DVG-4130827_memberd_group_resolution.patch   [plain text]

diff -uNr ../sudo-1.6.8p12.orig/check.c ./check.c
--- ../sudo-1.6.8p12.orig/check.c	2005-03-24 17:55:31.000000000 -0800
+++ ./check.c	2006-12-05 16:41:54.000000000 -0800
@@ -63,6 +63,10 @@
 static const char rcsid[] = "$Sudo: check.c,v 1.226 2004/09/08 15:48:23 millert Exp $";
 #endif /* lint */
 
+#ifdef __APPLE_MEMBERD__
+#include <membership.h>
+#endif
+
 /* Status codes for timestamp_status() */
 #define TS_CURRENT		0
 #define TS_OLD			1
@@ -284,6 +288,11 @@
 {
     struct group *grp;
     char **gr_mem;
+	#ifdef __APPLE_MEMBERD__
+	struct passwd *pw = getpwuid(getuid());
+	uuid_t uu, gu;
+	int ismember = 0;
+	#endif
 
     if (!def_exempt_group)
 	return(FALSE);
@@ -294,10 +303,16 @@
     if (user_gid == grp->gr_gid)
 	return(TRUE);
 
+	#ifdef __APPLE_MEMBERD__
+	if ( 0 == mbr_uid_to_uuid(pw->pw_uid,uu) && 0 == mbr_gid_to_uuid(grp->gr_gid,gu) && 0 == mbr_check_membership(uu,gu,&ismember) ) {
+		if (1 == ismember) return(TRUE);
+	}
+	#else
     for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) {
 	if (strcmp(user_name, *gr_mem) == 0)
 	    return(TRUE);
     }
+	#endif
 
     return(FALSE);
 }
diff -uNr ../sudo-1.6.8p12.orig/parse.c ./parse.c
--- ../sudo-1.6.8p12.orig/parse.c	2005-06-19 13:03:24.000000000 -0700
+++ ./parse.c	2006-12-04 20:52:46.000000000 -0800
@@ -85,6 +85,10 @@
 static const char rcsid[] = "$Sudo: parse.c,v 1.161 2004/08/24 18:01:13 millert Exp $";
 #endif /* lint */
 
+#ifdef __APPLE_MEMBERD__
+#include <membership.h>
+#endif
+
 /*
  * Globals
  */
@@ -456,6 +460,10 @@
     struct group *grp;
     gid_t pw_gid;
     char **cur;
+	#ifdef __APPLE_MEMBERD__
+	uuid_t uu, gu;
+	int ismember = 0;
+	#endif
 
     /* make sure we have a valid usergroup, sudo style */
     if (*group++ != '%')
@@ -473,11 +481,17 @@
     if (grp->gr_gid == pw_gid)
 	return(TRUE);
 
+	#ifdef __APPLE_MEMBERD__
+	if ( 0 == mbr_uid_to_uuid(pw->pw_uid,uu) && 0 == mbr_gid_to_uuid(grp->gr_gid,gu) && 0 == mbr_check_membership(uu,gu,&ismember) ) {
+		if (1 == ismember) return(TRUE);
+	}
+	#else
     /* check to see if user is explicitly listed in the group */
     for (cur = grp->gr_mem; *cur; cur++) {
 	if (strcmp(*cur, user) == 0)
 	    return(TRUE);
     }
+	#endif
 
     return(FALSE);
 }
diff -uNr ../sudo-1.6.8p12.orig/testsudoers.c ./testsudoers.c
--- ../sudo-1.6.8p12.orig/testsudoers.c	2004-08-02 11:44:58.000000000 -0700
+++ ./testsudoers.c	2006-12-04 20:56:17.000000000 -0800
@@ -78,6 +78,9 @@
 static const char rcsid[] = "$Sudo: testsudoers.c,v 1.88 2004/08/02 18:44:58 millert Exp $";
 #endif /* lint */
 
+#ifdef __APPLE_MEMBERD__
+#include <membership.h>
+#endif
 
 /*
  * Prototypes
@@ -255,6 +258,10 @@
 {
     struct group *grp;
     char **cur;
+	#ifdef __APPLE_MEMBERD__
+	uuid_t uu, gu;
+	int ismember = 0;
+	#endif
 
     /* Make sure we have a valid usergroup, sudo style. */
     if (*group++ != '%')
@@ -269,10 +276,16 @@
     if (getgid() == grp->gr_gid)
 	return(TRUE);
 
+	#ifdef __APPLE_MEMBERD__
+	if ( 0 == mbr_uid_to_uuid(pw->pw_uid,uu) && 0 == mbr_gid_to_uuid(grp->gr_gid,gu) && 0 == mbr_check_membership(uu,gu,&ismember) ) {
+		if (1 == ismember) return(TRUE);
+	}
+	#else
     for (cur=grp->gr_mem; *cur; cur++) {
 	if (strcmp(*cur, user) == 0)
 	    return(TRUE);
     }
+	#endif
 
     return(FALSE);
 }