opendoas

A portable version of the OpenBSD `doas` command
git clone https://pi.duncano.de/git/opendoas.git
Log | Files | Refs | README | LICENSE

commit 21c6e427af5275a1879cd027b5534e63528e1349
parent 63a642ef530e6421f2bc3648833611f2048f7638
Author: Duncaen <mail@duncano.de>
Date:   Wed,  8 Jun 2016 13:41:25 +0200

Revert "sync with upstream (setenv)"

This reverts commit 7f11114f0f07c653e0ea3d4ae093d7dcdda4a4ef.

Diffstat:
doas.c | 79+------------------------------------------------------------------------------
doas.h | 4+---
parse.y | 72+++++++++---------------------------------------------------------------
3 files changed, 11 insertions(+), 144 deletions(-)

diff --git a/doas.c b/doas.c @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.c,v 1.53 2016/06/05 00:46:34 djm Exp $ */ +/* $OpenBSD: doas.c,v 1.52 2016/04/28 04:48:56 tedu Exp $ */ /* * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org> * @@ -289,81 +289,6 @@ copyenv(const char **oldenvp, struct rule *rule) return envp; } -/* find index of 'name' in environment envp */ -static int -findenv(const char **envp, const char *name, size_t namelen) -{ - int i; - - for (i = 0 ; envp[i] != NULL; i++) { - if (strlen(envp[i]) < namelen + 1) - continue; - if (strncmp(envp[i], name, namelen) == 0 && - envp[i][namelen] == '=') - return i; - } - return -1; -} - -/* merge rule->setenvlist into environment list; frees oldenvp */ -static char ** -dosetenv(char **oldenvp, struct rule *rule) -{ - size_t n, i, nset, nold; - char **envp, *cp, *cp2; - int found; - - if (!(rule->options & SETENV)) - return oldenvp; - - nset = arraylen(rule->setenvlist); - nold = arraylen((const char**)oldenvp); - - /* insert new variables */ - n = 0; - envp = NULL; - for (i = 0; i < nset; i++) { - if ((cp = strchr(rule->setenvlist[i], '=')) == NULL) - errx(1, "invalid setenv"); /* shouldn't happen */ - if (cp[1] == '\0' || cp - rule->setenvlist[i] > INT_MAX) - continue; /* skip variables with empty values */ - if ((envp = reallocarray(envp, n + 2, sizeof(*envp))) == NULL) - errx(1, "reallocarray failed"); - if (cp[1] == '$') { - /* FOO=$BAR: lookup and copy */ - if ((cp2 = getenv(cp + 2)) == NULL) - continue; /* not found; skip */ - if (asprintf(&(envp[n++]), "%.*s=%s", - (int)(cp - rule->setenvlist[i]), - rule->setenvlist[i], cp2) == -1) - errx(1, "asprintf failed"); - continue; - } else { - /* plain setenv */ - if ((envp[n++] = strdup(rule->setenvlist[i])) == NULL) - errx(1, "strdup failed"); - } - } - /* move old variables, dropping ones already set */ - for (i = 0; i < nold; i++) { - if ((cp = strchr(oldenvp[i], '=')) == NULL) - errx(1, "invalid env"); /* shouldn't happen */ - found = findenv(rule->setenvlist, oldenvp[i], cp - oldenvp[i]); - if (found != -1) - free(oldenvp[i]); /* discard */ - else { - if ((envp = reallocarray(envp, n + 2, - sizeof(*envp))) == NULL) - errx(1, "reallocarray failed"); - envp[n++] = oldenvp[i]; /* move */ - } - } - free(oldenvp); - if (n > 0) - envp[n] = NULL; - return envp; -} - static void __dead checkconfig(const char *confpath, int argc, char **argv, uid_t uid, gid_t *groups, int ngroups, uid_t target) @@ -586,8 +511,6 @@ main(int argc, char **argv, char **envp) envp = copyenv((const char **)envp, rule); - envp = dosetenv(envp, rule); - if (rule->cmd) { if (setenv("PATH", safepath, 1) == -1) err(1, "failed to set PATH '%s'", safepath); diff --git a/doas.h b/doas.h @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.h,v 1.5 2016/06/05 00:46:34 djm Exp $ */ +/* $OpenBSD: doas.h,v 1.3 2015/07/21 11:04:06 zhuk Exp $ */ struct rule { int action; @@ -8,7 +8,6 @@ struct rule { const char *cmd; const char **cmdargs; const char **envlist; - const char **setenvlist; }; extern struct rule **rules; @@ -22,4 +21,3 @@ size_t arraylen(const char **); #define NOPASS 0x1 #define KEEPENV 0x2 -#define SETENV 0x4 diff --git a/parse.y b/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.16 2016/06/05 00:46:34 djm Exp $ */ +/* $OpenBSD: parse.y,v 1.10 2015/07/24 06:36:42 zhuk Exp $ */ /* * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org> * @@ -18,13 +18,13 @@ %{ #include <sys/types.h> #include <ctype.h> -#include <unistd.h> -#include <stdint.h> +#include <err.h> #include <stdarg.h> #include <stdio.h> +#include <stdint.h> #include <stdlib.h> #include <string.h> -#include <err.h> +#include <unistd.h> #include "openbsd.h" @@ -38,7 +38,6 @@ typedef struct { const char *cmd; const char **cmdargs; const char **envlist; - const char **setenvlist; }; const char *str; }; @@ -60,7 +59,7 @@ int yyparse(void); %} %token TPERMIT TDENY TAS TCMD TARGS -%token TNOPASS TKEEPENV TSETENV +%token TNOPASS TKEEPENV %token TSTRING %% @@ -79,7 +78,6 @@ rule: action ident target cmd { r->action = $1.action; r->options = $1.options; r->envlist = $1.envlist; - r->setenvlist = $1.setenvlist; r->ident = $2.str; r->target = $3.str; r->cmd = $4.cmd; @@ -100,7 +98,6 @@ action: TPERMIT options { $$.action = PERMIT; $$.options = $2.options; $$.envlist = $2.envlist; - $$.setenvlist = $2.setenvlist; } | TDENY { $$.action = DENY; } ; @@ -118,14 +115,6 @@ options: /* none */ { } else $$.envlist = $2.envlist; } - $$.setenvlist = $1.setenvlist; - if ($2.setenvlist) { - if ($$.setenvlist) { - yyerror("can't have two setenv sections"); - YYERROR; - } else - $$.setenvlist = $2.setenvlist; - } } ; option: TNOPASS { $$.options = NOPASS; @@ -136,16 +125,10 @@ option: TNOPASS { } | TKEEPENV '{' envlist '}' { $$.options = KEEPENV; $$.envlist = $3.envlist; - } | TSETENV '{' setenvlist '}' { - $$.options = SETENV; - $$.setenvlist = NULL; - $$.setenvlist = $3.setenvlist; } ; envlist: /* empty */ { $$.envlist = NULL; - if (!($$.envlist = calloc(1, sizeof(char *)))) - errx(1, "can't allocate envlist"); } | envlist TSTRING { int nenv = arraylen($1.envlist); if (!($$.envlist = reallocarray($1.envlist, nenv + 2, @@ -155,28 +138,6 @@ envlist: /* empty */ { $$.envlist[nenv + 1] = NULL; } -setenvlist: /* empty */ { - if (!($$.setenvlist = calloc(1, sizeof(char *)))) - errx(1, "can't allocate setenvlist"); - } | setenvlist TSTRING '=' TSTRING { - int nenv = arraylen($1.setenvlist); - char *cp = NULL; - - if (*$2.str == '\0' || strchr($2.str, '=') != NULL) { - yyerror("invalid setenv expression"); - YYERROR; - } - if (!($$.setenvlist = reallocarray($1.setenvlist, - nenv + 2, sizeof(char *)))) - errx(1, "can't allocate envlist"); - $$.setenvlist[nenv] = NULL; - if (asprintf(&cp, "%s=%s", $2.str, $4.str) <= 0 || - cp == NULL) - errx(1,"asprintf failed"); - $$.setenvlist[nenv] = cp; - $$.setenvlist[nenv + 1] = NULL; - } - ident: TSTRING { $$.str = $1.str; @@ -204,8 +165,6 @@ args: /* empty */ { argslist: /* empty */ { $$.cmdargs = NULL; - if (!($$.cmdargs = calloc(1, sizeof(char *)))) - errx(1, "can't allocate args"); } | argslist TSTRING { int nargs = arraylen($1.cmdargs); if (!($$.cmdargs = reallocarray($1.cmdargs, nargs + 2, @@ -222,7 +181,6 @@ yyerror(const char *fmt, ...) { va_list va; - fprintf(stderr, "doas: "); va_start(va, fmt); vfprintf(stderr, fmt, va); va_end(va); @@ -241,7 +199,6 @@ struct keyword { { "args", TARGS }, { "nopass", TNOPASS }, { "keepenv", TKEEPENV }, - { "setenv", TSETENV }, }; int @@ -266,18 +223,17 @@ repeat: /* FALLTHROUGH */ case '{': case '}': - case '=': return c; case '#': /* skip comments; NUL is allowed; no continuation */ while ((c = getc(yyfp)) != '\n') if (c == EOF) - goto eof; + return 0; yylval.colno = 0; yylval.lineno++; return c; case EOF: - goto eof; + return 0; } /* parsing next word */ @@ -300,8 +256,6 @@ repeat: if (escape) { nonkw = 1; escape = 0; - yylval.colno = 0; - yylval.lineno++; continue; } goto eow; @@ -319,7 +273,6 @@ repeat: case '#': case ' ': case '\t': - case '=': if (!escape && !quotes) goto eow; break; @@ -334,10 +287,8 @@ repeat: } } *p++ = c; - if (p == ebuf) { + if (p == ebuf) yyerror("too long line"); - p = buf; - } escape = 0; } @@ -352,7 +303,7 @@ eow: * the main loop. */ if (c == EOF) - goto eof; + return 0; else if (qpos == -1) /* accept, e.g., empty args: cmd foo args "" */ goto repeat; } @@ -367,9 +318,4 @@ eow: err(1, "strdup"); yylval.str = str; return TSTRING; - -eof: - if (ferror(yyfp)) - yyerror("input error reading config"); - return 0; }