isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,878 Commits 1 Branch 0 Tags
06d52c97c22eeeaaf81a397612b4733e754ceff8
Commit Graph

255 Commits

Author SHA1 Message Date
Todd C. Miller
8bb5897091 All modern systems should have LINE_MAX. 2015-02-19 09:59:25 -07:00
Todd C. Miller
96eddddc12 Almost no systems actually define OPEN_MAX since it is dynamic on 
modern OSes.  If sysconf(_SC_OPEN_MAX) ever fails, fall back on
_POSIX_OPEN_MAX instead.  We can assume modern systems have sysconf().
Also remove checks for strrchr() and strtoll() for which the HAVE_*
defines are no longer used.
 2015-02-19 09:59:25 -07:00
Todd C. Miller
1ae2e55141 Fix mkstemps() extension handling. Sudoedit will now preserve the 
extension properly when the system libc lacks mkstemps().
 2015-02-18 06:24:31 -07:00
Todd C. Miller
166db8eeb4 Use weak symbols for sudo_warn_gettext() and sudo_warn_strerror() 
so distros using "-Wl,--no-undefined" in LDFLAGS don't run into
problems.
 2015-02-17 06:42:10 -07:00
Todd C. Miller
8cae9876f3 Include unistd.h in siglist.c and signame.c to get gid_t which 
is used by sudo_compat.h.  Bug #686
 2015-02-17 06:21:06 -07:00
Todd C. Miller
6d71b488b6 Call setprogname("sudo") if getprogname() returns NULL or the empty 
string.
 2015-02-05 11:17:24 -07:00
Todd C. Miller
a9bf105eda Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX 
systems doesn't include stdint.h itself.
 2015-02-03 10:00:30 -07:00
Todd C. Miller
f2a554f297 Add missing prototypes for usrinfo() and setauthdb() for AIX. 2015-02-03 07:33:25 -07:00
Todd C. Miller
fd149e632e Need to include inttypes.h for SIZE_MAX 2015-02-02 14:20:24 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
2188c83a20 If sudo_debug_register() fails return SUDO_DEBUG_INSTANCE_INITIALIZER, 
not -1.  Otherwise we could end up setting the instance to -1 which
is invalid.
 2015-01-21 10:08:41 -07:00
Todd C. Miller
d2d9e6fcc1 Sync with OpenBSD version 2015-01-16 06:48:08 -07:00
Todd C. Miller
19a8a69a92 Don't appear to need sys/param.h for pstat_getproc() on HP-UX even 
though the man page lists it.
 2015-01-14 10:58:32 -07:00
Todd C. Miller
6bd40c622b Should not need sys/param.h here. 2015-01-14 10:55:42 -07:00
Todd C. Miller
237f3c9dfe Add support for GLOB_LIMIT from OpenBSD (not currently used) and 
also a limit on the max recursion depth for glob().
 2014-12-16 17:04:13 -07:00
Todd C. Miller
b633e88c12 Quiet compiler sign compare warning. 2014-12-16 10:46:25 -07:00
Todd C. Miller
d0c333969a Remove artificial limit on length of pattern and string. It is 
possible to use fnmatch() on things other than paths (such as
arguments) so a limit of PATH_MAX does not make sense.  Fixes a bug
where rules would fail to match if the length of the arguments were
larger than PATH_MAX (usually 1024).
 2014-12-10 14:00:12 -07:00
Todd C. Miller
bc6269e58b Prevent cppcheck from getting confused by our compat definition of 
the va_copy macro for pre-C99.
 2014-11-15 06:32:39 -07:00
Todd C. Miller
cbe917c540 If there are multiple outputs, ap will be re-used so make a copy 
and operate on it instead.
 2014-11-14 16:30:22 -07:00
Todd C. Miller
04d803c79c Use SSP_LDFLAGS when creating shared objects. 2014-11-10 14:58:46 -07:00
Todd C. Miller
d00142f552 We only build .lo (not .o) files for libsudo_util 2014-11-10 14:58:45 -07:00
Todd C. Miller
2040d4dde5 Use arc4random() for mkstemp/mkdtemp if available. If not, try to 
seed from /dev/urandom before falling back to the gettimeofday seed.
 2014-10-31 06:57:19 -06:00
Todd C. Miller
ccc210eddb If a system lacks mkdtemp() or mkstemps(), use our own mkdtemp() 
and mkstemps().  Previously we only exposed the missing one but
since the guts are the same we might as well use them.
 2014-10-29 13:03:39 -06:00
Todd C. Miller
2eed956396 Use a static buffer for sudo_debug_execve2() if possible. 2014-10-31 06:57:17 -06:00
Todd C. Miller
1be81d5720 Fix path settings broken in rev 9731. 2014-10-27 16:31:33 -06:00
Todd C. Miller
f730b28ce0 Adjust regress test now that boolean settings display an error for 
invalid input.
