isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,277 Commits 1 Branch 0 Tags
6953e7fc798bb33c4e4fb3817e49ad624fadea4c
Commit Graph

2314 Commits

Author SHA1 Message Date
Todd C. Miller
3c562facca Fix test output for bug #845 2018-08-20 05:49:57 -06:00
Todd C. Miller
5af2682283 Fix pasto when converting sudoNotAfter; from Miguel Sanders 
Bug #845
 2018-08-20 05:48:14 -06:00
Todd C. Miller
3f1470ebed Use a monotonic timer that only runs while not suspended for the 
iolog timing values and write nsec-precision entries.
 2018-08-19 09:55:08 -06:00
Todd C. Miller
afad4eb94d Fix I/O log timing file on systems without a C99-compatible snprintf(). 
On those systems we use our own snprintf() that doesn't support
floating point.  We don't actually need floating point in this case
since the we can print seconds and microseconds without using it.
 2018-08-18 20:29:30 -06:00
Todd C. Miller
92975ee7c7 Fix get_starttime() on HP-UX. 2018-08-17 15:58:17 -06:00
Todd C. Miller
9317367e29 Add CHECK_SYMBOLS_LDFLAGS to check_symbols target. Non-ELF HP-UX 
executables don't support SHLIB_PATH or LD_LIBRARY_PATH unless ld
is passed the +s flag.  This lets the check_symbols test pass on
systems where the ldap libraries aren't installed in the standard
location.
 2018-08-16 21:07:36 -06:00
Todd C. Miller
7a929ce135 Add debugging info so we can tell why a timestamp record doesn't match. 2018-08-15 09:19:50 -06:00
Todd C. Miller
a7b42e9b20 sync with translationproject.org 2018-08-13 06:16:28 -06:00
Todd C. Miller
418bf793f7 Fix the return value of sudoers_io_change_winsize() on success. 
Otherwise, we only log a single window size change.
 2018-08-11 21:29:43 -06:00
Todd C. Miller
d026469289 sync with translationproject.org 2018-08-11 19:57:14 -06:00
Todd C. Miller
0053b07ed3 sync with translationproject.org 2018-08-06 13:14:43 -06:00
Todd C. Miller
1e5af35564 Refactor code to convert defaults to tags and do conversion on 
output for "sudo -l".

Remove the short_list (was long_list) global in favor of a verbose
argument.
 2018-08-05 07:17:34 -06:00
Todd C. Miller
413b53cda3 Assign short_list true, not 1 now that it is a boolean. 2018-08-04 20:02:00 -06:00
Todd C. Miller
db387a53a6 fix typo 2018-08-04 07:38:47 -06:00
Todd C. Miller
9cc09e4372 Fix a warning on FreeBSD which has a fancier __containerof implementation. 2018-08-03 11:45:01 -06:00
Todd C. Miller
6a692fec31 sync with translationproject.org 2018-08-03 10:14:58 -06:00
Todd C. Miller
608574a219 For ldap/sssd, include defaults in the generate privilege unless 
we are listing in short mode (in which case we convert them to tags
if possible).  Fixes a problem where sudoOptions were not being
applied to the command.
 2018-08-02 14:45:00 -06:00
Todd C. Miller
171686c422 update_defaults() needs to be able to take a defaults_list for 
the ldap/sssd backends which support per-role defaults.
 2018-08-02 14:06:36 -06:00
Todd C. Miller
34655148e0 regen 2018-07-31 07:14:26 -06:00
Todd C. Miller
70d519c8ad o Move userspecs, defaults and aliases into a new struct sudoers_parse_tree. 
o The parse tree is now passed to the alias, match and defaults functions.
o The nss API has been changed so that the nss parse() function returns
  a pointer to a struct sudoers_parse_tree which will be filled in
  by the getdefs() and query() functions.
 2018-07-26 15:12:33 -06:00
Todd C. Miller
394524fd5d Ignore PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED errors from 
pam_acct_mgmt() if authentication is disabled for the user.
Bug #843
 2018-07-26 12:31:29 -06:00
Todd C. Miller
36e21a216f When both a .o and .lo file was used in a Makefile, we used to make 
the .o depend on the .lo.  Unfortunately, this creates a race
condition for parallel make since libtool is not atomic (it creates
a .o and then renames it when building PIC objects for shared libs).

