queue functions. This includes a private queue.h header derived
from FreeBSD. It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
pid). We have to be careful to choose() either strtol() or strtoul()
depending on whether the string appears to be signed or unsigned.
Always using strtoul() is unsafe on 64-bit platforms since the
uid might be represented as a negative number and (unsigned long)-1
on a 64-bit system is 0xffffffffffffffff not 0xffffffff.
Fixes a problem with uids larger than 0x7fffffff on 32-bit platforms.
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length. This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
plugin_error.c instead of the error.c from the front-end. This
means sudoers_setlocale() needs to be independent of the sudo_user
struct and the defaults table. The sudoers locale is now updated
via a callback.
present but empty) and the -u option was not specified, set runas_pw
to user_pw instead of using runas_default. This is intended to be
used in conjunction with the Solaris Privilege Set support for rules
that grant privileges without changing the user.
Move authentication failure logging to log_auth_failure().
Both of these call audit_failure() for us.
This subtly changes logging for commands that are denied by sudoers
but where the user failed to enter the correct password. Previously,
these would be logged as "N incorrect password attempts" but now
are logged as "command not allowed". Fixes bug #563
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time. We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
hooks for getenv, putenv, setenv and unsetenv. This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
LOGIN_SETENV instead of rolling our own login.conf setenv support
since FreeBSD's login.conf has more than just setenv capabilities.
This requires us to swap the plugin-provided envp for the global
environ before calling setusercontext() and then stash the resulting
environ pointer back into the command details, which is kind of a
hack.
