This patch will upgrade CU Sudo version 1.5.6 to version 1.5.6 patchlevel 6. To apply, run: cd sudo.v1.5.6 patch -p1 < cu-sudo.v1.5.6p6.patch diff -uN sudo.v1.5.6/acsite.m4 sudo.v1.5.6p6/acsite.m4 --- sudo.v1.5.6/acsite.m4 Thu Sep 10 16:32:23 1998 +++ sudo.v1.5.6p6/acsite.m4 Wed Oct 21 21:32:37 1998 @@ -174,7 +174,7 @@ dnl AC_DEFUN(SUDO_CHECK_SHADOW_GENERIC, [ if test -z "$SHADOW_TYPE" -a -d /tcb/files/auth; then - AC_CHECK_FUNC(getprpwuid, SHADOW_TYPE="SPW_SECUREWARE") + AC_CHECK_FUNC(getprpwnam, SHADOW_TYPE="SPW_SECUREWARE") fi if test -z "$SHADOW_TYPE" -a -s /etc/shadow; then AC_CHECK_FUNC(getspnam, SHADOW_TYPE="SPW_SVR4") diff -uN sudo.v1.5.6/check.c sudo.v1.5.6p6/check.c --- sudo.v1.5.6/check.c Fri Sep 11 17:20:04 1998 +++ sudo.v1.5.6p6/check.c Thu Oct 15 10:53:26 1998 @@ -36,7 +36,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: check.c,v 1.140 1998/09/11 23:19:53 millert Exp $"; +static char rcsid[] = "$Id: check.c,v 1.144 1998/09/18 05:29:26 millert Exp $"; #endif /* lint */ #include "config.h" @@ -66,6 +66,7 @@ #include "sudo.h" #include #include "insults.h" +#include "version.h" #if (SHADOW_TYPE == SPW_SECUREWARE) # ifdef __hpux # include @@ -305,6 +306,7 @@ timestamp_is_old = 2; /* bogus time value */ log_error(BAD_STAMPFILE); inform_user(BAD_STAMPFILE); + remove_timestamp(); } else { timestamp_is_old = 0; /* time value is reasonable */ } @@ -745,7 +747,7 @@ int retval; register int counter = TRIES_FOR_PASSWORD; - /* printf("PAM Authentication\n"); */ + set_perms(PERM_ROOT, 0); retval = pam_start("sudo", user_name, &conv, &pamh); if (retval != PAM_SUCCESS) { pam_end(pamh, retval); @@ -947,9 +949,9 @@ #ifdef SHORT_MESSAGE (void) fprintf(stderr, "\n%s\n%s\n\n%s\n%s\n\n", #else - (void) fprintf(stderr, "\n%s\n%s\n%s\n%s\n\n%s\n%s\n\n%s\n%s\n\n", - " CU sudo version , based on Root Group sudo version 1.1", - " sudo version 1.1, Copyright (C) 1991 The Root Group, Inc.", + (void) fprintf(stderr, "\n%s%s%s\n%s\n%s\n%s\n\n%s\n%s\n\n%s\n%s\n\n", + " CU sudo version ", version, ", based on Root Group sudo version 1.1", + " sudo version 1.1 is Copyright (C) 1991 The Root Group, Inc.", " sudo comes with ABSOLUTELY NO WARRANTY. This is free software,", " and you are welcome to redistribute it under certain conditions.", #endif diff -uN sudo.v1.5.6/configure sudo.v1.5.6p6/configure --- sudo.v1.5.6/configure Fri Sep 11 18:31:05 1998 +++ sudo.v1.5.6p6/configure Wed Oct 21 21:32:50 1998 @@ -2011,7 +2011,7 @@ fi ;; - *-*-svr4*|-*-sysv4*) + *-*-svr4*|*-*-sysv4*) LIBS="${LIBS} -lsocket -lnsl" SUDO_LIBS="${SUDO_LIBS} -lsocket -lnsl" LIB_SOCKET=1 @@ -2066,48 +2066,48 @@ if test -z "$with_C2"; then if test -z "$SHADOW_TYPE" -a -d /tcb/files/auth; then - echo $ac_n "checking for getprpwuid""... $ac_c" 1>&6 -echo "configure:2071: