CALLBACK_CFUNC(change_winsize)(unsigned int line, unsigned int cols, const char **errstr) { return python_plugin_io_change_winsize(&PLUGIN_CTX, line, cols, errstr); } -int +static int CALLBACK_CFUNC(log_suspend)(int signo, const char **errstr) { return python_plugin_io_log_suspend(&PLUGIN_CTX, signo, errstr); diff --git a/plugins/python/python_plugin_policy.c b/plugins/python/python_plugin_policy.c index ded793aa5..776c9e0a4 100644 --- a/plugins/python/python_plugin_policy.c +++ b/plugins/python/python_plugin_policy.c @@ -203,7 +203,7 @@ python_plugin_policy_version(int verbose) verbose, PY_POLICY_PLUGIN_VERSION, "policy")); } -int +static int python_plugin_policy_validate(const char **errstr) { debug_decl(python_plugin_policy_validate, PYTHON_DEBUG_CALLBACKS); @@ -213,7 +213,7 @@ python_plugin_policy_validate(const char **errstr) debug_return_int(rc); } -void +static void python_plugin_policy_invalidate(int unlinkit) { debug_decl(python_plugin_policy_invalidate, PYTHON_DEBUG_CALLBACKS); @@ -223,7 +223,7 @@ python_plugin_policy_invalidate(int unlinkit) debug_return; } -int +static int python_plugin_policy_init_session(struct passwd *pwd, char **user_env[], const char **errstr) { debug_decl(python_plugin_policy_init_session, PYTHON_DEBUG_CALLBACKS); diff --git a/plugins/python/regress/check_python_examples.c b/plugins/python/regress/check_python_examples.c index 10eefac6c..122797a5e 100644 --- a/plugins/python/regress/check_python_examples.c +++ b/plugins/python/regress/check_python_examples.c @@ -22,6 +22,7 @@ */ #include "testhelpers.h" +#include <unistd.h> #include "sudo_dso.h" @@ -49,7 +50,7 @@ static bool verbose; static int _init_symbols(void); static int _unlink_symbols(void); -void +static void create_plugin_options(const char *module_name, const char *class_name, const char *extra_option) { char opt_module_path[PATH_MAX + 256]; @@ -65,7 +66,7 @@ create_plugin_options(const char *module_name, const char *class_name, const cha opt_classname, extra_option, NULL); } -void +static void create_io_plugin_options(const char *log_path) { char opt_logpath[PATH_MAX + 16]; @@ -73,19 +74,19 @@ create_io_plugin_options(const char *log_path) create_plugin_options("example_io_plugin", "SudoIOPlugin", opt_logpath); } -void +static void create_debugging_plugin_options(void) { create_plugin_options("example_debugging", "DebugDemoPlugin", NULL); } -void +static void create_audit_plugin_options(const char *extra_argument) { create_plugin_options("example_audit_plugin", "SudoAuditPlugin", extra_argument); } -void +static void create_conversation_plugin_options(void) { char opt_logpath[PATH_MAX + 16]; @@ -93,24 +94,24 @@ create_conversation_plugin_options(void) create_plugin_options("example_conversation", "ReasonLoggerIOPlugin", opt_logpath); } -void +static void create_policy_plugin_options(void) { create_plugin_options("example_policy_plugin", "SudoPolicyPlugin", NULL); } -int +static int init(void) { // always start each test from clean state memset(&data, 0, sizeof(data)); memset(&example_pwd, 0, sizeof(example_pwd)); - example_pwd.pw_name = "pw_name"; - example_pwd.pw_passwd = "pw_passwd"; - example_pwd.pw_gecos = "pw_gecos"; - example_pwd.pw_shell ="pw_shell"; - example_pwd.pw_dir = "pw_dir"; + example_pwd.pw_name = (char *)"pw_name"; + example_pwd.pw_passwd = (char *)"pw_passwd"; + example_pwd.pw_gecos = (char *)"pw_gecos"; + example_pwd.pw_shell = (char *)"pw_shell"; + example_pwd.pw_dir = (char *)"pw_dir"; example_pwd.pw_uid = (uid_t)1001; example_pwd.pw_gid = (gid_t)101; @@ -134,7 +135,7 @@ init(void) return true; } -int +static int cleanup(int success) { if (!success) { @@ -160,7 +161,7 @@ cleanup(int success) return true; } -int +static int check_example_io_plugin_version_display(int is_verbose) { const char *errstr = NULL; @@ -188,7 +189,7 @@ check_example_io_plugin_version_display(int is_verbose) return true; } -int +static int check_example_io_plugin_command_log(void) { const char *errstr = NULL; @@ -233,7 +234,7 @@ check_example_io_plugin_command_log(void) typedef struct io_plugin * (io_clone_func)(void); -int +static int check_example_io_plugin_command_log_multiple(void) { const char *errstr = NULL; @@ -330,7 +331,7 @@ check_example_io_plugin_command_log_multiple(void) return true; } -int +static int check_example_io_plugin_failed_to_start_command(void) { const char *errstr = NULL; @@ -358,7 +359,7 @@ check_example_io_plugin_failed_to_start_command(void) return true; } -int +static int check_example_io_plugin_fails_with_python_backtrace(void) { const char *errstr = NULL; @@ -377,7 +378,7 @@ check_example_io_plugin_fails_with_python_backtrace(void) return true; } -int +static int check_io_plugin_reports_error(void) { const char *errstr = NULL; @@ -445,7 +446,7 @@ check_io_plugin_reports_error(void) return true; } -int +static int check_example_group_plugin(void) { create_plugin_options("example_group_plugin", "SudoGroupPlugin", NULL); @@ -463,7 +464,7 @@ check_example_group_plugin(void) return true; } -const char * +static const char * create_debug_config(const char *debug_spec) { char *result = NULL; @@ -493,7 +494,7 @@ cleanup: return result; } -int +static int check_example_group_plugin_is_able_to_debug(void) { const char *config_path = create_debug_config("py_calls@diag"); @@ -516,7 +517,7 @@ check_example_group_plugin_is_able_to_debug(void) return true; } -int +static int check_plugin_unload(void) { // You can call this test to avoid having a lot of subinterpreters @@ -528,7 +529,7 @@ check_plugin_unload(void) return true; } -int +static int check_example_debugging(const char *debug_spec) { const char *errstr = NULL; @@ -559,7 +560,7 @@ check_example_debugging(const char *debug_spec) return true; } -int +static int check_loading_fails(const char *name) { const char *errstr = NULL; @@ -576,7 +577,7 @@ check_loading_fails(const char *name) return true; } -int +static int check_loading_fails_with_missing_path(void) { str_array_free(&data.plugin_options); @@ -584,7 +585,7 @@ check_loading_fails_with_missing_path(void) return check_loading_fails("missing_path"); } -int +static int check_loading_succeeds_with_missing_classname(void) { str_array_free(&data.plugin_options); @@ -605,7 +606,7 @@ check_loading_succeeds_with_missing_classname(void) return true; } -int +static int check_loading_fails_with_missing_classname(void) { str_array_free(&data.plugin_options); @@ -613,14 +614,14 @@ check_loading_fails_with_missing_classname(void) return check_loading_fails("missing_classname"); } -int +static int check_loading_fails_with_wrong_classname(void) { create_plugin_options("example_debugging", "MispelledPluginName", NULL); return check_loading_fails("wrong_classname"); } -int +static int check_loading_fails_with_wrong_path(void) { str_array_free(&data.plugin_options); @@ -628,7 +629,7 @@ check_loading_fails_with_wrong_path(void) return check_loading_fails("wrong_path"); } -int +static int check_loading_fails_plugin_is_not_owned_by_root(void) { sudo_conf_clear_paths(); @@ -638,7 +639,7 @@ check_loading_fails_plugin_is_not_owned_by_root(void) return check_loading_fails("not_owned_by_root"); } -int +static int check_example_conversation_plugin_reason_log(int simulate_suspend, const char *description) { const char *errstr = NULL; @@ -667,7 +668,7 @@ check_example_conversation_plugin_reason_log(int simulate_suspend, const char *d return true; } -int +static int check_example_conversation_plugin_user_interrupts(void) { const char *errstr = NULL; @@ -692,7 +693,7 @@ check_example_conversation_plugin_user_interrupts(void) return true; } -int +static int check_example_policy_plugin_version_display(int is_verbose) { const char *errstr = NULL; @@ -721,7 +722,7 @@ check_example_policy_plugin_version_display(int is_verbose) return true; } -int +static int check_example_policy_plugin_accepted_execution(void) { const char *errstr = NULL; @@ -773,7 +774,7 @@ check_example_policy_plugin_accepted_execution(void) return true; } -int +static int check_example_policy_plugin_failed_execution(void) { const char *errstr = NULL; @@ -811,7 +812,7 @@ check_example_policy_plugin_failed_execution(void) return true; } -int +static int check_example_policy_plugin_denied_execution(void) { const char *errstr = NULL; @@ -846,7 +847,7 @@ check_example_policy_plugin_denied_execution(void) return true; } -int +static int check_example_policy_plugin_list(void) { const char *errstr = NULL; @@ -904,7 +905,7 @@ check_example_policy_plugin_list(void) return true; } -int +static int check_example_policy_plugin_validate_invalidate(void) { const char *errstr = NULL; @@ -935,7 +936,7 @@ check_example_policy_plugin_validate_invalidate(void) return true; } -int +static int check_policy_plugin_callbacks_are_optional(void) { const char *errstr = NULL; @@ -961,7 +962,7 @@ check_policy_plugin_callbacks_are_optional(void) return true; } -int +static int check_policy_plugin_reports_error(void) { const char *errstr = NULL; @@ -1024,7 +1025,7 @@ check_policy_plugin_reports_error(void) return true; } -int +static int check_io_plugin_callbacks_are_optional(void) { const char *errstr = NULL; @@ -1051,7 +1052,7 @@ check_io_plugin_callbacks_are_optional(void) return true; } -int +static int check_python_plugins_do_not_affect_each_other(void) { const char *errstr = NULL; @@ -1078,7 +1079,7 @@ check_python_plugins_do_not_affect_each_other(void) return true; } -int +static int check_example_audit_plugin_receives_accept(void) { create_audit_plugin_options(""); @@ -1117,7 +1118,7 @@ check_example_audit_plugin_receives_accept(void) return true; } -int +static int check_example_audit_plugin_receives_reject(void) { create_audit_plugin_options(NULL); @@ -1147,7 +1148,7 @@ check_example_audit_plugin_receives_reject(void) return true; } -int +static int check_example_audit_plugin_receives_error(void) { create_audit_plugin_options(""); @@ -1179,7 +1180,7 @@ check_example_audit_plugin_receives_error(void) typedef struct audit_plugin * (audit_clone_func)(void); -int +static int check_example_audit_plugin_workflow_multiple(void) { // verify multiple python audit plugins are available @@ -1247,7 +1248,7 @@ check_example_audit_plugin_workflow_multiple(void) return true; } -int +static int check_example_audit_plugin_version_display(void) { create_audit_plugin_options(NULL); @@ -1275,7 +1276,7 @@ check_example_audit_plugin_version_display(void) return true; } -int +static int check_audit_plugin_callbacks_are_optional(void) { const