 2014-10-27 16:31:01 -06:00
Todd C. Miller
0982f7838b Use AC_PROG_AWK 2014-10-27 14:54:13 -06:00
Todd C. Miller
0d6895cbd9 fix comment typo 2014-10-27 14:21:27 -06:00
Todd C. Miller
adfdad9ae0 Version the symbols for sudo_debug.c now that the API is stable. 2014-10-27 05:26:08 -06:00
Todd C. Miller
d5fdd1ea07 Go back to parsing sudo.conf in place for settings and paths and 
improve debugging info for unsupported entries and parse errors.
 2014-10-26 08:33:09 -06:00
Todd C. Miller
6b1b734ffa Add a flag argument to sudo_conf_read() so we can decide which 
bits get parsed.  This lets us parse Debug statements first and
init the debug subsystem early.
 2014-10-26 08:33:08 -06:00
Todd C. Miller
fd8cf2c89b No need to convert sudoedit -> sudo in sudo_debug_get_instance() 
as we store the actual program name and only do the sudoedit ->
sudo conversion when reading the sudo.conf file.  Fixes debugging
when invoked as sudoedit.
 2014-10-24 11:28:39 -06:00
Todd C. Miller
4bf641df69 In the plugin registers with the debug framework at open time, the 
sudo front-end will now set the default debug instance appropriately
before calling into the plugin.  This means the plugin no longer needs
to do the sudo_debug_set_default_instance() dance.
 2014-10-24 11:17:48 -06:00
Todd C. Miller
d0cc4d9e4b Fix inet_ntop() replacement on older systems without it. 
We only expose the prototype for net_ifs.c due to the
use of socklen_t.
 2014-10-23 15:44:03 -06:00
Todd C. Miller
7dc2c8fa1c Dynamically allocate debug_fds bitmap and realloc as needed. 2014-10-23 14:37:29 -06:00
Todd C. Miller
17a2a27e46 Use generic bitmap macros instead of select-style fd_set. 2014-10-23 14:37:27 -06:00
Todd C. Miller
4baa7e6d2c Replace sudo_debug_num_instances with sudo_debug_max_instance 2014-10-23 13:43:17 -06:00
Todd C. Miller
2a47abad21 Only fill in subsystem_ids[] for the instance if the caller passed 
in an array for it.  If the caller only wants the default subsystems
we don't actually need ids[].
 2014-10-23 13:19:51 -06:00
Todd C. Miller
f2eb6dcc06 Link with -ldl if needed when built with --disable-shared-libutil/ 2014-10-23 13:08:21 -06:00
Todd C. Miller
2968ce060d Remove extra newline mistakenly introduced in rev 9682. 2014-10-23 10:15:38 -06:00
Todd C. Miller
5270ebf1f2 When registering with the debug subsystem, the caller now passes 
in an arrary of ints that gets filled in with the subsytem IDs to
be used in debug_decl.
 2014-10-23 06:36:50 -06:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
a7e724b75d Change how sudo.conf is parsed. We now do a quick parse and then 
set the values after the entire file has been parsed.  This lets
us init the debug system earlier.  Plugin-specific debug flags are
now stored in struct plugin_info and struct plugin_container and
passed to the plugin via one or more debug_flags settings.
 2014-10-22 13:20:32 -06:00
Todd C. Miller
1dd96778e5 Make a copy of ap in sudo_debug_vprintf2() in case the static buffer 
is not big enough and we need to call vasprintf().
 2014-10-07 12:26:32 -06:00
Todd C. Miller
bd99dcc028 Add sudo_warn_set_conversation() to specify a conversation function 
to use for warn/fatal.  If no conversation function is specified,
the standard error will be used.  We now only need sudo_printf()
for things that use the parser.
 2014-10-05 16:41:52 -06:00
Todd C. Miller
5f9e84ea51 Use inet_ntop() instead of inet_ntoa() and include a version for 
systems that are missing it.
 2014-10-02 07:55:08 -06:00
Todd C. Miller
0b0481fa36 Instead of building libutil statically for --disable-shared-libutil, 
just treat it as a convenience library.  Do the same with sudoers
for --enable-static-sudoers.  Fixes link errors on Solaris among
others when --disable-shared-libutil is used.
 2014-10-01 14:32:30 -06:00
Todd C. Miller
05d3a4c5e5 Remove LT_LDMAP and LT_LDOPT and just use LT_LDEXPORTS for the 
compiler-specific option to restrict symbol exporting.
 2014-10-01 13:24:57 -06:00
Todd C. Miller
f5647654dd Don't use SSP_CFLAGS or PIE_CFLAGS when building mksiglist/mksigname 
as they are built with the host compiler which may be different
when cross-compiling.  From Gustavo Zacarias.  Bug 662.
 2014-09-20 06:46:27 -06:00