isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,609 Commits 1 Branch 0 Tags
8fbdbde2f5845b157eb84722d21d5acefbdac2f6
Commit Graph

78 Commits

Author SHA1 Message Date
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
308b6fa118 Move all but the shadow stuff from getspwuid.c to pwutil.c and pwcache_get 
and pwcache_put as they are no longer needed.  Also add preprocessor
magic to use private versions of the passwd and group routines if MYPW
is defined (for use by testsudoers).
 2005-01-05 19:41:31 +00:00
Todd C. Miller
282c0bf361 Split off pw/gr cache and dup code into its own file. 
This allows visudo and testsudoers to use the pw/gr cache too.
 2005-01-05 01:07:33 +00:00
Todd C. Miller
77a7ab659a Check rbinsert() return value. In the case of faked up entries there 
is usually a negative response cached that we need to overwrite.

In pwfree() don't try to zero out a NULL pw_passwd pointer.
 2004-12-02 15:40:00 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
4620e8fa6f Cache non-existent passwd/group entries too. 2004-11-16 15:47:55 +00:00
Todd C. Miller
8680307dbd fix typo 2004-11-16 04:32:29 +00:00
Todd C. Miller
9846e562ad Implement group caching and use the passwd and group caches throughout. 2004-11-16 04:24:11 +00:00
Todd C. Miller
77cb1b56aa Paranoia; zero out pw_passwd before freeing passwd entry. 2004-11-15 17:05:54 +00:00
Todd C. Miller
ae2e26fd2f Cache passwd db entries in 2 reb-black trees; one indexed by uid, 
the other by user name.  The data returned from the cache should
be considered read-only and is destroyed by sudo_endpwent().
 2004-11-15 14:53:05 +00:00
Todd C. Miller
0b34123a8b Create and use private versions of setpwent() and endpwent() that 
set/end the shadow password file too.
 2004-11-15 04:06:16 +00:00
Todd C. Miller
ea5307a433 Add flag to sudo_pwdup that indicates whether or not to lookup the 
shadow password.  Will be used to a struct passwd that has the
shadow password already filled in.
 2004-09-25 21:01:46 +00:00
Todd C. Miller
fa96e1c86e More to a less restrictive, ISC-style license. 2004-02-13 21:36:43 +00:00
Todd C. Miller
de6ff287e8 Make sudo_pwdup() act like OpenBSD pw_dup() and allocate memory in 
one chunk for easy free()ing.  Also change it from static to extern.
 2004-01-16 23:04:07 +00:00
Todd C. Miller
505b424a56 add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
ea24bef19c The SHELL environment variable was preserved from the user's 
environment instead of being reset based on the passwd database
when the "env_reset" option was used.  Now it is reset as it should be.
 2002-01-15 23:43:59 +00:00
Todd C. Miller
f61723c47b o Reorder some headers and use STDC_HEADERS define properly 
o Update copyright year
 2001-12-14 19:52:47 +00:00
Todd C. Miller
11127e3468 Use setpwent()/endpwent() + all the shadow variants to make sure 
we don't inadvertantly leak an fd to the child.  Apparently Linux's
shadow routines leave the fd open even if you don't call setspent().
Reported by mike@gistnet.com; different patch used.
 2001-05-10 18:55:12 +00:00
Todd C. Miller
998631b73a New Defaults options: 
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
 o env_reset - reset the environment to a sane default
 o env_keep - preserve environment variables that would otherwise be cleared

