isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,583 Commits 1 Branch 0 Tags
71997da168ec173f4cf367f2e13bc25c6bf8fe02
Commit Graph

368 Commits

Author SHA1 Message Date
Todd C. Miller
f30670a42f Plug a few more parser leaks. 2021-02-01 19:56:52 -07:00
Todd C. Miller
1e3cecc608 Add initial fuzzers to be used by oss-fuzz. 
These are not yet hooked up to the sudo build.
 2021-02-01 15:17:57 -07:00
Todd C. Miller
8f114c2aae Add plugins/sudoers/strvec_join.c 2021-01-28 16:25:48 -07:00
Todd C. Miller
2804c2c78e Add strlcpy_unescape() function to undo escaping from front-end. 
Includes unit test.
 2021-01-27 15:41:54 -07:00
Todd C. Miller
a5be62c68f Move safe open code out of sudo_edit.c and into edit_open.c. 2021-01-06 13:01:09 -07:00
Todd C. Miller
06bfbecd64 Add emulation of pread(3) and pwrite(3) for systems without them. 
This makes it possible to remove some ugly #ifdefs and only affects
very old systems.
 2021-01-02 10:43:34 -07:00
Todd C. Miller
e56c3b342b Rename iolog_plugin.h to log_client.h. 
It is no longer I/O log specific and is used by sudoers_audit too.
 2020-11-09 17:13:04 -07:00
Todd C. Miller
62547746d3 Rename iolog_client -> log_client. 
The logsrvd client code is now used for more than just I/O logging.
 2020-11-09 17:13:04 -07:00
Todd C. Miller
fdae4bdbbb Add support for file log line wrapping in libeventlog. 2020-10-26 16:16:46 -06:00
Todd C. Miller
8c43340474 Use libeventlog in sudo_logsrvd. 2020-10-26 15:26:02 -06:00
Todd C. Miller
707437f6cb Refactor eventlog code into a library 2020-10-26 15:24:35 -06:00
Todd C. Miller
32db528689 Add tests for entries without a newline. 2020-09-27 10:31:14 -06:00
Todd C. Miller
7a36d70fc1 Add test for syntax error when defining an alias using a reserved word. 2020-09-25 15:09:36 -06:00
Todd C. Miller
eaa95acb31 Post-process protoc-c files to avoid depending on anonymous unions. 
Based on a patch from Michael Osipov.
GitHub issue #60
 2020-09-04 13:17:51 -06:00
Todd C. Miller
a51d194a73 Add test of multiple syntax errors. 
Where possible, the portion of the line before the error should be
still be interpreted.
 2020-09-02 12:40:39 -06:00
Todd C. Miller
2adde428c5 Fix path to check_exptilde.c 2020-09-02 09:20:19 -06:00
Todd C. Miller
9ff960457a Add support for runchroot and runcwd to "sudo -l" and cvtsudoers. 2020-09-01 06:26:05 -06:00
Todd C. Miller
86513c78b6 Unit test for exptilde 2020-09-01 06:26:05 -06:00
Todd C. Miller
6bdfd010d2 Add CHROOT and CWD sudoers options. 
Also matching runchroot and runcwd Defaults settings.
 2020-09-01 06:26:00 -06:00
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00
Todd C. Miller
cef6e3687e Switch from memset_s() -> explicit_bzero(). 
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
 2020-08-10 19:24:32 -06:00
Todd C. Miller
38e28dcbf5 Rename python_plugin.exp.in -> python_plugin.exp 
There is nothing dynamic in this file.
 2020-08-03 10:15:28 -06:00
Todd C. Miller
3b4d4ab8dd Add missing python_plugin.exp.in file and remove unneeded __dso_public 
This fixes building the python plugin on systems where the compiler
doesn't support symbol hiding (but wherethe linker does).
 2020-08-03 09:53:12 -06:00
Todd C. Miller
d4739533fd Add regress test to catch swapids() bug when called by iolog_mkdtemp() 2020-06-18 15:14:00 -06:00
Todd C. Miller
d003da33dd Romanian translation from translationproject.org. 2020-06-11 15:15:58 -06:00
Todd C. Miller
741c6f274e Add support for @include and @includedir 
These are less confusing than #include and #includedir when the
hash character is also the comment character.

