isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,181 Commits 1 Branch 0 Tags
71e98d94930ea253ce9c702b4be9de1d94ad0d78
Commit Graph

866 Commits

Author SHA1 Message Date
Todd C. Miller
3359d7290f Regen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974 
AC_HEADER_MAJOR: port to glibc 2.25
 2018-05-10 20:44:09 -06:00
Todd C. Miller
82dfbf458d fix version 2018-04-29 13:58:49 -06:00
Todd C. Miller
23b2879e08 sync with translationproject.org 2018-04-29 13:33:29 -06:00
Todd C. Miller
523f0eeeab Monty Python insults from Philip Hudson 2018-04-17 07:10:43 -06:00
Todd C. Miller
217e0a9b4b Less confusing sysctl checks for kinfo_proc. 2018-03-05 17:35:02 -07:00
Todd C. Miller
120bb6de7f rename ldap_common.c -> ldap_util.c 2018-02-28 14:24:33 -07:00
Todd C. Miller
faa5baac9b Use setpassent() and setgroupent() on systems that support it to 
keep the passwd and group database open.  Sudo does a lot of passwd
and group lookups so it can be beneficial to just leave the file
open.
 2018-02-20 13:22:59 -07:00
Todd C. Miller
e48cbfc10c Clarify that --with-rundir and --with-vardir take sudo-specific directory, 
e.g. /var/run/sudo and not just /var/run.  Bug #823
 2018-02-19 11:27:30 -07:00
Todd C. Miller
525c6a3d94 Use /run in preference to /var/run if it exists. 
Bug #822
 2018-02-19 10:59:12 -07:00
Todd C. Miller
43a3a23fed Move LDAP configuration bits into ldap_conf.c 2018-02-11 07:36:08 -07:00
Todd C. Miller
3226f7e28b Move common bits of ldap to sudoers conversion into ldap_common.c 
and use it in sssd.c.
 2018-02-09 18:21:40 -07:00
Todd C. Miller
d2303d8b12 Sudo 1.8.23 2018-01-29 09:40:12 -07:00
Todd C. Miller
a885b952fb Remove use of AC_HEADER_TIME, only obsolete platforms actually 
need this.  Also stop removing sys/time.h unless the source file
uses struct timeval.
 2018-01-17 09:52:15 -07:00
Todd C. Miller
ff5ac3ef0e Add tsdump, a simple utility to dump a timestamp file. To build, 
run "make tsdump" in the plugins/sudoers directory (it is not built
by default).  In order to map the tty device number to a name,
sudo_ttyname_dev() has been moved into libsudo_util.
 2018-01-11 10:49:20 -07:00
Todd C. Miller
e8532bdcee Sudo 1.8.22 2017-12-01 14:35:34 -07:00
Todd C. Miller
749cdc9d95 Make PC insults the default and add new configure option, 
enable-offensive-insults, to enable the offensive insults.
 2017-09-18 10:45:02 -06:00
Todd C. Miller
87eba6c892 sudo 1.8.21p2 2017-09-06 21:02:11 -06:00
Todd C. Miller
f5425a80a2 Sudo 1.8.21p1 2017-09-01 14:09:43 -06:00
Todd C. Miller
63d954d1fc Replace tty_tickets option with timestamp_type which can be 
global, ppid or tty.  Defaults to tty (no change in behavior).
Some users want the ppid behavior.
 2017-08-01 16:14:54 -06:00
Todd C. Miller
beece91719 Add support for --enable-sasl and --disable-sasl to make it possible 
to enable/disable support for LDAP with SASL authentication.  Sudo
compiles in support for SASL authentiation by default if the
ldap_sasl_interactive_bind_s() function is detected.
Bug #788
 2017-07-28 13:52:55 -06:00
Todd C. Miller
c000189684 Use getentropy() in mkstemp/mkdtemp replacement. 2017-06-29 18:11:30 -06:00
Todd C. Miller
6d4d4594b7 Use _PATH_DEV consistently 2017-06-29 18:10:53 -06:00
Todd C. Miller
cc71b99849 Add a new "devsearch" Path setting to sudo.conf for configuring the 
/dev paths to traverse instead of hard-coding a list in ttyname.c
The default value can be set at configure time.
 2017-05-30 10:44:11 -06:00
Todd C. Miller
71e496a901 Sudo 1.8.20p1 2017-05-29 14:36:17 -06:00
Todd C. Miller
d979898e71 Remove use of non-standard sigaction_t 2017-05-12 10:02:18 -06:00
