isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,583 Commits 1 Branch 0 Tags
71997da168ec173f4cf367f2e13bc25c6bf8fe02
Commit Graph

997 Commits

Author SHA1 Message Date
Todd C. Miller
c268627f90 Substitute values for ldap.conf, ldap.secret and nsswitch.conf into 
sudoers.ldap.man.
 2008-01-20 15:15:47 +00:00
Todd C. Miller
49f2264ad6 substitute for sudoers.ldap.man 2008-01-20 01:35:54 +00:00
Todd C. Miller
0f6101bb26 include <mps/ldap_ssl.h> in ldap.c if available 2008-01-17 20:44:28 +00:00
Todd C. Miller
63f224f045 Don't add -llber twice. 2008-01-15 12:28:33 +00:00
Todd C. Miller
dde5143f08 Fix check that determines whether -llber is required. 2008-01-13 19:57:34 +00:00
Todd C. Miller
9a07c1a7f1 For netscape-based LDAP, use ldapssl_set_strength() to implement 
the checkpeer ldap.conf option.
 2008-01-13 19:22:11 +00:00
Todd C. Miller
1df9ca2dc1 Add check for ber_set_option() in -llber 2008-01-09 17:08:30 +00:00
Todd C. Miller
f1377429a1 Add check for ldap_sasl_bind_s() 
Remove -DLDAP_DEPRECATED from CFLAGS
 2008-01-05 12:56:39 +00:00
Todd C. Miller
b564d51861 add check for ldap_create 2008-01-04 14:56:10 +00:00
Todd C. Miller
86bd55fc6d Add sudo_ldap_get_first_rdn() to return the first rdn of an entry's dn 
using the mechanism appropriate for the LDAP SDK in use.
Use ldap_unbind_ext_s() instead of deprecated ldap_unbind_s().
Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's without them.
 2008-01-03 21:11:33 +00:00
Todd C. Miller
32e4a98a69 add check for st__tim in struct stat as used by SCO 2008-01-02 20:29:48 +00:00
Todd C. Miller
6f2cd1b184 Rename read_nss -> sudo_read_nss 
Add --with-nsswitch to allow users to specify nsswitch.conf path or disable it.
If --with-nsswitch=no but --with-ldap, order is LDAP, then sudoers.
Fix --with-ldap-conf-file and --with-ldap-secret-file
 2008-01-01 18:22:03 +00:00
Todd C. Miller
56729b9a63 Use ldapssl_init() for ldaps support instead of trying 
to do it manually with ldap_init() + ldapssl_install_routines().
Use tls_cert and tls_key for cert7.db and key3.db respectively.
Don't print debugging info for options that are not set.
Add warning if start_tls specified when not supported.
 2007-12-19 19:28:57 +00:00
Todd C. Miller
72e1a2b54e fix typo 2007-12-17 15:14:46 +00:00
Todd C. Miller
b409499304 Add support for "ssl on" in both netscape and openldap flavors. 
Only the OpenLDAP flavor has been tested.
 2007-12-17 12:31:40 +00:00
Todd C. Miller
400309aa9f some operating systems need to link with -lkrb5support when using krb5 2007-12-13 14:13:44 +00:00
Todd C. Miller
c148eb52d6 Move the dgettext check. 2007-12-02 00:34:54 +00:00
Todd C. Miller
8694c73146 Add basic support for looking up the string "Password: " in the PAM 
localized text db.  This allows us to determine whether the PAM
prompt is the default "Password: " one even if it has been localized.

