isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,874 Commits 1 Branch 0 Tags
49d56f323e7636e0aa26d45485fb9effe67cee2c
Commit Graph

7874 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
bb19428fce Fix check for SIZE_MAX, which should be in stdint.h not limits.h. 2015-02-02 14:36:38 -07:00
Todd C. Miller
fd149e632e Need to include inttypes.h for SIZE_MAX 2015-02-02 14:20:24 -07:00
Todd C. Miller
fde8776d54 regen 2015-02-02 13:53:44 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
e71726d0f9 Update copyright year. 2015-01-31 19:02:40 -07:00
Todd C. Miller
7ec9cfb493 When querying LDAP netgroups, use the NIS domain if it is sent but 
also match nisNetgroupTriple entries that have no domain.
 2015-01-30 14:45:22 -07:00
Todd C. Miller
97469c243c Avoid setting the tty to non-blocking mode so "sudoreplay | cat" 
(for example) works as expected.  We only read a single byte from
the keyboard and only when interactive anyway so this should be fine.
 2015-01-30 13:07:21 -07:00
Todd C. Miller
00e7dbd645 regen 2015-01-30 12:57:27 -07:00
Todd C. Miller
0ac881ba4b Avoid a cppcheck warning about undefined behavior (using the address 
of a stack buffer - 1) and fix a memory leak of the iov when
doing nl->crnl conversion.
 2015-01-30 10:45:15 -07:00
Todd C. Miller
1517d18b1d Add Steven Soulen 2015-01-30 09:24:46 -07:00
Todd C. Miller
770e6ca190 Fix handling of partial writes from writev() which can occur with 
large output buffers.
 2015-01-30 09:23:30 -07:00
Todd C. Miller
4dd2a3c6b8 Add support for querying netgroups directly via LDAP since there 
is no other way to look up all the netgroups for a user (unlike
regular groups).  This introduces netgroup_base and netgroup_search_filter
options to ldap.conf.  Based on a diff from Steven Soulen.
 2015-01-29 14:08:30 -07:00
Todd C. Miller
4ae3ab43c0 Sort ldap.conf options. 2015-01-27 09:29:02 -07:00
Todd C. Miller
741bb8ec79 Add macros to ease the checking of strlcpy, strlcat and 
sudo_ldap_value_cat return values.
 2015-01-22 11:42:32 -07:00
Todd C. Miller
57553fffdd Rename VALIDATE_OK -> VALIDATE_SUCCESS 
Rename VALIDATE_NOT_OK -> VALIDATE_FAILURE
 2015-01-21 11:03:48 -07:00
Todd C. Miller
399d364a90 Remove now-unused VALIDATE_ERROR define. 2015-01-21 10:36:55 -07:00
Todd C. Miller
5415b3d2af should_mail() now returns bool. 2015-01-21 10:33:56 -07:00
Todd C. Miller
2188c83a20 If sudo_debug_register() fails return SUDO_DEBUG_INSTANCE_INITIALIZER, 
not -1.  Otherwise we could end up setting the instance to -1 which
is invalid.
 2015-01-21 10:08:41 -07:00
Todd C. Miller
721cab85e7 Fix typo. 2015-01-21 08:51:41 -07:00
Todd C. Miller
716e6a991a Use "mandoc -Tascii" to generate .cat pages to avoid locale-specific 
characters.
 2015-01-21 08:51:27 -07:00
Todd C. Miller
a33d88c996 Use AC_PATH_PROG to find programs instead of checking the path manually. 2015-01-19 14:25:17 -07:00
Todd C. Miller
d2d9e6fcc1 Sync with OpenBSD version 2015-01-16 06:48:08 -07:00
Todd C. Miller
f80ffcc917 Use AC_CHECK_HEADERS_ONCE and AC_CHECK_FUNCS_ONCE where 
possible and quote the first args in AC_CHECK_FUNCS calls.
 2015-01-15 21:00:01 -07:00
Todd C. Miller
55a34e6941 Avoid inadvertantly defining things like PATH_MAX simply because 
the source file doesn't include limits.h.
