This patch will upgrade CU Sudo version 1.5.7 to version 1.5.7 patchlevel 4. To apply, run: cd sudo.v1.5.7 patch -p1 < cu-sudo.v1.5.7p4.patch diff -uN sudo.v1.5.7/check.c sudo.v1.5.7p4/check.c --- sudo.v1.5.7/check.c Tue Nov 17 21:16:13 1998 +++ sudo.v1.5.7p4/check.c Fri Dec 11 10:18:04 1998 @@ -94,7 +94,7 @@ #include "version.h" #ifndef lint -static const char rcsid[] = "$Id: check.c,v 1.163 1998/11/18 04:16:13 millert Exp $"; +static const char rcsid[] = "$Id: check.c,v 1.164 1998/12/11 17:16:26 millert Exp $"; #endif /* lint */ /* @@ -236,7 +236,7 @@ if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + strlen(p) + 2 > sizeof(timestampfile)) { - (void) fprintf(stderr, "%s: path too long: %s/%s.%s\n", Argv[0], + (void) fprintf(stderr, "%s: path too long: %s/%s:%s\n", Argv[0], _PATH_SUDO_TIMEDIR, user_name, p); exit(1); } @@ -408,11 +408,11 @@ if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + strlen(p) + 2 > sizeof(timestampfile)) { - (void) fprintf(stderr, "%s: path too long: %s/%s.%s\n", Argv[0], + (void) fprintf(stderr, "%s: path too long: %s/%s:%s\n", Argv[0], _PATH_SUDO_TIMEDIR, user_name, p); exit(1); } - (void) sprintf(timestampfile, "%s/%s.%s", _PATH_SUDO_TIMEDIR, user_name, p); + (void) sprintf(timestampfile, "%s/%s:%s", _PATH_SUDO_TIMEDIR, user_name, p); #else if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + 1 > sizeof(timestampfile)) { diff -uN sudo.v1.5.7/config.h.in sudo.v1.5.7p4/config.h.in --- sudo.v1.5.7/config.h.in Wed Nov 18 13:31:44 1998 +++ sudo.v1.5.7p4/config.h.in Sat Nov 21 15:55:16 1998 @@ -17,7 +17,7 @@ * * Please send bugs, changes, problems to sudo-bugs@courtesan.com * - * $Id: config.h.in,v 1.109 1998/11/18 20:31:25 millert Exp $ + * $Id: config.h.in,v 1.110 1998/11/21 22:54:31 millert Exp $ */ /* @@ -367,6 +367,9 @@ /* Define to the path of the editor visudo should use. */ #undef EDITOR + +/* Define if root should not be allowed to use sudo. */ +#undef NO_ROOT_SUDO /* Define to be the user that gets sudo mail. */ #undef ALERTMAIL diff -uN sudo.v1.5.7/configure sudo.v1.5.7p4/configure --- sudo.v1.5.7/configure Wed Nov 18 13:31:50 1998 +++ sudo.v1.5.7p4/configure Mon Nov 23 21:40:24 1998 @@ -1117,7 +1117,7 @@ no) echo "Sorry, --without-loglen not supported." exit 1 ;; - 0-9*) cat >> confdefs.h <> confdefs.h <&6 ;; - 0-9*) cat >> confdefs.h <> confdefs.h <> confdefs.h <> confdefs.h <> confdefs.h <<\EOF #define TIMEOUT 5 EOF @@ -1599,7 +1599,7 @@ echo "$ac_t""no timeout" 1>&6 ;; - 0-9*) cat >> confdefs.h <> confdefs.h <&6 ;; - 0-9*) cat >> confdefs.h <> confdefs.h <&6 -echo "configure:6122: checking for socket" >&5 -if eval "test \"`echo '$''{'ac_cv_func_socket'+set}'`\" = set"; then +echo $ac_n "checking for inet_addr""... $ac_c" 1>&6 +echo "configure:6122: checking for inet_addr" >&5 +if eval "test \"`echo '$''{'ac_cv_func_inet_addr'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char socket(); +char inet_addr(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ -#if defined (__stub_socket) || defined (__stub___socket) +#if defined (__stub_inet_addr) || defined (__stub___inet_addr) choke me #else -socket(); +inet_addr(); #endif ; return 0; } EOF if { (eval echo