This commit also adds real parsing of include directives as opposed
to the pure lexer approach used previously.  As a result, it is now
possible to include files with spaces by either using a double-quoted
string or escaping the space characters with a backslash.
 2020-05-20 13:10:53 -06:00
Todd C. Miller
83d1bee918 Rename sudo_parse_host_port -> iolog_parse_host_port and mv to lib/iolog 
It is not used outside of the I/O log client and server and the
host:port syntax may change in the future.
 2020-05-11 08:47:54 -06:00
Todd C. Miller
7f2585ed0a Plumb in codespell with a "make spell" target. 2020-05-07 07:50:11 -06:00
Todd C. Miller
009876bf36 Refactor the sudoedit code to copy files so it can be shared. 
The SELinux sudoedit code now extends the destination file the
same way the non-SELinux version does.
 2020-04-21 11:05:32 -06:00
Todd C. Miller
0a10c702be Split sudo_logsrvd and the python plugin into their own packages. 2020-04-07 14:03:58 -06:00
Todd C. Miller
ee868776de Include all python plugin files in MANIFEST, not the directory itself. 2020-04-07 14:10:36 -06:00
Todd C. Miller
3cd9cbbadf Add tests for the simple json parser. 2020-03-29 05:05:08 -06:00
Todd C. Miller
056173e572 Parse I/O JSON info file in JSON if present. 
The JSON version includes more information than the original "log"
file in the I/O log dir.
 2020-03-29 05:05:08 -06:00
Robert Manner
c039a99c10 plugins/python/sudo_module: add sudo.LogHandler 
so python log system can be used with sudo logsystem.
Loggers use it by default (the handler is set on the root logger).
If that is not the intent, it can be overridden explicitly.
 2020-02-28 05:46:54 -07:00
Todd C. Miller
e7bd19bd1e Add test for #include directive without a trailing newline. 2020-02-14 14:13:55 -07:00
Robert Manner
80b3d86d6e plugins/python: add python approval plugin example 2020-02-12 11:16:00 -07:00
Robert Manner
23af39b005 plugins/python: add python approval plugin wrapper 2020-02-12 11:16:00 -07:00
Todd C. Miller
9e2e79b6fa Add regress test for parsing Defaults lists. 
Currently only env_check, env_delete, env_keep and log_servers are lists.
 2020-02-10 17:58:59 -07:00
Robert Manner
52d067b01f plugins/python: add example python audit plugin 2020-02-10 05:24:16 -07:00
Robert Manner
cbf60cff5d plugins/python: add python audit plugin wrapper 2020-02-10 05:24:16 -07:00
Todd C. Miller
2fe127d108 Move some scripts from the top level src dir to a scripts dir. 2020-02-06 14:30:26 -07:00
Todd C. Miller
aa1ca9c9ba Add sample approval plugin that simply tests for "business hours" 2020-02-06 13:53:09 -07:00
Todd C. Miller
bf85ea2bf7 Example audit plugin that writes JSON output to a log file. 2020-01-30 13:25:52 -07:00
Todd C. Miller
88f9f2ba9a Add a simple API for writing JSON records. 
To be used by the upcoming JSON audit module.
 2020-01-30 13:12:25 -07:00
Todd C. Miller
ed294b8283 Add code to generate universally unique identifiers. 
We create type 4, variant 1 uuids (random).
 2020-01-30 13:12:25 -07:00
Todd C. Miller
dc45c4d4ea Add tests for arc4random_buf() and an implementation for those without. 2020-01-30 13:12:25 -07:00
Todd C. Miller
13cc65038f Remove multi-thread support from arc4random. 
Sudo is not multi-threaded so we don't need the added complexity.
 2020-01-28 06:41:42 -07:00
Robert Manner
5da7bd562c plugins/python/regress: adds tests for python plugin feature and examples 2020-01-20 06:30:20 -07:00
Todd C. Miller
5a86073bd0 Portability fixes and correct path to hostcheck.h in MANIFEST. 
Include sys/socket.h for getpeername().
Link with -lnsl on Solaris to get inet_pton().
 2020-01-18 11:32:45 -07:00
Laszlo Orban
8d111db602 implement host validation for the audit server SSL certificates 2020-01-18 05:49:54 -07:00