isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,027 Commits 1 Branch 0 Tags
49f2d67070b51f6b72f8189b53abe9de6e2c727b
Commit Graph

522 Commits

Author SHA1 Message Date
Todd C. Miller
3d2082cdf3 Add SUDO_CHECK_NET_FUNC to check functions in the network libraries. 
If a function is not found, check again with "-lsocket", "-linet",
"-lsocket -lnsl", or "-lresolv".
Also display network libs in final summary as well as the different
linker flags.
 2022-12-06 16:09:26 -07:00
Todd C. Miller
2c97e7f471 Remove extraneous "(cached)" line when the -C option is used. 
We do not need to call AC_CACHE_VAL() to ensure that a variable is
cached, its name just needs to match the pattern *_cv_*.
 2022-12-06 13:47:03 -07:00
Todd C. Miller
1b76f76122 Use AC_PATH_PROGS_FEATURE_CHECK to find mandoc/nroff. 
We don't use the NROFFPROG or MANDOCPROG any longer so no need
to set those.
 2022-12-06 12:18:26 -07:00
Todd C. Miller
dd1eb1f6c5 Don't check for _sys_siglist if sys_siglist is found. 2022-12-06 10:05:03 -07:00
Todd C. Miller
fd6484917e Fix check for sys_sigabbrev. 2022-12-06 08:55:44 -07:00
Todd C. Miller
29c36a3c1d Skip test for __func__ on C99 and above, avoid extra _sys_signame test. 2022-12-05 19:26:57 -07:00
Todd C. Miller
38ffd03cd6 Move gettext checks to m4/gettext.m4 2022-12-05 19:26:50 -07:00
Todd C. Miller
12da6bd0ce Move LDAP library checks to m4/ldap.m4 and make more tests cacheable. 2022-12-05 16:52:34 -07:00
Todd C. Miller
00e22508a7 Move OpenSSL/wolfSSL checks to m4/openssl.m4 2022-12-05 16:45:18 -07:00
Todd C. Miller
f515c238bc Move PIE executable checks to m4/pie.m4 2022-12-05 12:34:12 -07:00
Todd C. Miller
4220e6631b Move address sanitizer and fuzzer checks to m4/sanitizer.m4 2022-12-05 12:33:44 -07:00
Todd C. Miller
ea5668086c Move symbol visibility checks to m4/visibility.m4 2022-12-05 12:33:42 -07:00
Todd C. Miller
5bf5a4e26c Move hardening checks to m4/hardening.m4 2022-12-05 12:32:53 -07:00
Todd C. Miller
8718fc2083 Make cpp variadic arguments check into a macro and move to sudo.m4. 
Also move the PVS-Studio.cfg generation to sudo.m4.
 2022-12-05 09:47:21 -07:00
Todd C. Miller
16ae61dcd7 Use C23 [[__fallthrough__]] and [[__noreturn__]] attributes if supported. 
If the C23 attributes are not supported, use gcc-style attributes
where possible.
 2022-11-29 16:28:27 -07:00
Todd C. Miller
cfdcd96b63 Move the check for the fallthrough attribute outside the warnings block. 
Use AX_APPEND_FLAG instead of addind to CFLAGS directly.
 2022-11-29 16:04:14 -07:00
Todd C. Miller
0044893961 Use AC_SYS_YEAR2038 instead of setting _TIME_BITS by hand. 2022-11-16 19:29:22 -07:00
Todd C. Miller
03559d0770 Replace foo in descriptions with 'foo' 2022-11-16 10:10:20 -07:00
Todd C. Miller
cc0615059f Fix insufficient quoting in AC_CHECK_LIB() calls. 2022-11-16 10:22:28 -07:00
Todd C. Miller
bef72f76f6 Add -Wvla and -Walloca to --enable-warnings 2022-11-15 11:05:42 -07:00
Todd C. Miller
3cfba230c5 configure: only check for getauxval() if getentropy() is missing. 2022-11-11 11:04:58 -07:00
Todd C. Miller
28dbad3342 Remove checks for random() and lrand48(), they are no longer used. 
Also remove duplicate checks for arc4random() and getentropy().
 2022-11-11 09:37:49 -07:00
Todd C. Miller
3d0fcc0ff2 Skip check for cpp variadic macro support if the compiler supports C99. 2022-11-11 09:09:31 -07:00
Todd C. Miller
6b005e8114 HI-UX/MPP is based on OSF-1, not HP-UX 
Completely untested.
 2022-11-11 08:45:58 -07:00
Todd C. Miller
a142bc1830 Only check for utmps.h on HP-UX. 2022-11-11 08:32:41 -07:00
Todd C. Miller
a3684d7f3b Only check for sys/syscall.h on Linux. 