Todd C. Miller
9c3783a175 sudo 1.8.21 2017-05-12 10:02:17 -06:00
Todd C. Miller
80f8960fc6 Move the invocation of check_noexec into the main "check" target 
but only run it if not cross compiling and whe CHECK_NOEXEC is not
empty.
 2017-05-03 11:58:40 -06:00
Todd C. Miller
ec5b78335f back out unintentional change to the version number 2017-03-30 07:10:36 -06:00
Todd C. Miller
bdc9251184 Make check_digest test sudo_filedigest() itself instead of the 
underlying SHA2 functions.  That way we can test it regardless of
whether we use sudo's SHA2 functions or a library version.
 2017-03-27 14:45:24 -06:00
Todd C. Miller
7aa89c49b5 Emulate pipe2() on systems without it. 2017-03-13 12:11:51 -06:00
Todd C. Miller
b9954fb9b9 Add support for using the message digest functions in libgcrypt 
instead of sudo's own SHA2 implementation.
 2017-02-20 16:44:12 -07:00
Todd C. Miller
199a594f43 Add support for using the message digest functions in OpenSSL instead 
of sudo's own SHA2 implementation.
 2017-02-20 16:44:12 -07:00
Todd C. Miller
fd40d88ba7 strftime() was in C89 so use it unconditionally. 2017-02-18 16:23:40 -07:00
Todd C. Miller
e5dee1557e Add NOTBEFORE and NOTAFTER command options similar to what is 
already available in LDAP.
 2017-02-18 15:35:48 -07:00
Todd C. Miller
c392e469db sudo 1.8.20 2017-01-27 06:18:42 -07:00
Todd C. Miller
63deb77705 Add regress for vsyslog replacement. 2017-01-15 19:07:59 -07:00
Todd C. Miller
09698b8a31 Define HAVE_NANOSLEEP if we find nanosleep in librt 2017-01-13 21:29:02 -07:00
Todd C. Miller
f589897f8d sudo_nanosleep not nanosleep in util.exp.in 2017-01-13 21:02:31 -07:00
Todd C. Miller
e636f96c48 add nanosleep to util.exp.in if needed 2017-01-13 20:40:26 -07:00
Todd C. Miller
08b662bf0b sudo 1.8.19p2 2017-01-13 16:45:14 -07:00
Todd C. Miller
2f0295373a When waiting for the parent to grant us the tty, use nanosleep 
instead of spinning to avoid hogging the CPU.
 2017-01-12 10:44:26 -07:00
Todd C. Miller
0c3a8085b3 Avoid using the system strnlen/strndup on AIX < 6. Even if configure 
correctly detects it is working on the build machine, the sudo
package may be run on a system with an old libc were it is broken.
 2017-01-05 06:22:58 -07:00
Todd C. Miller
6c2cb6cb95 sudo 1.8.19p1 2016-12-20 10:26:50 -07:00
Todd C. Miller
2eeb191b94 sync with translationproject.org 2016-12-13 10:39:48 -07:00
Todd C. Miller
334350af45 id_t is 64-bits on FreeBSD so use strtoll() there. 
Fixes the strtoid regress.
 2016-11-30 07:32:59 -07:00
Todd C. Miller
695784e6ee Add support for getpwnam_shadow() on OpenBSD 2016-11-17 17:55:44 -07:00
Todd C. Miller
cb7e82acca Use AX_APPEND_FLAG instead of SUDO_APPEND_CPPFLAGS and direct 
modification of LDFLAGS.
 2016-11-17 10:16:51 -07:00
Todd C. Miller
a77ecca7d3 Remove aixcrypt.exp, it was a remnant of the 90's crypto wars where 
crypt() was not exported.
 2016-11-17 08:11:59 -07:00
Todd C. Miller
6dff4ac7fd Always define _PATH_SUDO_NOEXEC, _PATH_SUDO_SESH, _PATH_SUDO_PLUGIN_DIR, 
even if only defined to NULL.  This means the accessors can always be
present.

Use RTLD_PRELOAD_VAR instead of _PATH_SUDO_NOEXEC to tell when
noexec is available.

Add ENABLE_SUDO_PLUGIN_API and use it instead of _PATH_SUDO_PLUGIN_DIR
to tell when the plugin API is available.

Add sudo_conf_clear_paths() to clear the path values so the
regress tests are not affected by compile-time settings.
 2016-11-16 10:13:26 -07:00
Todd C. Miller
bdbb3e9855 Add ASAN_CFLAGS and ASAN_LDFLAGS and use -Wc prefix in ASAN_LDFLAGS 
to prevent libtool from strippign them out.
Avoid using ASAN flags when building sudo_noexec.so.
 2016-11-15 10:15:36 -07:00