Commit Graph

989 Commits

Author SHA1 Message Date
Todd C. Miller
4949fd2913 Sudo 1.9.4p1 2020-12-15 16:01:05 -07:00
Todd C. Miller
0e3e13d872 Define _DARWIN_UNLIMITED_GETGROUPS on macOS to suport > 16 groups.
On macOS 10.6 and above, getgroups(2) can return more than NGROUPS_MAX
if _DARWIN_UNLIMITED_GETGROUPS or _DARWIN_C_SOURCE is defined.
Bug #946
2020-12-07 13:15:25 -07:00
Todd C. Miller
94c5052ebf Fix typo detected by codespell 2.0.0
Also avoid some new false positives
2020-11-24 07:40:38 -07:00
Todd C. Miller
a96b9a1373 Newer LibreSSL has SSL_CTX_set_ciphersuites but it is not enabled.
Add a check for the function declaration in openssl/ssl.h.
2020-11-16 14:39:52 -07:00
Todd C. Miller
1aa76e9b7a Update for sudo 1.9.4. 2020-11-14 11:42:29 -07:00
Todd C. Miller
62547746d3 Rename iolog_client -> log_client.
The logsrvd client code is now used for more than just I/O logging.
2020-11-09 17:13:04 -07:00
Todd C. Miller
08d236293b Remove hack to define YYTOKENTYPE, it breaks newer bison. 2020-11-09 16:52:26 -07:00
Todd C. Miller
3078d67c13 Bison generates an extra enum containing the parser tokens.
This conflicts with the IBM ldap.h at least.  Prevent it from being
exposed by defining YYTOKENTYPE.
2020-10-28 10:13:39 -06:00
Todd C. Miller
c8c7e1f607 Use ssl_err2string() in message on ldap_ssl_client_init() failure.
Displaying SSL reason code directly is not user-friendly.
2020-10-28 09:40:11 -06:00
Todd C. Miller
488aeff532 IBM LDAP packages use a lib64 directory for 64-bit libraries.
We need to add this to LDFLAGS so the linker is able to find
the correct libs when building 64-bit binaries.
2020-10-28 09:49:10 -06:00
Todd C. Miller
707437f6cb Refactor eventlog code into a library 2020-10-26 15:24:35 -06:00
Todd C. Miller
7eda22c729 Add -Wshadow to warning flags if the compiler supports it. 2020-09-25 15:09:42 -06:00
Todd C. Miller
b2593b22b6 Update for sudo 1.9.3p1 2020-09-23 08:00:26 -06:00
Todd C. Miller
75d53ee547 Fix configure test for crypt(3) when it is present in libc.
Fixes a regression introduced in sudo 1.9.3.
2020-09-23 08:28:44 -06:00
Todd C. Miller
e2c72300cf Move warning about plaintext password to the end of configure.
It is unlikely to be noticed at the beginning of the output.
2020-09-20 19:18:39 -06:00
Todd C. Miller
874c2b27c6 Use a simple string compare on systems without crypt(3).
This is only used on systems without PAM, BSD authentication or AIX
authentication.  Bug #940.
2020-09-18 08:18:07 -06:00
Todd C. Miller
1154e1d605 Back out sudo 1.9.3b1 version change. 2020-09-16 06:19:42 -06:00
Todd C. Miller
def99ffd78 Fix typo in warning for T_CHPATH, list '~' not '*' twice.
Bug #938
2020-09-14 06:54:15 -06:00
Todd C. Miller
e9997c8ec4 Remove closefrom_fallback() from lib/util/util.exp.
It is a static function and should not be exported.
2020-09-06 15:27:21 -06:00
Evan Anderson
92e5d81943 configure: Fix runstatedir handling for distros that do not support it
runstatedir was added in yet-to-be released autoconf 2.70. Some distros
are shipping this addition in their autoconf packages, but others, such as Fedora,
are not. This causes the rundir variable to be set incorrectly if the configure script
is regenerated with an unpatched autoconf since the runstatedir variable set is deleted
after regeneration. This change works around that problem by checking that runstatedir
is non-empty before potentially using it to set the rundir variable
2020-09-06 15:32:50 -06:00
Todd C. Miller
72b28bbc3e SVR4/5 fixes and long password support for OpenServer 6 & 5.
From Tim Rice
2020-09-05 19:29:06 -06:00
Todd C. Miller
f6cb5c72bc Prefer dlopen() over shl_load() on HP-UX 11.11 and higher. 2020-09-05 15:38:33 -06:00
Todd C. Miller
a7033f33a9 HP-UX cc may not allow __declspec(dllexport) to be used in conjunction
with "#pragma HP_DEFINED_EXTERNAL" when redefining standard libc functions.
2020-09-05 07:10:24 -06:00
Todd C. Miller
88c7a35dd5 Fix check for hiding unexported symbols on HP-UX.
We need to pass the -b option to the compiler, not just the linker,
so it will choose the PIC C runtime.
2020-09-04 21:43:30 -06:00
Todd C. Miller
049430ee5b Only install man pages for logsrvd and python plugin if we build them.
GitHub issue #58
2020-09-03 06:44:43 -06:00
Todd C. Miller
21a2dce506 Remove obsolete mansrcdir variable, add _SRC suffix to LOGSRV and LOGSRVD 2020-09-03 06:03:28 -06:00
