Fix keepenv handling. Initially reported by Ze Loff on misc@.

[opendoas.git] / doas.c

diff --git a/doas.c b/doas.c
index be48957753e0b86992341573886cdb5c58b442b9..91b3f68f357de0572eb0b2588446d6b899c684b4 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: doas.c,v 1.23 2015/07/26 19:08:17 zhuk Exp $ */
+/* $OpenBSD: doas.c,v 1.28 2015/07/27 15:38:11 espie Exp $ */
 /*
  * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
  *
@@ -36,7 +36,7 @@
 static void __dead
 usage(void)
 {
-       fprintf(stderr, "usage: doas [-s] [-C config] [-u user] command [args]\n");
+       fprintf(stderr, "usage: doas [-ns] [-C config] [-u user] command [args]\n");
        exit(1);
 }
 
@@ -256,8 +256,10 @@ copyenv(const char **oldenvp, struct rule *rule)
                        size_t j;
                        for (j = 0; j < nextras; j++) {
                                if (strcmp(extra[j], safeset[i]) == 0) {
-                                       extra[j--] = extra[nextras--];
+                                       nextras--;
+                                       extra[j] = extra[nextras];
                                        extra[nextras] = NULL;
+                                       j--;
                                }
                        }
                }
@@ -282,7 +284,7 @@ fail(void)
        exit(1);
 }
 
-static int
+static void __dead
 checkconfig(const char *confpath, int argc, char **argv,
     uid_t uid, gid_t *groups, int ngroups, uid_t target)
 {
@@ -322,8 +324,10 @@ main(int argc, char **argv, char **envp)
        int ngroups;
        int i, ch;
        int sflag = 0;
+       int nflag = 0;
 
-       while ((ch = getopt(argc, argv, "C:su:")) != -1) {
+       uid = getuid();
+       while ((ch = getopt(argc, argv, "C:nsu:")) != -1) {
                switch (ch) {
                case 'C':
                        confpath = optarg;
@@ -332,6 +336,9 @@ main(int argc, char **argv, char **envp)
                        if (parseuid(optarg, &target) != 0)
                                errx(1, "unknown user");
                        break;
+               case 'n':
+                       nflag = 1;
+                       break;
                case 's':
                        sflag = 1;
                        break;
@@ -379,9 +386,7 @@ main(int argc, char **argv, char **envp)
        parseconfig("/etc/doas.conf", 1);
 
        /* cmdline is used only for logging, no need to abort on truncate */
-       (void) strlcpy(cmdline, argv[0], sizeof(cmdline)) < sizeof(cmdline);
-       if (strlcpy(cmdline, argv[0], sizeof(cmdline)) >= sizeof(cmdline))
-               errx(1, "command line too long");
+       (void) strlcpy(cmdline, argv[0], sizeof(cmdline));
        for (i = 1; i < argc; i++) {
                if (strlcat(cmdline, " ", sizeof(cmdline)) >= sizeof(cmdline))
                        break;
@@ -398,6 +403,8 @@ main(int argc, char **argv, char **envp)
        }
 
        if (!(rule->options & NOPASS)) {
+               if (nflag)
+                       errx(1, "Authorization required");
                if (!auth_userokay(myname, NULL, NULL, NULL)) {
                        syslog(LOG_AUTHPRIV | LOG_NOTICE,
                            "failed password for %s", myname);