timestamp: simplify

[opendoas.git] / doas.c

diff --git a/doas.c b/doas.c
index 5396df0d4657a23be99b48f2e304a50e1ed02788..70b255bc1a618270513e5f42ed9f932bd658e7c9 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -57,9 +57,11 @@ parseuid(const char *s, uid_t *uid)
 
        if ((pw = getpwnam(s)) != NULL) {
                *uid = pw->pw_uid;
+               if (*uid == UID_MAX)
+                       return -1;
                return 0;
        }
-       *uid = strtonum(s, 0, UID_MAX, &errstr);
+       *uid = strtonum(s, 0, UID_MAX - 1, &errstr);
        if (errstr)
                return -1;
        return 0;
@@ -85,9 +87,11 @@ parsegid(const char *s, gid_t *gid)
 
        if ((gr = getgrnam(s)) != NULL) {
                *gid = gr->gr_gid;
+               if (*gid == GID_MAX)
+                       return -1;
                return 0;
        }
-       *gid = strtonum(s, 0, GID_MAX, &errstr);
+       *gid = strtonum(s, 0, GID_MAX - 1, &errstr);
        if (errstr)
                return -1;
        return 0;
@@ -249,6 +253,46 @@ good:
 }
 #endif
 
+#ifdef __OpenBSD__
+int
+unveilcommands(const char *ipath, const char *cmd)
+{
+       char *path = NULL, *p;
+       int unveils = 0;
+
+       if (strchr(cmd, '/') != NULL) {
+               if (unveil(cmd, "x") != -1)
+                       unveils++;
+               goto done;
+       }
+
+       if (!ipath) {
+               errno = ENOENT;
+               goto done;
+       }
+       path = strdup(ipath);
+       if (!path) {
+               errno = ENOENT;
+               goto done;
+       }
+       for (p = path; p && *p; ) {
+               char buf[PATH_MAX];
+               char *cp = strsep(&p, ":");
+
+               if (cp) {
+                       int r = snprintf(buf, sizeof buf, "%s/%s", cp, cmd);
+                       if (r >= 0 && r < sizeof buf) {
+                               if (unveil(buf, "x") != -1)
+                                       unveils++;
+                       }
+               }
+       }
+done:
+       free(path);
+       return (unveils);
+}
+#endif
+
 int
 main(int argc, char **argv)
 {
@@ -257,6 +301,7 @@ main(int argc, char **argv)
        const char *confpath = NULL;
        char *shargv[] = { NULL, NULL };
        char *sh;
+       const char *p;
        const char *cmd;
        char cmdline[LINE_MAX];
 #ifdef __OpenBSD__
@@ -411,7 +456,24 @@ main(int argc, char **argv)
 # endif
        }
 
+       if ((p = getenv("PATH")) != NULL)
+               formerpath = strdup(p);
+       if (formerpath == NULL)
+               formerpath = "";
+
 # ifdef __OpenBSD__
+       if (unveil(_PATH_LOGIN_CONF, "r") == -1 ||
+           unveil(_PATH_LOGIN_CONF ".db", "r") == -1)
+               err(1, "unveil");
+# endif
+       if (rule->cmd) {
+               if (setenv("PATH", safepath, 1) == -1)
+                       err(1, "failed to set PATH '%s'", safepath);
+       }
+# ifdef __OpenBSD__
+       if (unveilcommands(getenv("PATH"), cmd) == 0)
+               goto fail;
+
        if (pledge("stdio rpath getpw exec id", NULL) == -1)
                err(1, "pledge");
 # endif
@@ -482,10 +544,13 @@ main(int argc, char **argv)
 
        envp = prepenv(rule, mypw, targpw);
 
+       /* setusercontext set path for the next process, so reset it for us */
        if (rule->cmd) {
-               /* do this again after setusercontext reset it */
                if (setenv("PATH", safepath, 1) == -1)
                        err(1, "failed to set PATH '%s'", safepath);
+       } else {
+               if (setenv("PATH", formerpath, 1) == -1)
+                       err(1, "failed to set PATH '%s'", formerpath);
        }
        execvpe(cmd, argv, envp);
        if (errno == ENOENT)