Handle empty argv

[opendoas.git] / doas.c

diff --git a/doas.c b/doas.c
index 8275fe180b70ed80e99a8ee05affcca54b610e38..d348d2554b6f23a5c364ccccc8c8ce64cc09bf58 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -15,11 +15,16 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#include "config.h"
+
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 
 #include <limits.h>
+#ifdef HAVE_LOGIN_CAP_H
+#include <login_cap.h>
+#endif
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -30,8 +35,9 @@
 #include <syslog.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <time.h>
 
-#include "includes.h"
+#include "openbsd.h"
 #include "doas.h"
 
 static void __dead
@@ -134,7 +140,7 @@ static int
 permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr,
     uid_t target, const char *cmd, const char **cmdargs)
 {
-       int i;
+       size_t i;
 
        *lastr = NULL;
        for (i = 0; i < nrules; i++) {
@@ -230,6 +236,18 @@ mygetpwuid_r(uid_t uid, struct passwd *pwd, struct passwd **result)
        return rv;
 }
 
+void
+authfail(int opt)
+{
+
+#ifdef DOAS_INSULTS
+       if (opt)
+               printf("%s\n", getinsult());
+#endif
+
+       errx(1, "Authentication failed");
+}
+
 int
 main(int argc, char **argv)
 {
@@ -255,6 +273,11 @@ main(int argc, char **argv)
        const char *cwd;
        char **envp;
 
+       if (argc <= 0 || argv == NULL || argv[0] == NULL) {
+               fprintf(stderr, "doas: executed without argv\n");
+               exit(1);
+       }
+
        setprogname("doas");
 
        closefrom(STDERR_FILENO + 1);
@@ -344,19 +367,14 @@ main(int argc, char **argv)
                errc(1, EPERM, NULL);
        }
 
-#if defined(USE_SHADOW)
        if (!(rule->options & NOPASS)) {
                if (nflag)
-                       errx(1, "Authorization required");
+                       errx(1, "Authentication required");
 
-               shadowauth(mypw->pw_name, rule->options & PERSIST);
+               int ret = shadowauth(mypw->pw_name, rule->options & PERSIST);
+               if (ret == 5)
+                       authfail(rule->options & INSULT);
        }
-#elif !defined(USE_PAM)
-       /* no authentication provider, only allow NOPASS rules */
-       (void) nflag;
-       if (!(rule->options & NOPASS))
-               errx(1, "Authorization required");
-#endif
 
        if ((p = getenv("PATH")) != NULL)
                formerpath = strdup(p);
@@ -374,25 +392,33 @@ main(int argc, char **argv)
        if (targpw == NULL)
                errx(1, "no passwd entry for target");
 
-#if defined(USE_PAM)
-       pamauth(targpw->pw_name, mypw->pw_name, !nflag, rule->options & NOPASS,
-           rule->options & PERSIST);
-#endif
-
+#ifdef HAVE_LOGIN_CAP_H
+       if (setusercontext(NULL, targpw, target, LOGIN_SETGROUP |
+           LOGIN_SETPATH |
+           LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
+           LOGIN_SETUSER) != 0)
+               errx(1, "failed to set user context for target");
+#else
        if (setresgid(targpw->pw_gid, targpw->pw_gid, targpw->pw_gid) != 0)
                err(1, "setresgid");
        if (initgroups(targpw->pw_name, targpw->pw_gid) != 0)
                err(1, "initgroups");
        if (setresuid(target, target, target) != 0)
                err(1, "setresuid");
+       if (setenv("PATH", safepath, 1) == -1)
+               err(1, "failed to set PATH '%s'", safepath);
+#endif
 
        if (getcwd(cwdpath, sizeof(cwdpath)) == NULL)
                cwd = "(failed)";
        else
                cwd = cwdpath;
 
-       syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s",
-           mypw->pw_name, cmdline, targpw->pw_name, cwd);
+       if (!(rule->options & NOLOG)) {
+               syslog(LOG_AUTHPRIV | LOG_INFO,
+                   "%s ran command %s as %s from %s",
+                   mypw->pw_name, cmdline, targpw->pw_name, cwd);
+       }
 
        envp = prepenv(rule, mypw, targpw);