We always link with libtool so the only reason to prefer the .o
over the .lo file is to avoid mixing .o and .lo in the dependencies.
That's not a good enough reason so change mkdep.pl to warn when
both a .o and .lo are referenced in a Makefile and do nothing else.

Bug #842
 2018-07-20 10:17:51 -06:00
Todd C. Miller
2270b1e89f Avoid duplicate free when netgroup_base is invalid. 2018-07-15 07:46:34 -06:00
Todd C. Miller
4b54799ddb sync with translationproject.org 2018-07-01 12:00:35 -06:00
Todd C. Miller
c57ca74405 Use new sudo_getgrouplist2() function instead of getgrouplist(). 2018-06-15 14:05:14 -06:00
Todd C. Miller
ec2dae8104 Fix conversion of usec to nsec; from Scott Cheloha 2018-06-04 20:00:41 -06:00
Todd C. Miller
919b567229 The getdefs() function now get called multiple times so use the 
cached data if present.
 2018-05-29 10:53:47 -06:00
Todd C. Miller
899aedfd10 Return an empty defaults list, not NULL if there is no global sudoers 
defaults entry in sss.
 2018-05-29 10:24:57 -06:00
Todd C. Miller
1202beafba Fix memory leak of handle pointer on close. 2018-05-29 10:10:20 -06:00
Todd C. Miller
c990d93a4e Remove a needless copy when parsing options. 2018-05-29 09:39:42 -06:00
Todd C. Miller
0b31f186cd Move cached userspecs and defaults into the handle object. 2018-05-29 09:39:40 -06:00
Todd C. Miller
1ad2290a27 Quiet a clang analyzer warning. It should not be possible for 
pop_include() to be called when YY_CURRENT_BUFFER is NULL.
 2018-05-28 08:30:57 -06:00
Todd C. Miller
e401f92830 Reorder things to avoid the need to declare static functions. 2018-05-28 07:35:51 -06:00
Todd C. Miller
43003d29d8 Use arc4random for mkstemp() and insults. 2018-05-24 21:04:23 -06:00
Todd C. Miller
154a5f59a9 Move digest code into libutil 2018-05-24 21:04:07 -06:00
Todd C. Miller
1cd472c051 Check for invalid bas64 attributes. 2018-05-20 08:09:25 -06:00
Todd C. Miller
a04cb53e37 Fix pointer sign warnings. 2018-05-20 07:42:54 -06:00
Todd C. Miller
5c113e59ec Add missing variable declaration for SELinux and Solaris. 2018-05-20 07:36:46 -06:00
Todd C. Miller
03aa84ed03 Handle empty string and treat it as safe. 2018-05-20 07:36:00 -06:00
Todd C. Miller
1bc8e9abfd Add support for base64-encoding non-safe strings in LDIF output. 2018-05-20 07:01:26 -06:00
Todd C. Miller
574c9fcd7a Add base64_encode() by Jon Mayo. 2018-05-19 19:03:47 -06:00
Todd C. Miller
1ab3606019 Add support for parsing base64-encoded attributes 2018-05-18 10:11:51 -06:00
Todd C. Miller
7d42a609d9 rfc2253 says we need to escape " and leading and trailing space. 2018-05-17 11:16:44 -06:00
Todd C. Miller
1494f25ba3 Fix logic inversion when handing the authenticate Defaults option 
for "sudo -l" and "sudo -v" in long list mode.
 2018-05-16 12:14:14 -06:00
Todd C. Miller
c30ad97107 Set handle->pw before sss_to_sudoers() since sss_check_user() 
uses it.  Coverity CID 185651
 2018-05-16 10:48:50 -06:00
Todd C. Miller
8ce49ecb2b Fix memory leak on error, CID 185602 2018-05-16 10:45:00 -06:00
Todd C. Miller
8ad51fe089 Some ldap_get_values_len -> sudo_ldap_get_values_len that were 
missed before.
 2018-05-16 10:37:15 -06:00
Todd C. Miller
b7e6d04907 When building up the cmndspec, add the actual command member last. 
This simplifies the logic regarding the SETENV tag and alsomakes
"out of memory" cleanup simpler.
 2018-05-16 10:27:28 -06:00
Todd C. Miller
2102800824 Fix format string mismatch, sudo_order is unsigned. 2018-05-16 10:15:15 -06:00
Todd C. Miller
b31656b7f1 Add cppcheck annotation to suppress memory leak false positive. 2018-05-16 10:14:39 -06:00