isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,175 Commits 1 Branch 0 Tags
3d73f05e3b1b349627faca2a42d0dc6fa42a6472
Commit Graph

2704 Commits

Author SHA1 Message Date
Sebastian Rasmussen
3d73f05e3b Fix typo in warning message. 2020-05-16 10:44:27 -06:00
Todd C. Miller
26b599a5b1 Add missing sys/wait.h include; fixes a compilation problem on musl libc. 2020-05-15 19:08:16 -06:00
Todd C. Miller
83d1bee918 Rename sudo_parse_host_port -> iolog_parse_host_port and mv to lib/iolog 
It is not used outside of the I/O log client and server and the
host:port syntax may change in the future.
 2020-05-11 08:47:54 -06:00
Todd C. Miller
fbf25112e6 Remove duplicate inclusion of time.h 2020-05-11 08:46:58 -06:00
Todd C. Miller
fc79cbc317 Only enable TLS listener by default if we have a cert for it. 
We want the log server to work with the default configuration.  If
the default certificate path exists, it will be used with the default
listener.  If the user explicitly enabled a TLS listener we always
attempt to use it.  If TLS was specified but no cert file was set,
the default location will be used (and an error will occur if the
cert cannot be loaded).
 2020-05-08 16:07:55 -06:00
Todd C. Miller
3de3de8b75 regen for 1.9.0 final 2020-05-07 12:23:13 -06:00
Todd C. Miller
0cf2e09e0c Apply spelling fixes. 
Fixes from PR #30 (ka7) and Bug #925 (fossies.org codespell)
 2020-05-06 09:27:43 -06:00
Todd C. Miller
f261d58af8 Updated translations from translationproject.org 2020-05-05 13:36:30 -06:00
Todd C. Miller
6901fc97ac Add a ClientHello message that client sends to the server. 
This makes it easier to detect a plaintext client sending to a
TLS port.  Without this, the TLS server will be silent as it
waits for the client to initiate the TLS connection.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
1e765e1caf Better error messages when there is a problem with the TLS connection. 
If SSL_read, SSL_write or SSL_connect fails we can use the reason
string to let the user know what the problem is.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
1f8da42f9a Warn about tls errors during startup so the user has a clue. 
We write messages to stderr until we become a daemon.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
8186b98208 Adapt sudoers iolog client to log server dual port changes. 
The TLS handshake now occurs before the ServerHello message is read.
This fixes potential man-in-the-middle attacks and works better with
TLS 1.3.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
b5a317aeb9 Add support for a tls flag in sudo_parse_host_port(). 
If the string "(tls)" appears at the end, the tls flag is set to true
and the default tls port is used if necessary.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
7d621fc6f1 Plug memory leaks in sudo_sendlog 2020-05-04 11:25:47 -06:00
Todd C. Miller
aba4915b83 On error, remove the connection with an error without freeing the closure. 
Fixes the final message at the end when there is a network error.
 2020-04-30 15:54:35 -06:00
Todd C. Miller
3b7768be76 Don't free TLS on error in tls_init(), it is freed in client_closure_free(). 
Fixes a double free on error introduced with the TLS state cleanup in
client_closure_free().
 2020-04-28 10:52:09 -06:00
Todd C. Miller
557be2b0b1 Shut down the TLS connection cleanly in client_closure_free(). 
Also free the SSL data which is part of the client closure.
 2020-04-21 15:01:44 -06:00
Todd C. Miller
af4eb80dfb Fix typo 2020-04-17 15:37:41 -06:00
Todd C. Miller
132b943a2d Only display error string once on I/O error. 
We already include the error string in the format so no need to use
errno too.
 2020-04-17 15:36:45 -06:00
Todd C. Miller
ae7bb12335 Free passwd and group caches in I/O plugin after log_warning(), not before. 
The logging functions may try to use the cache via set_perms(PERM_ROOT).
 2020-04-17 15:07:25 -06:00
Todd C. Miller
75b9a26a37 If the signal.Signals enum is not present, search the dictionary. 
The Signals enum was added in Python 3.5.  If it is not present we
need to iterate over the dictionary items, looking for signal name
to number mappings.  Fixes the signal tests with Python 3.4.
 2020-04-09 10:49:59 -06:00
Todd C. Miller
57cef10ce9 Python dictionaries are sparse so we cannot use pos as an index. 
When converting sudo options from a dictionary to a tuple we need
to track the current index into the tuple separately from the
position of the dictionary entry.
 2020-04-09 08:34:29 -06:00
Todd C. Miller
69b6783be6 Store the result of ERR_get_error() so we can use it for both warn and debug. 
Otherwise, only the debug framework gets the actual error and the
user won't see the problem.
 2020-04-08 09:26:41 -06:00
Todd C. Miller
6a2b5fd82f Handle dependencies for .h files in the same directory as the source. 
Fixes missing header dependencies for the sudoers and python plugins.
 2020-04-07 14:03:58 -06:00
Todd C. Miller
5b488f313c Increase the maximum delay again for slower systems. 
