isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,204 Commits 1 Branch 0 Tags
73c1b04306d5291abde9857b51e6aaee936e57c4
Commit Graph

2574 Commits

Author SHA1 Message Date
Todd C. Miller
277b297ae0 Fix typo introduced on systems with O_PATH or O_EXEC 2020-03-11 15:42:46 -06:00
Todd C. Miller
ea8445e364 Allow the ALL keyword to be specified with a digest list. 2020-03-11 11:19:37 -06:00
Todd C. Miller
3edd30a27d A struct member of type ALL should have its name field set to NULL. 2020-03-11 11:17:52 -06:00
Todd C. Miller
4eca443246 Allow a list of digests to be specified for a command. 2020-03-11 11:17:52 -06:00
Todd C. Miller
8c08f5ef03 Allow Cmd_Alias in addition to Cmnd_Alias. 
Some people find using Cmd_Alias more natural.
 2020-03-11 11:17:38 -06:00
Todd C. Miller
e1df9d1dc3 Add pam_ruser and pam_rhost sudoers flags. 2020-03-01 13:37:00 -07:00
Todd C. Miller
bf2bc931ab Revert change to initialize io_operations earlier. 
Instead, check io_operations.open for NULL which is the case for
"sudo -V".  Also move the early return in sudoers_io_open() for
"sudo -V" until after we have initialized debugging.
 2020-03-01 13:36:54 -07:00
Todd C. Miller
f590f81b3c Initialize io_operations earlier. 2020-02-28 07:03:15 -07:00
Todd C. Miller
34972e834f Mark up some remaining TODOs 2020-02-27 14:11:54 -07:00
Todd C. Miller
5635c22f6b Add --disable-log-server and --disable-log-client configure options. 
These can be used to optionally disable building sudo_logsrvd and
support for remote I/O logging in the sudoers plugin respectively.
 2020-02-26 13:17:40 -07:00
Todd C. Miller
f6a264e719 Avoid calling sudoers_policy_exec_setup() on error. 
We only want to pass the execution environment back for commands
that are accepted or rejected.
Also avoid potentially freeing the wrong pointer when garbage
collection is enabled.
 2020-02-24 19:59:44 -07:00
Todd C. Miller
4b4db9694a Regenerate dependencies to match the recent JSON changes. 2020-02-20 11:35:28 -07:00
Todd C. Miller
8ef5b734c4 Rework the JSON API to write to a memory buffer, not a stdio stream. 2020-02-17 16:10:55 -07:00
Todd C. Miller
2e836cc571 The environment in the accept message is runenv not submitenv. 
The I/O logging plugin is passed the environment the command will
run with, not the user's original environment.
 2020-02-16 16:37:14 -07:00
Todd C. Miller
e7bd19bd1e Add test for #include directive without a trailing newline. 2020-02-14 14:13:55 -07:00
Todd C. Miller
d2314acae8 Don't require a newline at the end of include or includedir directives. 2020-02-14 14:06:45 -07:00
Todd C. Miller
0e4c3c47d1 Move duplicated code to parse plugin debug flags to libsudo_util. 
There's no need for four copies of sudo_debug_parse_flags().
 2020-02-11 15:15:36 -07:00
Todd C. Miller
9e2e79b6fa Add regress test for parsing Defaults lists. 
Currently only env_check, env_delete, env_keep and log_servers are lists.
 2020-02-10 17:58:59 -07:00
Todd C. Miller
ac61b5655d Use EXIT_SUCCESS and EXIT_FAILURE more consistently. 2020-02-08 12:43:00 -07:00
Todd C. Miller
c92f39ed3d Use json functions from libsudo_util in cvtsudoers. 2020-02-08 09:11:02 -07:00
Todd C. Miller
2fe127d108 Move some scripts from the top level src dir to a scripts dir. 2020-02-06 14:30:26 -07:00
Todd C. Miller
c2faa9e6ef Add runas_user and runas_group (if set) to command_info for audit plugin. 
Otherwise, the audit plugin has to look up the runas name and group
by user or group ID.
 2020-02-05 10:53:50 -07:00
Todd C. Miller
658702b6d4 For plugin events, set the sudo event base for setbase(NULL). 
This makes it possible for a plugin to change the event base
to a local one and then reset it back to its original value.
 2020-02-02 12:37:11 -07:00
Todd C. Miller
49e7e4ecd5 Don't display "error in event loop" on loop break reading ServerHello. 
We should already have displayed a more useful error message.
Otherwise, we can get two "error in event loop" warnings if
the TLS handshake fails (in addition to other error messages).
 2020-02-01 08:32:27 -07:00
Todd C. Miller
b9bea25592 Read ServerHello message synchronously before the command is executed. 
Otherwise, the command could be run before the TLS handshake completes.
 2020-01-31 19:48:27 -07:00
Todd C. Miller
45e589d443 Pass back a failure or error string to the front end. 
The audit_failure() function now stores the failure string.
This will allow an audit plugin to log the reason if the user's
request is a rejected.
 2020-01-30 13:25:36 -07:00
Todd C. Miller
604945f93e Fix warning about unresolved host name with "sudo -l -h hostname". 
The resolve_host() function returns 0 on success, not bool.
 2020-01-28 13:00:54 -07:00
Todd C. Miller
5472b17516 Fix crash in sudo 1.8.30 when suspending sudo at the password prompt. 
The closure pointer in sudo_conv_callback was being filled in with
a struct getpass_closure ** instead of a struct getpass_closure *.
The bug was introduced in the fix for Bug #910; previously the
closure variable was a struct getpass_closure, not a pointer.
Fix from Michael Norton; Bug #914.
 2020-01-24 11:13:55 -07:00
Laszlo Orban
24c9438486 logserver option to disable certificate verification on server side and server authentication on client side 2020-01-23 10:12:12 -07:00
Laszlo Orban
9935a7e2ff Rename tls_checkpeer to tls_reqcert in ServerHello message 2020-01-23 10:12:12 -07:00
Laszlo Orban
6f3f45aa24 sudoers: disable SO_KEEPALIVE socket option based on log_server_disable_keepalive flag in sudoers 2020-01-22 10:52:18 -07:00
Todd C. Miller
dde86e585f Add support for building on OpenSSL 1.0.2. 
This adds compatibility defines for some OpenSSL 1.1.x functions.
 2020-01-21 13:27:40 -07:00
Todd C. Miller
c3bd025052 Store the server host name and IP in client_closure_fill(). 
Also check for getpeername() and inet_ntop() failure.
 2020-01-20 14:03:41 -07:00
Todd C. Miller
2d91555e85 Fix handling of SSL_ERROR_WANT_{READ,WRITE} during normal I/O. 
If we get SSL_ERROR_WANT_WRITE during SSL_read(), we need to resume
the SSL_read(), not call SSL_write() as we were doing.  Likewise
for SSL_ERROR_WANT_READ received from SSL_write().
This introduces a flag so we call the proper callback even when
the I/O direction doesn't match the read/write calls.
 2020-01-20 12:42:39 -07:00
Todd C. Miller
5913c63642 Add abs_top_srcdir and abs_top_builddir and use them. 
Configure provides absolution versions of srcdir, builddir, top_srcdir
and top_builddir.  We can use these instead of calling pwd.
 2020-01-20 06:37:42 -07:00
Todd C. Miller
47d9504716 Add debugging statements to certificate checks. 2020-01-18 12:57:24 -07:00
Todd C. Miller
5a86073bd0 Portability fixes and correct path to hostcheck.h in MANIFEST. 
Include sys/socket.h for getpeername().
Link with -lnsl on Solaris to get inet_pton().
 2020-01-18 11:32:45 -07:00
Todd C. Miller
d2b7148b6c Using "libtool --clean" to remove regular files is slow. 
We only need to use libtool's clean mode to remove files created by libtool.
 2020-01-18 05:53:55 -07:00
Laszlo Orban
a6916c2199 do server identity validation in iolog plugin 2020-01-18 05:49:54 -07:00
Laszlo Orban
de02745a3f save a pointer to the currently connected audit server in the closure object 2020-01-18 05:49:54 -07:00
Todd C. Miller
36b3362b99 Fix TLS connect when SSL_connect returns SSL_ERROR_WANT_READ. 
We need to switch from SUDO_EV_WRITE to SUDO_EV_READ for this case.
Also make the tls connect events private to tls_timed_connect()
with their own closure.  There is no need to store them in the
client closure.
 2020-01-16 17:37:45 -07:00
Todd C. Miller
161750fc56 Really fix flushing of data in client_close(). 
Now that we call fmt_exit_message() from client_close() we do not
need to try to determine whether the read or write events were
pending in the old base.

