isa/sudo - sudo - Subgraph Gitea

isa/sudo

Author	SHA1	Message	Date
Todd C. Miller	b5a317aeb9	Add support for a tls flag in sudo_parse_host_port(). If the string "(tls)" appears at the end, the tls flag is set to true and the default tls port is used if necessary.	2020-05-05 13:23:26 -06:00
Todd C. Miller	42df431ce2	Make the default certificate and key paths match the example file.	2020-05-04 11:33:04 -06:00
Todd C. Miller	18ff60f6ff	Disable IPv4-mapped IPv6 addresses in the listener. Also store the host + port string and use it in error messages.	2020-04-08 08:54:28 -06:00
Todd C. Miller	f908ddd1bf	Create a pidfile for sudo_logsrvd when not run with the -n flag.	2020-03-29 05:05:08 -06:00
Todd C. Miller	5034ea91be	Some new source files got created with my old email address.	2020-03-29 05:05:08 -06:00
Todd C. Miller	f40b4c2887	Open event log at config time instead of open/close for each entry. If logging via syslog, do the openlog() at config time instead. We still lock the log file prior to writing to it but unlock immediately after.	2020-02-22 16:13:56 -07:00
Todd C. Miller	5781a6a4cf	Add support for JSON logging in sudo_logsrvd.	2020-02-17 16:10:56 -07:00
Todd C. Miller	25542216fe	Fix support for reloading the config in sudo_logsrvd. We need to re-initialize the TLS server context. Also fix a memory leak of the TLS parameters on reload.	2020-02-17 15:01:38 -07:00
Laszlo Orban	24c9438486	logserver option to disable certificate verification on server side and server authentication on client side	2020-01-23 10:12:12 -07:00
Laszlo Orban	38160d0ccb	logserver: enable/disable SO_KEEPALIVE socket option based on tcp_keepalive configuration option in sudo_logsrvd.conf	2020-01-22 10:52:18 -07:00
Todd C. Miller	486ee2b71f	debug_decl and debug_decl_vars now require a semicolon at the end.	2019-12-22 08:48:16 -07:00
Laszlo Orban	1dceb8bbb8	add default values for cert paths	2019-12-04 14:18:24 +01:00
Laszlo Orban	21e7fdfd55	use event timeout instead of socket timeout	2019-11-26 08:36:02 +01:00
Todd C. Miller	3689839a0e	Move cb_timeout() out from under the HAVE_OPENSSL ifdef.	2019-11-15 13:33:47 -07:00
Laszlo Orban	b9641816d6	set timeout value for the socket	2019-11-15 09:52:48 +01:00
Laszlo Orban	e201f104d4	make audit server openssl dependency optional; tls layer is compiled only if sudo is built with --enable-openssl feature switch	2019-11-15 09:52:48 +01:00
Laszlo Orban	2c5e421761	add configuration options for TLS	2019-11-12 10:26:48 +01:00
Todd C. Miller	b270b0c887	Split out code to parse host:port into a utility function.	2019-11-02 12:04:26 -06:00
Todd C. Miller	955fa11b53	Clear the write bit on the timing file for completed logs. This allows us to tell whether or not a log can be restarted.	2019-10-24 20:04:33 -06:00
Todd C. Miller	13e3eaad5f	Simplify iolog_set_user and iolog_set_group	2019-10-24 20:04:33 -06:00
Todd C. Miller	aaf5d0dc6e	Read logsrvd.conf in two steps: first read, then apply if OK. This fixes a problem where when logsrvd.conf was reloaded while running (due to SIGHUP) and there was an error we could end up with a partial config.	2019-10-24 20:04:33 -06:00
Todd C. Miller	16b3513a95	Fix Coverity CID 204355, resource leak on error path.	2019-10-24 20:04:32 -06:00
Todd C. Miller	76eec78a33	Add basic support for event logging using a sudo-style log format.	2019-10-24 20:04:32 -06:00
Todd C. Miller	402820e8cf	Convert sudo_logsrvd.conf to ini file format	2019-10-24 20:04:32 -06:00
Todd C. Miller	af7f65fdfd	Mark logsrvd and sendlog strings for translation in the sudoers domain	2019-10-24 20:04:32 -06:00
Todd C. Miller	534aba7a3e	Make the logsrvd port and list address configurable.	2019-10-24 20:04:32 -06:00
Todd C. Miller	7ba7c5835e	Enable sudo_logsrvd.conf settings.	2019-10-24 20:04:31 -06:00
Todd C. Miller	059b55ce72	Refactor code in sudoers that creates I/O log files to share with logsrvd.	2019-10-24 20:04:31 -06:00
Todd C. Miller	a808dd45c2	Add config file support for logsrvd	2019-10-24 20:04:31 -06:00

1 2

79 Commits