isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,433 Commits 1 Branch 0 Tags
6286ce1d16e11619efb8d5855b14dd296f355f9c
Commit Graph

10433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00
Todd C. Miller
cef6e3687e Switch from memset_s() -> explicit_bzero(). 
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
 2020-08-10 19:24:32 -06:00
Todd C. Miller
8a97150f56 Define YYERROR_VERBOSE for bison and rename COMMENT -> '\n' 
This results in better error messages when there is a parse error
 2020-08-10 13:59:31 -06:00
Todd C. Miller
6702f4ac4e Some minor cleanup. 
Use ntuples instead of tuple_last
Strip leading and trailing double quotes using a single gsub()
ntuples will never be zero so don't bother checking
No need to explicitly close files in END
 2020-08-10 13:30:10 -06:00
Todd C. Miller
fa5d44b8b5 Quiet some clang 10 analyzer warnings. 2020-08-07 14:22:56 -06:00
Todd C. Miller
63dadad9df Refactor freeing of InfoMessage list into free_info_messages(). 
Also fixes a false positive from the clang analyzer.
 2020-08-07 14:22:28 -06:00
Todd C. Miller
5f5f28ac7c Require that a @include line end with a newline or EOF. 
We now parse the entire line before reading the include file.  This
is less surprising behavior and results in better error messages.
 2020-08-07 14:22:24 -06:00
Todd C. Miller
3235e4353c Display more specific parser error messages when possible. 2020-08-07 14:20:45 -06:00
Todd C. Miller
7c342e5862 Let the sudoers parser recover after a parse error. 
We currently just discard the line with the error.
 2020-08-07 14:20:21 -06:00
Todd C. Miller
91cc68d7fd Keep track of the position of the current token for error messages. 2020-08-07 14:13:25 -06:00
Todd C. Miller
99f43f8a00 Store the current line in our own buffer for better error messages. 2020-08-06 21:16:35 -06:00
Todd C. Miller
03816d020b Sync sample_approval.exp with sample_approval.c 2020-08-06 21:16:35 -06:00
Todd C. Miller
a8bfeba581 regen 2020-08-06 21:16:35 -06:00
Todd C. Miller
c90539015f Fix libssl dependency on Debian-based systems. 
Older systems may still have libssl1.0.0, not libssl1.1.
 2020-08-05 12:58:02 -06:00
Todd C. Miller
2a58b19f96 Add workaround for yyless() not resetting yy_at_bol. 2020-08-05 09:13:09 -06:00
Todd C. Miller
4bc70c02c1 Always use a linker script to hide symbols if it is supported. 
We use this even if the compiler has symbol visibility support so
we will notice mismatches between the exports file and __dso_public
annotations in the source code.
 2020-08-03 10:27:27 -06:00
Todd C. Miller
38e28dcbf5 Rename python_plugin.exp.in -> python_plugin.exp 
There is nothing dynamic in this file.
 2020-08-03 10:15:28 -06:00
Todd C. Miller
3b4d4ab8dd Add missing python_plugin.exp.in file and remove unneeded __dso_public 
This fixes building the python plugin on systems where the compiler
doesn't support symbol hiding (but wherethe linker does).
 2020-08-03 09:53:12 -06:00
Todd C. Miller
974f833e17 Use "foo in bar" syntax for testing existence of a key. 2020-08-02 06:43:35 -06:00
Todd C. Miller
838255bb80 Replace /*FALLTHROUGH*/ in generated code. 2020-08-02 06:42:57 -06:00
Todd C. Miller
c87a47735d Add ZFALLTHROUGH macro to use instead of /* FALLTHROUGH */ comments. 2020-08-01 13:43:27 -06:00
Todd C. Miller
03ad96e445 Use the fallthrough attribute instead of /* FALLTHROUGH */ comments. 2020-08-01 13:10:50 -06:00
Todd C. Miller
20fd3b6363 Rewrite mkdefaults in awk. 2020-07-30 13:12:29 -06:00
Todd C. Miller
feebbd6d24 Update translators. 2020-07-22 10:32:51 -06:00
Todd C. Miller
6ee98cf453 Prompt user before truncating a file to zero bytes. Bug #922. 2020-07-22 07:42:40 -06:00
Todd C. Miller
bcf96c153f Updated translations from translationproject.org 2020-07-19 11:32:42 -06:00
kuberlog
054939c1ed configure.ac: fix documentation about lecture 2020-07-21 08:47:03 -06:00
Todd C. Miller
bd24a322cc Handle openssl where there is no separate libcrypto pkgconfig file. 
