From 908a5930383a9939b4847e2cba559f86871d5ffc Mon Sep 17 00:00:00 2001 Message-Id: From: Mark Wooding Date: Fri, 14 Jun 2024 20:57:38 +0100 Subject: [PATCH 00/16] *** SUBJECT HERE *** Organization: Straylight/Edgeware *** BLURB HERE *** mdw (16): IDEA cipher removed: replaced by blowfish. Tidying for new release versions. Fix copyright date. Include required header files. Fix copyright date. Fix copyright date. Add `TZ' to the list of variables to be preserved. Fix typo. Short form of `--preserve' should be `-e', not `-p'. Distribute gpl.texi. Ooops. Don't use `df' for noise gathering, because it gets upset when NFS servers aren't responding. Fix default HTML directory. Make the `become' program setuid root when installing. Fix formatting. Add new option to disable networking. Add new option to disable networking. Add new file `texinice.tex' to the distribution. Include `texinice' to produce decent printed output. Add documentation for new `bcquery' program. Various fixes, including spelling mistakes, and some factual inaccuracies. New program `bcquery', and `ypstuff' module added. Added new program to verify and query Become configuration files. Makefile.am | 9 +- acconfig.h | 17 +- conf/Makefile.am | 7 +- configure.in | 34 +- manual/Makefile.am | 17 +- manual/become.texi | 377 ++++++++++++++++--- src/Makefile.am | 32 +- src/bcquery.c | 866 ++++++++++++++++++++++++++++++++++++++++++++ src/become.c | 12 +- src/become.h | 5 +- src/blowfish-sbox.h | 7 +- src/blowfish.c | 9 +- src/blowfish.h | 7 +- src/check.c | 7 +- src/check.h | 7 +- src/class.c | 9 +- src/class.h | 9 +- src/crypt.c | 7 +- src/crypt.h | 7 +- src/daemon.c | 7 +- src/daemon.h | 7 +- src/dbutils.h | 7 +- src/icrypt.c | 7 +- src/icrypt.h | 7 +- src/idea.c | 505 -------------------------- src/idea.h | 129 ------- src/keygen.c | 7 +- src/lexer.h | 7 +- src/lexer.l | 7 +- src/md5.c | 7 +- src/md5.h | 7 +- src/name.c | 9 +- src/name.h | 9 +- src/netg.c | 9 +- src/netg.h | 9 +- src/noise.c | 17 +- src/noise.h | 7 +- src/parser.h | 7 +- src/parser.y | 9 +- src/rand.c | 7 +- src/rand.h | 7 +- src/rule.c | 9 +- src/rule.h | 9 +- src/sym.c | 9 +- src/sym.h | 7 +- src/tx.c | 7 +- src/tx.h | 7 +- src/userdb.c | 9 +- src/userdb.h | 7 +- src/utils.c | 9 +- src/utils.h | 9 +- 51 files changed, 1512 insertions(+), 809 deletions(-) create mode 100644 src/bcquery.c delete mode 100644 src/idea.c delete mode 100644 src/idea.h -- [mdw] From 0b467be25069413b3790ab2c6447bb18f2b283cd Mon Sep 17 00:00:00 2001 Message-Id: <0b467be25069413b3790ab2c6447bb18f2b283cd.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Fri, 9 Jan 1998 13:50:49 +0000 Subject: [PATCH 01/16] IDEA cipher removed: replaced by blowfish. Organization: Straylight/Edgeware From: mdw --- src/idea.c | 505 ----------------------------------------------------- src/idea.h | 129 -------------- 2 files changed, 634 deletions(-) delete mode 100644 src/idea.c delete mode 100644 src/idea.h diff --git a/src/idea.c b/src/idea.c deleted file mode 100644 index 1bdd9e8..0000000 --- a/src/idea.c +++ /dev/null @@ -1,505 +0,0 @@ -/* -*-c-*- - * - * $Id: idea.c,v 1.2 1997/08/04 10:24:22 mdw Exp $ - * - * IDEA encryption routines - * Based on Straylight ARM assembler routines - * - * (c) 1996, 1997 Mark Wooding - */ - -/*----- Licensing notice --------------------------------------------------* - * - * This file is part of `become' - * - * `Become' is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * `Become' is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with `become'; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -/*----- Revision history --------------------------------------------------* - * - * $Log: idea.c,v $ - * Revision 1.2 1997/08/04 10:24:22 mdw - * Sources placed under CVS control. - * - * Revision 1.1 1997/07/21 13:47:49 mdw - * Initial revision - * - */ - -/*----- Notes -------------------------------------------------------------* - * - * This code is optimised for 32-bit processors with reasonable numbers of - * registers. Hopefully it should still work on a Spectrum, although rather - * slowly. I do assume two's complement arithmetic. - * - * Since this is actually /decompiled/, by hand, from some existing assembler - * code, you can expect some parts to be a little strange. - */ - -/*----- Header files ------------------------------------------------------*/ - -#include -#include - -#include "config.h" -#include "idea.h" -#include "utils.h" - -/*----- Low-level support functions ---------------------------------------*/ - -/* --- @idea__inv@ --- * - * - * Arguments: @int n@ = number to invert - * - * Returns: Multiplicative inverse of n, mod 2^{16} + 1 - */ - -static int idea__inv(int n) -{ - long m, a, b, q, r, t; - - /* --- Check the easy case --- */ - - if (!n) - return (0); - - /* --- Start off the loop --- */ - - m = 0x10001L; - a = 1; - b = 0; - for (;;) { - q = m / n, r = m % n; - if (!r) - break; - m = n, n = r; - t = a, a = b - q * a, b = t; - } - - /* --- Get return value in range --- */ - - if (a < 0) - a += 1; - return ((int) a & 0xFFFF); -} - -/* --- @_mul@ --- * - * - * An evil macro to do multiplication. Satan lives here. - */ - -#define _mul(x, y) \ - (void)( \ - x &= ffff, x ? \ - ( y &= ffff, y ? \ - ((y = x * y), x = y & ffff, y = y >> 16, x < y ? \ - (x = x - y + 1) : (x = x - y)) : \ - (x = 1 - x)) : \ - (x = 1 - y) \ - ) - -/*----- Key unpacking functions -------------------------------------------*/ - -/* --- @idea_ekeys@ --- * - * - * Arguments: @idea_key *k@ = the expanded key buffer - * @const unsigned char *key@ = the user's key encryption key - * - * Returns: --- - * - * Use: Unpacks an encryption key. - */ - -void idea_ekeys(idea_key *k, const unsigned char *key) -{ - /* --- Convince compiler to do this properly --- */ - - register const int ffff = 0xFFFF; - - uint_32 ka, kb, kc, kd; - int count; - int *p = k->k; - - /* --- Load the 4 words from the block --- * - * - * Don't ask. - */ - - ka = load32(key + 0); - kb = load32(key + 4); - kc = load32(key + 8); - kd = load32(key + 12); - - for (count = 48; count > 0; count -= 8) { - - /* --- Unpack halfwords into the block --- */ - - *p++ = (ka >> 16) & ffff; - *p++ = ka & ffff; - *p++ = (kb >> 16) & ffff; - *p++ = kb & ffff; - *p++ = (kc >> 16) & ffff; - *p++ = kc & ffff; - *p++ = (kd >> 16) & ffff; - *p++ = kd & ffff; - - /* --- Now rotate the 128-bit key --- */ - - { - uint_32 kx = ka; - ka = ((ka << 25) | (kb >> 7)) & 0xffffffffu; - kb = ((kb << 25) | (kc >> 7)) & 0xffffffffu; - kc = ((kc << 25) | (kd >> 7)) & 0xffffffffu; - kd = ((kd << 25) | (kx >> 7)) & 0xffffffffu; - } - } - - /* --- Write the tail-enders over --- */ - - *p++ = (ka >> 16) & ffff; - *p++ = ka & ffff; - *p++ = (kb >> 16) & ffff; - *p++ = kb & ffff; -} - -/* --- @idea_invertKey@ --- * - * - * Arguments: @const idea_key *in@ = pointer to input expanded key buffer - * @idea_key *out@ = pointer to output expanded key buffer - * - * Returns: --- - * - * Use: Computes the inverse (decryption) key given an expanded - * IDEA encryption key. - */ - -void idea_invertKey(const idea_key *in, idea_key *out) -{ - int i; - unsigned a, b, c, d, e, f; - int *ibuf = in->k, *obuf = out->k; - - /* --- Deal with identical input and output buffers --- */ - - if (in == out) { - idea_key t; - memcpy(&t, in, sizeof(t)); - idea_invertKey(&t, out); - return; - } - - /* --- Do the real work --- */ - - ibuf += IDEA_EXPKEYSIZE; - for (i = 8; i; i--) { - ibuf -= 6; - a = ibuf[0]; - b = ibuf[1]; - c = ibuf[2]; - d = ibuf[3]; - e = ibuf[4]; - f = ibuf[5]; - - c = idea__inv(c); - f = idea__inv(f); - d = 0x10000 - d; - e = 0x10000 - e; - - if (i < 8) - d ^= e, e ^= d, d ^= e; - - obuf[0] = c; - obuf[1] = d; - obuf[2] = e; - obuf[3] = f; - obuf[4] = a; - obuf[5] = b; - obuf += 6; - } - - /* --- Deal with the tail-enders --- */ - - ibuf -= 4; - c = ibuf[0]; - d = ibuf[1]; - e = ibuf[2]; - f = ibuf[3]; - - c = idea__inv(c); - f = idea__inv(f); - d = 0x10000 - d; - e = 0x10000 - e; - - obuf[0] = c; - obuf[1] = d; - obuf[2] = e; - obuf[3] = f; -} - -/* --- @idea_dkeys@ --- * - * - * Arguments: @idea_key *k@ = the expanded key buffer - * @const unsigned char *key@ = the user's key encryption key - * - * Returns: --- - * - * Use: Unpacks a decryption key. - */ - -void idea_dkeys(idea_key *k, const unsigned char *key) -{ - idea_key t; - idea_ekeys(&t, key); - idea_invertKey(&t, k); -} - -/*----- Main IDEA cipher --------------------------------------------------*/ - -/* --- @idea_encrypt@ --- * - * - * Arguments: @const idea_key *k@ = key to use - * @const void *src@ = block to encrypt - * @void *dest@ = where to store the result - * - * Returns: --- - * - * Use: Encrypts (or decrypts) a block, using the IDEA cryptosystem. - * Since the decryption operation is the same as encryption - * except that a different key buffer is used, this is all we - * need to complete the simple bits. - * - * For people following this at home: I've been very sloppy - * about chopping off excess bits from the ints here. Most of - * the time it doesn't matter, and when it does, in the - * multiplication stage, the macro does this for us. - * - * Our @register const int ffff@ makes another appearance. This - * might suggest to compilers that having this constant - * available would be beneficial. - * - * Registers are in short supply here. So is legibility. - */ - -#if defined(TEST_RIG) && defined(DUMPROUNDS) -# define _dump(a,b,c,d) \ - printf(" %5lu %5lu %5lu %5lu\n", \ - a & ffff, b & ffff, c & ffff, d & ffff) -#else -# define _dump(a,b,c,d) ((void)0) -#endif - -#define _round(a, b, c, d) do { \ - _dump(a, b, c, d); \ - u = kp[0]; v = kp[1]; w = kp[2]; x = kp[3]; y = kp[4]; z = kp[5]; \ - kp += 6; \ - _mul(a, u); b += v; c += w; _mul(d, x); \ - u = a ^ c; v = b ^ d; _mul(u, y); v += u; _mul(v, z); u += v; \ - a ^= v; b ^= u; c ^= v; d ^= u; \ - _dump(a, b, c, d); \ -} while (0) \ - -void idea_encrypt(const idea_key *k, const void *src, void *dest) -{ - register const int ffff = 0xFFFF; - const unsigned char *usrc = src; - unsigned char *udest = dest; - int *kp = k->k; - - uint_32 a, b, c, d; - uint_32 u, v, w, x, y, z; - - /* --- Unpack next block into registers --- */ - - a = (usrc[0] << 8) | usrc[1]; - b = (usrc[2] << 8) | usrc[3]; - c = (usrc[4] << 8) | usrc[5]; - d = (usrc[6] << 8) | usrc[7]; - - /* --- Now run the block through the eight rounds --- * - * - * Notice how the arguments swap around so as I don't have to move the - * values about. - */ - - _round(a, b, c, d); - _round(a, c, b, d); - _round(a, b, c, d); - _round(a, c, b, d); - - _round(a, b, c, d); - _round(a, c, b, d); - _round(a, b, c, d); - _round(a, c, b, d); - - /* --- Do the output transformation --- */ - - u = kp[0]; - v = kp[1]; - w = kp[2]; - x = kp[3]; - _mul(a, u); - b += w; - c += v; - _mul(d, x); - - /* --- Repack and store the block --- */ - - udest[0] = (a >> 8) & 0xFF; udest[1] = a & 0xFF; - udest[2] = (c >> 8) & 0xFF; udest[3] = c & 0xFF; - udest[4] = (b >> 8) & 0xFF; udest[5] = b & 0xFF; - udest[6] = (d >> 8) & 0xFF; udest[7] = d & 0xFF; -} - -/*----- Debugging driver --------------------------------------------------*/ - -#ifdef TEST_RIG - -#define TESTENCRYPTION - -void dumpbuf(int *k) -{ - int i; - printf("Round "); - for (i = 1; i <= 6; i++) - printf("%5i ", i); - for (i = 0; i < 52; i++) { - if (i % 6 == 0) - printf("\n %i ", i / 6 + 1); - printf("%5i ", *k++); - } - printf("\n\n"); -} - -void dumpblk(char *bb) -{ - unsigned char *b = (unsigned char *)bb; - printf("++ %5u %5u %5u %5u\n", - (b[0]<<8)|b[1], - (b[2]<<8)|b[3], - (b[4]<<8)|b[5], - (b[6]<<8)|b[7]); -} - -int main(void) -{ - -#ifdef TESTMULTIPLY - { - unsigned int i, j; - char buf[256]; - int ffff = 0xFFFF; - for (;;) { - gets(buf); - if (!buf[0]) - break; - sscanf(buf, "%u%u", &i, &j); - _mul(i, j); - printf("%u\n", i); - } - } -#endif - -#ifdef TESTENCRYPTION - { - int i; - int f; - - unsigned char k[] = { 0, 1, 0, 2, 0, 3, 0, 4, 0, 5, 0, 6, 0, 7, 0, 8 }; - idea_key e, d; - unsigned char b[] = { 0, 0, 0, 1, 0, 2, 0, 3 }; - - static idea_key correct_e = { { - 1, 2, 3, 4, 5, 6, - 7, 8, 1024, 1536, 2048, 2560, - 3072, 3584, 4096, 512, 16, 20, - 24, 28, 32, 4, 8, 12, - 10240, 12288, 14336, 16384, 2048, 4096, - 6144, 8192, 112, 128, 16, 32, - 48, 64, 80, 96, 0, 8192, - 16384, 24576, 32768, 40960, 49152, 57345, - 128, 192, 256, 320 - } }; - - static idea_key correct_d = { { - 65025, 65344, 65280, 26010, 49152, 57345, - 65533, 32768, 40960, 52428, 0, 8192, - 42326, 65456, 65472, 21163, 16, 32, - 21835, 65424, 57344, 65025, 2048, 4096, - 13101, 51200, 53248, 65533, 8, 12, - 19115, 65504, 65508, 49153, 16, 20, - 43670, 61440, 61952, 65409, 2048, 2560, - 18725, 64512, 65528, 21803, 5, 6, - 1, 65534, 65533, 49153 - } }; - - static unsigned char correct_encrypt[] = { - 4603 / 256, 4603 % 256, - 60715 / 256, 60715 % 256, - 408 / 256, 408 % 256, - 28133 / 256, 28133 % 256 - }; - - static unsigned char correct_decrypt[] = { - 0, 0, 0, 1, 0, 2, 0, 3 - }; - - idea_ekeys(&e, k); - dumpbuf(e.k); - - f = 1; - for (i = 0; i < IDEA_EXPKEYSIZE; i++) { - if (e.k[i] != correct_e.k[i]) { - f = 0; - printf("!!! bad encryption key values!