Todd C. Miller
019f1f6b93 Use sigabbrev_np(3) to access signal abbreviations if supported.
glibc-2.32 has removed sys_sigabbrev[], we can use sigabbrev_np(3) instead.
2020-08-25 16:48:13 -06:00
Todd C. Miller
31d41853b6 sudo 1.9.3 2020-08-15 09:03:20 -06:00
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00
Todd C. Miller
cef6e3687e Switch from memset_s() -> explicit_bzero().
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
2020-08-10 19:24:32 -06:00
Todd C. Miller
4bc70c02c1 Always use a linker script to hide symbols if it is supported.
We use this even if the compiler has symbol visibility support so
we will notice mismatches between the exports file and __dso_public
annotations in the source code.
2020-08-03 10:27:27 -06:00
Todd C. Miller
38e28dcbf5 Rename python_plugin.exp.in -> python_plugin.exp
There is nothing dynamic in this file.
2020-08-03 10:15:28 -06:00
Todd C. Miller
3b4d4ab8dd Add missing python_plugin.exp.in file and remove unneeded __dso_public
This fixes building the python plugin on systems where the compiler
doesn't support symbol hiding (but wherethe linker does).
2020-08-03 09:53:12 -06:00
Todd C. Miller
03ad96e445 Use the fallthrough attribute instead of /* FALLTHROUGH */ comments. 2020-08-01 13:10:50 -06:00
Todd C. Miller
bd24a322cc Handle openssl where there is no separate libcrypto pkgconfig file.
In this case, just use the full openssl libs to get the sha2 functions.
2020-07-16 08:15:02 -06:00
Todd C. Miller
10f8bb6398 Ignore --enable-gcrypt if --enable-openssl is also specified. 2020-07-16 07:32:13 -06:00
Todd C. Miller
6a9ed1998b Sudo 1.9.2 2020-07-15 10:46:31 -06:00
Todd C. Miller
be89bdcf7c Fix some warnings displayed by autoconf 2.69b
This fixes the missing HAVE_GSSAPI_GSSAPI_H define in config.h.in.
TODO: replace shadow_funcs variable in function checks with literals
2020-07-15 10:12:55 -06:00
Todd C. Miller
9ef09595f9 Allow HP-UX share libs and modules to link against static libs.
hppa64 and ia64 use PIC by default
2020-06-26 09:13:38 -06:00
Todd C. Miller
4cadd54951 Use pkg-config to find the openssl cflags and libs if possible.
We support linking against static openssl libs too.
2020-06-25 20:55:02 -06:00
Todd C. Miller
5e9346d4e9 Add -Wimplicit-fallthrough to --enable-warnings if available.
Note that clang 10 has support for -Wimplicit-fallthrough in C code
but doesn't recognize lint-style FALLTHROUGH comments like gcc does
so we can't use it.
2020-06-20 13:51:02 -06:00
Todd C. Miller
23b1ee2f45 Fix some warnings from configure test programs. 2020-06-20 13:51:02 -06:00
Todd C. Miller
f2dce25ac1 Drop old test for -lcposix for ISC Unix. 2020-06-20 11:21:27 -06:00
Todd C. Miller
48c2bd0007 Declare getdelim(3) if it exists in libc but is not prototyped in stdio.h.
This can happen on systems with a gcc packages that was built on
and older versions of the OS where getdelim(3) was not present.
2020-06-06 18:45:27 -06:00
Todd C. Miller
17b3f90f74 For python3-config, only use -I and -L/-l from --cflags and --ldflags output.
Otherwise we may get other flags used to build python that conflict
with what sudo uses.
2020-06-06 16:32:10 -06:00
Todd C. Miller
026caf0081 Add basic support for --runstatedir
If the user specifies --runstatedir but not --with-rundir, use
runstatdir as the parent directory of the sudo rundir.

In the future we may deprecate --with-rundir in favor of --runstatedir
but that will require changes for systems with no /var/run directory.
2020-05-20 18:51:52 -06:00
Todd C. Miller
5a69831dd4 Sudo 1.9.1 2020-05-18 18:50:50 -06:00
Todd C. Miller
d3b710b0da cfmakeraw(3) is broken on AIX, don't use it there
The cfmakeraw(3) function exists but does not set VMIN to 1 or VTIME
to 0 in c_cc[] in struct termios, which makes it useless.  The AIX
version also doesn't clear the CSIZE and PARENB flags from c_cflag.
2020-05-12 09:52:27 -06:00
Todd C. Miller
04cb06160a Fix a few more typos. 2020-05-07 07:49:54 -06:00
Todd C. Miller
a212ee64e3 Use the --embed when running "python3-config --ldflags" if supported.
Newer versions of python3-config only include libpython in the
output when the --embed is used.  Otherwise, "python3-config --libs"
and "python3-config --ldflags" only list the libraries python is
dependent on and not the python library itself.
2020-05-03 12:56:26 -06:00