checking for getprpwuid" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getprpwuid'+set}'`\" = set"; then + echo $ac_n "checking for getprpwnam""... $ac_c" 1>&6 +echo "configure:2071: checking for getprpwnam" >&5 +if eval "test \"`echo '$''{'ac_cv_func_getprpwnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char getprpwuid(); +char getprpwnam(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ -#if defined (__stub_getprpwuid) || defined (__stub___getprpwuid) +#if defined (__stub_getprpwnam) || defined (__stub___getprpwnam) choke me #else -getprpwuid(); +getprpwnam(); #endif ; return 0; } EOF if { (eval echo configure:2099: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* - eval "ac_cv_func_getprpwuid=yes" + eval "ac_cv_func_getprpwnam=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - eval "ac_cv_func_getprpwuid=no" + eval "ac_cv_func_getprpwnam=no" fi rm -f conftest* fi -if eval "test \"`echo '$ac_cv_func_'getprpwuid`\" = yes"; then +if eval "test \"`echo '$ac_cv_func_'getprpwnam`\" = yes"; then echo "$ac_t""yes" 1>&6 SHADOW_TYPE="SPW_SECUREWARE" else @@ -2205,48 +2205,48 @@ esac if test "$with_C2" = "yes" -a -z "$SHADOW_TYPE"; then - echo $ac_n "checking for getprpwuid""... $ac_c" 1>&6 -echo "configure:2210: checking for getprpwuid" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getprpwuid'+set}'`\" = set"; then + echo $ac_n "checking for getprpwnam""... $ac_c" 1>&6 +echo "configure:2210: checking for getprpwnam" >&5 +if eval "test \"`echo '$''{'ac_cv_func_getprpwnam'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char getprpwuid(); +char getprpwnam(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ -#if defined (__stub_getprpwuid) || defined (__stub___getprpwuid) +#if defined (__stub_getprpwnam) || defined (__stub___getprpwnam) choke me #else -getprpwuid(); +getprpwnam(); #endif ; return 0; } EOF if { (eval echo configure:2238: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* - eval "ac_cv_func_getprpwuid=yes" + eval "ac_cv_func_getprpwnam=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - eval "ac_cv_func_getprpwuid=no" + eval "ac_cv_func_getprpwnam=no" fi rm -f conftest* fi -if eval "test \"`echo '$ac_cv_func_'getprpwuid`\" = yes"; then +if eval "test \"`echo '$ac_cv_func_'getprpwnam`\" = yes"; then echo "$ac_t""yes" 1>&6 SHADOW_TYPE="SPW_SECUREWARE" else diff -uN sudo.v1.5.6/configure.in sudo.v1.5.6p6/configure.in --- sudo.v1.5.6/configure.in Fri Sep 11 18:30:57 1998 +++ sudo.v1.5.6p6/configure.in Wed Oct 21 21:32:58 1998 @@ -675,7 +675,7 @@ AC_DEFINE_UNQUOTED(SHADOW_TYPE, $SHADOW_TYPE) fi ;; - *-*-svr4*|-*-sysv4*) + *-*-svr4*|*-*-sysv4*) LIBS="${LIBS} -lsocket -lnsl" SUDO_LIBS="${SUDO_LIBS} -lsocket -lnsl" LIB_SOCKET=1 @@ -735,7 +735,7 @@ dnl This is used when