isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,711 Commits 1 Branch 0 Tags
c702957879e42f0d1067003b6043c80a6a3ea020
Commit Graph

1010 Commits

Author SHA1 Message Date
Todd C. Miller
90534b5b27 Add --disable-ssp configure option. 
This allows for disabling -fstack-protector without turning off the
other hardening options.
 2021-02-18 13:58:09 -07:00
Todd C. Miller
b736804cf0 Sudo 1.9.6 2021-02-17 09:56:04 -07:00
Todd C. Miller
a5504148a5 Add admin_flag sudoers option and make --enable-admin-flag take a path. 
It is now possible to disable the Ubuntu admin flag in sudoers
or change its location.
GitHub issue #56
 2021-02-16 13:20:02 -07:00
Todd C. Miller
440febff86 Error out if fuzzer/sanitizer enabled but not supported by the compiler. 2021-02-13 15:40:48 -07:00
Todd C. Miller
942b11149c Do not pass AX_APPEND_FLAG more than a single flag. 
GitHub issue #92
 2021-02-12 07:16:32 -07:00
Todd C. Miller
a527c583dc illumos has a broken fmemopen(3), don't use it. 2021-02-09 08:59:11 -07:00
Todd C. Miller
e392646ed4 Add configure check for SSIZE_MAX 2021-02-08 18:38:17 -07:00
Todd C. Miller
a046e3bbb0 Add -fsanitize=fuzzer-no-link to ASAN_LDFLAGS too, not just ASAN_CFLAGS. 2021-02-08 05:27:26 -07:00
Todd C. Miller
30d9497eb6 Add stub library that just feeds files to the fuzzing target. 
This will allow the fuzzers to be run as part of "make check".
 2021-02-07 15:43:51 -07:00
Todd C. Miller
a72d743ec8 Fall back to a temp file if fmemopen() is not available(). 2021-02-07 13:56:15 -07:00
Todd C. Miller
55df5efdce Add --enable-fuzzer-linker and --enable-fuzzer-engine options. 
These will allow the fuzzers to be built as part of oss-fuzz.
 2021-02-07 05:52:45 -07:00
Todd C. Miller
6216fb3cca Add --enable-fuzzer option to use when building fuzzers 2021-02-06 13:28:39 -07:00
Todd C. Miller
7a2a211dfc Replace --enable-asan with --enable-sanitizer 
It is not possible to set the sanitizer flags at configure time.
 2021-02-06 12:42:11 -07:00
Todd C. Miller
bd10bb5cfe Add --disable-leaks configure option. 
This enables the extra freeing of memory before exit also enabled
by --enable-asan.  To be used by oss-fuzz.
 2021-01-30 06:01:48 -07:00
Todd C. Miller
da5c6c6c45 Regenerate configure script with autoconf 2.71. 
Also fix some warnings from the new version.
 2020-12-08 12:35:21 -07:00
Todd C. Miller
98d5cc2a85 Sudo 1.9.5p2 2021-01-23 08:44:00 -07:00
Todd C. Miller
e60ff9058b Sudo 1.9.5p1 2021-01-11 18:47:22 -07:00
Todd C. Miller
9e111eae57 Sudo 1.9.5 2021-01-08 19:52:45 -07:00
Todd C. Miller
9e068c15e0 Add setprogname(3) for those without it. 2021-01-06 13:01:09 -07:00
Todd C. Miller
06bfbecd64 Add emulation of pread(3) and pwrite(3) for systems without them. 
This makes it possible to remove some ugly #ifdefs and only affects
very old systems.
 2021-01-02 10:43:34 -07:00
Todd C. Miller
4151d8fc80 Sudo 1.9.4p2 2020-12-20 08:50:48 -07:00
Todd C. Miller
4949fd2913 Sudo 1.9.4p1 2020-12-15 16:01:05 -07:00
Todd C. Miller
0e3e13d872 Define _DARWIN_UNLIMITED_GETGROUPS on macOS to suport > 16 groups. 
On macOS 10.6 and above, getgroups(2) can return more than NGROUPS_MAX
if _DARWIN_UNLIMITED_GETGROUPS or _DARWIN_C_SOURCE is defined.
Bug #946
 2020-12-07 13:15:25 -07:00
Todd C. Miller
94c5052ebf Fix typo detected by codespell 2.0.0 
Also avoid some new false positives
 2020-11-24 07:40:38 -07:00
Todd C. Miller
a96b9a1373 Newer LibreSSL has SSL_CTX_set_ciphersuites but it is not enabled. 
Add a check for the function declaration in openssl/ssl.h.
 2020-11-16 14:39:52 -07:00
Todd C. Miller
1aa76e9b7a Update for sudo 1.9.4. 2020-11-14 11:42:29 -07:00
Todd C. Miller
62547746d3 Rename iolog_client -> log_client. 
