isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,754 Commits 1 Branch 0 Tags
0414ea45791cd49587d1db81e39ccde91f28c4fe
Commit Graph

1479 Commits

Author SHA1 Message Date
Todd C. Miller
2e32bb10fe Fix compilation on systems w/o __dso_public 2015-02-09 08:52:19 -07:00
Todd C. Miller
9206ba54c5 Russian translation for sudoers from translationproject.org. 2015-02-07 07:47:39 -07:00
Todd C. Miller
cecdd7e728 Russian translation for sudoers from translationproject.org. 2015-02-06 15:28:04 -07:00
Todd C. Miller
c3c28773f5 Sanity check the TZ environment variable by special casing it in 
env_check.  The --with-tzdir configure option can be used to
specify the zoneinfo directory if configure doesn't find it.
 2015-02-06 11:01:05 -07:00
Todd C. Miller
c299cdd665 Remove extraneous casts of node->data (which is void *). 2015-02-05 15:01:25 -07:00
Todd C. Miller
cebd92a88e Fix a potential crash when getpwnam() of the running user fails 
and we don't replace the negative cached entry with a faked up one.
From Stephane Chazelas
 2015-02-05 11:17:26 -07:00
Todd C. Miller
b727d4309c Handle sudo_get_grlist() returning NULL which can happen if 
getgrouplist() fails even after allocating the appropriate amount
of memory.  From Stephane Chazelas
 2015-02-05 11:17:24 -07:00
Todd C. Miller
a3435e7d12 Require POSIX regular expression support for sudoreplay. 2015-02-05 11:16:06 -07:00
Todd C. Miller
1e30824a1a The plugin no longer needs to call initprogname() now that it links 
with the same libsudo_util as sudo.
 2015-02-05 11:08:55 -07:00
Todd C. Miller
ed4ffa6265 Don't send mail about pseudo-command failure unless it is an 
authentication failure.
 2015-02-02 15:01:06 -07:00
Todd C. Miller
dfb369198a Sync with translationproject.org 2015-02-04 06:28:31 -07:00
Todd C. Miller
d1ce08369a Sync with translationproject.org 2015-02-04 06:23:57 -07:00
Todd C. Miller
2033be83c6 Regen with yacc skeleton that the clang analyzer doesn't complain about. 2015-02-03 15:58:09 -07:00
Todd C. Miller
a9bf105eda Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX 
systems doesn't include stdint.h itself.
 2015-02-03 10:00:30 -07:00
Todd C. Miller
536c83cec3 Solaris uses sysinfo(SI_SRPC_DOMAIN) instead of getdomainname() to 
get the host's NIS domain.
 2015-02-03 07:33:24 -07:00
Todd C. Miller
15717c518e Actually use the check for prior initialization in sudo_getdomainname(). 2015-02-02 15:38:03 -07:00
Todd C. Miller
fde8776d54 regen 2015-02-02 13:53:44 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
7ec9cfb493 When querying LDAP netgroups, use the NIS domain if it is sent but 
also match nisNetgroupTriple entries that have no domain.
 2015-01-30 14:45:22 -07:00
Todd C. Miller
97469c243c Avoid setting the tty to non-blocking mode so "sudoreplay | cat" 
(for example) works as expected.  We only read a single byte from
the keyboard and only when interactive anyway so this should be fine.
 2015-01-30 13:07:21 -07:00
Todd C. Miller
00e7dbd645 regen 2015-01-30 12:57:27 -07:00
Todd C. Miller
0ac881ba4b Avoid a cppcheck warning about undefined behavior (using the address 
of a stack buffer - 1) and fix a memory leak of the iov when
doing nl->crnl conversion.
 2015-01-30 10:45:15 -07:00
Todd C. Miller
770e6ca190 Fix handling of partial writes from writev() which can occur with 
large output buffers.
 2015-01-30 09:23:30 -07:00
Todd C. Miller
4dd2a3c6b8 Add support for querying netgroups directly via LDAP since there 
is no other way to look up all the netgroups for a user (unlike
regular groups).  This introduces netgroup_base and netgroup_search_filter
options to ldap.conf.  Based on a diff from Steven Soulen.
 2015-01-29 14:08:30 -07:00
Todd C. Miller
741bb8ec79 Add macros to ease the checking of strlcpy, strlcat and 
sudo_ldap_value_cat return values.
