isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,433 Commits 1 Branch 0 Tags
6286ce1d16e11619efb8d5855b14dd296f355f9c
Commit Graph

10433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Manner
9b49d44e84 plugins/python: add a sudo python module 2019-12-14 12:55:42 -07:00
Robert Manner
a6bac23bab plugins/python: add ImportBlocker which forbids loading unsafe python modules 
If non root can alter any imported python modules, he is able to run
anything he would like to as root user.
This class is a helper to avoid such situation.

This feature can be disabled with 'DeveloperMode=1' plugin option.
 2019-12-14 12:55:42 -07:00
Robert Manner
babdcbd031 plugins/python: a plugin which can load policy/io plugin written in python 2019-12-14 12:55:42 -07:00
Robert Manner
311cf122e2 plugins/python: add sudo debug helpers 2019-12-14 12:55:42 -07:00
Robert Manner
c0d53d75eb src/load_plugins, plugins/sudoers: added developer_mode sudo.conf option 
It can be used to disable the enforcement that a plugin (shared object or
an imported python module) must be owned by root and not modifiable by
others.
This can make plugin development easier.
 2019-12-14 12:55:42 -07:00
Robert Manner
6710048c8d lib/util/sudo_debug.c: add a function for querying if debugging is needed 
for a level.
Rationale: this way we can avoid computing details for the log which will
not happen at all if the computation is slow.
 2019-12-14 12:55:42 -07:00
Robert Manner
80fa75f0e8 Makefile.in: fix calling log2cl when doing out of source build 
If doing build out of source and not calling configure by absolute path,
$(top_srcdir) variable will contain a path relative to the directory we
stand in. So, after changing the current directory "cd $(srcdir)", this
path will point to somewhere else making the install step fail.
 2019-12-14 12:55:42 -07:00
Todd C. Miller
a441580540 Update SUDO_CONV_REPL_MAX in docs. 2019-12-14 12:40:55 -07:00
Todd C. Miller
9f4409c256 Remove uncrustify.files in clean target 2019-12-14 06:30:32 -07:00
Todd C. Miller
60328e5c7e Add uncrustify config file for new sudo code style. 2019-12-13 19:28:53 -07:00
Todd C. Miller
3a0445af9c Bump SUDO_CONV_REPL_MAX from 255 to 1023 2019-12-13 19:27:39 -07:00
Todd C. Miller
3ec23ad5e1 Minor style cleanups. 
Remove extraneous break after return statement.
Convert two old K&R function declarations.
 2019-12-13 19:27:38 -07:00
Todd C. Miller
718e6997fc Save/restore the raw form of the file context in case mctrans is not available. 2019-12-11 13:06:05 -07:00
Todd C. Miller
b14d633ec6 Add runas_check_shell flag to require a runas user to have a valid shell. 
Not enabled by default.
 2019-12-09 19:29:45 -07:00
Todd C. Miller
df8f06609c Add a new flag "allow_unknown_runas_id" to control matching of unknown IDs. 
Previous, sudo would always allow unknown user or group IDs if the
sudoers entry permitted it.  This included the "ALL" alias.
With this change, the admin must explicitly enable support for unknown IDs.
 2019-12-09 17:14:06 -07:00
Todd C. Miller
d7b4f88658 Use cfmakeraw() in sudo_term_raw() instead of doing it manually. 2019-12-07 12:25:51 -07:00
Todd C. Miller
9d737441f4 Fix event loop called via I/O log close function. 
We need to set events that were pending in the old base in the new one.
Fixes sending the final I/O log data and the ExitMessage to the server.
 2019-12-07 08:42:12 -07:00
Todd C. Miller
d0b80b404c Replace timeleft with pending in sudo plugin event API. 2019-12-07 08:42:10 -07:00
Todd C. Miller
bf3b93f080 Use sudo_ev_pending() instead of the deprecated sudo_ev_timeleft(). 2019-12-07 08:42:09 -07:00
Todd C. Miller
22ffffe12b Add sudo_ev_pending(), used to check whether an event is pending. 2019-12-07 08:42:08 -07:00
Todd C. Miller
9314072848 Add TLS libs when linking check_iolog_plugin 2019-12-07 08:38:08 -07:00
Todd C. Miller
5711c1b497 Remove extraneous newlines in some sudo_warnx() calls. 2019-12-06 13:37:22 -07:00
Todd C. Miller
d98022177e Document log_server_cabundle, log_server_peer_cert and log_server_peer_key 2019-12-06 13:23:51 -07:00
Todd C. Miller
03d02c4ac5 Merge pull request #16 from laczau/master 
Proper handling of certificate chain file
 2019-12-06 10:23:08 -07:00
Laszlo Orban
5e36cc655c cert files can contain the full chain of trust, so load all certs in every case for verification 2019-12-06 11:17:12 +01:00
Todd C. Miller
a1e61f5ac0 Sync init_session() prototype with sudo_plugin.h and fix a typo. 2019-12-05 16:57:12 -07:00
Todd C. Miller
4b6de608c2 Only update the time stamp entry after the approval function has succeeded. 