The logsrvd client code is now used for more than just I/O logging.
 2020-11-09 17:13:04 -07:00
Todd C. Miller
08d236293b Remove hack to define YYTOKENTYPE, it breaks newer bison. 2020-11-09 16:52:26 -07:00
Todd C. Miller
3078d67c13 Bison generates an extra enum containing the parser tokens. 
This conflicts with the IBM ldap.h at least.  Prevent it from being
exposed by defining YYTOKENTYPE.
 2020-10-28 10:13:39 -06:00
Todd C. Miller
c8c7e1f607 Use ssl_err2string() in message on ldap_ssl_client_init() failure. 
Displaying SSL reason code directly is not user-friendly.
 2020-10-28 09:40:11 -06:00
Todd C. Miller
488aeff532 IBM LDAP packages use a lib64 directory for 64-bit libraries. 
We need to add this to LDFLAGS so the linker is able to find
the correct libs when building 64-bit binaries.
 2020-10-28 09:49:10 -06:00
Todd C. Miller
707437f6cb Refactor eventlog code into a library 2020-10-26 15:24:35 -06:00
Todd C. Miller
7eda22c729 Add -Wshadow to warning flags if the compiler supports it. 2020-09-25 15:09:42 -06:00
Todd C. Miller
b2593b22b6 Update for sudo 1.9.3p1 2020-09-23 08:00:26 -06:00
Todd C. Miller
75d53ee547 Fix configure test for crypt(3) when it is present in libc. 
Fixes a regression introduced in sudo 1.9.3.
 2020-09-23 08:28:44 -06:00
Todd C. Miller
e2c72300cf Move warning about plaintext password to the end of configure. 
It is unlikely to be noticed at the beginning of the output.
 2020-09-20 19:18:39 -06:00
Todd C. Miller
874c2b27c6 Use a simple string compare on systems without crypt(3). 
This is only used on systems without PAM, BSD authentication or AIX
authentication.  Bug #940.
 2020-09-18 08:18:07 -06:00
Todd C. Miller
1154e1d605 Back out sudo 1.9.3b1 version change. 2020-09-16 06:19:42 -06:00
Todd C. Miller
def99ffd78 Fix typo in warning for T_CHPATH, list '~' not '*' twice. 
Bug #938
 2020-09-14 06:54:15 -06:00
Todd C. Miller
e9997c8ec4 Remove closefrom_fallback() from lib/util/util.exp. 
It is a static function and should not be exported.
 2020-09-06 15:27:21 -06:00
Evan Anderson
92e5d81943 configure: Fix runstatedir handling for distros that do not support it 
runstatedir was added in yet-to-be released autoconf 2.70. Some distros
are shipping this addition in their autoconf packages, but others, such as Fedora,
are not. This causes the rundir variable to be set incorrectly if the configure script
is regenerated with an unpatched autoconf since the runstatedir variable set is deleted
after regeneration. This change works around that problem by checking that runstatedir
is non-empty before potentially using it to set the rundir variable
 2020-09-06 15:32:50 -06:00
Todd C. Miller
72b28bbc3e SVR4/5 fixes and long password support for OpenServer 6 & 5. 
From Tim Rice
 2020-09-05 19:29:06 -06:00
Todd C. Miller
f6cb5c72bc Prefer dlopen() over shl_load() on HP-UX 11.11 and higher. 2020-09-05 15:38:33 -06:00
Todd C. Miller
a7033f33a9 HP-UX cc may not allow __declspec(dllexport) to be used in conjunction 
with "#pragma HP_DEFINED_EXTERNAL" when redefining standard libc functions.
 2020-09-05 07:10:24 -06:00
Todd C. Miller
88c7a35dd5 Fix check for hiding unexported symbols on HP-UX. 
We need to pass the -b option to the compiler, not just the linker,
so it will choose the PIC C runtime.
 2020-09-04 21:43:30 -06:00
Todd C. Miller
049430ee5b Only install man pages for logsrvd and python plugin if we build them. 
GitHub issue #58
 2020-09-03 06:44:43 -06:00
Todd C. Miller
21a2dce506 Remove obsolete mansrcdir variable, add _SRC suffix to LOGSRV and LOGSRVD 2020-09-03 06:03:28 -06:00
Todd C. Miller
019f1f6b93 Use sigabbrev_np(3) to access signal abbreviations if supported. 
glibc-2.32 has removed sys_sigabbrev[], we can use sigabbrev_np(3) instead.
 2020-08-25 16:48:13 -06:00
Todd C. Miller
31d41853b6 sudo 1.9.3 2020-08-15 09:03:20 -06:00
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00