[Pkg-shadow-commits] r3341 - in upstream/trunk: . src

Mon Jun 13 18:25:46 UTC 2011

Author: nekral-guest
Date: 2011-06-13 18:25:45 +0000 (Mon, 13 Jun 2011)
New Revision: 3341

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/src/su.c
Log:
	* src/su.c: Group some of the environment processing blocks. The
	definition of shellstr, PATH and IFS is not influenced (getenv,
	getdef, restricted_shell) by and does not influence (addenv does
	not change environ) the authentication. And the authentication
	does not overwrite those definitions. This will ease an extraction
	from the big main() function.

Modified: upstream/trunk/ChangeLog
===================================================================

--- upstream/trunk/ChangeLog	2011-06-13 18:25:40 UTC (rev 3340)
+++ upstream/trunk/ChangeLog	2011-06-13 18:25:45 UTC (rev 3341)
@@ -1,5 +1,14 @@
 2011-06-10  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* src/su.c: Group some of the environment processing blocks. The
+	definition of shellstr, PATH and IFS is not influenced (getenv,
+	getdef, restricted_shell) by and does not influence (addenv does
+	not change environ) the authentication. And the authentication
+	does not overwrite those definitions. This will ease an extraction
+	from the big main() function.
+
+2011-06-10  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* src/su.c: Updating pwent after expire() is not useful. Only the
 	password information may have changed and they are not used
 	anymore afterwards.

Modified: upstream/trunk/src/su.c
===================================================================
--- upstream/trunk/src/su.c	2011-06-13 18:25:40 UTC (rev 3340)
+++ upstream/trunk/src/su.c	2011-06-13 18:25:45 UTC (rev 3341)
@@ -720,6 +720,48 @@
 		}
 	}
 
+	/* If the user do not want to change the environment,
+	 * use the current SHELL.
+	 * (unless another shell is required by the command line)
+	 */
+	if ((NULL == shellstr) && !change_environment) {
+		shellstr = getenv ("SHELL");
+	}
+	/* For users with non null UID, if this user has a restricted
+	 * shell, the shell must be the one specified in /etc/passwd
+	 */
+	if (   (NULL != shellstr)
+	    && !amroot
+	    && restricted_shell (pwent.pw_shell)) {
+		shellstr = NULL;
+	}
+	/* If the shell is not set at this time, use the shell specified
+	 * in /etc/passwd.
+	 */
+	if (NULL == shellstr) {
+		shellstr = (char *) strdup (pwent.pw_shell);
+	}
+
+	/*
+	 * Set the default shell.
+	 */
+	if ((NULL == shellstr) || ('\0' == shellstr[0])) {
+		shellstr = SHELL;
+	}
+
+	cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+	if (NULL == cp) {
+		addenv ((pwent.pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
+	} else if (strchr (cp, '=') != NULL) {
+		addenv (cp, NULL);
+	} else {
+		addenv ("PATH", cp);
+	}
+
+	if (getenv ("IFS") != NULL) {	/* don't export user IFS ... */
+		addenv ("IFS= \t\n", NULL);	/* ... instead, set a safe IFS */
+	}
+
 #ifndef USE_PAM
 	/*
 	 * BSD systems only allow "wheel" to SU to root. USG systems don't,
@@ -769,35 +811,6 @@
 	}
 #endif				/* !USE_PAM */
 
-	/* If the user do not want to change the environment,
-	 * use the current SHELL.
-	 * (unless another shell is required by the command line)
-	 */
-	if ((NULL == shellstr) && !change_environment) {
-		shellstr = getenv ("SHELL");
-	}
-	/* For users with non null UID, if this user has a restricted
-	 * shell, the shell must be the one specified in /etc/passwd
-	 */
-	if (   (NULL != shellstr)
-	    && !amroot
-	    && restricted_shell (pwent.pw_shell)) {
-		shellstr = NULL;
-	}
-	/* If the shell is not set at this time, use the shell specified
-	 * in /etc/passwd.
-	 */
-	if (NULL == shellstr) {
-		shellstr = (char *) strdup (pwent.pw_shell);
-	}
-
-	/*
-	 * Set the default shell.
-	 */
-	if ((NULL == shellstr) || ('\0' == shellstr[0])) {
-		shellstr = SHELL;
-	}
-
 	(void) signal (SIGINT, SIG_IGN);
 	(void) signal (SIGQUIT, SIG_IGN);
 #ifdef USE_PAM
@@ -889,19 +902,6 @@
 	(void) signal (SIGINT, SIG_DFL);
 	(void) signal (SIGQUIT, SIG_DFL);
 
-	cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
-	if (NULL == cp) {
-		addenv ((pwent.pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
-	} else if (strchr (cp, '=') != NULL) {
-		addenv (cp, NULL);
-	} else {
-		addenv ("PATH", cp);
-	}
-
-	if (getenv ("IFS") != NULL) {	/* don't export user IFS ... */
-		addenv ("IFS= \t\n", NULL);	/* ... instead, set a safe IFS */
-	}
-
 	/*
 	 * Even if --shell is specified, the subsystem login test is based on
 	 * the shell specified in /etc/passwd (not the one specified with