We can't tell anyway because the active flag in the event was cleared
when the old sudo event base was destroyed.  It is correct to enable
both the read and write events after formatting the ExitMessage.
 2020-01-15 14:47:42 -07:00
Todd C. Miller
bbb9520c3a Use SUDOERS_DEBUG_* not SUDO_DEBUG_* in debug_decl() for the sudoers plugin. 2020-01-15 14:11:18 -07:00
Todd C. Miller
e7eef9c3a5 Fix reference counting when both sudoers policy and I/O log are loaded. 
If both sudoers policy and I/O log plugins are loaded, debug_files
will be empty when the I/O plugin is initialized.  This changes the
logic to always increase the reference count if the instance is valid.
 2020-01-14 17:50:40 -07:00
Todd C. Miller
3fddfedb53 Remove MAXSYSLOGTRIES, it is no longer used. 2020-01-09 13:59:51 -07:00
Todd C. Miller
586b418ad8 Sanity check size when converting the first record to TS_LOCKEXCL 
Coverity CID 206591
 2020-01-05 09:37:09 -07:00
Todd C. Miller
3e0dcae6c9 Use canonical pattern when freeing a tail queue. 
Avoids some coverity false positives when using TAILQ_FOREACH_SAFE
to free the tail queue.
 2020-01-05 07:48:46 -07:00
Todd C. Miller
b3c5efd48e Avoid potential NULL deref in tls_timed_connect() error path. 
Coverity CID 206396
 2020-01-03 04:52:58 -07:00
Robert Manner
972ea1448e plugins/sudoers/sudoers_debug.c: fix harmless debug deregistration warning 
If the debug sudoers subsystem is not registered, because it does not
get any file names to deal with (TAILQ_EMPTY(debug_files)), deregistration
of the subsystem outputs a warning:

  sudo: sudo_debug_deregister_v1: invalid instance ID -1, max -1

This patch prevents that by only increasing the refcount if the
debug_instance was registered successfully.
 2020-01-02 11:53:08 -05:00
Todd C. Miller
047f37ade3 Restore check for readable /etc/sudoers in pre-install target. 
If there is no installed sudoers there is nothing to check...
 2019-12-25 12:15:03 -07:00