In this case, just use the full openssl libs to get the sha2 functions.
 2020-07-16 08:15:02 -06:00
Todd C. Miller
10f8bb6398 Ignore --enable-gcrypt if --enable-openssl is also specified. 2020-07-16 07:32:13 -06:00
Todd C. Miller
6a9ed1998b Sudo 1.9.2 2020-07-15 10:46:31 -06:00
Todd C. Miller
be89bdcf7c Fix some warnings displayed by autoconf 2.69b 
This fixes the missing HAVE_GSSAPI_GSSAPI_H define in config.h.in.
TODO: replace shadow_funcs variable in function checks with literals
 2020-07-15 10:12:55 -06:00
Todd C. Miller
ac00a07018 Initialize sudo_conv and sudo_printf in sudoers_audit_open(). 
We will need them if there is an error parsing sudoers and leaving
them unset can result in NULL deref.  Also set the text domain to
"sudoers" like we do for the policy and I/O logging open functions.
Bug #934.
 2020-07-12 10:13:53 -06:00
Todd C. Miller
1e4ce8525a Updated translations from translationproject.org 2020-07-11 09:19:41 -06:00
Todd C. Miller
b9ad3704d7 Export sudoers_audit symbol for compilers without symbol visibility. 2020-07-06 13:28:21 -06:00
Todd C. Miller
d6bc75e1e0 Document the contents of the log.json file. 2020-07-06 12:35:41 -06:00
Todd C. Miller
3175049e45 Fix typo, runas_uid should be runas_gid. 2020-07-06 12:17:58 -06:00
Todd C. Miller
90dbdf8f30 Add sudoers_audit line for completeness, matching the documentation. 
When sudoers is loaded as a policy plugin, it will be loaded
automatically as an audit plugin.  Listing it explicitly in the
default sudo.conf file helps bring attention to the fact that sudoers
now supports the audit plugin type.
 2020-07-06 10:42:46 -06:00
Todd C. Miller
e9a39c149a Add some debugging statements around Defaults lookup. 2020-07-06 09:03:15 -06:00
Todd C. Miller
660738139b Replace #includedir with @includedir in default sudoers file. 2020-07-06 08:45:04 -06:00
Todd C. Miller
9ef09595f9 Allow HP-UX share libs and modules to link against static libs. 
hppa64 and ia64 use PIC by default
 2020-06-26 09:13:38 -06:00
Todd C. Miller
4cadd54951 Use pkg-config to find the openssl cflags and libs if possible. 
We support linking against static openssl libs too.
 2020-06-25 20:55:02 -06:00
Todd C. Miller
d04805eecb Fix parsing of /etc/redhat-release on RHEL 8. 
RedHat dropped the word "server" from the release name in redhat-release
which results in the awk script printing the wrong field.  Instead
of using awk, just use sed to pull out the version number immediately
following the word "release".
 2020-06-24 14:19:14 -06:00
Todd C. Miller
820d6ae207 regen without `scare quotes' 2020-06-24 05:40:42 -06:00
Todd C. Miller
df49897bd0 Replace or remove use of `scare quotes' 
These don't translate well and look odd in many fonts.
 2020-06-24 05:40:18 -06:00
Todd C. Miller
95ba6645d2 Add FALLTHROUGH comments to quiet -Wimplicit-fallthrough 2020-06-20 14:23:19 -06:00
Todd C. Miller
1cec928d17 Fix implicit fallthrough warning and add break to default cases. 2020-06-20 14:11:40 -06:00
Todd C. Miller
5e9346d4e9 Add -Wimplicit-fallthrough to --enable-warnings if available. 
Note that clang 10 has support for -Wimplicit-fallthrough in C code
but doesn't recognize lint-style FALLTHROUGH comments like gcc does
so we can't use it.
 2020-06-20 13:51:02 -06:00
Todd C. Miller
23b1ee2f45 Fix some warnings from configure test programs. 2020-06-20 13:51:02 -06:00
Todd C. Miller
f2dce25ac1 Drop old test for -lcposix for ISC Unix. 2020-06-20 11:21:27 -06:00
Todd C. Miller
802058b362 Mention sudo-blog announce list. 2020-06-19 10:26:43 -06:00