isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,501 Commits 1 Branch 0 Tags
b3173fdedc605837113b9689c42d075398dd05c0
Commit Graph

73 Commits

Author SHA1 Message Date
Todd C. Miller
985af422d2 Rename __dso_public -> sudo_dso_public and move to config.h. 2020-08-12 09:57:42 -06:00
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00
Todd C. Miller
cef6e3687e Switch from memset_s() -> explicit_bzero(). 
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
 2020-08-10 19:24:32 -06:00
Todd C. Miller
03ad96e445 Use the fallthrough attribute instead of /* FALLTHROUGH */ comments. 2020-08-01 13:10:50 -06:00
Todd C. Miller
48c2bd0007 Declare getdelim(3) if it exists in libc but is not prototyped in stdio.h. 
This can happen on systems with a gcc packages that was built on
and older versions of the OS where getdelim(3) was not present.
 2020-06-06 18:45:27 -06:00
Todd C. Miller
d85d370c63 Add dependent system includes to make sudo_*.h more standalone. 
In the past we've relied on the various .c files to include the
system headers that define types that the sudo_*.h headers require.
This is fragile and can cause issues when includes get re-ordered.
 2020-05-18 04:47:21 -06:00
Todd C. Miller
ea1226be7c Only define WCONTINUED and WIFCONTINUED if neither are already defined. 
Fixes a warning on musl libc where WIFCONTINUED is defined in
stdlib.h for some reason.
 2020-05-15 18:50:04 -06:00
Todd C. Miller
92e42ff548 Add compatibility define for fseeko(3). 
This is better than cluttering up the code with #ifdefs for obsolete
systems.
 2020-02-15 10:22:15 -07:00
Todd C. Miller
dde86e585f Add support for building on OpenSSL 1.0.2. 
This adds compatibility defines for some OpenSSL 1.1.x functions.
 2020-01-21 13:27:40 -07:00
Todd C. Miller
c3bd025052 Store the server host name and IP in client_closure_fill(). 
Also check for getpeername() and inet_ntop() failure.
 2020-01-20 14:03:41 -07:00
Todd C. Miller
291221c698 Older systems may not support WCONTINUED. 2019-12-25 11:17:35 -07:00
Todd C. Miller
4690d3ecf6 Add cfmakeraw() for systems without it. 2019-12-23 13:15:34 -07:00
Todd C. Miller
b14d633ec6 Add runas_check_shell flag to require a runas user to have a valid shell. 
Not enabled by default.
 2019-12-09 19:29:45 -07:00
Todd C. Miller
43df086186 Add dup3() emulation. 2019-11-02 10:52:55 -06:00
Todd C. Miller
dbf78d0716 Add fchmodat() and fstatat() emulation. 
Note that fchmodat() emulation does not support AT_SYMLINK_NOFOLLOW
 2019-10-24 20:04:33 -06:00
Todd C. Miller
0d69de5b25 Move openat() emulation to lib/util and at unlinkat() emulation. 2019-10-24 20:04:30 -06:00
Todd C. Miller
2512f6efbf Use sudo_strtonum() explicitly instead of via a macro. 2019-10-14 10:09:30 -06:00
Todd C. Miller
04a17095be Always use our own strtonum and implement sudo_strtoid in terms of it. 2019-10-14 10:09:29 -06:00
Todd C. Miller
3e56be3564 Store signal name, not number in I/O log timing file. 
The "SIG" prefix is not used so, e.g. SIGTERM -> "TERM".
This makes the I/O log files portable from one system to another.
Older I/O log files with signal numbers can still be replayed.
 2019-08-05 16:30:58 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
de65d70929 Add a proper getdelim(3) replacement and use it instead of getline(3). 2019-04-08 10:37:30 -06:00
Todd C. Miller
da98428e91 AIX 7.1 defines O_CLOEXEC but it can't be used outside the kernel. 
Redefine O_CLOEXEC if it doesn't fit in an int and pipe2() is missing.
 2019-02-18 15:45:31 -07:00
Todd C. Miller
10198ef6f3 Only include stdarg.h if we need it. 2018-08-22 12:36:28 -06:00
Todd C. Miller
5a0c86bb63 We still need to include string.h for AIX (and possibly others) 
when we are not using the system memset_r() function and rsize_t
is defined by the system headers.