\n\n"); - } - } - if (f) - printf("*** expanded encryption key correct\n\n"); - - idea_dkeys(&d, k); - dumpbuf(d.k); - - f = 1; - for (i = 0; i < IDEA_EXPKEYSIZE; i++) { - if (d.k[i] != correct_d.k[i]) { - f = 0; - printf("!!! bad decryption key values!\n\n"); - } - } - if (f) - printf("*** expanded decryption key correct\n\n"); - - idea_encrypt(&e, b, b); - dumpblk(b); - if (memcmp(b, correct_encrypt, 8) == 0) - printf("*** correct encipherment\n\n"); - else - printf("!!! bad encipherment\n\n"); - - idea_encrypt(&d, b, b); - dumpblk(b); - if (memcmp(b, correct_decrypt, 8) == 0) - printf("*** correct decipherment\n"); - else - printf("!!! bad decipherment\n"); - } -#endif - - return (0); -} - -#endif - -/*----- That's all, folks -------------------------------------------------*/ diff --git a/src/idea.h b/src/idea.h deleted file mode 100644 index 08e7f93..0000000 --- a/src/idea.h +++ /dev/null @@ -1,129 +0,0 @@ -/* -*-c-*- - * - * $Id: idea.h,v 1.2 1997/08/04 10:24:22 mdw Exp $ - * - * IDEA encryption routines - * Based on Straylight ARM assembler routines - * - * (c) 1996, 1997 Mark Wooding - */ - -/*----- Licensing notice --------------------------------------------------* - * - * This file is part of `become' - * - * `Become' is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * `Become' is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with `become'; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -/*----- Revision history --------------------------------------------------* - * - * $Log: idea.h,v $ - * Revision 1.2 1997/08/04 10:24:22 mdw - * Sources placed under CVS control. - * - * Revision 1.1 1997/07/21 13:47:48 mdw - * Initial revision - * - */ - -#ifndef IDEA_H -#define IDEA_H - -#ifdef __cplusplus - extern "C" { -#endif - -/*----- Required headers --------------------------------------------------*/ - -#ifndef CONFIG_H -# include "config.h" -#endif - -/*----- Useful constants --------------------------------------------------*/ - -#define IDEA_BLKSIZE (8u) /* Number of bytes in IDEA block */ -#define IDEA_KEYSIZE (16u) /* Number of bytes in IDEA key */ -#define IDEA_EXPKEYSIZE (52u) /* Number of ints in expanded key */ - -/*----- Type definitions --------------------------------------------------*/ - -typedef struct idea_key { - int k[IDEA_EXPKEYSIZE]; /* Subkey array */ -} idea_key; - -/*----- Functions provided ------------------------------------------------*/ - -/* --- @idea_ekeys@ --- * - * - * Arguments: @idea_key *k@ = the expanded key buffer - * @const unsigned char *key@ = the user's key encryption key - * - * Returns: --- - * - * Use: Unpacks an encryption key. - */ - -extern void idea_ekeys(idea_key */*k*/, const unsigned char */*key*/); - -/* --- @idea_invertKey@ --- * - * - * Arguments: @const idea_key *in@ = pointer to input expanded key buffer - * @idea_key *out@ = pointer to output expanded key buffer - * - * Returns: --- - * - * Use: Computes the inverse (decryption) key given an expanded - * IDEA encryption key. - */ - -extern void idea_invertKey(const idea_key */*in*/, idea_key */*out*/); - -/* --- @idea_dkeys@ --- * - * - * Arguments: @idea_key *k@ = the expanded key buffer - * @const unsigned char *key@ = the user's key encryption key - * - * Returns: --- - * - * Use: Unpacks a decryption key. - */ - -extern void idea_dkeys(idea_key */*k*/, const unsigned char */*key*/); - -/* --- @idea_encrypt@ --- * - * - * Arguments: @const idea_key *k@ = key to use - * @const void *src@ = block to encrypt - * @void *dest@ = where to store the result - * - * - * Returns: --- - * - * Use: Encrypts (or decrypts) a block, using the IDEA cryptosystem. - * Since the decryption operation is the same as encryption - * except that a different key buffer is used, this is all we - * need to complete the simple bits. - */ - -extern void idea_encrypt(const idea_key */*k*/, - const void */*src*/, void */*dest*/); - -/*----- That's all, folks -------------------------------------------------*/ - -#ifdef __cplusplus - } -#endif - -#endif -- [mdw] From 698054712034aea799ba81a45b3d74c86a285583 Mon Sep 17 00:00:00 2001 Message-Id: <698054712034aea799ba81a45b3d74c86a285583.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Mon, 12 Jan 1998 16:41:31 +0000 Subject: [PATCH 02/16] Tidying for new release versions. Fix copyright date. Organization: Straylight/Edgeware From: mdw --- manual/become.texi | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/manual/become.texi b/manual/become.texi index 4854b14..211d027 100644 --- a/manual/become.texi +++ b/manual/become.texi @@ -1,15 +1,18 @@ \input texinfo @c -*-texinfo-*- @c -@c $Id: become.texi,v 1.1 1997/09/18 11:16:34 mdw Exp $ +@c $Id: become.texi,v 1.2 1998/01/12 16:41:31 mdw Exp $ @c @c Documentation for `become' @c -@c (c) 1997 EBI +@c (c) 1998 EBI @c @c ----- Revision history --------------------------------------------------- @c @c $Log: become.texi,v $ +@c Revision 1.2 1998/01/12 16:41:31 mdw +@c Tidying for new release versions. Fix copyright date. +@c @c Revision 1.1 1997/09/18 11:16:34 mdw @c Brand new Texinfo manual, with wider scope than the original LaTeX one. @c @@ -31,7 +34,7 @@ @c ----- Useful macros ------------------------------------------------------ -@set version 1.2--pre +@set version 1.2 @c ----- Copyright matters -------------------------------------------------- @@ -41,7 +44,7 @@ This file documents Become version @value{version}. -Copyright (c) 1997 European Bioinformatics Institute. +Copyright (c) 1998 European Bioinformatics Institute. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are @@ -138,7 +141,6 @@ How Become sets up the environment * Login styles:: Choose how Become sets the environment * Tweaking the environment:: Altering individual environment variables * Removed variables:: Some environment variables aren't passed on -* Shared environments:: Tips for handling shared accounts Login styles @@ -161,7 +163,7 @@ Become administration * Configuration files:: Overview of Become's configuration files * Standalone or networked:: The two main types of Become installations * The configuration file:: How to define who's allowed to do what -* Networked configuration:: +* Networked configuration:: Considerations for networked installations The configuration file @@ -298,7 +300,6 @@ Don't worry: it's not as hard as all that. * Login styles:: Choose how Become sets the environment * Tweaking the environment:: Altering individual environment variables * Removed variables:: Some environment variables aren't passed on -* Shared environments:: Tips for handling shared accounts @end menu @@ -549,7 +550,7 @@ whether his choice of editor overrides mine.) -@node Removed variables, Shared environments, Tweaking the environment, Environment +@node Removed variables, , Tweaking the environment, Environment @subsection Variables removed from the environment Some variables are removed from the environment which Become passes to a @@ -592,13 +593,6 @@ particularly hard here. -@node Shared environments, , Removed variables, Environment -@subsection Handling common environments for shared accounts - -FIXME: this needs writing. - - - @node Group permissions, X authority, Environment, Becoming someone else @section How Become handles groups -- [mdw] From 3c45ef4a36cb65e1cf73d03d27a877d3031e95b3 Mon Sep 17 00:00:00 2001 Message-Id: <3c45ef4a36cb65e1cf73d03d27a877d3031e95b3.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Mon, 12 Jan 1998 16:43:48 +0000 Subject: [PATCH 03/16] Include required header files. Fix copyright date. Organization: Straylight/Edgeware From: mdw --- src/blowfish.c | 9 +++++++-- src/dbutils.h | 7 +++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/blowfish.c b/src/blowfish.c index a8cb513..83aeeb5 100644 --- a/src/blowfish.c +++ b/src/blowfish.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: blowfish.c,v 1.4 1997/12/08 15:29:50 mdw Exp $ + * $Id: blowfish.c,v 1.5 1998/01/12 16:43:48 mdw Exp $ * * Blowfish encryption routines * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licencing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: blowfish.c,v $ + * Revision 1.5 1998/01/12 16:43:48 mdw + * Include required header files. Fix copyright date. + * * Revision 1.4 1997/12/08 15:29:50 mdw * Formatting fixes. Very boring. * @@ -48,6 +51,8 @@ /* --- ANSI headers --- */ #include +#include +#include /* --- Local headers --- */ diff --git a/src/dbutils.h b/src/dbutils.h index 58ec006..05c8e44 100644 --- a/src/dbutils.h +++ b/src/dbutils.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: dbutils.h,v 1.4 1997/08/07 10:01:46 mdw Exp $ + * $Id: dbutils.h,v 1.5 1998/01/12 16:43:29 mdw Exp $ * * Debugging things * - * (c) 1996 Straylight + * (c) 1998 Straylight */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: dbutils.h,v $ + * Revision 1.5 1998/01/12 16:43:29 mdw + * Include required header files. Fix copyright date. + * * Revision 1.4 1997/08/07 10:01:46 mdw * (Log entry for previous version is bogus.) No changes made. * -- [mdw] From c758e6541ca05409b178dd9629e9337494c49890 Mon Sep 17 00:00:00 2001 Message-Id: In-Reply-To: References: From: Mark Wooding Date: Mon, 12 Jan 1998 16:46:52 +0000 Subject: [PATCH 04/16] Fix copyright date. Organization: Straylight/Edgeware From: mdw --- Makefile.am | 9 ++++++--- acconfig.h | 9 ++++++--- conf/Makefile.am | 7 +++++-- configure.in | 18 +++++++++++------- manual/Makefile.am | 9 ++++++--- src/Makefile.am | 7 +++++-- src/become.c | 7 +++++-- src/become.h | 5 ++++- src/blowfish-sbox.h | 7 +++++-- src/blowfish.h | 7 +++++-- src/check.c | 7 +++++-- src/check.h | 7 +++++-- src/class.c | 9 ++++++--- src/class.h | 9 ++++++--- src/crypt.c | 7 +++++-- src/crypt.h | 7 +++++-- src/daemon.c | 7 +++++-- src/daemon.h | 7 +++++-- src/icrypt.c | 7 +++++-- src/icrypt.h | 7 +++++-- src/keygen.c | 7 +++++-- src/lexer.h | 7 +++++-- src/lexer.l | 7 +++++-- src/md5.c | 7 +++++-- src/md5.h | 7 +++++-- src/name.c | 9 ++++++--- src/name.h | 9 ++++++--- src/netg.c | 9 ++++++--- src/netg.h | 9 ++++++--- src/noise.c | 9 ++++++--- src/noise.h | 7 +++++-- src/parser.h | 7 +++++-- src/parser.y | 9 ++++++--- src/rand.c | 7 +++++-- src/rand.h | 7 +++++-- src/rule.c | 9 ++++++--- src/rule.h | 9 ++++++--- src/sym.c | 9 ++++++--- src/sym.h | 7 +++++-- src/tx.c | 7 +++++-- src/tx.h | 7 +++++-- src/userdb.c | 9 ++++++--- src/userdb.h | 7 +++++-- src/utils.c | 9 ++++++--- src/utils.h | 9 ++++++--- 45 files changed, 247 insertions(+), 111 deletions(-) diff --git a/Makefile.am b/Makefile.am index 06b220b..e3ce1c3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,11 +1,11 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.2 1997/09/18 11:23:11 mdw Exp $ +## $Id: Makefile.am,v 1.3 1998/01/12 16:45:19 mdw Exp $ ## ## Makefile for `become' ## -## (c) 1997 EBI +## (c) 1998 EBI ## ##----- Licensing notice ---------------------------------------------------- @@ -29,7 +29,10 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ -## Revision 1.2 1997/09/18 11:23:11 mdw +## Revision 1.3 1998/01/12 16:45:19 mdw +## Fix copyright date. +## +## Revision 1.2 1997/09/18 11:23:11 mdw ## Add `conf' directory. ## ## Revision 1.1 1997/08/07 09:31:51 mdw diff --git a/acconfig.h b/acconfig.h index 9d7dc3e..621056f 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: acconfig.h,v 1.6 1997/09/17 10:02:07 mdw Exp $ + * $Id: acconfig.h,v 1.7 1998/01/12 16:45:20 mdw Exp $ * * Default settings for `become' config.h * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: acconfig.h,v $ - * Revision 1.6 1997/09/17 10:02:07 mdw + * Revision 1.7 1998/01/12 16:45:20 mdw + * Fix copyright date. + * + * Revision 1.6 1997/09/17 10:02:07 mdw * Remove `@ signs -- autoconf mangles them too badly. * * Revision 1.5 1997/09/08 13:41:36 mdw diff --git a/conf/Makefile.am b/conf/Makefile.am index 3fc3faa..68f0222 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -1,11 +1,11 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.2 1997/09/18 11:15:14 mdw Exp $ +## $Id: Makefile.am,v 1.3 1998/01/12 16:45:34 mdw Exp $ ## ## Makefile for `become' ## -## (c) 1997 EBI +## (c) 1998 EBI ## ##----- Licensing notice ---------------------------------------------------- @@ -29,6 +29,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.3 1998/01/12 16:45:34 mdw +## Fix copyright date. +## ## Revision 1.2 1997/09/18 11:15:14 mdw ## Install a skeleton configuration file carefully. ## diff --git a/configure.in b/configure.in index 640ff3e..045f9cb 100644 --- a/configure.in +++ b/configure.in @@ -1,10 +1,10 @@ dnl -*-fundamental-*- dnl -dnl $Id: configure.in,v 1.9 1997/09/18 11:24:27 mdw Exp $ +dnl $Id: configure.in,v 1.10 1998/01/12 16:45:21 