isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,181 Commits 1 Branch 0 Tags
71e98d94930ea253ce9c702b4be9de1d94ad0d78
Commit Graph

97 Commits

Author SHA1 Message Date
Todd C. Miller
71e98d9493 Include parse.h in sudoers.h since it will soon be required. 2018-05-14 09:05:02 -06:00
Todd C. Miller
38ff661621 Fix a user after free crash as well as a memory leak when filtering 
Defaults.
 2018-04-13 10:49:05 -06:00
Todd C. Miller
821e8a07da Silence a false positive from the clang static analyzer. 2018-03-21 14:55:17 -06:00
Todd C. Miller
bc5e2d06a7 Add free_default() to free a struct defaults pointer so we have a 
single place where we free the defaults.  A pointer to the previous
Default's binding may be passed in to avoid freeing an already free
binding.
 2018-03-21 12:11:19 -06:00
Todd C. Miller
910f288948 fix compilation on Solaris 2018-03-10 20:16:20 -07:00
Todd C. Miller
5c36f9dec3 Initial support for adding comments that will be emitted when 
sudoers is formatted.  Currently adds a comment for the source
sudoRole when converting from ldif -> sudoers.
 2018-03-04 07:03:43 -07:00
Todd C. Miller
3226f7e28b Move common bits of ldap to sudoers conversion into ldap_common.c 
and use it in sssd.c.
 2018-02-09 18:21:40 -07:00
Todd C. Miller
4e2402a8e4 Convert ldap results into a sudoers userspec so we can use the "sudo 
-l" output functions in parse.c.
 2018-02-09 18:21:01 -07:00
Todd C. Miller
5cca4b6906 Refactor member freeing code into free_member(). 
Refactor userspec freeing code into free_userspec().
 2018-02-05 13:33:29 -07:00
Todd C. Miller
b161ebe62d Remove duplicate options %type 2018-01-17 09:52:09 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
e5dee1557e Add NOTBEFORE and NOTAFTER command options similar to what is 
already available in LDAP.
 2017-02-18 15:35:48 -07:00
Todd C. Miller
9b0622b58f Better error message when the timeout value does not parse. 2017-02-15 15:13:37 -07:00
Todd C. Miller
0f3f4e028a Plug some memory leaks found by ASAN. 2017-02-14 15:56:34 -07:00
Todd C. Miller
d7f7cf7a79 Only inherit SELinux role/type and Solaris privilege sets if 
the command does not include any.  Previously, a command with
only a role would inherit a type from the previous command
which is not what was intended.
 2017-02-14 15:56:34 -07:00
Todd C. Miller
24cdbb8de1 Split out tags again so they must precede the command and not allow 
them to be mixed in with options.
 2017-02-14 15:56:34 -07:00
Todd C. Miller
3980f1531b Add support for command timeouts in sudoers. After the timeout, 
the command will be terminated.
 2017-02-14 15:56:34 -07:00
Todd C. Miller
4f9dcd7264 Merge command tags, SELinux type/role and Solaris privs settings 
into "command options".  This relaxes the order of things so tags
and other options can be interspersed.
 2017-02-14 15:56:34 -07:00
Todd C. Miller
7524c231cc Store the file/lineno for alias and userspec entries so we can 
provide that info if there is an error.
 2016-11-12 19:22:32 -07:00
Todd C. Miller
90995c0acf Add simple reference-counted string allocator and use it for passing 
around references to the sudoers path.  This lets us avoid making
copies of the sudoers path for the errorfile as well as each Defaults
entry.
 2016-11-11 16:18:27 -07:00
Todd C. Miller
79ca752802 Go back to parsing Defaults entries in update_defaults instead of 
as sudoers is read.  Otherwise, we cannot properly support early
defaults like sudoers_locale.
 2016-11-09 16:00:12 -07:00
Todd C. Miller
df8404dbd4 Instead of parsing sudoers Defaults twice, parse once while reading 
sudoers and then just set the parsed value in update_defaults().
 2016-11-06 18:59:49 -07:00
Todd C. Miller
75e29f163e Add file:linenumber prefix to all Defaults warnings so we can see 
them when running sudo too.  For LDAP/SSSD we print the sudoRole
instead of the file name and omit the line number.
 2016-11-02 17:07:32 -06:00
Todd C. Miller
f6ce83ea76 Only treat an unknown Defaults entry as a parse error in visudo, 
not in sudo itself.
 2016-11-01 15:08:11 -06:00
Todd C. Miller
8a48085184 Instead of checking Defaults values after the fact, check them at 
sudoers parse time.  This makes it possible to display the file and
line number with the problem and for visudo to go right to the
error.
 2016-11-01 14:22:32 -06:00
Todd C. Miller
0aa216ed55 Refactor freeing of a member_list into free_members(). 2016-11-01 14:15:07 -06:00
Todd C. Miller
9de491dc27 add_defaults() now calls sudoerserror() itself instead of the caller 
assuming any error means out of member.
 2016-11-01 14:13:47 -06:00
Todd C. Miller
5a8b60e4b4 Make a copy of the current sudoers path when assigning errorfile. 
Fixes a potential use after free in visudo when there is an error
in one of the include files.
 2016-10-31 15:21:18 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
81e33e1f56 new_digest was prototyped as static but not explicitly declared 
static.
 2016-06-27 06:00:11 -06:00
Todd C. Miller
3354d27a17 Do not follow symbolic links in sudoedit by default. This behavior 
can be controlled by the sudoedit_follow Defaults flag as well as
the FOLLOW/NOFOLLOW tags.
 2015-08-06 13:20:01 -06:00
Todd C. Miller
d4211081c0 Add some debugging printfs when malloc fails and we don't have an 
explicit call to sudo_warnx().
 2015-07-14 15:28:01 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4da9e10971 Use non-exiting allocators in the parser (much of it already did). 2015-05-27 10:36:03 -06:00
Todd C. Miller
2bf454b74d Use non-exiting allocators in the redblack tree and fix the fallout. 
Also switch to non-exiting allocators in affected code blocks.
 2015-05-27 09:51:54 -06:00
Todd C. Miller
46770c9588 The error string returned by alias_add should be const. 2015-05-27 09:48:34 -06:00
Todd C. Miller
45548cf049 Add support for MAIL and NOMAIL command tags to toggle mail sending 
behavior on a per-command (or Cmnd_Alias) basis.
 2015-02-19 10:02:20 -07:00
Todd C. Miller
2033be83c6 Regen with yacc skeleton that the clang analyzer doesn't complain about. 2015-02-03 15:58:09 -07:00
Todd C. Miller
a9bf105eda Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX 
systems doesn't include stdint.h itself.
 2015-02-03 10:00:30 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
c287419788 Require that a digest be specified with a real command, not an alias 
or pseudo-command.  Found via a crash by afl.
 2014-11-19 17:07:24 -07:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
0a9a8d9562 Move SIZE_MAX compat define into missing.h where it belongs. 2014-05-01 08:38:43 -06:00
Todd C. Miller
218aa1e598 Move the sha2 code into libreplace and add configure checks for 
SHA224Update in libc and libmd.  Solaris uses "void *" where we use
"unsigned char *" so we need a check for that too.  Solaris sha2.h
defines SHA224, SHA256, SHA384, and SHA512 so rename those tokens.
Adapted from changes from Vladimir Marek in bug #641.
 2014-04-09 16:31:13 -06:00
Todd C. Miller
b2c456341a Move symbol extern defs into sudoers.h 2013-12-16 14:18:42 -07:00