isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,201 Commits 1 Branch 0 Tags
6cbba7d66556dc67d71c6dfae91bcf35ff9bef8c
Commit Graph

791 Commits

Author SHA1 Message Date
Todd C. Miller
6cbba7d665 Add an administrative domain to the passwd/group cache key for 
AIX which can have different name <-> ID mappings depending
on whether the database is local, LDAP, etc.
 2016-02-01 11:08:58 -07:00
Todd C. Miller
3d0b0f061e Add --enable-asan configure flag to enable address sanitizer 2016-01-27 15:37:25 -07:00
Todd C. Miller
41a32a1c58 When calling setauthdb(), save the old registry value so we can 
restore it properly.  Previously we were setting the registry to
unrestricted instead of actually restoring it.
 2016-01-22 17:04:58 -07:00
Todd C. Miller
c1b1481204 Use faccessat(2) for directory writability instead of doing the 
checks manually where possible.  This also allows us to remove the
#ifdef __linux__ bits since we no longer use fstat(2) on Linux with
an O_PATH fd.
 2016-01-18 10:45:47 -07:00
Todd C. Miller
4bcef637f8 Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using 
pread64() on that platform.
 2016-01-13 11:10:33 -07:00
Todd C. Miller
b20977d445 Add support for using fexecve() if supported on commands that are 
checksummed.
 2016-01-04 10:35:18 -07:00
Todd C. Miller
3b338830cf Add missing square brackets in configure option descriptions. 2015-12-16 14:57:37 -07:00
Todd C. Miller
d13bb39d1d Use https in sudo.ws urls 2015-11-20 10:51:11 -07:00
Todd C. Miller
48a95973a5 sudo 1.8.16 2015-11-20 10:33:08 -07:00
Todd C. Miller
640e867dbd Don't use CPPFLAGS for the -fstack-protector check. Otherwise on 
systems with _FORTIFY_SOURCE support we'll get an error due to the
lack of optimization flags.  Bug #725
 2015-10-30 10:11:55 -06:00
Todd C. Miller
448f7f25f2 When checking for stack protector support we need to actually link 
the test program.
 2015-10-30 08:49:22 -06:00
Todd C. Miller
b87ac0f0a2 Preserve LDFLAGS when checking for stack protector as they may include 
rpath settings to allow the stack protector lib to be found.  Avoid
using existing CFLAGS since we don't want the compiler to optimize
away the stack variable.
 2015-10-29 14:06:21 -06:00
Todd C. Miller
bdcb83be92 Better configure test for -fstack-protector. Some gcc installations 
may be missing the ssp library even though the compiler supports it.
 2015-10-29 10:51:09 -06:00
Todd C. Miller
c50cead833 Add directory writability checks for sudoedit. 2015-10-23 14:04:35 -06:00
Todd C. Miller
37abc1b7e4 There's no point in trying to interpose protected versions of the 
exec family of functions.  Many modern C libraries use hidden symbols
for the functions and syscalls defined in libc such that they cannot
be overridden inside libc itself.  We have to just wrap all the exec
variants plus system and popen.
 2015-09-28 21:20:37 -06:00
Todd C. Miller
a2979ed809 Remove checks for __sys_siglist and __sys_signame. They are internal 
to libc and there are no known systems that export those symbols
that do not already export the single underbar or no-underbar versions.
 2015-09-10 16:44:57 -06:00
Todd C. Miller
67183d74f4 Remove include/compat/timespec.h. Systems old enough to lack struct 
timespec are too old to build a modern sudo.
 2015-09-09 11:13:22 -06:00
Todd C. Miller
7d0a623fdd Use pread(2) and pwrite(2) where possible. 2015-09-07 06:06:08 -06:00
Todd C. Miller
00142c91fa Lock individual records in the timestamp file instead of the entire 
file.  This will make it possible for multiple sudo processes using
the same tty to serialize their timestamp lookups.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
079167d2c4 Sudo 1.8.15 2015-08-06 13:15:00 -06:00
Todd C. Miller
620f8a33eb Sudo 1.8.14p3 2015-07-22 06:09:14 -06:00
Todd C. Miller
ef47c692c3 Sudo 1.8.14p2 2015-07-20 20:27:40 -06:00
Todd C. Miller
c0b8e71488 Sudo 1.8.14p1 2015-07-17 15:28:26 -06:00
Todd C. Miller
43a57126ea Solaris 2.6 has the prototypes for inet_pton() and inet_ntop() in 
resolv.h.
 2015-07-09 10:11:25 -06:00