 2018-08-22 08:22:56 -06:00
Todd C. Miller
957f284bba Add --enable-package-build to give configure a hint that we are 
building a package.  This can be used to avoid relying on libc
functions that may not be present in all libc versions for a
particular system.  For instance, AIX 7.1 may or may not have
memset_s() and getline() present.
 2018-08-22 08:09:46 -06:00
Todd C. Miller
d9dec93277 AIX defines rsize_t in string.h, not stddef.h for use by the 
memset_s() prototype.  We use our own memset_s() on AIX since it
is not available on all BOS levels which makes package building
problematic.
 2018-08-22 07:43:13 -06:00
Todd C. Miller
0ae9662833 Add sudo_getgrouplist2() to dynamically allocate the group vector. 
This allows us to avoid repeatedly calling getgrouplist() with
a statically sized vector on macOS, Solaris, HP-UX, and AIX.
 2018-06-15 14:05:13 -06:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
3b88cdfcd8 Fix stair-stepped output when the output of a sudo command is piped 
to another command and use_pty is set.
 2017-09-26 14:21:11 -06:00
Todd C. Miller
d979898e71 Remove use of non-standard sigaction_t 2017-05-12 10:02:18 -06:00
Todd C. Miller
b5c88e52b1 Remove use of the non-standard SA_INTERRUPT 2017-05-12 10:02:17 -06:00
Todd C. Miller
11c82e2f1b Fix typo in killpg macro. 2017-04-21 09:25:17 -06:00
Todd C. Miller
18c8ce10ea Fix the killpg macro for systems without killpg() in libc. 2017-04-21 07:28:45 -06:00
Todd C. Miller
7aa89c49b5 Emulate pipe2() on systems without it. 2017-03-13 12:11:51 -06:00
Todd C. Miller
2f0295373a When waiting for the parent to grant us the tty, use nanosleep 
instead of spinning to avoid hogging the CPU.
 2017-01-12 10:44:26 -07:00
Todd C. Miller
6aa43ff1e4 HAVE_DECL_GETGROUPLIST_2 is always defined if HAVE_GETGROUPLIST_2 is, 
we need to check its value, not whether it is defined.
 2016-12-18 06:50:51 -07:00
Todd C. Miller
ae76e1a229 Use getgrouplist_2() on macOS if available. 2016-12-13 10:39:32 -07:00
Todd C. Miller
8133cdfdf6 Use sys/stat.h defines instead of bare octal values. 2016-11-07 13:36:05 -07:00
Todd C. Miller
19c96da44d add vsyslog() for systems without it. 2016-10-19 11:32:36 -06:00
Todd C. Miller
e147ba1fec Use W_EXITCODE to construct the wait status if sudo could not execute 
the command.  Fixes the sudo exit value for exec(3) failure.
 2016-08-31 08:39:26 -06:00
Todd C. Miller
f683cbd582 Add definition of nitems for those without it and use it throughout. 2016-06-23 10:58:07 -06:00
Todd C. Miller
f4e5b135bb Update copyright year 2016-01-20 15:40:51 -07:00
Todd C. Miller
4bcef637f8 Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using 
pread64() on that platform.
 2016-01-13 11:10:33 -07:00
Todd C. Miller
68c1073fe5 Rewritten sudoedit_checkdir support that checks all the dirs in the 
path and refuses to follow symlinks in writable directories.
This is a better fix for CVE-2015-5602.
Adapted from a diff by Ben Hutchings.  Bug #707
 2016-01-10 18:31:29 -07:00
Todd C. Miller
3354d27a17 Do not follow symbolic links in sudoedit by default. This behavior 
can be controlled by the sudoedit_follow Defaults flag as well as
the FOLLOW/NOFOLLOW tags.
 2015-08-06 13:20:01 -06:00
Todd C. Miller
540b09b32c Remove some compatibilty defines that should no longer be needed. 2015-07-02 09:07:15 -06:00
Todd C. Miller
8f9aa5af25 Need to include stddef.h to get rsize_t on Mac OS X for sudo_memset_s() 
prototype.
 2015-06-30 14:11:53 -06:00
Todd C. Miller
a76b93e23a Use our own bitmap macros instead of borrowing the ones from select. 2015-06-23 16:37:00 -06:00
Todd C. Miller
f6627e70b0 No longer need __malloc_like 2015-06-20 16:56:57 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00