isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,830 Commits 1 Branch 0 Tags
main
Commit Graph

28 Commits

Author SHA1 Message Date
Todd C. Miller
5fbf7a3625 Disable netgroup_query when netgroup_base is not set. 
The logic was inverted when support for netgroup_query was added.
This supercedes PR #341.
 2023-12-19 20:16:35 -07:00
Todd C. Miller
e343e07543 Use #include <foo.h> instead of #include "foo.h" in most cases. 
We rely on the include path to find many of these headers.  It
especially doesn't make sense to use #include "foo.h" for headers
in the top-level include directory.
 2023-09-25 10:13:28 -06:00
Todd C. Miller
9e53d903ea Store policy paths in struct sudoers_context. 
This removes the need for the getters in policy.c.
 2023-08-21 09:21:53 -06:00
Todd C. Miller
dc1a5d7b40 sudo_krb5_ccname_path: avoid gcc false positive for ccname being NULL 
The callers all verify that they don't pass a NULL ccname so I'm
not sure how the compiler is getting confused (and why now?).
 2023-07-10 15:21:31 -06:00
Todd C. Miller
a38b714667 sudoers plugin: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Rose
7fd680c983 Do variable length arrays the C99 way 
Variable length arrays are supported by C99, but having it denoted as "1" confused the compiler and is not defined.

Note that because we don't get the inferred NULL terminator, we have to increase the malloc size by one.
 2023-06-15 15:25:17 -04:00
Todd C. Miller
3786654dbd Add NETGROUP_QUERY option for servers that can't match nisNetgroupTriple. 
This can be used to support netgroup queries on systems that lack
the innetgr() function and where the LDAP server cannot query the
nisNetgroup by nisNetgroupTriple.
 2023-06-07 10:10:52 -06:00
Todd C. Miller
80768ed3a8 Make path_ldap_conf and path_ldap_secret private to policy.c. 
Add getters for both so the ldap code can access them.
 2023-05-02 10:47:53 -06:00
Todd C. Miller
554df8d934 Move some functions from ldap.c to ldap_util.c. 
These will be used by the LDAP innetgr() implementation.
 2023-03-10 10:02:36 -07:00
Todd C. Miller
f066ff9e01 Eliminate a few harmless dead stores. 
Quiets warnings from Infer.
 2022-11-22 11:18:24 -07:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
55db239243 Sudo parsed "deref" and "tls_reqcert" in ldap.conf but didn't set the options. 
The switch() in the sudo_ldap_set_options_table() function needed to be
updated to treat CONF_DEREF_VAL and CONF_REQCERT_VAL data types as int.
Fix from Dennis Filder.  Bug #1013.
 2021-12-11 08:35:14 -07:00
Todd C. Miller
84e6e6ccf9 Update copyright year on some files where it was out of date. 2020-08-31 14:09:36 -06:00
Todd C. Miller
961a4afe67 Fix some warnings from pvs-studio 2020-08-12 13:45:09 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
2512f6efbf Use sudo_strtonum() explicitly instead of via a macro. 2019-10-14 10:09:30 -06:00
Todd C. Miller
9d8f374397 Add ssizeof macro that returns ssize_t. 
We can use this instead of casting the result of size_t to int.
Also change checks for snprintf() returning <=0 to <0.
 2019-06-25 09:45:10 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
de65d70929 Add a proper getdelim(3) replacement and use it instead of getline(3). 2019-04-08 10:37:30 -06:00
Todd C. Miller
985600e7f0 Minor snprintf() usage tweaks: 
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
 2019-01-20 07:49:48 -07:00
Todd C. Miller
0597969301 Add missing #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT 
Fixes problems building on older LDAP sdks.
 2018-10-26 10:34:16 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
c0e8bde104 Add support for OpenLDAP's TLS_REQCERT setting in ldap.conf. 2018-09-27 09:58:10 -06:00
Todd C. Miller
71e98d9493 Include parse.h in sudoers.h since it will soon be required. 2018-05-14 09:05:02 -06:00
Todd C. Miller
43a3a23fed Move LDAP configuration bits into ldap_conf.c 2018-02-11 07:36:08 -07:00