We only use it in the Linux-specific getentropy() emulation code.
 2022-11-11 08:11:26 -07:00
Todd C. Miller
feba299f22 configure: avoid running unnecessary tests on modern systems. 
Remove AC_SYS_POSIX_TERMIOS, AC_TYPE_MODE_T, AC_TYPE_UID_T.
Add missing checks for int16_t, uint16_t, int32_t, and int64_t.
Only check for intmax_t, uintmax_t and bit-width types if missing
both inttypes.h and stdint.h.
Remove unused clockid_t replacement.
 2022-11-11 07:05:26 -07:00
Todd C. Miller
3df1e9a073 sudo 1.9.12p1 2022-11-04 14:19:27 -06:00
Todd C. Miller
366217571e configure: better test for -fstack-clash-protection 
The gcc front-end may accept -fstack-clash-protection even if the
machine-specific code does not support it.  We use a test program
with a large stack allocation to try to cause the compiler to insert
the stack clash protection code, or fail if not supported.
GitHub issue #191
 2022-10-27 20:02:37 -06:00
Todd C. Miller
6a2075b671 Check that compiler accepts -fstack-clash-protection and -fcf-protection. 
Previously, we only checked that linker accepted them.
GitHub issue #191
 2022-10-27 18:33:41 -06:00
Todd C. Miller
d37710b0f6 Use mkdtempat_np() and mkostempsat_np() on macOS 2022-09-22 11:34:00 -06:00
Todd C. Miller
376d18b5da Add fchownat() systems without it. 2022-09-21 19:08:12 -06:00
Todd C. Miller
86c108b50b Add mkdtempat() and mkostempsat() for systems without them. 2022-09-21 19:08:11 -06:00
Todd C. Miller
304726a215 Move gcc-style __attribute__ macros to config.h.in 
Renamed __malloc -> sudo_malloclike, __printflike -> sudo_printflike,
__printf0like -> sudo_printf0like.
Add sudo_noreturn instead of __attribute__((__noreturn__)).
We do not use stdnoreturn.h since it has been deprecated in C23
in favor of the [[noreturn]] attribute.
 2022-09-07 07:48:31 -06:00
Todd C. Miller
14356c1940 Use process_vm_readv(2) and process_vm_writev(2) if available. 
This is faster than reading/writing from/to the remote process one
word at a time using PTRACE_PEEKDATA and PTRACE_POKEDATA.
 2022-08-25 12:37:19 -06:00
Todd C. Miller
a366c623f1 Use our own arc4random() in preference to the glibc version. 
The glibc arc4random() may fail in chroot on older kernels and exit.
 2022-08-04 13:11:07 -06:00
Todd C. Miller
b422ddea75 Sudo 1.9.12. 2022-08-02 14:28:30 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
b3a8cad346 A typo prevented -Wno-deprecated-declarations from being used on macOS. 2022-06-28 15:43:27 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
01a9e5a157 Sudo 1.9.11p3 2022-06-20 16:58:03 -06:00
Todd C. Miller
04746d0e65 Sudo 1.9.11p2 2022-06-12 08:05:00 -06:00
Todd C. Miller
d2bf3aad06 Sudo 1.9.11p1 2022-06-08 08:31:27 -06:00
Todd C. Miller
7689b8718c Check for SECCOMP_MODE_FILTER not SECCOMP_SET_MODE_FILTER. 
This matches the actual prctl() call we use.
 2022-06-07 10:50:59 -06:00
Todd C. Miller
96c3c28194 Add EXAMPLES variables for use in the man pages for the examples directory. 2022-06-06 08:36:44 -06:00
Todd C. Miller
25a26f5042 Avoid using vfork(2) in the DSO system(3) wrapper. 
Traditional vfork(2) semantics make it unsafe for use for more than
just vfork(2) + execve(2).
 2022-06-03 09:43:34 -06:00
Todd C. Miller
cec83a05a3 Add configure check for vfork(2) and fall back to fork(2) if missing. 2022-05-31 14:47:39 -06:00
Todd C. Miller
1c83161622 On AIX, fmemopen(3) has a bug where feof() returns false at EOF. 
See https://www.ibm.com/support/pages/apar/IJ11845
 2022-05-29 15:52:48 -06:00
Todd C. Miller
9bb288d10e Regenerate files after merging AppArmor integration. 2022-05-27 08:30:34 -06:00
kernelmethod
0b541c2029 Add a --with-apparmor build flag 
Add a new build flag, --with-apparmor, that builds sudo with AppArmor
support. Modify the build script for Debian and Ubuntu to enable this
flag by default.
 2022-05-23 13:41:14 -06:00