]> git.armaanb.net Git - opendoas.git/blobdiff - doas.c
projects / opendoas.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
configure: make {UID,GID}_MAX configurable
[opendoas.git] / doas.c
diff --git a/doas.c b/doas.c
index 75882746e9ef7a95dc4b023bcb37e683ad48c4a9..70b255bc1a618270513e5f42ed9f932bd658e7c9 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -57,9 +57,11 @@ parseuid(const char *s, uid_t *uid)
 
        if ((pw = getpwnam(s)) != NULL) {
                *uid = pw->pw_uid;
+               if (*uid == UID_MAX)
+                       return -1;
                return 0;
        }
-       *uid = strtonum(s, 0, UID_MAX, &errstr);
+       *uid = strtonum(s, 0, UID_MAX - 1, &errstr);
        if (errstr)
                return -1;
        return 0;
@@ -85,9 +87,11 @@ parsegid(const char *s, gid_t *gid)
 
        if ((gr = getgrnam(s)) != NULL) {
                *gid = gr->gr_gid;
+               if (*gid == GID_MAX)
+                       return -1;
                return 0;
        }
-       *gid = strtonum(s, 0, GID_MAX, &errstr);
+       *gid = strtonum(s, 0, GID_MAX - 1, &errstr);
        if (errstr)
                return -1;
        return 0;
@@ -249,6 +253,46 @@ good:
 }
 #endif
 
+#ifdef __OpenBSD__
+int
+unveilcommands(const char *ipath, const char *cmd)
+{
+       char *path = NULL, *p;
+       int unveils = 0;
+
+       if (strchr(cmd, '/') != NULL) {
+               if (unveil(cmd, "x") != -1)
+                       unveils++;
+               goto done;
+       }
+
+       if (!ipath) {
+               errno = ENOENT;
+               goto done;
+       }
+       path = strdup(ipath);
+       if (!path) {
+               errno = ENOENT;
+               goto done;
+       }
+       for (p = path; p && *p; ) {
+               char buf[PATH_MAX];
+               char *cp = strsep(&p, ":");
+
+               if (cp) {
+                       int r = snprintf(buf, sizeof buf, "%s/%s", cp, cmd);
+                       if (r >= 0 && r < sizeof buf) {
+                               if (unveil(buf, "x") != -1)
+                                       unveils++;
+                       }
+               }
+       }
+done:
+       free(path);
+       return (unveils);
+}
+#endif
+
 int
 main(int argc, char **argv)
 {
Fork of OpenDoas that insults you