isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,911 Commits 1 Branch 0 Tags
1f3ea50afd89baf6c6557b42a3971e67bc838f6b
Commit Graph

132 Commits

Author SHA1 Message Date
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
f9c4fb69de Add missing $(PIE_LDFLAGS) $(SSP_LDFLAGS) for test programs 2013-05-22 17:04:25 -04:00
Todd C. Miller
f6e8fb8b1c Quiet a few -Wunused-result compiler warnings. 2013-05-01 11:02:09 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
95b50f84af Use time(&now) instead of now = time(NULL) when storing the current 
time in a time_t (better compiler error checking).
Better parsing and printing of 64-bit time_t on 32-bit platforms.
 2013-04-23 13:15:22 -04:00
Todd C. Miller
7ac5730a4c Use EXIT_FAILURE instead of 1 as the fatal() exit value. 2013-04-20 15:10:24 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
19d0946023 Simplify lbuf append functions by moving the realloc code into 
lbuf_expand().  We now expand as needed each time bytes need to be
written to the lbuf.  Also handle a NULL pointer being passed in
for paranoia's sake.
 2013-04-16 11:52:24 -04:00
Todd C. Miller
adee3cded4 Don't need to include setjmp.h here, error.h already includes it. 2013-03-26 08:56:56 -04:00
Todd C. Miller
c078614b43 Fix regress tests on non-OpenBSD platforms. 2013-03-19 14:08:11 -04:00
Todd C. Miller
7f32d1ca4c Make sesh path configurable in sudo.conf 2013-03-14 16:49:42 -04:00
Todd C. Miller
496dc384ab regen 2013-03-07 15:46:11 -05:00
Todd C. Miller
d26c0d87f6 Convert efree() to a macro that just casts to void * and does free(). 
If the system free() can't handle free(NULL) this may crash but C89
was a long time ago.
 2013-03-07 15:41:34 -05:00
Todd C. Miller
1e0a7d5112 Fix debug logging from the plugin when there is no error number. 
This was broken in the big debugging reorg for 1.8.7.
 2013-03-07 10:06:01 -05:00
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
5d7925b24e Test setting disable_coredump to illegal value. 2013-02-20 15:48:53 -05:00
Todd C. Miller
a17fb1de71 Fix atobool() usage. 2013-02-20 15:48:12 -05:00
Todd C. Miller
299298ae42 Remove unused variable. 2013-02-20 15:47:27 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
0f0ef228a5 If a line was longer that 0x80000000 the bit hack to round to the 
next power of two would roll over to zero.
 2013-02-14 16:34:13 -05:00
Todd C. Miller
67fed118b6 Add max_groups setting to sudo.conf (currently unused) and remove 
unused return value from setters.
 2013-02-14 13:34:33 -05:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
630b47e22f Add group_source setting in sudo.conf to allow the admin to specify 
how a user's groups are looked up.  Legal values are static (just
the kernel list from getgroups), dynamic (whatever the group database
includes) and adaptive (only use group db if kernel group list is
full).
 2013-01-27 13:53:11 -05:00
Todd C. Miller
ef8e141248 Ignore duplicate entries in sudo.conf and report the line number 
when there is an error.  Warn, don't abort if there is more than
one policy plugin.
 2013-01-23 06:33:53 -05:00
Todd C. Miller
a6f3517f23 regen 2013-01-11 14:29:37 -05:00
Todd C. Miller
6e560f2bab Break out stack smashing protector options into SSP_CFLAGS and 
SSP_LDFLAGS so we can use it everywhere (unlike LT_LDFLAGS).
 2013-01-03 14:20:49 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
b7ae7977a6 Cannot wrap sigsetjmp() or we end up returning to the wrong place. 
Use a macro instead.
 2012-11-29 06:37:13 -05:00
Todd C. Miller
14e5f35d4d Include missing.h for __printflike. 2012-11-25 11:51:43 -05:00
Todd C. Miller
2632ec7e69 Move warn/error into common and make static builds work. 2012-11-25 09:34:40 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
4bde57b8b2 Rename warning2()/error2() -> warning_nodebug()/error_nodebug(). 2012-11-25 09:34:10 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
6849fff4d7 See DEFAULT_TEXT_DOMAIN 2012-11-25 08:10:12 -05:00
Todd C. Miller
0178d5ae01 Set group on sudo_debug when creating it to gid 0 so systems without 
BSD group semantics don't get the invoking user's group.
 2012-11-12 17:12:34 -05:00
Todd C. Miller
acf8af9aac #unifdef HAVE_SETLOCALE, it is C89 so no need to check for it. 2012-11-12 08:51:58 -05:00
Todd C. Miller
4bd4a91714 Parse sudo.conf in the "C" locale. 2012-11-12 05:42:48 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
f8660f9988 Add variants of warn/error and sudo_debug_printf that take a va_list 
instead of a variable number of args.
 2012-11-08 15:37:42 -05:00
Todd C. Miller
1cf3def4be If vasprintf() fails, just use the errno it sets instead of assuming 
ENOMEM.
 2012-10-02 14:45:18 -04:00
Todd C. Miller
1d90c0ad71 No need to translate "unable to allocate memory" when we can just 
use the system translation via strerror().
 2012-09-17 16:59:26 -04:00
Todd C. Miller
e5257d48d7 Print a trailing newline in lbuf_print() when there is not enough 
space to do word wrapping and the lbuf does not end with a newline.
 2012-09-04 10:42:09 -04:00
Todd C. Miller
241b2395cf Reduce the number of "internal error, foo overflow" messages that 
need to be translated.
 2012-08-10 12:18:38 -04:00
Todd C. Miller
d89b1a6be2 Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers 
data source.  From Daniel Kopecek and Pavel Brezina.
 2012-08-10 11:59:26 -04:00
Todd C. Miller
a7424cc002 If sudo.conf contains an I/O plugin but no policy plugin, use sudoers 
for the policy plugin.  If a policy plugin is specified without an
I/O plugin, only the policy plugin will be loaded.
 2012-08-09 14:11:41 -04:00
Todd C. Miller
9c9cf9da41 Do not set a resource limit to zero when we are unable to fetch a 
value from /etc/security/limits.
 2012-07-06 10:10:03 -04:00
Todd C. Miller
f8f0021710 Add configure check for building PIE executables instead of doing 
it in mkpkg.
 2012-07-02 10:12:41 -04:00
Todd C. Miller
9497df293a Don't run regress tests or sudoers sanity check (using the newly-built 
visudo) when cross compiling.  Bug #560
 2012-06-20 13:38:17 -04:00
Todd C. Miller
d29aede203 No longer throw an error if sudoers is a symbolic link. Deprecated 
the --with-stow option as that is now (effectively) the default.
 2012-05-21 13:30:59 -04:00
Todd C. Miller
38ea65203a Move ttysize.c to common so sudoreplay can use it. 2012-04-06 16:41:08 -04:00