 2015-01-15 17:01:30 -07:00
Todd C. Miller
078ba38067 Update to libtool 2.4.4 + HP-UX patches 2015-01-14 17:00:16 -07:00
Todd C. Miller
acea28b9a5 Document why we need sys/param.h. 2015-01-14 11:01:41 -07:00
Todd C. Miller
532a0e6cc7 Don't need sys/param.h. 2015-01-14 11:00:01 -07:00
Todd C. Miller
19a8a69a92 Don't appear to need sys/param.h for pstat_getproc() on HP-UX even 
though the man page lists it.
 2015-01-14 10:58:32 -07:00
Todd C. Miller
6bd40c622b Should not need sys/param.h here. 2015-01-14 10:55:42 -07:00
Todd C. Miller
cb09010da5 Use standard CIDR -> netmask conversion and disallow 0-bit CIDRs. 2014-12-31 15:47:33 -07:00
Todd C. Miller
86fbde75b2 Update link to gq LDAP editor, now on sourceforge. 2014-12-24 08:05:22 -07:00
Todd C. Miller
237f3c9dfe Add support for GLOB_LIMIT from OpenBSD (not currently used) and 
also a limit on the max recursion depth for glob().
 2014-12-16 17:04:13 -07:00
Todd C. Miller
b633e88c12 Quiet compiler sign compare warning. 2014-12-16 10:46:25 -07:00
Todd C. Miller
88c4a9668e fnmatch fix 2014-12-10 14:06:34 -07:00
Todd C. Miller
d0c333969a Remove artificial limit on length of pattern and string. It is 
possible to use fnmatch() on things other than paths (such as
arguments) so a limit of PATH_MAX does not make sense.  Fixes a bug
where rules would fail to match if the length of the arguments were
larger than PATH_MAX (usually 1024).
 2014-12-10 14:00:12 -07:00
Todd C. Miller
b1dc5c54d8 Remove the extra /sudo in sudo.ws urls 2014-12-04 17:00:38 -07:00
Todd C. Miller
9d3fe082fc Reference bugzilla.sudo.ws 2014-11-27 09:51:06 -07:00
Todd C. Miller
e0d927a98a sync 2014-11-20 13:34:17 -07:00
Todd C. Miller
c287419788 Require that a digest be specified with a real command, not an alias 
or pseudo-command.  Found via a crash by afl.
 2014-11-19 17:07:24 -07:00
Todd C. Miller
034ad90e16 sync 2014-11-19 15:20:18 -07:00
Todd C. Miller
02b3fa2fdd French translation for sudoers from translationproject.org. 2014-11-19 15:20:11 -07:00
Todd C. Miller
29039859b7 Defer registration of the SIGCHLD handler until just before we exec 
the command.  Fixes a problem where pam_gnome_keyring installs its
own SIGCHLD handler and may not restore the original one.  As a
result, we now have to explicitly wait for the askpass helper to
finish.  Bug #657
 2014-11-18 14:05:51 -07:00
Todd C. Miller
552dbe5253 Mention sssd support in the sudoers.ldap manual and cross-reference 
sssd-sudo(5).
 2014-11-17 15:26:12 -07:00
Todd C. Miller
eab8a28abf Reorder an entry. 2014-11-16 07:30:55 -07:00
Todd C. Miller
bc6269e58b Prevent cppcheck from getting confused by our compat definition of 
the va_copy macro for pre-C99.
 2014-11-15 06:32:39 -07:00
Todd C. Miller
3870fdf622 Fix potential NULL pointer deref found by cppcheck. 2014-11-14 16:31:56 -07:00
Todd C. Miller
0c88ecd3bc Quiet a cppcheck false positive. 2014-11-14 16:31:30 -07:00
Todd C. Miller
cbe917c540 If there are multiple outputs, ap will be re-used so make a copy 
and operate on it instead.
 2014-11-14 16:30:22 -07:00
Todd C. Miller
1c96c5ec39 Fix typo in hook return value check. 2014-11-14 14:56:29 -07:00
Todd C. Miller
cafd7baa2d Mention visudo use of sudoers plugin args to set default sudoers 
file name and owner/mode.
 2014-11-14 14:17:01 -07:00