Bug #910
 2019-12-04 12:38:22 -07:00
Todd C. Miller
049bbbfae1 Merge pull request #14 from sudo-project/tls-config-default-values 
Audit Server - add default values for cert paths
 2019-12-04 10:01:08 -07:00
Laszlo Orban
1dceb8bbb8 add default values for cert paths 2019-12-04 14:18:24 +01:00
Todd C. Miller
3ab29e29bb Add reference counting to debug register/deregister. 
Fixes a potential problem when an instance is re-registered.
 2019-12-03 20:03:19 -07:00
Todd C. Miller
7c782edf53 Only deregister the sudoers debug instance on last close. 
Reference count calls to sudoers_debug_register and only deregister
sudoers_debug_instance when refcnt reaches 0.
Fixes a problem where the debug system was deregistered when the
sudoers policy is closed even though the iolog plugin is active.
 2019-12-03 20:03:07 -07:00
Laszlo Orban
24cda2592a implement tls layer in iolog plugin 2019-11-28 15:58:56 +01:00
Laszlo Orban
a409d8f1fc process tls config options 2019-11-28 15:58:56 +01:00
Laszlo Orban
3ce51d40ce add audit server tls related configuration options to sudoers 2019-11-28 11:16:54 +01:00
Laszlo Orban
a9c2cf9272 optionally link sudoers with openssl libs 2019-11-28 11:07:05 +01:00
Laszlo Orban
f5e0e2a4bb Merge pull request #11 from sudo-project/audit-server-tls-async 
Sudo audit Server - TLS protocol update
 2019-11-27 08:29:19 +01:00
Laszlo Orban
06a0f89704 disable timeout for the reader after ServerHello message 2019-11-26 14:07:56 +01:00
Laszlo Orban
21e7fdfd55 use event timeout instead of socket timeout 2019-11-26 08:36:02 +01:00
Laszlo Orban
f4bbce6708 adapt sudo sendlog (async communication, unencrypted ServerHello message) 2019-11-26 08:36:02 +01:00
Todd C. Miller
1747e50090 Exit if the first call to logsrvd_conf_read() fails. 
It is not fatal if subsequent calls fail (due to SIGHUP) since we
keep a copy of the old config before installing the new one.
 2019-11-25 13:38:22 -07:00
Todd C. Miller
333ea878e2 Add some missing files to "make clean" and "make distclean" 2019-11-25 13:28:58 -07:00
Todd C. Miller
42adbca7ad Update .hgignore and convert to .gitignore 2019-11-25 12:57:03 -07:00
Laszlo Orban
f67d0d13cf ServerHello message is now unencrypted, TLS communication has been refactored to full async 2019-11-22 11:11:55 +01:00
Laszlo Orban
33f6a16764 extend ServerHello message with two fields (tls, tls_checkpeer) 2019-11-22 11:11:55 +01:00
Todd C. Miller
f976a5d866 For plugin API 1.15 and up, always call the plugin close function. 
Previously, it was only called when a command was run (including
sudoedit).  Now, plugin operations list, validate, invalidate, and
show_version are also closed.
 2019-11-20 10:57:47 -07:00
Todd C. Miller
2143746370 Avoid NULL deref on an error path if calloc() fails. 
Coverity CID 205873
 2019-11-19 19:00:31 -07:00
Todd C. Miller
e0a4b2d68a Fix potential fd leak when converting trailing newline to cr + nl. 
Coverity CID 205872
 2019-11-19 18:57:22 -07:00
Todd C. Miller
b31b830518 Document the process of creating self-signed certificates for sudo_logsrvd. 
Based on a document from Laszlo Orban.
 2019-11-19 14:29:40 -07:00
Todd C. Miller
c7cac7c0e6 Sync with argument handling in group_plugin.c 2019-11-19 12:46:21 -07:00
Todd C. Miller
a3266edc27 If a group plugin has optional arguments, NULL terminate the vector. 
Otherwise, the plugin cannot determine the end of arguments.
The behavior now matches the plugin documentation.
 2019-11-19 10:30:22 -07:00