mdw Exp $ dnl dnl Source for auto configuration for `become' dnl -dnl (c) 1997 Mark Wooding +dnl (c) 1998 Mark Wooding dnl dnl----- Licensing notice --------------------------------------------------- @@ -28,7 +28,10 @@ dnl Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. dnl----- Revision history --------------------------------------------------- dnl dnl $Log: configure.in,v $ -dnl Revision 1.9 1997/09/18 11:24:27 mdw +dnl Revision 1.10 1998/01/12 16:45:21 mdw +dnl Fix copyright date. +dnl +dnl Revision 1.9 1997/09/18 11:24:27 mdw dnl Add `conf' directory. Add an `htmldir' installation directory too. dnl dnl Revision 1.8 1997/09/17 10:36:30 mdw @@ -63,10 +66,11 @@ dnl AC_INIT(src/icrypt.c) AC_CONFIG_HEADER(config.h) -PACKAGE=become VERSION=1.2-pre +PACKAGE=become +VERSION=1.2 +AC_DEFINE(VERSION, "1.2 (12 January 1998)") AC_SUBST(PACKAGE) AC_SUBST(VERSION) -AC_DEFINE(VERSION, "1.2-pre (17 September 1997)") dnl --- Check for compilers and things --- @@ -136,10 +140,10 @@ AC_ARG_ENABLE(tracing, dnl --- Libraries --- mdw_CHECK_MANYLIBS(socket, socket,, - AC_MSG_ERROR([Socket library not found])) + [AC_MSG_ERROR([Socket library not found])]) mdw_CHECK_MANYLIBS(gethostbyname, resolv nsl,, - AC_MSG_ERROR([Resolver library not found])) + [AC_MSG_ERROR([Resolver library not found])]) mdw_CHECK_MANYLIBS(yp_all, nsl, AC_DEFINE(HAVE_YP)) diff --git a/manual/Makefile.am b/manual/Makefile.am index 4a54592..ab9952f 100644 --- a/manual/Makefile.am +++ b/manual/Makefile.am @@ -1,11 +1,11 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.3 1997/09/24 13:02:00 mdw Exp $ +## $Id: Makefile.am,v 1.4 1998/01/12 16:45:35 mdw Exp $ ## ## Makefile for `become' ## -## (c) 1997 EBI +## (c) 1998 EBI ## ##----- Licensing notice ---------------------------------------------------- @@ -29,7 +29,10 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ -## Revision 1.3 1997/09/24 13:02:00 mdw +## Revision 1.4 1998/01/12 16:45:35 mdw +## Fix copyright date. +## +## Revision 1.3 1997/09/24 13:02:00 mdw ## Distribute stamp-html.in so that the HTML files don't get recreated ## unnecessarily. ## diff --git a/src/Makefile.am b/src/Makefile.am index 9635e72..31e95ae 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,11 +1,11 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.7 1997/09/26 09:14:57 mdw Exp $ +## $Id: Makefile.am,v 1.8 1998/01/12 16:45:36 mdw Exp $ ## ## Makefile for `become' ## -## (c) 1997 EBI +## (c) 1998 EBI ## ##----- Licensing notice ---------------------------------------------------- @@ -29,6 +29,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.8 1998/01/12 16:45:36 mdw +## Fix copyright date. +## ## Revision 1.7 1997/09/26 09:14:57 mdw ## Merged blowfish branch into trunk. ## diff --git a/src/become.c b/src/become.c index c53b00b..79ec7ae 100644 --- a/src/become.c +++ b/src/become.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: become.c,v 1.13 1997/09/26 09:14:57 mdw Exp $ + * $Id: become.c,v 1.14 1998/01/12 16:45:39 mdw Exp $ * * Main code for `become' * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: become.c,v $ + * Revision 1.14 1998/01/12 16:45:39 mdw + * Fix copyright date. + * * Revision 1.13 1997/09/26 09:14:57 mdw * Merged blowfish branch into trunk. * diff --git a/src/become.h b/src/become.h index a38eaad..5518ed3 100644 --- a/src/become.h +++ b/src/become.h @@ -4,7 +4,7 @@ * * Main header file for `become' * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: become.h,v $ + * Revision 1.2 1998/01/12 16:45:42 mdw + * Fix copyright date. + * * Revision 1.1 1997/08/07 09:40:01 mdw * Added. No idea why this wasn't done before. * diff --git a/src/blowfish-sbox.h b/src/blowfish-sbox.h index 42099b3..5c45bbc 100644 --- a/src/blowfish-sbox.h +++ b/src/blowfish-sbox.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: blowfish-sbox.h,v 1.2 1997/08/04 10:24:20 mdw Exp $ + * $Id: blowfish-sbox.h,v 1.3 1998/01/12 16:45:43 mdw Exp $ * * Blowfish encryption routines * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licencing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: blowfish-sbox.h,v $ + * Revision 1.3 1998/01/12 16:45:43 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:20 mdw * Sources placed under CVS control. * diff --git a/src/blowfish.h b/src/blowfish.h index 668a661..d008988 100644 --- a/src/blowfish.h +++ b/src/blowfish.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: blowfish.h,v 1.4 1997/09/26 09:14:57 mdw Exp $ + * $Id: blowfish.h,v 1.5 1998/01/12 16:45:45 mdw Exp $ * * Blowfish encryption routines * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: blowfish.h,v $ + * Revision 1.5 1998/01/12 16:45:45 mdw + * Fix copyright date. + * * Revision 1.4 1997/09/26 09:14:57 mdw * Merged blowfish branch into trunk. * diff --git a/src/check.c b/src/check.c index 7e61433..1a7d507 100644 --- a/src/check.c +++ b/src/check.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: check.c,v 1.5 1997/09/26 09:14:58 mdw Exp $ + * $Id: check.c,v 1.6 1998/01/12 16:45:47 mdw Exp $ * * Check validity of requests * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: check.c,v $ + * Revision 1.6 1998/01/12 16:45:47 mdw + * Fix copyright date. + * * Revision 1.5 1997/09/26 09:14:58 mdw * Merged blowfish branch into trunk. * diff --git a/src/check.h b/src/check.h index 53b4c6b..f3d29db 100644 --- a/src/check.h +++ b/src/check.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: check.h,v 1.2 1997/08/04 10:24:21 mdw Exp $ + * $Id: check.h,v 1.3 1998/01/12 16:45:48 mdw Exp $ * * Check validity of requests * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: check.h,v $ + * Revision 1.3 1998/01/12 16:45:48 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:21 mdw * Sources placed under CVS control. * diff --git a/src/class.c b/src/class.c index 49b1341..581e93b 100644 --- a/src/class.c +++ b/src/class.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: class.c,v 1.6 1997/09/17 10:14:56 mdw Exp $ + * $Id: class.c,v 1.7 1998/01/12 16:45:50 mdw Exp $ * * Handling classes of things nicely * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: class.c,v $ - * Revision 1.6 1997/09/17 10:14:56 mdw + * Revision 1.7 1998/01/12 16:45:50 mdw + * Fix copyright date. + * + * Revision 1.6 1997/09/17 10:14:56 mdw * Complete rewrite to support class trees. Makes the behaviour of the set * operators much more logical. * diff --git a/src/class.h b/src/class.h index 6cf53a5..7d9a6c7 100644 --- a/src/class.h +++ b/src/class.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: class.h,v 1.3 1997/09/17 10:14:56 mdw Exp $ + * $Id: class.h,v 1.4 1998/01/12 16:45:53 mdw Exp $ * * Handling classes of things nicely * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: class.h,v $ - * Revision 1.3 1997/09/17 10:14:56 mdw + * Revision 1.4 1998/01/12 16:45:53 mdw + * Fix copyright date. + * + * Revision 1.3 1997/09/17 10:14:56 mdw * Complete rewrite to support class trees. Makes the behaviour of the set * operators much more logical. * diff --git a/src/crypt.c b/src/crypt.c index 4148cdb..1c400aa 100644 --- a/src/crypt.c +++ b/src/crypt.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: crypt.c,v 1.3 1997/09/26 09:14:58 mdw Exp $ + * $Id: crypt.c,v 1.4 1998/01/12 16:45:55 mdw Exp $ * * Cryptographic transfer of `become' requests * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: crypt.c,v $ + * Revision 1.4 1998/01/12 16:45:55 mdw + * Fix copyright date. + * * Revision 1.3 1997/09/26 09:14:58 mdw * Merged blowfish branch into trunk. * diff --git a/src/crypt.h b/src/crypt.h index 55a4753..a0d81fd 100644 --- a/src/crypt.h +++ b/src/crypt.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: crypt.h,v 1.3 1997/09/26 09:14:58 mdw Exp $ + * $Id: crypt.h,v 1.4 1998/01/12 16:45:57 mdw Exp $ * * Cryptographic transfer of `become' requests * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: crypt.h,v $ + * Revision 1.4 1998/01/12 16:45:57 mdw + * Fix copyright date. + * * Revision 1.3 1997/09/26 09:14:58 mdw * Merged blowfish branch into trunk. * diff --git a/src/daemon.c b/src/daemon.c index 61638df..cf293a1 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: daemon.c,v 1.8 1997/09/26 09:14:58 mdw Exp $ + * $Id: daemon.c,v 1.9 1998/01/12 16:45:59 mdw Exp $ * * Running a `become' daemon * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: daemon.c,v $ + * Revision 1.9 1998/01/12 16:45:59 mdw + * Fix copyright date. + * * Revision 1.8 1997/09/26 09:14:58 mdw * Merged blowfish branch into trunk. * diff --git a/src/daemon.h b/src/daemon.h index a1b1eef..9c9ce72 100644 --- a/src/daemon.h +++ b/src/daemon.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: daemon.h,v 1.2 1997/08/04 10:24:21 mdw Exp $ + * $Id: daemon.h,v 1.3 1998/01/12 16:46:01 mdw Exp $ * * Running a `become' daemon * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: daemon.h,v $ + * Revision 1.3 1998/01/12 16:46:01 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:21 mdw * Sources placed under CVS control. * diff --git a/src/icrypt.c b/src/icrypt.c index de1d508..b2dc21f 100644 --- a/src/icrypt.c +++ b/src/icrypt.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: icrypt.c,v 1.3 1997/09/26 09:14:58 mdw Exp $ + * $Id: icrypt.c,v 1.4 1998/01/12 16:46:02 mdw Exp $ * * Higher level encryption functions * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: icrypt.c,v $ + * Revision 1.4 1998/01/12 16:46:02 mdw + * Fix copyright date. + * * Revision 1.3 1997/09/26 09:14:58 mdw * Merged blowfish branch into trunk. * diff --git a/src/icrypt.h b/src/icrypt.h index 41bbcf8..dd7fa11 100644 --- a/src/icrypt.h +++ b/src/icrypt.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: icrypt.h,v 1.3 1997/09/26 09:14:58 mdw Exp $ + * $Id: icrypt.h,v 1.4 1998/01/12 16:46:03 mdw Exp $ * * Higher level encryption functions * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: icrypt.h,v $ + * Revision 1.4 1998/01/12 16:46:03 mdw + * Fix copyright date. + * * Revision 1.3 1997/09/26 09:14:58 mdw * Merged blowfish branch into trunk. * diff --git a/src/keygen.c b/src/keygen.c index 4e016fa..d9d6bde 100644 --- a/src/keygen.c +++ b/src/keygen.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: keygen.c,v 1.4 1997/12/08 15:29:27 mdw Exp $ + * $Id: keygen.c,v 1.5 1998/01/12 16:46:05 mdw Exp $ * * Key generation * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: keygen.c,v $ + * Revision 1.5 1998/01/12 16:46:05 mdw + * Fix copyright date. + * * Revision 1.4 1997/12/08 15:29:27 mdw * Major update: make random number sources configurable. Generate * warnings if there isn't enough randomness available. diff --git a/src/lexer.h b/src/lexer.h index c3bbc65..431f13d 100644 --- a/src/lexer.h +++ b/src/lexer.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: lexer.h,v 1.2 1997/08/04 10:24:23 mdw Exp $ + * $Id: lexer.h,v 1.3 1998/01/12 16:46:07 mdw Exp $ * * Lexical analyser for `become.conf' files * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: lexer.h,v $ + * Revision 1.3 1998/01/12 16:46:07 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:23 mdw * Sources placed under CVS control. * diff --git a/src/lexer.l b/src/lexer.l index ccaff7e..a3f3909 100644 --- a/src/lexer.l +++ b/src/lexer.l @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: lexer.l,v 1.2 1997/08/04 10:24:23 mdw Exp $ + * $Id: lexer.l,v 1.3 1998/01/12 16:46:07 mdw Exp $ * * Lexical analyser for `become.conf' files * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: lexer.l,v $ + * Revision 1.3 1998/01/12 16:46:07 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:23 mdw * Sources placed under CVS control. * diff --git a/src/md5.c b/src/md5.c index 23ce693..242e14c 100644 --- a/src/md5.c +++ b/src/md5.c @@ -1,11 +1,11 @@ /* -*-c-*- * - * $Id: md5.c,v 1.2 1997/08/04 10:24:23 mdw Exp $ + * $Id: md5.c,v 1.3 1998/01/12 16:46:11 mdw Exp $ * * MD-5 secure hash routines * Based on RSA MD-5 code * - * (c) 1996, 1997 Mark Wooding + * (c) 1996-1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -30,6 +30,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: md5.c,v $ + * Revision 1.3 1998/01/12 16:46:11 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:23 mdw * Sources placed under CVS control. * diff --git a/src/md5.h b/src/md5.h index bce4d47..a914c09 100644 --- a/src/md5.h +++ b/src/md5.h @@ -1,11 +1,11 @@ /* -*-c-*- * - * $Id: md5.h,v 1.2 1997/08/04 10:24:23 mdw Exp $ + * $Id: md5.h,v 1.3 1998/01/12 16:46:13 mdw Exp $ * * MD-5 secure hash routines * Based on RSA MD-5 code * - * (c) 1996, 1997 Mark Wooding + * (c) 1996-1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -30,6 +30,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: md5.h,v $ + * Revision 1.3 1998/01/12 16:46:13 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:23 mdw * Sources placed under CVS control. * diff --git a/src/name.c b/src/name.c index 91f045a..94f1dd8 100644 --- a/src/name.c +++ b/src/name.