Otherwise we may get a spurious test failure.
 2020-04-07 14:03:58 -06:00
Todd C. Miller
cd74b83c21 Make most python tests pass with Python 3.4 
Dictionary order is not stable in Python < 3.6 so we need to sort
by key to have consistent results.
The LogHandler output is also different on older Python versions.
Also, don't stop running python tests after the first error.
 2020-04-07 14:03:58 -06:00
Todd C. Miller
fa5025a569 Use regex to match __init__.py instead of hacking it in verify_log_lines() 2020-04-07 14:03:58 -06:00
Todd C. Miller
a77ef93f8a Use regular expressions when matching expected and actual text. 2020-04-07 14:03:58 -06:00
Todd C. Miller
8a2c0d784f Sort the list of possible plugins before printing it. 
This gives more reproducible error messages for the tests.
 2020-04-07 14:03:58 -06:00
Todd C. Miller
02a117f336 Avoid using typing annotations so tests run with Python 3.4. 2020-04-07 14:03:58 -06:00
Todd C. Miller
e31e0c4d3f Don't pass a NULL submitcwd or ttyname value to the server. 
It is possible for the cwd and/or tty to be missing.  If we send a
NULL pointer to the server where it expects a string the AcceptMessage
will fail to parse.
 2020-04-06 07:18:58 -06:00
Todd C. Miller
93f5e1be36 Fall back to using Py_Finalize() for Python version < 3.6 2020-04-06 07:05:20 -06:00
Todd C. Miller
1d008b92f5 Truncate the command args at 4096 chars when formatting SUDO_COMMAND. 
We have to limit the length of SUDO_COMMAND to avoid getting E2BIG
from execve(2) for very long argument vectors.
The command's environment also counts against the ARG_MAX limit.
Debian bug #596631
 2020-04-02 13:01:58 -06:00
Todd C. Miller
9b8cb1a57a Do not try to delete creds we did not set. 
If pam_setcred() fails when opening the PAM session, we don't want
to call it with PAM_DELETE_CRED when closing the session.
 2020-04-02 09:32:41 -06:00
Todd C. Miller
ec3fdd3aa8 Add a force flag to sudo_auth_cleanup() to force immediate cleanup. 
This is used for PAM authentication to make sure pam_end() is called
via sudo_auth_cleanup() when the user authenticates successfully but
sudoers denies the command.  Debian bug #669687
 2020-04-01 14:41:38 -06:00
Todd C. Miller
5e95c24d81 Increase the maximum delay for slower systems. 
Otherwise we may get a spurious test failure.
 2020-04-01 10:23:50 -06:00
Todd C. Miller
93aa9f9e90 Add cwd_optional to command details and enable it in the sudoers plugin. 
If cwd_optional is set to true, a failure to set the cwd will be a
warning, not an error, and the command will still run.
Debian bug #598519
 2020-03-31 19:43:48 -06:00
Todd C. Miller
5b1de6cfc8 Updated translations from translationproject.org 2020-03-29 05:05:09 -06:00
Todd C. Miller
0f0d03a575 Update sudoers.pot with json parser warnings. 2020-03-29 05:05:08 -06:00
Todd C. Miller
cffda82e20 Do not use JSON_ARRAY with sudo_json_add_value() 2020-03-29 05:05:08 -06:00
Todd C. Miller
f24dacdee2 Create files for check_iolog_plugin in the build dir, not src dir. 2020-03-29 05:05:08 -06:00
Todd C. Miller
056173e572 Parse I/O JSON info file in JSON if present. 
The JSON version includes more information than the original "log"
file in the I/O log dir.
 2020-03-29 05:05:08 -06:00
Todd C. Miller
ea9b711a70 Write an extended I/O info log in JSON format. 
This will be used by sudoreplay if it exists to get more information
about the command being replayed.
 2020-03-29 05:05:08 -06:00
Todd C. Miller
a644c1d1d2 iolog_parse_loginfo() now opens the log file itself. 2020-03-29 05:05:08 -06:00
Todd C. Miller
5034ea91be Some new source files got created with my old email address. 2020-03-29 05:05:08 -06:00
Todd C. Miller
390ace9253 Only set errstr for plugin API version 1.15 and above. 2020-03-16 14:26:56 -06:00
Todd C. Miller
7ace49a333 regen 2020-03-12 17:39:56 -06:00
Todd C. Miller
a23048bbb2 Avoid using sprintf(), vsprintf(), strcat(), and strncat(). 
It is less error-prone to use functions with a return value that
indicates when truncation ocurred.
 2020-03-11 19:46:07 -06:00
Todd C. Miller
1015b493b0 Work around two Coverity false positives; CID 208813 208815 2020-03-11 19:30:00 -06:00
Todd C. Miller
ec78f06890 Don't hard-code path to logging/__init__.py or line numbers. 
Allows python plugin tests to success on versions other than 3.7.
 2020-03-11 17:18:10 -06:00