isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,022 Commits 1 Branch 0 Tags
788708c9ff925a79ffdd56612f86d3dfc36d7232
Commit Graph

7 Commits

Author SHA1 Message Date
Todd C. Miller
9d776b4e7b Allow multiple accept/reject messages during a logsrv conversation. 
The log server now advertises a subcommands flag if it supports
logging subcommands (e.g. commands run from a sudo-spawned program
like a shell).  The client should only log additional commands
during a session if this flag is set in the ServerHello message.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
9779009fae Add info_msgs to AlertMessage and populate it. 
This lets us log eventlog info along with the alert if it is available.
 2020-11-09 17:15:11 -07:00
Todd C. Miller
deb9ce7d12 Quiet some warnings from igor. 2020-05-07 08:02:49 -06:00
Todd C. Miller
6901fc97ac Add a ClientHello message that client sends to the server. 
This makes it easier to detect a plaintext client sending to a
TLS port.  Without this, the TLS server will be silent as it
waits for the client to initiate the TLS connection.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
1659d96c55 Use port 30343 for plaintext and port 30344 for TLS. 
For TLS connections we now do the TLS handshake immediately before
the ServerHello message.  This lets the client recieve an alert
from the server is there is a handshake error after the TLS connect
has succeeded.  It also means that the contents of the ServerHello
are protected from a man-in-the-middle attack.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
c161f68b43 Document TLS settings in ServerHello 2020-04-20 11:12:03 -06:00
Todd C. Miller
1df3230c2a Document the sudo log server protocol 2019-10-24 20:04:33 -06:00