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: name.c,v 1.5 1997/09/17 10:26:11 mdw Exp $ + * $Id: name.c,v 1.6 1998/01/12 16:46:14 mdw Exp $ * * Looking up of names in symbol tables * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: name.c,v $ - * Revision 1.5 1997/09/17 10:26:11 mdw + * Revision 1.6 1998/01/12 16:46:14 mdw + * Fix copyright date. + * + * Revision 1.5 1997/09/17 10:26:11 mdw * Use rewritten class handler. Support `none' class. * * Revision 1.4 1997/08/20 16:17:59 mdw diff --git a/src/name.h b/src/name.h index bc24d65..1972481 100644 --- a/src/name.h +++ b/src/name.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: name.h,v 1.4 1997/09/17 10:26:11 mdw Exp $ + * $Id: name.h,v 1.5 1998/01/12 16:46:15 mdw Exp $ * * Looking up of names in symbol tables * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: name.h,v $ - * Revision 1.4 1997/09/17 10:26:11 mdw + * Revision 1.5 1998/01/12 16:46:15 mdw + * Fix copyright date. + * + * Revision 1.4 1997/09/17 10:26:11 mdw * Use rewritten class handler. Support `none' class. * * Revision 1.3 1997/08/20 16:18:05 mdw diff --git a/src/netg.c b/src/netg.c index 79bfa02..ab46385 100644 --- a/src/netg.c +++ b/src/netg.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: netg.c,v 1.2 1997/08/20 16:19:11 mdw Exp $ + * $Id: netg.c,v 1.3 1998/01/12 16:46:17 mdw Exp $ * * A local database of netgroups * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: netg.c,v $ - * Revision 1.2 1997/08/20 16:19:11 mdw + * Revision 1.3 1998/01/12 16:46:17 mdw + * Fix copyright date. + * + * Revision 1.2 1997/08/20 16:19:11 mdw * Patch memory leak. Replace `name_reinit' by `name_end' for more sensible * restart. Don't try to trace when tracing's turned off. * diff --git a/src/netg.h b/src/netg.h index 79a49e9..b0207b2 100644 --- a/src/netg.h +++ b/src/netg.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: netg.h,v 1.2 1997/08/20 16:19:24 mdw Exp $ + * $Id: netg.h,v 1.3 1998/01/12 16:46:18 mdw Exp $ * * A local database of netgroups * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: netg.h,v $ - * Revision 1.2 1997/08/20 16:19:24 mdw + * Revision 1.3 1998/01/12 16:46:18 mdw + * Fix copyright date. + * + * Revision 1.2 1997/08/20 16:19:24 mdw * Replace `name_reinit' by `name_end' for more sensible restart. * * Revision 1.1 1997/08/07 09:45:00 mdw diff --git a/src/noise.c b/src/noise.c index 88b4de5..d37daf5 100644 --- a/src/noise.c +++ b/src/noise.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: noise.c,v 1.2 1997/08/20 16:19:57 mdw Exp $ + * $Id: noise.c,v 1.3 1998/01/12 16:46:19 mdw Exp $ * * Collection of environmental noise * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: noise.c,v $ - * Revision 1.2 1997/08/20 16:19:57 mdw + * Revision 1.3 1998/01/12 16:46:19 mdw + * Fix copyright date. + * + * Revision 1.2 1997/08/20 16:19:57 mdw * Fix test for `/dev/random' so that it doesn't close `stdin' if it fails! * * Revision 1.1 1997/08/07 09:45:26 mdw diff --git a/src/noise.h b/src/noise.h index e87d351..171ab2b 100644 --- a/src/noise.h +++ b/src/noise.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: noise.h,v 1.1 1997/08/07 09:45:26 mdw Exp $ + * $Id: noise.h,v 1.2 1998/01/12 16:46:20 mdw Exp $ * * Collection of environmental noise * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: noise.h,v $ + * Revision 1.2 1998/01/12 16:46:20 mdw + * Fix copyright date. + * * Revision 1.1 1997/08/07 09:45:26 mdw * New source file added to acquire environmental noise and add it to the * randomness pool (see `rand.c'). diff --git a/src/parser.h b/src/parser.h index db09482..e1b5ac0 100644 --- a/src/parser.h +++ b/src/parser.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: parser.h,v 1.2 1997/08/04 10:24:24 mdw Exp $ + * $Id: parser.h,v 1.3 1998/01/12 16:46:21 mdw Exp $ * * Parser for `become.conf' files * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: parser.h,v $ + * Revision 1.3 1998/01/12 16:46:21 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:24 mdw * Sources placed under CVS control. * diff --git a/src/parser.y b/src/parser.y index a3860b4..8b4527b 100644 --- a/src/parser.y +++ b/src/parser.y @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: parser.y,v 1.4 1997/09/17 10:26:52 mdw Exp $ + * $Id: parser.y,v 1.5 1998/01/12 16:46:22 mdw Exp $ * * Parser for `become.conf' files * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: parser.y,v $ - * Revision 1.4 1997/09/17 10:26:52 mdw + * Revision 1.5 1998/01/12 16:46:22 mdw + * Fix copyright date. + * + * Revision 1.4 1997/09/17 10:26:52 mdw * Use rewritten class handler. Makes the expression parsers considerably * simpler. * diff --git a/src/rand.c b/src/rand.c index 3f18dbe..08e6181 100644 --- a/src/rand.c +++ b/src/rand.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: rand.c,v 1.2 1997/08/07 09:47:07 mdw Exp $ + * $Id: rand.c,v 1.3 1998/01/12 16:46:23 mdw Exp $ * * Random number generation * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licencing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: rand.c,v $ + * Revision 1.3 1998/01/12 16:46:23 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/07 09:47:07 mdw * Fix address of the FSF. * diff --git a/src/rand.h b/src/rand.h index bbd0fff..cb3d0f9 100644 --- a/src/rand.h +++ b/src/rand.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: rand.h,v 1.1 1997/08/07 09:46:05 mdw Exp $ + * $Id: rand.h,v 1.2 1998/01/12 16:46:24 mdw Exp $ * * Random number generation * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licencing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: rand.h,v $ + * Revision 1.2 1998/01/12 16:46:24 mdw + * Fix copyright date. + * * Revision 1.1 1997/08/07 09:46:05 mdw * New source file added to maintain a randomness pool. * diff --git a/src/rule.c b/src/rule.c index 2a40a73..83fe6f4 100644 --- a/src/rule.c +++ b/src/rule.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: rule.c,v 1.4 1997/09/17 10:27:17 mdw Exp $ + * $Id: rule.c,v 1.5 1998/01/12 16:46:25 mdw Exp $ * * Managing rule sets * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: rule.c,v $ - * Revision 1.4 1997/09/17 10:27:17 mdw + * Revision 1.5 1998/01/12 16:46:25 mdw + * Fix copyright date. + * + * Revision 1.4 1997/09/17 10:27:17 mdw * Use rewritten class handler. * * Revision 1.3 1997/08/20 16:22:36 mdw diff --git a/src/rule.h b/src/rule.h index 59fe406..fb6f816 100644 --- a/src/rule.h +++ b/src/rule.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: rule.h,v 1.4 1997/09/17 10:27:17 mdw Exp $ + * $Id: rule.h,v 1.5 1998/01/12 16:46:26 mdw Exp $ * * Managing rule sets * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: rule.h,v $ - * Revision 1.4 1997/09/17 10:27:17 mdw + * Revision 1.5 1998/01/12 16:46:26 mdw + * Fix copyright date. + * + * Revision 1.4 1997/09/17 10:27:17 mdw * Use rewritten class handler. * * Revision 1.3 1997/08/20 16:22:49 mdw diff --git a/src/sym.c b/src/sym.c index e2c6d54..99ec187 100644 --- a/src/sym.c +++ b/src/sym.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: sym.c,v 1.3 1997/08/20 16:22:59 mdw Exp $ + * $Id: sym.c,v 1.4 1998/01/12 16:46:28 mdw Exp $ * * Symbol table management * - * (c) 1996 Straylight + * (c) 1998 Straylight */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: sym.c,v $ - * Revision 1.3 1997/08/20 16:22:59 mdw + * Revision 1.4 1998/01/12 16:46:28 mdw + * Fix copyright date. + * + * Revision 1.3 1997/08/20 16:22:59 mdw * Patch memory leak. * * Revision 1.2 1997/08/04 10:24:25 mdw diff --git a/src/sym.h b/src/sym.h index 16511af..f8201fd 100644 --- a/src/sym.h +++ b/src/sym.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: sym.h,v 1.2 1997/08/04 10:24:25 mdw Exp $ + * $Id: sym.h,v 1.3 1998/01/12 16:46:30 mdw Exp $ * * Symbol table management * - * (c) 1996 Straylight + * (c) 1998 Straylight */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: sym.h,v $ + * Revision 1.3 1998/01/12 16:46:30 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:25 mdw * Sources placed under CVS control. * diff --git a/src/tx.c b/src/tx.c index 54a04f4..281902f 100644 --- a/src/tx.c +++ b/src/tx.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: tx.c,v 1.2 1997/08/04 10:24:25 mdw Exp $ + * $Id: tx.c,v 1.3 1998/01/12 16:46:31 mdw Exp $ * * Transfer for keys and other large integers * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: tx.c,v $ + * Revision 1.3 1998/01/12 16:46:31 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:25 mdw * Sources placed under CVS control. * diff --git a/src/tx.h b/src/tx.h index d5fef73..0bfcffc 100644 --- a/src/tx.h +++ b/src/tx.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: tx.h,v 1.2 1997/08/04 10:24:26 mdw Exp $ + * $Id: tx.h,v 1.3 1998/01/12 16:46:32 mdw Exp $ * * Transfer for keys and other large integers * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: tx.h,v $ + * Revision 1.3 1998/01/12 16:46:32 mdw + * Fix copyright date. + * * Revision 1.2 1997/08/04 10:24:26 mdw * Sources placed under CVS control. * diff --git a/src/userdb.c b/src/userdb.c index eb963d0..2db8ee5 100644 --- a/src/userdb.c +++ b/src/userdb.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: userdb.c,v 1.5 1997/09/17 10:24:08 mdw Exp $ + * $Id: userdb.c,v 1.6 1998/01/12 16:46:33 mdw Exp $ * * User database management * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: userdb.c,v $ - * Revision 1.5 1997/09/17 10:24:08 mdw + * Revision 1.6 1998/01/12 16:46:33 mdw + * Fix copyright date. + * + * Revision 1.5 1997/09/17 10:24:08 mdw * Use `uid_t' instead of `int' for uids and gids. Not quite sure why I * didn't do this before. * diff --git a/src/userdb.h b/src/userdb.h index 2507531..d04c13c 100644 --- a/src/userdb.h +++ b/src/userdb.h @@ -4,7 +4,7 @@ * * User database management * - * (c) 1997 EBI + * (c) 1998 EBI */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: userdb.h,v $ - * Revision 1.3 1997/08/20 16:25:08 mdw + * Revision 1.4 1998/01/12 16:46:38 mdw + * Fix copyright date. + * + * Revision 1.3 1997/08/20 16:25:08 mdw * Rename `userdb_reinit' to `userdb_end' for more sensible restart. * * Revision 1.2 1997/08/04 10:24:26 mdw diff --git a/src/utils.c b/src/utils.c index 637f29f..c6e1313 100644 --- a/src/utils.c +++ b/src/utils.c @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: utils.c,v 1.5 1997/09/17 10:24:47 mdw Exp $ + * $Id: utils.c,v 1.6 1998/01/12 16:46:47 mdw Exp $ * * Miscellaneous useful bits of code. * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: utils.c,v $ - * Revision 1.5 1997/09/17 10:24:47 mdw + * Revision 1.6 1998/01/12 16:46:47 mdw + * Fix copyright date. + * + * Revision 1.5 1997/09/17 10:24:47 mdw * Flush output before and after writing memory tracking information. * * Revision 1.4 1997/09/08 13:43:54 mdw diff --git a/src/utils.h b/src/utils.h index 869c4e9..a9752f6 100644 --- a/src/utils.h +++ b/src/utils.h @@ -1,10 +1,10 @@ /* -*-c-*- * - * $Id: utils.h,v 1.3 1997/08/20 16:25:37 mdw Exp $ + * $Id: utils.h,v 1.4 1998/01/12 16:46:52 mdw Exp $ * * Miscellaneous useful bits of code. * - * (c) 1997 Mark Wooding + * (c) 1998 Mark Wooding */ /*----- Licensing notice --------------------------------------------------* @@ -29,7 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: utils.h,v $ - * Revision 1.3 1997/08/20 16:25:37 mdw + * Revision 1.4 1998/01/12 16:46:52 mdw + * Fix copyright date. + * + * Revision 1.3 1997/08/20 16:25:37 mdw * Add some simple `malloc' tracking. * * Revision 1.2 1997/08/04 10:24:26 mdw -- [mdw] From 94455fbb88eeecde368ac25667c2e23ca8d1f29a Mon Sep 17 00:00:00 2001 Message-Id: <94455fbb88eeecde368ac25667c2e23ca8d1f29a.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Tue, 13 Jan 1998 11:10:44 +0000 Subject: [PATCH 05/16] Add `TZ' to the list of variables to be preserved. Organization: Straylight/Edgeware From: mdw --- src/become.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/become.c b/src/become.c index 79ec7ae..2b8eedd 100644 --- a/src/become.c +++ b/src/become.