char *errstr = NULL; @@ -1300,7 +1301,7 @@ check_audit_plugin_callbacks_are_optional(void) return true; } -int +static int check_audit_plugin_reports_error(void) { const char *errstr = NULL; diff --git a/plugins/python/regress/iohelpers.h b/plugins/python/regress/iohelpers.h index b2383af76..ed21d56ca 100644 --- a/plugins/python/regress/iohelpers.h +++ b/plugins/python/regress/iohelpers.h @@ -19,17 +19,21 @@ #ifndef PYTHON_IO_HELPERS #define PYTHON_IO_HELPERS -#include "config.h" -#include "sudo_compat.h" +#include <config.h> #include <stdio.h> #include <stdlib.h> +#ifdef HAVE_STDBOOL_H +# include <stdbool.h> +#else +# include "compat/stdbool.h" +#endif /* HAVE_STDBOOL_H */ #include <string.h> #include <stdarg.h> #include <signal.h> #include <pwd.h> -#include <stdbool.h> +#include "sudo_compat.h" #define MAX_OUTPUT (2 << 16) diff --git a/plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout b/plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout index d0c1566cf..9884aa0df 100644 --- a/plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout +++ b/plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout @@ -26,7 +26,7 @@ "INFO1=VALUE1", "info2=value2" ], - "version": "1.19" + "version": "1.20" } (APPROVAL 2) Constructed: { @@ -56,7 +56,7 @@ "INFO1=VALUE1", "info2=value2" ], - "version": "1.19" + "version": "1.20" } (APPROVAL 1) Show version was called with arguments: (0,) Python approval plugin (API 1.0): ApprovalTestPlugin (loaded from 'SRC_DIR/regress/plugin_approval_test.py') diff --git a/plugins/python/sudo_python_module.c b/plugins/python/sudo_python_module.c index 897d471fc..ee94101c9 100644 --- a/plugins/python/sudo_python_module.c +++ b/plugins/python/sudo_python_module.c @@ -79,8 +79,8 @@ _parse_log_function_args(PyObject *py_args, PyObject *py_kwargs, char **args_joi if (py_empty == NULL) goto cleanup; - static char *keywords[] = { "sep", "end", NULL }; - if (py_kwargs != NULL && !PyArg_ParseTupleAndKeywords(py_empty, py_kwargs, "|zz:sudo.log", keywords, &sep, end)) + static const char *keywords[] = { "sep", "end", NULL }; + if (py_kwargs != NULL && !PyArg_ParseTupleAndKeywords(py_empty, py_kwargs, "|zz:sudo.log", (char **)keywords, &sep, end)) goto cleanup; if (sep == NULL) @@ -293,13 +293,13 @@ _call_conversation_callback(PyObject *py_callback, int signo) debug_return_int(rc); } -int +static int python_sudo_conversation_suspend_cb(int signo, struct py_conv_callback_closure *closure) { return _call_conversation_callback(closure->py_on_suspend, signo); } -int +static int python_sudo_conversation_resume_cb(int signo, struct py_conv_callback_closure *closure) { return _call_conversation_callback(closure->py_on_resume, signo); @@ -330,8 +330,8 @@ python_sudo_conversation(PyObject *Py_UNUSED(self), PyObject *py_args, PyObject if (py_empty == NULL) goto cleanup; - static char *keywords[] = { "on_suspend", "on_resume", NULL }; - if (py_kwargs != NULL && !PyArg_ParseTupleAndKeywords(py_empty, py_kwargs, "|OO:sudo.conv", keywords, + static const char *keywords[] = { "on_suspend", "on_resume", NULL }; + if (py_kwargs != NULL && !PyArg_ParseTupleAndKeywords(py_empty, py_kwargs, "|OO:sudo.conv", (char **)keywords, &callback_closure.py_on_suspend, &callback_closure.py_on_resume)) goto cleanup; @@ -467,7 +467,7 @@ cleanup: } CPYCHECKER_STEALS_REFERENCE_TO_ARG(3) -void +static void sudo_module_register_enum(PyObject *py_module, const char *enum_name, PyObject *py_constants_dict) { // pseudo code: |