Todd C. Miller
d77941c2be We require POSIX so no need to conditionally include dirent.h. 
Add a check for d_namlen and use the result in the NAMLEN macro.
 2015-07-02 09:24:48 -06:00
Todd C. Miller
433c3dca58 Do check for inet_pton before inet_ntop since we may need to record 
dependent libraries for inet_pton when linking our getaddrinfo
replacement.
 2015-06-30 10:57:42 -06:00
Todd C. Miller
d87a0a4aab Add check for inline support. 2015-06-30 10:16:56 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
09b07fe21a Add back _REENTRANT define on HP-UX to expose strtok_r on some versions. 
We may need to define it on other systems too.
 2015-06-19 12:35:51 -06:00
Todd C. Miller
048e251ae0 Fix check for strnlen() when cross-compiling. 2015-06-19 09:54:12 -06:00
Todd C. Miller
a50555faa2 Remove support for the obsolete malloc.h header. 2015-06-18 20:30:59 -06:00
Todd C. Miller
138aa2ccd1 Remove BROKEN_SYSLOG define which was for obsolete versions of HP-UX. 
Remove last remnants of 4.2BSD syslog support.
 2015-06-18 17:53:49 -06:00
Todd C. Miller
a38253b101 Replace use of OSDEFS with config.h defines. 
Rename DEFS in Makefile.in to CPPDEFS and include in CPPFLAGS.
Bring back _BSD_SOURCE as a config.h define.
Remove obsolescent _REENTRANT define.
 2015-06-18 09:33:05 -06:00
Todd C. Miller
4c7a264f10 Use AC_FUNC_STRNLEN to check for broken strnlen() on AIX. 
This requires that we use AC_USE_SYSTEM_EXTENSIONS so remove
things from OSDEFS that are enabled by AC_USE_SYSTEM_EXTENSIONS.
 2015-06-17 17:00:21 -06:00
Todd C. Miller
23d72149b0 Add missing dependency info for reallocarray.lo in lib/util/Makefile.in 
and regen configure to match last configure.ac change.
 2015-06-15 13:45:12 -06:00
Todd C. Miller
82286d8b7b Add strndup() for those without it. As strndup.c uses strnlen(), 
use our own if it is missing.
 2015-05-26 14:05:26 -06:00
Todd C. Miller
49d56f323e Add strnlen() replacement needed for glob.c. 
Only used if no glob() and no strnlen().
 2015-05-26 13:55:18 -06:00
Todd C. Miller
a40cf3e288 There should be no need to check for tzset() as it is POSIX. 2015-05-18 13:42:06 -06:00
Todd C. Miller
f1491fe137 Add sudo_reallocarrary to util.exp.in if reallocarray is not found. 2015-05-18 13:39:21 -06:00
Todd C. Miller
0b1e027b12 Force flat namespace on darwin to make the getenv() hooking work 
as it does on ELF.
 2015-05-15 15:48:24 -06:00
Todd C. Miller
3595807f4e Add reallocarray() for those without it. 2015-05-14 10:13:18 -06:00
Todd C. Miller
051bf0d55c Sudo 1.8.14 2015-05-11 16:51:27 -06:00
Todd C. Miller
8bc70a635c Instead of trying to make weak functions work on all platforms, 
just use a registration function for a plugin-specific setlocale
function.  The sudoers version just wraps sudoers_setlocale().
 2015-05-11 14:51:32 -06:00
Todd C. Miller
5647736ef5 Add configure check for SIG2STR_MAX, which may be missing on UnixWare. 2015-05-07 07:34:50 -06:00
Todd C. Miller
fa3552fa76 Create template tmpfiles.d/sudo.conf for installation instead of 
creating one via echo commands in the Makefile.

Add --enable-tmpfiles.d configure option to enable/disable use of
tmpfiles.d and override the default directory.

Use --disable-tmpfiles.d in mkpkg so we no longer need to ignore
tmpfiles.d/sudo.conf in sudo.pp.
 2015-04-07 15:35:01 -06:00
Todd C. Miller
d297f5fd84 Make exampledir configurable and default to DATAROOTDIR/examples/sudo 
on BSD systems.
 2015-04-06 15:10:26 -06:00
Todd C. Miller
5cfd0cff9c Add --disable-weak-symbols option to disable use of weak symbols 
in libsudo_util.
 2015-03-05 14:43:06 -07:00
Todd C. Miller
1e724eac8d regen 2015-03-05 12:57:14 -07:00
Todd C. Miller
35dcb05a5f Fix symbol name collision with systems that have their own sha2 
implementation.  This can result in PAM using the wrong sha2
implementation on Solaris systems configured to use SHA512 for
passwords.
 2015-03-05 12:27:26 -07:00
Todd C. Miller
a7edf7d984 Remove compat/utime.h, it was only useful for ancient systems that 
are no longer capable of compiling sudo.
 2015-03-03 16:57:55 -07:00