isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,698 Commits 1 Branch 0 Tags
7aa89c49b53b700dc504acd33bd48d3ac76eccb6
Commit Graph

60 Commits

Author SHA1 Message Date
Todd C. Miller
f632e0a63d Don't generate SIGTOU when restoring the terminal modes. It doen't 
make sense to suspend the process only to restore the terminal
settings since in this case the shell has already taken ownership
of the tty.
 2016-10-17 09:02:34 -06:00
Todd C. Miller
9b886f6b2c The flush parameter of sudo_term_restore() is bool, not int. 2016-10-17 08:57:17 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
a2e541aef8 O_NOCTTY has no effect when opening /dev/tty as the open can only 
succeed if there is already a controlling tty.
 2016-05-16 11:17:20 -06:00
Todd C. Miller
b4309d4aea Ignore SIGPIPE for the duration of sudo and not just in a few select 
places.  We have no control over what nss, PAM modules or sudo
plugins might do so ignoring SIGPIPE is safest.
 2016-04-22 16:36:36 -06:00
Todd C. Miller
5ad68edd65 It is possible for WIFSTOPPED to be true even if waitpid() is not 
given WUNTRACED if the child is ptraced.  Don't exit the waitpid()
loop if WIFSTOPPED is true, just in case.
 2015-10-02 11:24:01 -06:00
Todd C. Miller
38b7aea6b7 Restore old signal handlers before tty settings. That way SIGTTOU 
is at its original value if sudo_term_restore() should fail.
 2015-09-09 15:27:09 -06:00
Todd C. Miller
2f1d675055 Ignore callbacks if major version doesn't match. 2015-09-09 13:29:57 -06:00
Todd C. Miller
0c70df5de9 Implement suspend/resume callbacks for the conversation function. 
If suspended, close the timestamp file (dropping all locks).  On
resume, lock the record before reading the password.

For this to work properly we need to be able to run th callback
when tsetattr() suspends us, not just when the user does.  To
accomplish this the term_* functions now return EINTR if SIGTTOU
would be generated.  The caller now has to restart the term_*
function (and send itself SIGTTOU) instead of it being done
automatically.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
98a15d9879 Add a struct sudo_conv_callback that contains on_suspend and on_resume 
function pointer args plus a closure pointer and at it to the
conversation function.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
166ee6879b Sync tty_present() with sudoers version. 2015-05-07 11:20:49 -06:00
Todd C. Miller
d2624ffa96 Make tty_present static to tgetpass.c 2015-05-07 09:42:48 -06:00
Todd C. Miller
b78a985bf0 Fix cut & pasto that prevented the SIGPIPE handler from being 
restored before returning from tgetpass().  From mancha
 2015-03-02 08:49:04 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
29039859b7 Defer registration of the SIGCHLD handler until just before we exec 
the command.  Fixes a problem where pam_gnome_keyring installs its
own SIGCHLD handler and may not restore the original one.  As a
result, we now have to explicitly wait for the askpass helper to
finish.  Bug #657
 2014-11-18 14:05:51 -07:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
d36846a699 Reduce name space pollution in libsudo_util.so 2014-06-26 16:21:19 -06:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
f6e8fb8b1c Quiet a few -Wunused-result compiler warnings. 2013-05-01 11:02:09 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
2be741d8ae Rename signal handler to avoid name clash with one in exec.c 2013-01-16 15:28:36 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
af9492d117 Provide unhooked version of getenv() and use it when looking up 
DISPLAY and SUDO_ASKPASS in the environment.
 2012-05-27 12:48:55 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
9be74cac45 If there is nothing to read from the askpass program, set errno to 
EINTR.  This makes the cancel button behave like the user entered
^C at the password prompt when PAM is used.
 2012-03-27 12:41:28 -04:00
Todd C. Miller
d35a8b4de4 Fetch the value of "askpass" from the sudo conf struct. 2012-03-27 12:25:04 -04:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
c865a462cc Prepare sudo front end messages for translation. 2011-05-06 17:47:51 -04:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
420db23714 Quiet gcc warnings on glibc systems that use warn_unused_result for 
write(2) and others.
 2010-08-03 11:17:56 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
4fb8a83e6f Fix -A flag when askpass is specified in sudo.conf or if sudo doesn't need 
to read a password.
 2010-06-15 15:11:10 -04:00
Todd C. Miller
f64bb67c6c Clean up some XXXs 2010-06-15 15:01:11 -04:00
Todd C. Miller
c2f8d24f20 Check for dup2() failure. 2010-06-15 09:02:23 -04:00
Todd C. Miller
b72a530fd0 Update copyright year 2010-06-14 12:19:49 -04:00
Todd C. Miller
047fc3876d Remove sigaction emulation 
Use SA_INTERRUPT in sa_flags
 2010-06-10 15:18:23 -04:00
Todd C. Miller
e146aaaa29 Fix visiblepw sudoers option; the plugin API portion still needs documenting 2010-06-10 15:02:32 -04:00
Todd C. Miller
b91b65722b Store askpass path in a global instead of uses setenv() which many 
systems lack.
 2010-06-10 12:03:40 -04:00
Todd C. Miller
eec336115a Move askpass path specification from sudoers to sudo.conf. 2010-06-09 17:40:44 -04:00
Todd C. Miller
c5a6ca998a Move compat definition of NSIG to compat.h 2010-06-09 13:57:07 -04:00