configure:6150: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* - eval "ac_cv_func_socket=yes" + eval "ac_cv_func_inet_addr=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - eval "ac_cv_func_socket=no" + eval "ac_cv_func_inet_addr=no" fi rm -f conftest* fi -if eval "test \"`echo '$ac_cv_func_'socket`\" = yes"; then +if eval "test \"`echo '$ac_cv_func_'inet_addr`\" = yes"; then echo "$ac_t""yes" 1>&6 : else echo "$ac_t""no" 1>&6 -echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 -echo "configure:6168: checking for socket in -lsocket" >&5 -ac_lib_var=`echo socket'_'socket | sed 'y%./+-%__p_%'` +echo $ac_n "checking for inet_addr in -lnsl""... $ac_c" 1>&6 +echo "configure:6168: checking for inet_addr in -lnsl" >&5 +ac_lib_var=`echo nsl'_'inet_addr | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" -LIBS="-lsocket $LIBS" +LIBS="-lnsl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then @@ -6198,12 +6198,12 @@ fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 - SUDO_LIBS="${SUDO_LIBS} -lsocket"; LIBS="${LIBS} -lsocket" + SUDO_LIBS="${SUDO_LIBS} -lnsl"; LIBS="${LIBS} -lnsl" else echo "$ac_t""no" 1>&6 -echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6 -echo "configure:6206: checking for socket in -linet" >&5 -ac_lib_var=`echo inet'_'socket | sed 'y%./+-%__p_%'` +echo $ac_n "checking for inet_addr in -linet""... $ac_c" 1>&6 +echo "configure:6206: checking for inet_addr in -linet" >&5 +ac_lib_var=`echo inet'_'inet_addr | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -6215,10 +6215,10 @@ /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char socket(); +char inet_addr(); int main() { -socket() +inet_addr() ; return 0; } EOF if { (eval echo configure:6225: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then @@ -6245,70 +6245,70 @@ fi -echo $ac_n "checking for inet_addr""... $ac_c" 1>&6 -echo "configure:6250: checking for inet_addr" >&5 -if eval "test \"`echo '$''{'ac_cv_func_inet_addr'+set}'`\" = set"; then +echo $ac_n "checking for socket""... $ac_c" 1>&6 +echo "configure:6250: checking for socket" >&5 +if eval "test \"`echo '$''{'ac_cv_func_socket'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char inet_addr(); +char socket(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ -#if defined (__stub_inet_addr) || defined (__stub___inet_addr) +#if defined (__stub_socket) || defined (__stub___socket) choke me #else -inet_addr(); +socket(); #endif ; return 0; } EOF if { (eval echo configure:6278: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then rm -rf conftest* - eval "ac_cv_func_inet_addr=yes" + eval "ac_cv_func_socket=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* - eval "ac_cv_func_inet_addr=no" + eval "ac_cv_func_socket=no" fi rm -f conftest* fi -if eval "test \"`echo '$ac_cv_func_'inet_addr`\" = yes"; then +if eval "test \"`echo '$ac_cv_func_'socket`\" = yes"; then echo "$ac_t""yes" 1>&6 : else echo "$ac_t""no" 1>&6 -echo $ac_n "checking for inet_addr in -lnsl""... $ac_c" 1>&6 -echo "configure:6296: checking for inet_addr in -lnsl" >&5 -ac_lib_var=`echo nsl'_'inet_addr | sed 'y%./+-%__p_%'` +echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 +echo "configure:6296: checking for socket in -lsocket" >&5 +ac_lib_var=`echo socket'_'socket | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_save_LIBS="$LIBS" -LIBS="-lnsl $LIBS" +LIBS="-lsocket $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest; then @@ -6326,12 +6326,12 @@ fi if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then echo "$ac_t""yes" 1>&6 - SUDO_LIBS="${SUDO_LIBS} -lnsl"; LIBS="${LIBS} -lnsl" + SUDO_LIBS="${SUDO_LIBS} -lsocket"; LIBS="${LIBS} -lsocket" else echo "$ac_t""no" 1>&6 -echo $ac_n "checking for inet_addr in -linet""... $ac_c" 1>&6 -echo "configure:6334: checking for inet_addr in -linet" >&5 -ac_lib_var=`echo inet'_'inet_addr | sed 'y%./+-%__p_%'` +echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6 +echo "configure:6334: checking for socket in -linet" >&5 +ac_lib_var=`echo inet'_'socket | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -6343,10 +6343,10 @@ /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ -char inet_addr(); +char socket(); int main() { -inet_addr() +socket() ; return 0; } EOF if { (eval echo configure:6353: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then diff -uN sudo.v1.5.7/configure.in sudo.v1.5.7p4/configure.in --- sudo.v1.5.7/configure.in Wed Nov 18 13:31:45 1998 +++ sudo.v1.5.7p4/configure.in Mon Nov 23 21:40:24 1998 @@ -1,6 +1,6 @@ dnl dnl Process this file with GNU autoconf to produce a configure script. -dnl $Id: configure.in,v 1.229 1998/11/18 20:31:25 millert Exp $ +dnl $Id: configure.in,v 1.231 1998/11/24 04:38:53 millert Exp $ dnl AC_INIT(sudo.h) AC_CONFIG_HEADER(config.h pathnames.h) @@ -344,7 +344,7 @@ no) echo "Sorry, --without-loglen not supported." exit 1 ;; - [0-9]*) AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $with_loglen) + [[0-9]]*) AC_DEFINE_UNQUOTED(MAXLOGFILELEN, $with_loglen) AC_MSG_RESULT([$with_loglen]) ;; *) echo "You must enter a number, not $with_loglen" @@ -482,7 +482,7 @@ no) echo "Sorry, --without-sudoers-mode not supported." exit 1 ;; - [0-9]*) SUDOERS_MODE=$with_sudoers_mode + [[0-9]]*) SUDOERS_MODE=$with_sudoers_mode ;; *) echo "You must use a numeric uid, not a name." exit 1 @@ -497,7 +497,7 @@ no) echo "Sorry, --without-sudoers-uid not supported." exit 1 ;; - [0-9]*) SUDOERS_UID=$with_sudoers_uid + [[0-9]]*) SUDOERS_UID=$with_sudoers_uid ;; *) echo "You must use a numeric uid, not a name." exit 1 @@ -512,7 +512,7 @@ no) echo "Sorry, --without-sudoers-gid not supported." exit 1 ;; - [0-9]*) SUDOERS_GID=$with_sudoers_gid + [[0-9]]*) SUDOERS_GID=$with_sudoers_gid ;; *) echo "You must use a numeric gid, not a name." exit 1 @@ -528,7 +528,7 @@ ;; no) AC_MSG_RESULT(user) ;; - [0-9]*) AC_DEFINE_UNQUOTED(SUDO_UMASK, "$with_umask") + [[0-9]]*) AC_DEFINE_UNQUOTED(SUDO_UMASK, "$with_umask") AC_MSG_RESULT([$with_umask]) ;; *) echo "You must enter a numeric mask." @@ -600,7 +600,7 @@ no) echo "Sorry, --without-editor not supported." exit 1 ;; - [1-9]*) AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $with_passwd_tries) + [[1-9]]*) AC_DEFINE_UNQUOTED(TRIES_FOR_PASSWORD, $with_passwd_tries) AC_MSG_RESULT([$with_passwd_tries]) ;; *) echo "You must enter the numer of tries, > 0" @@ -610,14 +610,14 @@ AC_MSG_CHECKING(time in minutes after which sudo will ask for a password again) AC_ARG_WITH(timeout, [ --with-timeout minutes before sudo asks for passwd again (def is 5)], -[case $with_timeout in +[echo $with_timeout; case $with_timeout in yes) AC_DEFINE(TIMEOUT, 5) AC_MSG_RESULT(5) ;; no) AC_DEFINE(TIMEOUT, 0) AC_MSG_RESULT([no timeout]) ;; - [0-9]*) AC_DEFINE_UNQUOTED(TIMEOUT, $with_timeout) + [[0-9]]*) AC_DEFINE_UNQUOTED(TIMEOUT, $with_timeout) AC_MSG_RESULT([$with_timeout]) ;; *) echo "You must enter the numer of minutes." @@ -634,7 +634,7 @@ no) AC_DEFINE(PASSWORD_TIMEOUT, 0) AC_MSG_RESULT([no timeout]) ;; - [0-9]*) AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $with_password_timeout) + [[0-9]]*) AC_DEFINE_UNQUOTED(PASSWORD_TIMEOUT, $with_password_timeout) AC_MSG_RESULT([$with_timeout]) ;; *) echo "You must enter the numer of minutes." @@ -1302,13 +1302,13 @@ AC_CHECK_FUNC(crypt, ,AC_CHECK_LIB(crypt, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt"; LIBS="${LIBS} -lcrypt"], AC_CHECK_LIB(crypt_d, crypt, [SUDO_LIBS="${SUDO_LIBS} -lcrypt_d"; LIBS="${LIBS} -lcrypt_d"], AC_CHECK_LIB(crypt, ufc, [SUDO_LIBS="${SUDO_LIBS} -lufc"; LIBS="${LIBS} -lufc"])))) fi dnl -dnl If socket(2) not in libc, check -lsocket and -linet -dnl -AC_CHECK_FUNC(socket, ,AC_CHECK_LIB(socket, socket, [SUDO_LIBS="${SUDO_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [SUDO_LIBS="${SUDO_LIBS} -linet"; LIBS="${LIBS} -linet"]))) -dnl dnl If inet_addr(3) not in libc, check -lnsl and -linet dnl AC_CHECK_FUNC(inet_addr, ,AC_CHECK_LIB(nsl, inet_addr, [SUDO_LIBS="${SUDO_LIBS} -lnsl"; LIBS="${LIBS} -lnsl"], AC_CHECK_LIB(inet, inet_addr, [SUDO_LIBS="${SUDO_LIBS} -linet"; LIBS="${LIBS} -linet"]))) +dnl +dnl If socket(2) not in libc, check -lsocket and -linet +dnl +AC_CHECK_FUNC(socket, ,AC_CHECK_LIB(socket, socket, [SUDO_LIBS="${SUDO_LIBS} -lsocket"; LIBS="${LIBS} -lsocket"], AC_CHECK_LIB(inet, socket, [SUDO_LIBS="${SUDO_LIBS} -linet"; LIBS="${LIBS} -linet"]))) dnl dnl If syslog(3) not in libc, check -lsocket, -lnsl and -linet dnl Common subdirectories: sudo.v1.5.7/emul and sudo.v1.5.7p4/emul diff -uN sudo.v1.5.7/interfaces.c sudo.v1.5.7p4/interfaces.c --- sudo.v1.5.7/interfaces.c Wed Nov 18 13:31:45 1998 +++ sudo.v1.5.7p4/interfaces.c Tue Dec 8 12:53:23 1998 @@ -79,7 +79,7 @@ #endif /* !STDC_HEADERS && !__GNUC__ */ #ifndef lint -static const char rcsid[] = "$Id: interfaces.c,v 1.45 1998/11/18 20:31:25 millert Exp $"; +static const char rcsid[] = "$Id: interfaces.c,v 1.46 1998/12/07 21:16:00 millert Exp $"; #endif /* lint */ /* @@ -139,6 +139,7 @@ if (ioctl(sock, SIOCGIFCONF, (caddr_t) ifconf) < 0) { #endif /* _ISC */ (void) free(ifconf_buf); + (void) close(sock); return; } @@ -253,6 +254,7 @@ } } (void) free(ifconf_buf); + (void) close(sock); } #else /* !SIOCGIFCONF || STUB_LOAD_INTERFACES */ diff -uN sudo.v1.5.7/version.h sudo.v1.5.7p4/version.h --- sudo.v1.5.7/version.h Fri Nov 20 16:33:56 1998 +++ sudo.v1.5.7p4/version.h Fri Dec 11 10:18:18 1998 @@ -23,6 +23,6 @@ #ifndef _SUDO_VERSION_H #define _SUDO_VERSION_H -static const char version[] = "1.5.7"; +static const char version[] = "1.5.7p4"; #endif /* _SUDO_VERSION_H */