No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
 2000-12-30 03:29:47 +00:00
Todd C. Miller
0208b22686 Add support for BSD authentication. 2000-10-26 16:42:40 +00:00
Todd C. Miller
165bd7fafb Fix root, runas, and target authentication for non-passwd file auth 
methods.
 2000-05-09 15:42:38 +00:00
Todd C. Miller
09b23e7b41 Add rootpw, runaspw, and targetpw options. 2000-02-18 17:56:28 +00:00
Todd C. Miller
7769bf6a32 o Change defaults stuff to put the value right in the struct. 
o Implement mailer_flags
o Store syslog stuff both in int and string form.  Setting the string
  form magically updates the int version.
o Add boolean attribute to strings where it makes sense to say !foo
 1999-10-07 21:21:08 +00:00
Todd C. Miller
3a8c0ca966 include strings.h everywhere we include string.h 1999-08-28 09:24:15 +00:00
Todd C. Miller
b13e8006ec Add check for LONG_IS_QUAD 
#undef MAXINT before including hpsecurity.h to silence an HP-UX warning
Check for U?LONG_LONG_MAX in snprintf.c and use LONG_IS_QUAD
 1999-08-22 09:59:28 +00:00
Todd C. Miller
3a8b0be635 o --with-otp deprecated, use --without-passwd instead 
o real dependencies in the Makefile
o --with-devel option to enable yacc, lex, and -Wall
o style -- "foo -> bar" becomes "foo->bar"
o ALL goes back to being a token, not a string but don't leak memory
o rename hsotspec -> host in parse.yacc
 1999-08-14 15:34:55 +00:00
Todd C. Miller
ca8eb6f2aa add 4th term to license similar to term 5 in the apache license 1999-07-31 16:19:45 +00:00
Todd C. Miller
692fe8cdb3 BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00
Todd C. Miller
80287c981c Move interface-related defines to interfaces.h so we don't have to include 
<netinet/in.h> everywhere.
 1999-05-17 01:36:30 +00:00
Todd C. Miller
850a52aa6f o Replace _PASSWD_LEN braindeath with our own SUDO_MAX_PASS. 
It turns out the old DES crypt does the right thing with passwords
   longert than 8 characters.
 o Fix common typo (necesary -> necessary)
 o Update TODO list
 1999-05-14 16:30:14 +00:00
Todd C. Miller
06e586ee7b Function names should be flush with the start of the line so they can be found trivially in an editor and with grep 1999-04-10 04:49:03 +00:00
Todd C. Miller
e6deacb6c4 Crank version to 1.6 and combine copyright statements 1999-04-05 20:57:25 +00:00
Todd C. Miller
79c46d1c81 ++version 1999-03-29 04:05:15 +00:00
Todd C. Miller
382ef75493 Use emalloc/erealloc/estrdup 1999-03-29 02:59:34 +00:00
Todd C. Miller
52916f16ac add explicate copyright 1999-02-03 04:32:19 +00:00
Todd C. Miller
826fe213f2 add sudo tags 1999-01-17 23:16:20 +00:00
Todd C. Miller
d3aaf52283 crank version and regen files 1999-01-17 22:40:55 +00:00
Todd C. Miller
62dba8f4d1 more -Wall 1998-11-18 04:16:13 +00:00
Todd C. Miller
c253188f55 -Wall 1998-11-18 03:51:10 +00:00
Todd C. Miller
2fb6e41a5b typo 1998-11-04 22:13:59 +00:00
Todd C. Miller
de21acbb37 kill perror("malloc") since we already have a good error messages 
pw_ent -> pw for brevity
 1998-11-04 01:39:18 +00:00
Todd C. Miller
918306ecc8 add iscomsec, issecure support 1998-11-03 20:02:52 +00:00
Todd C. Miller
a91e6bc124 init crypt_type to INT_MAX since it is legal to be negative in DUNX 5.0 1998-10-22 00:19:01 +00:00
Todd C. Miller
7ffee3b997 getprpwuid is broken in HP-UX 10.20 at least (it sleeps for 2 minutes if the 
shadow files don't exist).
 1998-10-21 23:50:10 +00:00
Todd C. Miller
3d92a1bb92 new dunix shadow code, use dispcrypt(3) 1998-10-19 18:32:39 +00:00
Todd C. Miller
5bfb481ca7 no more options.h 1998-10-15 05:41:26 +00:00
Todd C. Miller
1c66c857e4 new shadow password scheme. Always include shadow support if the 
platform supports it and the user did not disable it via configure
 1998-09-21 04:00:56 +00:00
Todd C. Miller
0ef9f25d7e updated version 1998-09-17 16:27:15 +00:00
Todd C. Miller
12477fd6e6 updated version 1998-04-06 03:35:50 +00:00