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: become.c,v 1.14 1998/01/12 16:45:39 mdw Exp $ + * $Id: become.c,v 1.15 1998/01/13 11:10:44 mdw Exp $ * * Main code for `become' * @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: become.c,v $ + * Revision 1.15 1998/01/13 11:10:44 mdw + * Add `TZ' to the list of variables to be preserved. + * * Revision 1.14 1998/01/12 16:45:39 mdw * Fix copyright date. * @@ -1139,7 +1142,7 @@ done_options: */ static char *preserve[] = { - "TERM", "DISPLAY", 0 + "TERM", "DISPLAY", "TZ", 0 }; /* --- Variables to be expunged --- * -- [mdw] From f50500029e3575849da1338435e4b10b6878b71a Mon Sep 17 00:00:00 2001 Message-Id: In-Reply-To: References: From: Mark Wooding Date: Tue, 20 Jan 1998 14:37:43 +0000 Subject: [PATCH 06/16] Fix typo. Short form of `--preserve' should be `-e', not `-p'. Organization: Straylight/Edgeware From: mdw --- manual/become.texi | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/manual/become.texi b/manual/become.texi index 211d027..0d87a2e 100644 --- a/manual/become.texi +++ b/manual/become.texi @@ -1,6 +1,6 @@ \input texinfo @c -*-texinfo-*- @c -@c $Id: become.texi,v 1.2 1998/01/12 16:41:31 mdw Exp $ +@c $Id: become.texi,v 1.3 1998/01/20 14:37:43 mdw Exp $ @c @c Documentation for `become' @c @@ -10,6 +10,9 @@ @c ----- Revision history --------------------------------------------------- @c @c $Log: become.texi,v $ +@c Revision 1.3 1998/01/20 14:37:43 mdw +@c Fix typo. Short form of `--preserve' should be `-e', not `-p'. +@c @c Revision 1.2 1998/01/12 16:41:31 mdw @c Tidying for new release versions. Fix copyright date. @c @@ -353,7 +356,7 @@ approach. As a result, there's now a collection of different login styles. Login styles are selected by giving command line arguments: @table @code -@item -p +@item -e @itemx --preserve The original style: try to preserve the existing user's environment as much as possible. -- [mdw] From e669724dbe589e85c6e32335cff510abb6148086 Mon Sep 17 00:00:00 2001 Message-Id: In-Reply-To: References: From: Mark Wooding Date: Tue, 20 Jan 1998 14:48:18 +0000 Subject: [PATCH 07/16] Distribute gpl.texi. Ooops. Organization: Straylight/Edgeware From: mdw --- manual/Makefile.am | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/manual/Makefile.am b/manual/Makefile.am index ab9952f..040a2af 100644 --- a/manual/Makefile.am +++ b/manual/Makefile.am @@ -1,7 +1,7 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.4 1998/01/12 16:45:35 mdw Exp $ +## $Id: Makefile.am,v 1.5 1998/01/20 14:48:18 mdw Exp $ ## ## Makefile for `become' ## @@ -29,6 +29,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.5 1998/01/20 14:48:18 mdw +## Distribute gpl.texi. Ooops. +## ## Revision 1.4 1998/01/12 16:45:35 mdw ## Fix copyright date. ## @@ -47,7 +50,7 @@ htmldir = @htmldir@ -EXTRA_DIST = texinfo.tex stamp-html.in +EXTRA_DIST = gpl.texi texinfo.tex stamp-html.in info_TEXINFOS = become.texi noinst_DATA = become_*.html -- [mdw] From 1144a3e977bd3e72b5ca812bf23f924c219c0392 Mon Sep 17 00:00:00 2001 Message-Id: <1144a3e977bd3e72b5ca812bf23f924c219c0392.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Fri, 20 Feb 1998 17:52:32 +0000 Subject: [PATCH 08/16] Don't use `df' for noise gathering, because it gets upset when NFS servers aren't responding. Organization: Straylight/Edgeware From: mdw --- src/noise.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/noise.c b/src/noise.c index d37daf5..e9c2e44 100644 --- a/src/noise.c +++ b/src/noise.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: noise.c,v 1.3 1998/01/12 16:46:19 mdw Exp $ + * $Id: noise.c,v 1.4 1998/02/20 17:52:32 mdw Exp $ * * Collection of environmental noise * @@ -29,6 +29,10 @@ /*----- Revision history --------------------------------------------------* * * $Log: noise.c,v $ + * Revision 1.4 1998/02/20 17:52:32 mdw + * Don't use `df' for noise gathering, because it gets upset when NFS + * servers aren't responding. + * * Revision 1.3 1998/01/12 16:46:19 mdw * Fix copyright date. * @@ -230,8 +234,8 @@ void noise_acquire(void) noise__shell("ps auxww"); noise__shell("ps -ef"); - noise__shell("df"); - /* @noise__shell("netstat -a");@ -- takes too long */ + /* @noise__shell("df");@ -- irritates NFS */ + noise__shell("netstat -an"); /* --- Get our resource usage to see if that's at all interesting --- */ -- [mdw] From 07981d857b7664ac8c90d24c03a2d1dc3f1d14a8 Mon Sep 17 00:00:00 2001 Message-Id: <07981d857b7664ac8c90d24c03a2d1dc3f1d14a8.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Fri, 20 Feb 1998 17:55:56 +0000 Subject: [PATCH 09/16] Fix default HTML directory. Organization: Straylight/Edgeware From: mdw --- configure.in | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/configure.in b/configure.in index 045f9cb..abf937d 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl -*-fundamental-*- dnl -dnl $Id: configure.in,v 1.10 1998/01/12 16:45:21 mdw Exp $ +dnl $Id: configure.in,v 1.11 1998/02/20 17:55:56 mdw Exp $ dnl dnl Source for auto configuration for `become' dnl @@ -28,6 +28,9 @@ dnl Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. dnl----- Revision history --------------------------------------------------- dnl dnl $Log: configure.in,v $ +dnl Revision 1.11 1998/02/20 17:55:56 mdw +dnl Fix default HTML directory. +dnl dnl Revision 1.10 1998/01/12 16:45:21 mdw dnl Fix copyright date. dnl @@ -112,7 +115,7 @@ AC_DEFINE_UNQUOTED(ETCDIR, "$etcdir") AC_ARG_WITH([htmldir], [ --with-htmldir=PATH set directory for HTML documentation [default is PREFIX/html/become]], -[htmldir="$withval"], [htmldir="${prefix}/html/become"]) +[htmldir="$withval"], [htmldir='${prefix}/html/become']) AC_SUBST(htmldir) dnl --- Debugging stuff --- -- [mdw] From 5b175cbbd74099aca651346b7ee9a8034f249217 Mon Sep 17 00:00:00 2001 Message-Id: <5b175cbbd74099aca651346b7ee9a8034f249217.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Fri, 20 Feb 1998 18:12:35 +0000 Subject: [PATCH 10/16] Make the `become' program setuid root when installing. Organization: Straylight/Edgeware From: mdw --- src/Makefile.am | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 31e95ae..effb91c 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,7 +1,7 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.8 1998/01/12 16:45:36 mdw Exp $ +## $Id: Makefile.am,v 1.9 1998/02/20 18:12:35 mdw Exp $ ## ## Makefile for `become' ## @@ -29,6 +29,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.9 1998/02/20 18:12:35 mdw +## Make the `become' program setuid root when installing. +## ## Revision 1.8 1998/01/12 16:45:36 mdw ## Fix copyright date. ## @@ -113,6 +116,17 @@ keygen_SOURCES = keygen.c become_DEPENDENCIES = libbcm.a keygen_DEPENDENCIES = libbcm.a +##----- Become must be setuid root ------------------------------------------ + +install-data-hook: + become_prog=${bindir}/`echo become|sed '${transform}'`; \ + { chown root $${become_prog} && \ + chmod 4755 $${become_prog}; } || \ + { echo ">>>>>"; \ + echo ">>>>> $${become_prog} must be installed setuid-root"; \ + echo ">>>>>"; \ + } + ##----- Testing ------------------------------------------------------------- ## --- The test programs --- -- [mdw] From 66872778965ee8bda3113caa581b7261c0213f98 Mon Sep 17 00:00:00 2001 Message-Id: <66872778965ee8bda3113caa581b7261c0213f98.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Thu, 23 Apr 1998 13:08:42 +0000 Subject: [PATCH 11/16] Fix formatting. Add new option to disable networking. Organization: Straylight/Edgeware From: mdw --- acconfig.h | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/acconfig.h b/acconfig.h index 621056f..3801920 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: acconfig.h,v 1.7 1998/01/12 16:45:20 mdw Exp $ + * $Id: acconfig.h,v 1.8 1998/04/23 13:08:42 mdw Exp $ * * Default settings for `become' config.h * @@ -29,6 +29,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: acconfig.h,v $ + * Revision 1.8 1998/04/23 13:08:42 mdw + * Fix formatting. Add new option to disable networking. + * * Revision 1.7 1998/01/12 16:45:20 mdw * Fix copyright date. * @@ -68,12 +71,15 @@ /* Define to be the size of an int. */ #define SIZEOF_INT 4 -/* Default login style can be `l_preserve', `l_setuser' or `l_login' */ +/* Default login style can be `l_preserve', `l_setuser' or `l_login'. */ #define DEFAULT_LOGIN_STYLE l_preserve /* This is replaced by `/' by `configure' -- leave alone for DOSness. */ #define PATHSEP '\\' +/* Define to turn off networking support. */ +#undef NONETWORK + /* Debugging options. */ #undef TRACING -- [mdw] From 45732897ad0f215eb9e756d1d3e8747ceb205852 Mon Sep 17 00:00:00 2001 Message-Id: <45732897ad0f215eb9e756d1d3e8747ceb205852.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Thu, 23 Apr 1998 13:09:24 +0000 Subject: [PATCH 12/16] Add new option to disable networking. Organization: Straylight/Edgeware From: mdw --- configure.in | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/configure.in b/configure.in index abf937d..986eecf 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl -*-fundamental-*- dnl -dnl $Id: configure.in,v 1.11 1998/02/20 17:55:56 mdw Exp $ +dnl $Id: configure.in,v 1.12 1998/04/23 13:09:24 mdw Exp $ dnl dnl Source for auto configuration for `become' dnl @@ -28,6 +28,9 @@ dnl Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. dnl----- Revision history --------------------------------------------------- dnl dnl $Log: configure.in,v $ +dnl Revision 1.12 1998/04/23 13:09:24 mdw +dnl Add new option to disable networking. +dnl dnl Revision 1.11 1998/02/20 17:55:56 mdw dnl Fix default HTML directory. dnl @@ -70,8 +73,8 @@ dnl AC_INIT(src/icrypt.c) AC_CONFIG_HEADER(config.h) PACKAGE=become -VERSION=1.2 -AC_DEFINE(VERSION, "1.2 (12 January 1998)") +VERSION=1.3pre1 +AC_DEFINE(VERSION, "1.3pre1 (23 April 1998)") AC_SUBST(PACKAGE) AC_SUBST(VERSION) @@ -103,6 +106,14 @@ esac], [style="l_preserve"]) AC_DEFINE_UNQUOTED(DEFAULT_LOGIN_STYLE, $style) +dnl --- Choose networking options --- + +AC_ARG_ENABLE([network], +[ --disable-network disable the client-server bits of the program], + [if test "$enableval" = "no"; then + AC_DEFINE(NONETWORK) + fi]) + dnl --- Set configuration directory --- AC_ARG_WITH([etcdir], -- [mdw] From 3d7dcae86b724ac5fbbc1e967390f9d541386742 Mon Sep 17 00:00:00 2001 Message-Id: <3d7dcae86b724ac5fbbc1e967390f9d541386742.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Thu, 23 Apr 1998 13:10:34 +0000 Subject: [PATCH 13/16] Add new file `texinice.tex' to the distribution. Organization: Straylight/Edgeware From: mdw --- manual/Makefile.am | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/manual/Makefile.am b/manual/Makefile.am index 040a2af..da293ee 100644 --- a/manual/Makefile.am +++ b/manual/Makefile.am @@ -1,7 +1,7 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.5 1998/01/20 14:48:18 mdw Exp $ +## $Id: Makefile.am,v 1.6 1998/04/23 13:10:34 mdw Exp $ ## ## Makefile for `become' ## @@ -29,6 +29,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.6 1998/04/23 13:10:34 mdw +## Add new file `texinice.tex' to the distribution. +## ## Revision 1.5 1998/01/20 14:48:18 mdw ## Distribute gpl.texi. Ooops. ## @@ -50,7 +53,7 @@ htmldir = @htmldir@ -EXTRA_DIST = gpl.texi texinfo.tex stamp-html.in +EXTRA_DIST = gpl.texi texinfo.tex texinice.tex stamp-html.in info_TEXINFOS = become.texi noinst_DATA = become_*.html -- [mdw] From 10bc033fb9d7a29c5e0b4f05c46e40cc10e081b3 Mon Sep 17 00:00:00 2001 Message-Id: <10bc033fb9d7a29c5e0b4f05c46e40cc10e081b3.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Thu, 23 Apr 1998 13:16:14 +0000 Subject: [PATCH 14/16] Include `texinice' to produce decent printed output. Add documentation for new `bcquery' program. Various fixes, including spelling mistakes, and some factual inaccuracies. Organization: Straylight/Edgeware From: mdw --- manual/become.texi | 352 ++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 315 insertions(+), 37 deletions(-) diff --git a/manual/become.texi b/manual/become.texi index 0d87a2e..cdf6ef1 100644 --- a/manual/become.texi +++ b/manual/become.texi @@ -1,6 +1,6 @@ \input texinfo @c -*-texinfo-*- @c -@c $Id: become.texi,v 1.3 1998/01/20 14:37:43 mdw Exp $ +@c $Id: become.texi,v 1.4 1998/04/23 13:16:14 mdw Exp $ @c @c Documentation for `become' @c @@ -10,6 +10,11 @@ @c ----- Revision history --------------------------------------------------- @c @c $Log: become.texi,v $ +@c Revision 1.4 1998/04/23 13:16:14 mdw +@c Include `texinice' to produce decent printed output. Add documentation +@c for new `bcquery' program. Various fixes, including spelling mistakes, +@c and some factual inaccuracies. +@c @c Revision 1.3 1998/01/20 14:37:43 mdw @c Fix typo. Short form of `--preserve' should be `-e', not `-p'. @c @@ -23,13 +28,13 @@ @c ----- Standard boilerplate ----------------------------------------------- @c %**start of header -@setfilename become +@setfilename become.info @settitle Become @setchapternewpage odd @footnotestyle end @paragraphindent 0 @iftex -@c @smallbook +@input texinice.tex @afourpaper @c @parindent=0pt @end iftex @@ -37,7 +42,7 @@ @c ----- Useful macros ------------------------------------------------------ -@set version 1.2 +@set version 1.3 @c ----- Copyright matters -------------------------------------------------- @@ -80,12 +85,12 @@ approved by the European Bioinformatics Institute. @title The Become program @subtitle Become version @value{version} -@author Mark Wooding (@email{mdw@@ebi.ac.uk}) +@author Mark Wooding @email{mdw@@ebi.ac.uk} @page @vskip 0pt plus 1filll -Copyright @copyright{} 1997 European Bioinformatics Institute. +Copyright @copyright{} 1998 European Bioinformatics Institute. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are @@ -158,7 +163,7 @@ How Become handles groups Considerations for X authority -* The user-group method:: A secure method for handling X authority +* The user-group method:: A fairly secure way of handling X authority * Using xauth:: A less secure method, which might be easier Become administration @@ -170,14 +175,24 @@ Become administration The configuration file +* Requests and rules:: How the configuration file works * Basic syntax:: Quick overview of Become's syntax * Classes:: Defining classes of things * Predefined classes:: Become predefines some (maybe) useful classes * Allow statements:: Allow users to become other users * Other statements:: Some other useful statements * Example configuration file:: An example, showing a few features. +* Checking and querying:: Checking and querying configuration files * Complete grammar:: Complete grammar for Become config files +Checking and querying the configuration file + +* Verifying config files:: Checking a configuration file is correct +* Querying config files:: Asking questions about privileges +* Output formats:: Different ways of formatting output +* Restricting output:: Being selective about what gets output +* bcquery reference:: Complete command line reference + Networked configuration * Choosing servers:: Which servers Become tries to talk to @@ -200,7 +215,6 @@ Invoking Become @node Copying, Introduction, Top, Top @unnumbered The GNU General Public License - @include gpl.texi @@ -217,7 +231,7 @@ to get changed very often, and they have a habit of spreading beyond the group of legitimate users. The Become program presented here offers a solution to the problems of -shared accounts. It allows the system adminstrator to define which +shared accounts. It allows the system administrator to define which users are allowed access to which accounts, on which hosts, and to execute which commands. Such shared accounts can then, in general, have their passwords removed. @@ -469,9 +483,21 @@ while users are getting used to the freedom offered by the `preserve' style. @subsubsection The `login' login style The `login' style causes Become to attempt to emulate a full login. Become -will empty the environment of any variables which aren't explicitly preserved -(@pxref{Tweaking the environment}). It will then set the following -variables: +will empty the environment of almost variables which aren't explicitly +preserved (@pxref{Tweaking the environment}). However, the following +variables are retained: + +@itemize @bullet +@item +TERM +@item +DISPLAY +@item +TZ +@end itemize + +@noindent +It will set the following variables: @table @code @item USER @@ -686,8 +712,11 @@ There are two basic approaches. Either you can send the shared account a copy of your display's magic cookie, or you can retain permission to read the cookie file. +Be aware that allowing a shared account to connect to your X display is a +security risk. + @menu -* The user-group method:: A secure method for handling X authority +* The user-group method:: A fairly secure way of handling X authority * Using xauth:: A less secure method, which might be easier @end menu @@ -695,10 +724,10 @@ cookie file. @node The user-group method, Using xauth, X authority, X authority @subsection The user-group method for handling X authority -This method is completely secure only if your site uses the `user-group' -system. In this system, each user is allocated a group containing only that -user. Usually this is made the user's default primary group, although that's -not necessary here. +This method is secure only if your site uses the `user-group' system. In +this system, each user is allocated a group containing only that user. +Usually this is made the user's default primary group, although that's not +necessary here. When you start a new X session, ensure that your cookie file is owned by you and your private group. Change the file's permissions so that it's group @@ -706,6 +735,10 @@ readable. Finally, ensure that your private group is retained when you become someone else (@pxref{Group permissions}), and that the @code{XAUTHORITY} variable is set correctly. +Note that Unix's security mechanisms aren't designed to prevent processes +owned by the same user from interfering with each other. This method does +not provide complete security. + The following Bourne shell code in a @file{.xinitrc} should do most of the work: @@ -754,9 +787,8 @@ endif in @file{.cshrc} for C shell users. - @node Using xauth, , The user-group method, X authority -@subsection The `xauth' method for handling X authority +@subsection The @code{xauth} method for handling X authority This method sends your X cookie to the shared account. It's therefore intrinsically dangerous: you must be able to trust the other users of the @@ -920,7 +952,7 @@ locally: the program reads the configuration file, and decides whether it should grant or deny permission. Standalone installations don't depend on servers being available, or even on -the existance of a network. They're useful for small sites, or sites with a +the existence of a network. They're useful for small sites, or sites with a small number of users. The disadvantages are that reading the configuration file takes a while, so the program doesn't feel as responsive as it should, and ensuring that all the hosts' configuration files are synchronised becomes @@ -953,17 +985,58 @@ requests. It may also contain additional information for the benefit of Become daemons, if you're using a networked installation. @menu +* Requests and rules:: How the configuration file works * Basic syntax:: Quick overview of Become's syntax * Classes:: Defining classes of things * Predefined classes:: Become predefines some (maybe) useful classes * Allow statements:: Allow users to become other users * Other statements:: Some other useful statements * Example configuration file:: An example, showing a few features. +* Checking and querying:: Checking and querying configuration files * Complete grammar:: Complete grammar for Become config files @end menu -@node Basic syntax, Classes, The configuration file, The configuration file +@node Requests and rules, Basic syntax, The configuration file, The configuration file +@subsection Requests and rules + +Become looks at four pieces of information when it's analysing a request: + +@itemize @bullet +@item +the user's current identity; +@item +the identity the user wishes to assume; +@item +the host which generated the request; and +@item +the command the user wishes to run. +@end itemize + +Each of these pieces of information is looked at when Become decides whether +to honour a request. + +The configuration file's main purpose is to describe the conditions under +which Become should honour a request. These conditions are described by a +number of @emph{rules}. A rule consists of two lists of users (called `from' +and `to'), a list of hosts, and a list of commands. A rule matches a request +if: + +@itemize @bullet +@item +the user's current identity is in the rule's `from' list; +@item +the target user's identity is in the rule's `to' list; +@item +the host is in the rule's host list; and +@item +the command to be run is in the rule's command list. +@end itemize + +A request is honoured if there is a rule which matches the request. + + +@node Basic syntax, Classes, Requests and rules, The configuration file @subsection Basic configuration file syntax The configuration file consists of a sequence of statements, each terminated @@ -980,9 +1053,6 @@ it may be (including quotes, backslashes and newlines). Names begin with an alphabetic character or an underscore, and consist of letters, digits and underscores. -In general, ... - - @node Classes, Predefined classes, Basic syntax, The configuration file @subsection Classes @@ -1028,8 +1098,8 @@ user MUNDANES = all - SYSHACKS; @end example @noindent -The @code{none} class isn't particularly useful in itself. It's there for -completeness. +The @code{none} class is provided because it's needed internally anyway and +someone might come up with a use for it. Become also defines some other classes: @@ -1059,16 +1129,15 @@ that a Become server can be run on a machine which allows restricted logins. It still needs to know about all the users known to the outside world. Netgroups are read only from the NIS servers. In particular, although GNU -systems allow netgroup databases to be stored in local files, Become wonn't +systems allow netgroup databases to be stored in local files, Become won't read them because there's no defined interface for enumerating netgroups. @node Allow statements, Other statements, Predefined classes, The configuration file @subsection Allow statements -Defining classes is just a means to an end. The end is to specify which -users are allowed to do what, where, and as whom. This is done with an -@code{allow} statement: +The @code{allow} statement defines the rules Become uses when deciding +whether to grant a request; see @ref{Requests and rules}. @example allow [[@var{host-class}]] [@var{user-class}] -> [@var{user-class}] [ : @var{command-class}] @@ -1105,7 +1174,7 @@ listen; the @var{port} may be be an integer or a quoted service name. The @var{key-file}, which must be a quoted string. -@node Example configuration file, Complete grammar, Other statements, The configuration file +@node Example configuration file, Checking and querying, Other statements, The configuration file @subsection An example configuration file @example @@ -1121,11 +1190,219 @@ user NEWS = "fred", "jim"; allow NEWS -> "news"; user HTTP = "jim", "bob"; -allow HTTP -> "httpd" : "/bin/kill", "/etc/init.d/httpd"; +allow ["www.somewhere.com"] + HTTP -> "httpd" : "/bin/kill", "/etc/init.d/httpd"; +@end example + + +@node Checking and querying, Complete grammar, Example configuration file, The configuration file +@subsection Checking and querying the configuration file + +At a reasonably sized site, Become configuration files can get rather large, +and becomes tricky to work out exactly who's allowed to do what and where. + +The @code{bcquery} tool provided allows Become configuration files to be +verified and queried. It can be used to ensure that a file is syntactically +correct before it is deployed, or to enquire about privileges granted. + +@menu +* Verifying config files:: Checking a configuration file is correct +* Querying config files:: Asking questions about privileges +* Output formats:: Different ways of formatting output +* Restricting output:: Being selective about what gets output +* bcquery reference:: Complete command line reference +@end menu + +@node Verifying config files, Querying config files, Checking and querying, Checking and querying +@subsubsection Verifying configuration files + +A common use of @code{bcquery} is to ensure that a configuration file is +actually valid. The command + +@example +bcquery [-file @var{file}] -check @end example +@noindent +verifies that a configuration file conforms to Become's expectations. If +there are any errors in @var{file}, they are reported, and @code{bcquery} +will return a nonzero exit code. + +If no @var{file} is specified, @code{bcquery} will read the configuration +file which Become itself reads by default, usually +@code{/etc/become/become.conf}. + + +@node Querying config files, Output formats, Verifying config files, Checking and querying +@subsubsection Querying configuration files -@node Complete grammar, , Example configuration file, The configuration file +The @code{bcquery} program will list all rules which match a selected request +pattern. For example, you can display all rules which allow a particular +user to change identity, or all rules which allow people to assume root +privileges on a particular host. + +@example +bcquery [-file @var{file}] @var{query} +@end example + +The following simple queries are supported: + +@table @asis +@item @code{-from} @var{user} +Matches any rule containing @var{user} in its `from' list. +@item @code{-to} @var{user} +Matches any rule containing @var{user} in its `to' list. +@item @code{-host} @var{host} +Matches any rule containing @var{host} in its host list. +@item @code{-command} @var{cmd} +Matches any rule containing @var{cmd} in its `command' list. +@end table + +@noindent +Simple queries can be combined using the following operators: + +@table @asis +@item @var{query-a} @code{-or} @var{query-b} +Matches a rule matched by either @var{query-a} or @var{query-b}. +@item @var{query-a} @code{-and} @var{query-b} +Matches a rule matched by both @var{query-a} and @var{query-b}. +@item @code{-not} @var{query} +Matches a rule which is not matched by @var{query}. +@item @code{(} @var{query} @code{)} +Matches a rule matched by @var{query} (overrides default precedence). +@end table + +The @code{-and}, @code{-or} and @code{-not} operators may be written +@code{&}, @code{|} and @code{!