TODO: concatenate non-std PAM prompts and user-specified sudo prompts.
 2007-12-01 16:22:25 +00:00
Todd C. Miller
908b8f64e6 Use AC_FUNC_GETGROUPS instead of a home-grown attempt that was insufficient. 2007-11-27 23:40:50 +00:00
Todd C. Miller
a85dd4b861 Fix typos; Martynas Venckus 2007-11-27 17:13:03 +00:00
Todd C. Miller
bfd781ff65 fix setting of mandir 2007-11-21 20:02:39 +00:00
Todd C. Miller
0d22c2f98d Add configure check for struct in6_addr instead of relying on AF_INET6 
since some systems define AF_INET6 but do not include IPv6 support.
 2007-10-24 16:41:19 +00:00
Todd C. Miller
c50e7d4c06 Fix block to add -lutil for FreeBSD and NetBSD when logincap is in use. 2007-10-21 13:29:18 +00:00
Todd C. Miller
8ef458b594 POSIX states that struct timespec be declared in time.h so check 
there regardless of the value of TIME_WITH_SYS_TIME.
 2007-10-20 02:28:40 +00:00
Todd C. Miller
c3f2818416 regen 2007-10-09 00:07:25 +00:00
Todd C. Miller
6cbee775b7 regen 2007-09-06 16:22:23 +00:00
Todd C. Miller
638d039ae9 regen 2007-09-06 11:18:13 +00:00
Todd C. Miller
32e97c5dc1 regen 2007-09-05 22:16:46 +00:00
Todd C. Miller
2bff032c9f regen 2007-09-02 21:05:58 +00:00
Todd C. Miller
a7bfc59097 regen 2007-08-31 23:30:35 +00:00
Todd C. Miller
2315b317e2 Add new linebuf code to do appends of dynamically allocated strings 
and word-wrapped output.  Currently used for sudo's usage() and
sudo -l output.  Sudo usage strings are now in sudo_usage.h which
is generated at configure time.
 2007-08-19 20:48:09 +00:00
Todd C. Miller
72b36ddf50 use getaddrinfo() instead of gethostbyname() if it is available 2007-08-15 13:22:06 +00:00
Todd C. Miller
f90beb2b2b fix sudo_noexec extension which got broken in the libtool update 2007-08-12 22:55:37 +00:00
Todd C. Miller
4da4964239 Add missing define of HAVE_GSS_KRB5_CCACHE_NAME for the 
-lgssapi_krb5 case.
 2007-07-30 14:45:28 +00:00
Todd C. Miller
e81f9efd14 Fix link tests such that new gcc doesn't optimize away the test. 2007-07-30 13:29:06 +00:00
Todd C. Miller
5c6880f1ef Substitute value of path_info into sudoers man page. 2007-07-22 22:43:28 +00:00
Todd C. Miller
1f30bd4248 Add configure hooks for gss_krb5_ccache_name() and the gssapi headers. 2007-07-19 23:53:21 +00:00
Todd C. Miller
5fdb0649b0 Add support for SASL auth when connecting to an LDAP server. 
Adapted from a diff by Tom McLaughlin.
 2007-07-15 13:23:20 +00:00
Todd C. Miller
38b2dd0a5f Only enable AIX or BSD auth if no other exclusive auth method has 
been chosen.  Allows people to e.g., use PAM on AIX without adding
--without-aixauth.  A better solution is needed to deal with default
authentication since if a non-exclusive method is chosen we will
still get an error.
 2007-07-14 20:32:11 +00:00
Todd C. Miller
0d4fe735aa regen 2007-06-23 23:55:55 +00:00
Todd C. Miller
e0ae6e100b regen 2007-06-19 21:22:16 +00:00
Todd C. Miller
7f21fc74cc regen 2007-06-19 19:37:45 +00:00
Todd C. Miller
c22096ac33 Redo the long syslog line splitting based on a patch from Eygene Ryabinkin. 
Include memrchr() for systems without it.
 2007-06-14 16:03:53 +00:00
Todd C. Miller
4a7c81886e Add SUDO_ADD_AUTH macro to deal with adding things to AUTH_OBJS. 
This deals with exclusive authentication methods in a simple way.
 2007-06-13 17:41:44 +00:00
Todd C. Miller
bd221e2eb3 Update long long checks to use AC_CHECK_TYPES and to cache values. 2007-05-12 12:56:46 +00:00
Todd C. Miller
1488331d75 Add closefrom() to LIB_OBJS not SUDO_OBJS if it is missing since we 
need it for visudo now too.
 2007-05-11 21:05:12 +00:00
Todd C. Miller
cad6de7d73 Add fcntl F_CLOSEM support to closefrom(); adapted from a diff by 
Darren Tucker.
 2006-08-17 15:26:54 +00:00
Todd C. Miller
ea8c5d5d2d Add seteuid() flavor of set_perms() for systems without setreuid() 
or setresuid() that have a working seteuid().  Tested on Darwin.
 2006-07-31 17:50:06 +00:00
Todd C. Miller
be3a220f7d Fix typo, -lldap vs. -ldap; from Tim Knox. 2006-07-30 19:53:52 +00:00
Todd C. Miller
bce8fbdd62 Define LDAP_DEPRECATED until we start using ldap_get_values_len() 2005-11-23 23:56:52 +00:00