 2015-01-22 11:42:32 -07:00
Todd C. Miller
57553fffdd Rename VALIDATE_OK -> VALIDATE_SUCCESS 
Rename VALIDATE_NOT_OK -> VALIDATE_FAILURE
 2015-01-21 11:03:48 -07:00
Todd C. Miller
399d364a90 Remove now-unused VALIDATE_ERROR define. 2015-01-21 10:36:55 -07:00
Todd C. Miller
5415b3d2af should_mail() now returns bool. 2015-01-21 10:33:56 -07:00
Todd C. Miller
cb09010da5 Use standard CIDR -> netmask conversion and disallow 0-bit CIDRs. 2014-12-31 15:47:33 -07:00
Todd C. Miller
e0d927a98a sync 2014-11-20 13:34:17 -07:00
Todd C. Miller
c287419788 Require that a digest be specified with a real command, not an alias 
or pseudo-command.  Found via a crash by afl.
 2014-11-19 17:07:24 -07:00
Todd C. Miller
02b3fa2fdd French translation for sudoers from translationproject.org. 2014-11-19 15:20:11 -07:00
Todd C. Miller
bc6269e58b Prevent cppcheck from getting confused by our compat definition of 
the va_copy macro for pre-C99.
 2014-11-15 06:32:39 -07:00
Todd C. Miller
3870fdf622 Fix potential NULL pointer deref found by cppcheck. 2014-11-14 16:31:56 -07:00
Todd C. Miller
0c88ecd3bc Quiet a cppcheck false positive. 2014-11-14 16:31:30 -07:00
Todd C. Miller
b4432df5e2 Sync with translationproject.org 2014-11-10 12:37:58 -07:00
Todd C. Miller
832a4dee6b In set_fqdn() we neeed to set user_runhost/user_srunhost at the 
same time we set user_host/user_shost since that is what
hostlist_matches() uses.  Bug #678
 2014-11-12 20:33:41 -07:00
Todd C. Miller
5c13889f26 Use sudoers.so args from sudo.conf to set sudoers_file, sudoers_uid, 
sudoers_gid, and sudoers_mode in visudo.
 2014-11-10 20:12:47 -07:00
Todd C. Miller
9d4589abd0 Use sudoers_file, sudoers_uid, sudoers_gid, and sudoers_mode 
symbols from toke.l instead of the upper case defines.
 2014-11-10 15:23:51 -07:00
Todd C. Miller
04d803c79c Use SSP_LDFLAGS when creating shared objects. 2014-11-10 14:58:46 -07:00
Todd C. Miller
9d6e1a57d5 Add sudoers_debug_deregister() and use it instead of calling 
sudo_debug_deregister() directly.
 2014-10-27 16:06:20 -06:00
Todd C. Miller
0982f7838b Use AC_PROG_AWK 2014-10-27 14:54:13 -06:00
Todd C. Miller
6b1b734ffa Add a flag argument to sudo_conf_read() so we can decide which 
bits get parsed.  This lets us parse Debug statements first and
init the debug subsystem early.
 2014-10-26 08:33:08 -06:00
Todd C. Miller
34d9cfe1cf Initialize the debug subsystem in sudoers early. Currently this 
means iterating over the settings list twice.
 2014-10-24 12:50:12 -06:00
Todd C. Miller
4bf641df69 In the plugin registers with the debug framework at open time, the 
sudo front-end will now set the default debug instance appropriately
before calling into the plugin.  This means the plugin no longer needs
to do the sudo_debug_set_default_instance() dance.
 2014-10-24 11:17:48 -06:00
Todd C. Miller
6c6f502835 Older shells don't support unset. 2014-10-23 16:23:37 -06:00
Todd C. Miller
17a2a27e46 Use generic bitmap macros instead of select-style fd_set. 2014-10-23 14:37:27 -06:00
Todd C. Miller
935e48c6e4 Don't call into the debug subsystem after we've deregistered the 
plugin's instance.
 2014-10-23 13:42:50 -06:00
Todd C. Miller
3860552713 Fix typo in unset. 2014-10-23 09:50:29 -06:00
Todd C. Miller
fe9e035ccf Set debug instance for standalone programs. 2014-10-23 09:40:36 -06:00