} respectively, if you prefer, and the +@code{-and} operator is optional. These characters (and the parentheses +@code{(} and @code{)}) may need to be quoted to prevent interpretation by the +shell. + +Some examples may explain what's going on: + +@table @samp +@item bcquery -from hacker +Displays all rules applying to user `hacker'. +@item bcquery -host somehost -to root +Displays rules allowing people to become root on @code{somehost}. +@end table + + +@node Output formats, Restricting output, Querying config files, Checking and querying +@subsubsection Output formats + +The @code{bcquery} program has two distinct output formats: `rows' and +`columns'. + +The `columns' format is probably the simpler to understand, and certainly the +easier to read. Each matching record is displayed with the lists of users, +hosts and commands in columns. A query on the example configuration file +(@pxref{Example configuration file}) is shown below: + +@example +FROM TO HOST COMMAND + +frankie root ALL ALL +selina + +fred news ALL ALL +jim + +jim httpd www.somewhere.com /bin/kill +bob /etc/init.d/httpd +@end example + +@noindent +The `columns' format can only show simple lists. A more complex class +definition will show up as @samp{} in a `columns' format listing. + +The `rows' format is capable of displaying classes in their full generality, +but is harder to parse and read. It displays each list in the form of an +expression, in more or less the same syntax as a class definition +(@pxref{Classes}). + +The default behaviour is to use `columns' format where possible, or `rows' +format if some of the lists are too complex to be represented in columns. +You can select a format explicitly using the @code{-columns} or @code{-rows} +options, which is useful if you're trying to parse the output of +@code{bcquery} with a script. + + +@node Restricting output, bcquery reference, Output formats, Checking and querying +@subsubsection Restricting output + +It's also possible to suppress bits of information about each matched rule. +For example, you can show only the `from' list, or just the `to' and `host' +lists. This is done with the @code{-output} option. + +Each list is given a letter; the `from' list is called @samp{f}, the `to' +list @samp{t}, the host list @samp{h} and the command list @samp{c}. You can +select which lists are displayed by giving the corresponding letters (the +order isn't important). You can also turn individual lists on or off by +preceding the characters with @samp{+} or @samp{-} characters. If you start +with a @samp{+} or @samp{-}, then the last-set selection (or the initial +default of all-lists-enabled) is modified. + +For example, @samp{-output ftc} shows only the `from', `to' and `command' +lists. This could be written @samp{-output -h} too, to turn the hosts list +off. + +This option is mainly useful with the `columns' output format (@pxref{Output +formats}) to save scripts having to select columns out themselves. + + +@node bcquery reference, , Restricting output, Checking and querying +@subsubsection @code{bcquery} options summary + +@example +bcquery [@var{option}@dots{}] [@var{query}] +@end example + +The @var{option}s available are: + +@table @asis +@item @code{-help} +Displays a summary of the available options, and exits. + +@item @code{-file} @var{file} +Read @var{file}, rather than the compiled-in default (usually +@file{/etc/become/become.conf}). + +@item @code{-dump} +Don't read a configuration file. Instead, display the query tree parsed from +the command line. This is a debugging feature. + +@item @code{-check} +Don't attempt to output any rules. Instead, just check the configuration +file for validity. + +@item @code{-output} @var{spec} +Selects which columns are to be displayed for each matching rule. +For full details, see @ref{Restricting output}. + +@item @code{-columns} +@itemx @code{-rows} +Forces `columns' or `rows' output format. @xref{Output formats}. + +@item @code{-nohead} +Suppress the header line at the top of the output in `columns' mode. Makes +the output more amenable to automatic processing (but harder to read). + +@item @code{-from} @var{user} +@itemx @code{-to} @var{user} +@itemx @code{-host} @var{hostname} +@itemx @code{-command} @var{cmd} +Simple queries for selecting rules. @xref{Querying config files}. + +@item @code{-and} +@itemx @code{-or} +@itemx @code{-not} +Operators for combining queries into something useful. @xref{Querying config +files}. +@end table + + +@node Complete grammar, , Checking and querying, The configuration file @subsection Complete grammar for configuration files @format @@ -1190,6 +1467,7 @@ allow HTTP -> "httpd" : "/bin/kill", "/etc/init.d/httpd"; @end format + @node Networked configuration, , The configuration file, Administering Become @section Networked configuration @@ -1467,7 +1745,7 @@ unusual @code{argv[0]} which might cause unusual behaviour. The @var{command} name is used both as the command to execute and passed to the command as @code{argv[0]}. It is not possible to specify an alternative -calue to be passed as @code{argv[0]}. Subsequent arguments, if supplied, are +value to be passed as @code{argv[0]}. Subsequent arguments, if supplied, are passed as @code{argv[1]} upwards. If no @var{command} is given, a shell is invoked; the particulars of the @@ -1532,8 +1810,8 @@ Listen for requests on @var{port}. This option is overridden by the @item -f @var{file} @itemx --config-file=@var{file} -Read configuration from @var{file}, instead of the default (usually -@file{/etc/become/become.conf}). +Read configuration from @var{file}, instead of the default (set at +compile time, usually @file{/etc/become/become.conf}). @end table The syntax of the configuration file is described in @ref{The configuration @@ -1582,7 +1860,7 @@ outcome; it will not execute any commands. @c @unnumbered Concept index @c @printindex cp @c -@c @contents +@contents @bye -- [mdw] From 4710b942ec00e97533a074fdf62a523f969c2721 Mon Sep 17 00:00:00 2001 Message-Id: <4710b942ec00e97533a074fdf62a523f969c2721.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Thu, 23 Apr 1998 13:17:17 +0000 Subject: [PATCH 15/16] New program `bcquery', and `ypstuff' module added. Organization: Straylight/Edgeware From: mdw --- src/Makefile.am | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index effb91c..99e9583 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,7 +1,7 @@ ## Process this file with `automake' to generate `Makefile.in' ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.9 1998/02/20 18:12:35 mdw Exp $ +## $Id: Makefile.am,v 1.10 1998/04/23 13:17:17 mdw Exp $ ## ## Makefile for `become' ## @@ -29,6 +29,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.10 1998/04/23 13:17:17 mdw +## New program `bcquery', and `ypstuff' module added. +## ## Revision 1.9 1998/02/20 18:12:35 mdw ## Make the `become' program setuid root when installing. ## @@ -66,7 +69,7 @@ ## --- What to make --- -bin_PROGRAMS = become keygen +bin_PROGRAMS = become keygen bcquery noinst_LIBRARIES = bcm ##----- Building the main code ---------------------------------------------- @@ -76,7 +79,7 @@ noinst_LIBRARIES = bcm bcm_SOURCES = \ check.c daemon.c \ lexer.l parser.y \ - class.c name.c netg.c rule.c sym.c userdb.c \ + class.c name.c netg.c rule.c sym.c userdb.c ypstuff.c \ crypt.c \ noise.c rand.c \ icrypt.c blowfish.c md5.c \ @@ -85,7 +88,7 @@ bcm_SOURCES = \ become.h \ check.h daemon.h \ lexer.h parser.h \ - class.h name.h netg.h rule.h sym.h userdb.h \ + class.h name.h netg.h rule.h sym.h userdb.h ypstuff.h \ crypt.h \ noise.h rand.h \ icrypt.h blowfish.h blowfish-sbox.h md5.h \ @@ -112,9 +115,11 @@ LDADD = libbcm.a @LEXLIB@ become_SOURCES = become.c keygen_SOURCES = keygen.c +bcquery_SOURCES = bcquery.c become_DEPENDENCIES = libbcm.a keygen_DEPENDENCIES = libbcm.a +bcquery_DEPENDENCIES = libbcm.a ##----- Become must be setuid root ------------------------------------------ -- [mdw] From 908a5930383a9939b4847e2cba559f86871d5ffc Mon Sep 17 00:00:00 2001 Message-Id: <908a5930383a9939b4847e2cba559f86871d5ffc.1718395058.git.mdw@distorted.org.uk> In-Reply-To: References: From: Mark Wooding Date: Thu, 23 Apr 1998 13:20:20 +0000 Subject: [PATCH 16/16] Added new program to verify and query Become configuration files. Organization: Straylight/Edgeware From: mdw --- src/bcquery.c | 866 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 866 insertions(+) create mode 100644 src/bcquery.c diff --git a/src/bcquery.c b/src/bcquery.c new file mode 100644 index 0000000..e43d075 --- /dev/null +++ b/src/bcquery.c @@ -0,0 +1,866 @@ +/* -*-c-*- + * + * $Id: bcquery.c,v 1.1 1998/04/23 13:20:20 mdw Exp $ + * + * Query and dump Become's configuration file + * + * (c) 1998 EBI + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of `become' + * + * `Become' is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * `Become' is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with `become'; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/*----- Revision history --------------------------------------------------* + * + * $Log: bcquery.c,v $ + * Revision 1.1 1998/04/23 13:20:20 mdw + * Added new program to verify and query Become configuration files. + * + */ + +/*----- Header files ------------------------------------------------------*/ + +/* --- ANSI headers --- */ + +#include +#include +#include +#include +#include +#include +#include + +/* --- Unix headers --- */ + +#include +#include +#include +#include + +#include + +#include + +#include +#include +#include +#include +#include + +/* --- Local headers --- */ + +#include "become.h" +#include "class.h" +#include "config.h" +#include "daemon.h" +#include "lexer.h" +#include "mdwopt.h" +#include "name.h" +#include "netg.h" +#include "parser.h" +#include "rule.h" +#include "sym.h" +#include "utils.h" +#include "userdb.h" + +/*----- Type definitions --------------------------------------------------*/ + +enum { + cat_where = 1u, + cat_from = 2u, + cat_to = 4u, + cat_what = 8u, + cat_and = 16u, + cat_or = 17u, + cat_not = 18u +}; + +typedef struct qnode { + unsigned q_cat; + union { + uid_t uid; + struct in_addr in; + const char *cmd; + struct { + struct qnode *l, *r; + } q; + } q; +#define q_uid q.uid +#define q_in q.in +#define q_cmd q.cmd +#define q_left q.q.l +#define q_right q.q.r +#define q_arg q_left +} qnode; + +/*----- Static variables --------------------------------------------------*/ + +enum { + f_dump = 1u, + f_userdb = 2u, + f_header = 4u, + f_match = 8u, + f_single = 16u, + f_simple = 32u, + f_force = 64u, + f_check = 128u, + f_nohead = 256u +}; + +static int ac; +static char **av; +static int opt; +static unsigned flags; +static const char *cf = file_RULES; +static unsigned outmask = cat_where | cat_from | cat_to | cat_what; + +/*----- Low-level options handling ----------------------------------------*/ + +/* --- @optname@ --- * + * + * Arguments: --- + * + * Returns: Pointer to a string describing the current option. + * + * Use: Creates a textual description of an option for use in + * error messages. + */ + +static const char *optname(void) +{ + static char buf[2]; + switch (opt) { + case 'H': return ("-host"); + case 'F': return ("-from"); + case 'T': return ("-to"); + case 'C': return ("-command"); + case 0: return (optarg); + case '(': case ')': case '&': case '|': case '!': + buf[0] = opt; + buf[1] = 0; + return (buf); + case EOF: return (""); + default: return (""); + } +} + +/* --- @nextopt@ --- * + * + * Arguments: --- + * + * Returns: Next option id, or @EOF@. + * + * Use: Reads the next option. Does a lot of the messy work of + * options parsing. + */ + +static int nextopt(void) +{ + const static struct option opts[] = { + { "help", 0, 0, 'h' }, + + { "file", gFlag_argReq, 0, 'f' }, + { "dump", 0, 0, 'd' }, + { "check", 0, 0, 'k' }, + + { "output", gFlag_argReq, 0, 'o' }, + { "columns", 0, 0, '|' }, + { "rows", 0, 0, '-' }, + { "nohead", 0, 0, 'n' }, + + { "host", gFlag_argReq, 0, 'H' }, + { "from", gFlag_argReq, 0, 'F' }, + { "to", gFlag_argReq, 0, 'T' }, + { "command", gFlag_argReq, 0, 'C' }, + + { "and", 0, 0, '&' }, + { "or", 0, 0, '|' }, + { "not", 0, 0, '!' }, + + { 0, 0, 0, 0 } + }; + +again: + opt = mdwopt(ac, av, "-", opts, 0, 0, gFlag_noShorts); + + switch (opt) { + case 'h': + printf("" +"Usage: %s [-help]\n" +" %s [-output COLS] [-dump] [-file FILE] [EXPR | -check]\n" +"\n" +"Reads the `become' configuration file FILE (or " file_RULES " by\n" +"default) and writes the rules which match the EXPR.\n" +"\n" +"EXPR may make use of the following operators: `-host HOST', `-from USER',\n" +"`-to USER', and `-command CMD'. You may join them together with `-and',\n" +"`-or' and `-not' operators (which may be spelled `&', `|' and `!' if you\n" +"prefer), and group subexpressions with parentheses `(' and `)'.