the user specified --with-C2 option. dnl if test "$with_C2" = "yes" -a -z "$SHADOW_TYPE"; then - AC_CHECK_FUNC(getprpwuid, SHADOW_TYPE="SPW_SECUREWARE", [AC_CHECK_FUNC(getspnam, SHADOW_TYPE="SPW_SVR4", [test -f /etc/master.passwd && SHADOW_TYPE="SPW_BSD"])]) + AC_CHECK_FUNC(getprpwnam, SHADOW_TYPE="SPW_SECUREWARE", [AC_CHECK_FUNC(getspnam, SHADOW_TYPE="SPW_SVR4", [test -f /etc/master.passwd && SHADOW_TYPE="SPW_BSD"])]) AC_MSG_CHECKING(for shadow password type) case "$SHADOW_TYPE" in "SPW_SVR4") Common subdirectories: sudo.v1.5.6/emul and sudo.v1.5.6p6/emul diff -uN sudo.v1.5.6/find_path.c sudo.v1.5.6p6/find_path.c --- sudo.v1.5.6/find_path.c Sun Apr 5 21:35:34 1998 +++ sudo.v1.5.6p6/find_path.c Fri Nov 13 14:46:38 1998 @@ -114,18 +114,10 @@ /* * If we were given a fully qualified or relative path * there is no need to look at PATH. - * We really want to fall back if !sudo_goodpath() but then - * the error is "not found" -- this way we get the correct error. */ if (strchr(file, '/')) { (void) strcpy(command, file); - if (sudo_goodpath(command)) { - return(command); - } else { - (void) fprintf(stderr, "%s: %s: ", Argv[0], command); - perror(""); - exit(1); - } + return(sudo_goodpath(command)); } /* diff -uN sudo.v1.5.6/getspwuid.c sudo.v1.5.6p6/getspwuid.c --- sudo.v1.5.6/getspwuid.c Sun Apr 5 21:35:34 1998 +++ sudo.v1.5.6p6/getspwuid.c Wed Oct 21 21:33:18 1998 @@ -182,7 +182,7 @@ { struct pr_passwd *spw_ent; - if ((spw_ent = getprpwuid(pw_ent->pw_uid)) && spw_ent->ufld.fd_encrypt) { + if ((spw_ent = getprpwnam(pw_ent->pw_name)) && spw_ent->ufld.fd_encrypt) { # ifdef __alpha crypt_type = spw_ent -> ufld.fd_oldcrypt; # ifdef AUTH_CRYPT_C1CRYPT diff -uN sudo.v1.5.6/tgetpass.c sudo.v1.5.6p6/tgetpass.c --- sudo.v1.5.6/tgetpass.c Tue Sep 8 18:44:02 1998 +++ sudo.v1.5.6p6/tgetpass.c Mon Oct 26 14:41:37 1998 @@ -56,6 +56,7 @@ #include #endif /* HAVE_SYS_SELECT_H */ #include +#include #include #include #ifdef HAVE_TERMIOS_H @@ -143,6 +144,7 @@ output = stderr; } else { output = input; + setbuf(output, NULL); } /* @@ -221,8 +223,10 @@ * get password or return empty string if nothing to read by timeout */ buf[0] = '\0'; - if (select(fileno(input) + 1, readfds, 0, 0, &tv) > 0 && - fgets(buf, sizeof(buf), input)) { + while ((n = select(fileno(input) + 1, readfds, 0, 0, &tv)) == -1 && + errno == EINTR) + ; + if (n != 0 && fgets(buf, sizeof(buf), input)) { n = strlen(buf); if (buf[n - 1] == '\n') buf[n - 1] = '\0'; diff -uN sudo.v1.5.6/version.h sudo.v1.5.6p6/version.h --- sudo.v1.5.6/version.h Mon Sep 14 19:59:51 1998 +++ sudo.v1.5.6p6/version.h Fri Nov 13 14:44:53 1998 @@ -23,6 +23,6 @@ #ifndef _SUDO_VERSION_H #define _SUDO_VERSION_H -static char version[] = "1.5.6"; +static char version[] = "1.5.6p6"; #endif /* _SUDO_VERSION_H */