opendoas

A portable version of the OpenBSD `doas` command
git clone https://pi.duncano.de/git/opendoas.git
Log | Files | Refs | README | LICENSE

commit a3ceebbcdde17d0fbfb0a334ad88cc4b4f73f533
parent 1a0ed98a5cb619824028193ecff946f209da81fb
Author: martijn <martijn>
Date:   Sun, 19 Jun 2016 19:29:43 +0000

Move the RB_ code from doas.h to env.c, and limit the environment interface to a simple prepenv function.

OK tedu@

Diffstat:
doas.c | 8+++-----
doas.h | 22++--------------------
env.c | 29++++++++++++++++++++++++++++-
3 files changed, 33 insertions(+), 26 deletions(-)

diff --git a/doas.c b/doas.c @@ -214,7 +214,7 @@ checkconfig(const char *confpath, int argc, char **argv, } int -main(int argc, char **argv, char **envp) +main(int argc, char **argv) { const char *safepath = "/bin:/sbin:/usr/bin:/usr/sbin:" "/usr/local/bin:/usr/local/sbin"; @@ -222,7 +222,6 @@ main(int argc, char **argv, char **envp) char *shargv[] = { NULL, NULL }; char *sh; const char *cmd; - struct env *env; char cmdline[LINE_MAX]; char myname[_PW_NAME_LEN + 1]; struct passwd *pw; @@ -237,6 +236,7 @@ main(int argc, char **argv, char **envp) int vflag = 0; char cwdpath[PATH_MAX]; const char *cwd; + char **envp; #ifdef HAVE_BSD_AUTH_H char *login_style = NULL; #endif @@ -419,9 +419,7 @@ main(int argc, char **argv, char **envp) syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s", myname, cmdline, pw->pw_name, cwd); - env = createenv(envp); - env = filterenv(env, rule); - envp = flattenenv(env); + envp = prepenv(rule); if (rule->cmd) { if (setenv("PATH", safepath, 1) == -1) diff --git a/doas.h b/doas.h @@ -1,20 +1,4 @@ -/* $OpenBSD: doas.h,v 1.3 2015/07/21 11:04:06 zhuk Exp $ */ - -#include <sys/tree.h> - -struct envnode { - RB_ENTRY(envnode) node; - const char *key; - const char *value; -}; - -struct env { - RB_HEAD(envtree, envnode) root; - u_int count; -}; - -RB_PROTOTYPE(envtree, envnode, node, envcmp) - +/* $OpenBSD$ */ struct rule { int action; int options; @@ -31,9 +15,7 @@ extern int parse_errors; size_t arraylen(const char **); -struct env *createenv(char **); -struct env *filterenv(struct env *, struct rule *); -char **flattenenv(struct env *); +char **prepenv(struct rule *); #define PERMIT 1 #define DENY 2 diff --git a/env.c b/env.c @@ -16,6 +16,7 @@ */ #include <sys/types.h> +#include <sys/tree.h> #include <string.h> #include <stdio.h> @@ -26,12 +27,27 @@ #include "doas.h" +struct envnode { + RB_ENTRY(envnode) node; + const char *key; + const char *value; +}; + +struct env { + RB_HEAD(envtree, envnode) root; + u_int count; +}; + int envcmp(struct envnode *a, struct envnode *b) { return strcmp(a->key, b->key); } -RB_GENERATE(envtree, envnode, node, envcmp) +RB_GENERATE_STATIC(envtree, envnode, node, envcmp) + +struct env *createenv(char **); +struct env *filterenv(struct env *, struct rule *); +char **flattenenv(struct env *); struct env * createenv(char **envp) @@ -151,3 +167,14 @@ filterenv(struct env *orig, struct rule *rule) return copy; } + +char ** +prepenv(struct rule *rule) +{ + extern char **environ; + struct env *env; + + env = createenv(environ); + env = filterenv(env, rule); + return flattenenv(env); +}