\n", + quis(), quis()); + exit(0); + case 'd': + flags |= f_dump; + goto again; + case 'f': + cf = optarg; + goto again; + case '|': + flags |= f_simple; + /* Drop through */ + case '-': + flags |= f_force; + goto again; + case 'k': + flags |= f_check; + goto again; + case 'n': + flags |= f_nohead; + goto again; + case 'o': { + char *p = optarg; + enum { m_replace, m_add, m_remove } mode = m_replace; + unsigned bit; + + while (*p) { + switch (*p) { + case '+': + mode = m_add; + break; + case '-': + mode = m_remove; + break; + case 'h': + bit = cat_where; + goto setbits; + case 'f': + bit = cat_from; + goto setbits; + case 't': + bit = cat_to; + goto setbits; + case 'c': + bit = cat_what; + goto setbits; + default: + die("unknown column specifier `%c'", *p); + break; + setbits: + if (mode == m_replace) { + outmask = 0; + mode = m_add; + } + if (mode == m_add) + outmask |= bit; + else if (mode == m_remove) + outmask &= ~bit; + else + die("bad mode while setting output mask: %u", mode); + break; + } + p++; + } + goto again; + } + case '?': + die("type `%s --help' for usage information", quis()); + case 0: + if (optarg[0] && optarg[1] == 0) switch (optarg[0]) { + case '(': case ')': + case '&': case '|': case '!': + opt = optarg[0]; + break; + } + if (!opt) + die("unexpected text `%s' found", optarg); + break; + } + + return (opt); +} + +/*----- Recursive descent query parser ------------------------------------*/ + +/* --- @qparse@ --- * + * + * Arguments: --- + * + * Returns: A pointer to the finished tree. + * + * Use: Scans the command line arguments and makes them into a tree. + */ + +static qnode *qparse_expr(void); + +static qnode *qparse_atom(void) +{ + switch (opt) { + case '(': { + qnode *q; + nextopt(); + q = qparse_expr(); + if (opt != ')') + die("syntax error: expected `)', found `%s'", optname()); + nextopt(); + return (q); + } + case 'H': { + struct hostent *h; + qnode *q = xmalloc(sizeof(*q)); + h = gethostbyname(optarg); + if (!h) + die("unknown host `%s'", optarg); + q->q_cat = cat_where; + memcpy(&q->q_in, h->h_addr, sizeof(struct in_addr)); + nextopt(); + return (q); + } + case 'F': case 'T': { + qnode *q = xmalloc(sizeof(*q)); + q->q_cat = (opt == 'F' ? cat_from : cat_to); + if (isdigit((unsigned char)optarg[0])) + q->q_uid = atoi(optarg); + else { + struct passwd *pw; + if (!(flags & f_userdb)) { + userdb_init(); + userdb_local(); + userdb_yp(); + flags |= f_userdb; + } + pw = userdb_userByName(optarg); + if (!pw) + die("unknown user `%s'", optarg); + q->q_uid = pw->pw_uid; + } + nextopt(); + return (q); + } + case 'C': { + qnode *q = xmalloc(sizeof(*q)); + q->q_cat = cat_what; + q->q_cmd = optarg; + nextopt(); + return (q); + } + default: + die("unexpected token: `%s'", optname()); + } + return (0); +} + +static qnode *qparse_factor(void) +{ + if (opt == '!') { + qnode *q = xmalloc(sizeof(*q)); + nextopt(); + q->q_cat = cat_not; + q->q_arg = qparse_atom(); + return (q); + } else + return (qparse_atom()); +} + +static qnode *qparse_term(void) +{ + qnode *top, *q, **qq; + qq = ⊤ + +again: + q = qparse_factor(); + switch (opt) { + case '&': + nextopt(); + case 'H': case 'F': case 'T': case 'C': case '!': case '(': + *qq = xmalloc(sizeof(*q)); + (*qq)->q_cat = cat_and; + (*qq)->q_left = q; + qq = &(*qq)->q_right; + goto again; + default: + *qq = q; + break; + } + return (top); +} + +static qnode *qparse_expr(void) +{ + qnode *top, *q, **qq; + qq = ⊤ + +again: + q = qparse_term(); + switch (opt) { + case '|': + nextopt(); + *qq = xmalloc(sizeof(*q)); + (*qq)->q_cat = cat_or; + (*qq)->q_left = q; + qq = &(*qq)->q_right; + goto again; + default: + *qq = q; + break; + } + return (top); +} + +static qnode *qparse(void) +{ + qnode *q; + nextopt(); + if (opt == EOF) + return (0); + q = qparse_expr(); + if (opt != EOF) + die("syntax error: `%s' unexpected", optname()); + return (q); +} + +/* --- @dumptree@ --- * + * + * Arguments: @qnode *q@ = pointer to tree to dump + * @int indent@ = indentation for this subtree + * + * Returns: --- + * + * Use: Dumps a tree to stdout for debugging purposes. + */ + +static void dumptree(qnode *q, int indent) +{ + if (!q) + printf(" -- magic query which matches everything\n"); + +again: + printf("%*s", indent * 2, ""); + indent++; + switch (q->q_cat) { + case cat_where: + printf("host = %s\n", inet_ntoa(q->q_in)); + break; + case cat_from: + printf("from = %u\n", (unsigned)q->q_uid); + break; + case cat_to: + printf("to = %u\n", (unsigned)q->q_uid); + break; + case cat_what: + printf("command = `%s'\n", q->q_cmd); + break; + case cat_not: + printf("not\n"); + q = q->q_arg; + goto again; + case cat_and: + case cat_or: { + unsigned cat = q->q_cat; + printf(cat == cat_and ? "and\n" : "or\n"); + while (q->q_cat == cat) { + dumptree(q->q_left, indent); + q = q->q_right; + } + goto again; + } + default: + printf("unknown type %u\n", q->q_cat); + } +} + +/*----- Recursive query matching ------------------------------------------*/ + +/* --- @checkrule@ --- * + * + * Arguments: @rule *r@ = pointer to a rule + * @qnode *q@ = pointer to a query tree + * + * Returns: Nonzero if the query matches the rule. + * + * Use: Matches rules and queries. + */ + +static int checkrule(rule *r, qnode *q) +{ +again: + switch (q->q_cat) { + + /* --- Handle the compound query types --- */ + + case cat_not: + return (!checkrule(r, q->q_arg)); + + case cat_and: + if (!checkrule(r, q->q_left)) + return (0); + q = q->q_right; + goto again; + + case cat_or: + if (checkrule(r, q->q_left)) + return (1); + q = q->q_right; + goto again; + + /* --- And now the simple query types --- */ + + case cat_where: + return (class_matchHost(r->host, q->q_in)); + case cat_from: + return (class_matchUser(r->from, q->q_uid)); + case cat_to: + return (class_matchUser(r->to, q->q_uid)); + case cat_what: + return (class_matchCommand(r->cmd, q->q_cmd)); + } + + /* --- Anything else is bogus (and a bug) --- */ + + die("unexpected cat code %u in checkrule", q->q_cat); + return (-1); +} + +/*----- Rule output -------------------------------------------------------*/ + +/* --- @showrule@ --- * + * + * Arguments: @rule *r@ = pointer to a rule block + * + * Returns: --- + * + * Use: Writes a rule block to the output in a pleasant way. + */ + +static const char *xltuser(uid_t u) +{ + static char buf[16]; + struct passwd *pw = userdb_userById(u); + if (pw) + return (pw->pw_name); + sprintf(buf, "%u", (unsigned)u); + return (buf); +} + +static void classfirstrow(class_node *c, const char *fmt, sym_iter *i, + unsigned bit, unsigned *imask) +{ + switch (c->type & clNode_mask) { + case clNode_any: + printf(fmt, (c == class_all ? "ALL" : + c == class_none ? "NONE" : + "")); + break; + case clNode_immed: + printf(fmt, (c->type & clType_user) ? xltuser(c->v.u) : c->v.s); + break; + case clNode_hash: { + sym_base *b; + sym_createIter(i, &c->v.t); + b = sym_next(i); + if (!b) { + printf(fmt, ""); + break; + } else if (c->type & clType_user) + printf(fmt, xltuser(*(uid_t *)b->name)); + else + printf(fmt, b->name); + *imask |= bit; + } break; + default: + printf(fmt, ""); + break; + } +} + +static void showclass(class_node *c, + void (*sc)(class_node *c), + void (*sh)(sym_base *b)) +{ + const char *op; + unsigned type; + + switch (c->type & clNode_mask) { + case clNode_any: + fputs(c == class_all ? "ALL" : + c == class_none ? "NONE" : "", + stdout); + break; + case clNode_immed: + sc(c); + break; + case clNode_hash: { + sym_iter i; + sym_base *b; + sym_createIter(&i, &c->v.t); + fputc('(', stdout); + if ((b = sym_next(&i)) != 0) { + sh(b); + while ((b = sym_next(&i)) != 0) { + fputs(", ", stdout); + sh(b); + } + } + fputc(')', stdout); + } break; + case clNode_union: + op = " | "; + goto binop; + case clNode_diff: + op = " - "; + goto binop; + case clNode_isect: + op = " & "; + goto binop; + default: + fputs("", stdout); + break; + binop: + type = c->type & clNode_mask; + fputc('(', stdout); + do { + showclass(c->v.c.l, sc, sh); + fputs(op, stdout); + c = c->v.c.r; + } while ((c->type & clNode_mask) == type); + showclass(c, sc, sh); + fputc(')', stdout); + break; + } +} + +static void showuseri(class_node *c) { fputs(xltuser(c->v.u), stdout); } + +static void showuserh(sym_base *b) +{ + fputs(xltuser(*(uid_t *)b->name), stdout); +} + +static void showstringi(class_node *c) { fputs(c->v.s, stdout); } + +static void showstringh(sym_base *b) { fputs(b->name, stdout); } + +static void showrule(rule *r) +{ + /* --- First up: display of simple classes in columns --- */ + + if (flags & f_simple) { + sym_iter a, b, c, d; + sym_base *w = 0, *x = 0, *y = 0, *z = 0; + unsigned imask = 0; + + /* --- Print the header line if necessary --- */ + + if (!(flags & f_header)) { + if (!(flags & f_nohead)) { + if (outmask & cat_from) printf("%-15s ", "FROM"); + if (outmask & cat_to) printf("%-15s ", "TO"); + if (outmask & cat_where) printf("%-24s ", "HOST"); + if (outmask & cat_what) printf("%s", "COMMAND"); + fputc('\n', stdout); + fputc('\n', stdout); + } + flags |= f_header; + } else + fputc('\n', stdout); + + /* --- Print out the first row --- */ + + if (outmask & cat_from) + classfirstrow(r->from, "%-15.15s ", &a, cat_from, &imask); + if (outmask & cat_to) + classfirstrow(r->to, "%-15.15s ", &b, cat_to, &imask); + if (outmask & cat_where) + classfirstrow(r->host, "%-24.24s ", &c, cat_where, &imask); + if (outmask & cat_what) + classfirstrow(r->cmd, "%s", &d, cat_what, &imask); + fputc('\n', stdout); + + /* --- And now for the rest --- */ + + for (;;) { + if ((imask & cat_from) && (w = sym_next(&a)) == 0) + imask &= ~cat_from; + if ((imask & cat_to) && (x = sym_next(&b)) == 0) + imask &= ~cat_to; + if ((imask & cat_where) && (y = sym_next(&c)) == 0) + imask &= ~cat_where; + if ((imask & cat_what) && (z = sym_next(&d)) == 0) + imask &= ~cat_what; + + if (!imask) + break; + + if (outmask & cat_from) { + printf("%-15.15s ", + !(imask & cat_from) ? "" : xltuser(*(uid_t *)w->name)); + } + + if (outmask & cat_to) { + printf("%-15.15s ", + !(imask & cat_to) ? "" : xltuser(*(uid_t *)x->name)); + } + + if (outmask & cat_where) + printf("%-24.24s ", !(imask & cat_where) ? "" : y->name); + + if (outmask & cat_what) + printf("%s", !(imask & cat_what) ? "" : z->name); + + fputc('\n', stdout); + } + } + + /* --- Otherwise deal with complex cases --- */ + + else { + if (flags & f_header) + fputc('\n', stdout); + else + flags |= f_header; + if (outmask & cat_from) { + fputs(" From: ", stdout); + showclass(r->from, showuseri, showuserh); + fputc('\n', stdout); + } + if (outmask & cat_to) { + fputs(" To: ", stdout); + showclass(r->to, showuseri, showuserh); + fputc('\n', stdout); + } + if (outmask & cat_where) { + fputs(" Hosts: ", stdout); + showclass(r->host, showstringi, showstringh); + fputc('\n', stdout); + } + if (outmask & cat_what) { + fputs("Commands: ", stdout); + showclass(r->cmd, showstringi, showstringh); + fputc('\n', stdout); + } + } +} + +/*----- Dummy functions ---------------------------------------------------*/ + +void daemon_usePort(int p) { ; } +void daemon_readKey(const char *f) { ; } + +/*----- Main code ---------------------------------------------------------*/ + +/* --- @main@ --- * + * + * Arguments: @int argc@ = number of command line arguments + * @char *argv[]@ = pointer to command line arguments + * + * Returns: Zero if all went OK. + * + * Use: Verifies and queries the `become' configuration file. + */ + +int main(int argc, char *argv[]) +{ + qnode *qtree; + + /* --- Initialise things --- */ + + ego(argv[0]); + ac = argc; av = argv; + + /* --- Read the query tree --- */ + + qtree = qparse(); + + /* --- Dump the tree if so requested --- */ + + if (flags & f_dump) { + dumptree(qtree, 0); + return (0); + } + + /* --- Check columns requested --- */ + + if (outmask == (outmask & (outmask - 1))) + flags |= f_single; + + /* --- Read the ruleset --- */ + + if (!(flags & f_userdb)) { + userdb_init(); + userdb_local(); + userdb_yp(); + } + + netg_init(); + name_init(); + rule_init(); + + { + FILE *fp = fopen(cf, "r"); + int ok; + + if (!fp) + die("couldn't open configuration file `%s': %s", cf, strerror(errno)); + lexer_scan(fp); + ok = parse(); + if (flags & f_check) + exit(ok); + } + + /* --- Now scan the query --- */ + + { + rule *rl = rule_list(), *r; + + /* --- Decide on output format if not already chosen --- */ + + if (!(flags & f_force)) { + r = rl; + flags |= f_simple; + while (r) { + if ((!qtree || checkrule(r, qtree)) && + ((r->host->type & clNode_mask) >= clNode_binop || + (r->from->type & clNode_mask) >= clNode_binop || + (r->to->type & clNode_mask) >= clNode_binop || + (r->cmd->type & clNode_mask) >= clNode_binop)) { + flags &= ~f_simple; + break; + } + r = r->next; + } + } + + /* --- Now just dump the matching items --- */ + + r = rl; + while (r) { + if (!qtree || checkrule(r, qtree)) { + flags |= f_match; + showrule(r); + } + r = r->next; + } + } + + /* --- Done --- */ + + if (!(flags & f_match)) + die("no match"); + return (0); +} + +/*----- That's all, folks -------------------------------------------------*/ -- [mdw]