isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,796 Commits 1 Branch 0 Tags
c91b6777d3d8fbfa65d016857fa36ecabff848f6
Commit Graph

299 Commits

Author SHA1 Message Date
Todd C. Miller
d979898e71 Remove use of non-standard sigaction_t 2017-05-12 10:02:18 -06:00
Todd C. Miller
b5c88e52b1 Remove use of the non-standard SA_INTERRUPT 2017-05-12 10:02:17 -06:00
Todd C. Miller
9d4a92b9b4 Handle the possibility of the siginfo parameter in sa_sigaction 
handler being NULL.
 2017-05-12 10:02:17 -06:00
Todd C. Miller
2a55808775 Add support for signal events in sudo's event subsystem 2017-05-12 10:02:17 -06:00
Todd C. Miller
a2a83557e2 Add workaround for clang static analyzer being confused by LIST_REMOVE 
and TAILQ_REMOVE.
 2017-05-12 09:56:06 -06:00
Todd C. Miller
11c82e2f1b Fix typo in killpg macro. 2017-04-21 09:25:17 -06:00
Todd C. Miller
18c8ce10ea Fix the killpg macro for systems without killpg() in libc. 2017-04-21 07:28:45 -06:00
Todd C. Miller
7aa89c49b5 Emulate pipe2() on systems without it. 2017-03-13 12:11:51 -06:00
Todd C. Miller
e5dee1557e Add NOTBEFORE and NOTAFTER command options similar to what is 
already available in LDAP.
 2017-02-18 15:35:48 -07:00
Todd C. Miller
31540e6228 Bump version to 1.11 for timeout entry in settings[] 2017-02-16 10:28:08 -07:00
Todd C. Miller
2f0295373a When waiting for the parent to grant us the tty, use nanosleep 
instead of spinning to avoid hogging the CPU.
 2017-01-12 10:44:26 -07:00
Todd C. Miller
6aa43ff1e4 HAVE_DECL_GETGROUPLIST_2 is always defined if HAVE_GETGROUPLIST_2 is, 
we need to check its value, not whether it is defined.
 2016-12-18 06:50:51 -07:00
Todd C. Miller
ae76e1a229 Use getgrouplist_2() on macOS if available. 2016-12-13 10:39:32 -07:00
Todd C. Miller
334350af45 id_t is 64-bits on FreeBSD so use strtoll() there. 
Fixes the strtoid regress.
 2016-11-30 07:32:59 -07:00
Todd C. Miller
6c5936296f Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register() 
and check for it in places where we check the return value of
sudo_debug_register().
 2016-11-21 06:37:23 -10:00
Todd C. Miller
6dff4ac7fd Always define _PATH_SUDO_NOEXEC, _PATH_SUDO_SESH, _PATH_SUDO_PLUGIN_DIR, 
even if only defined to NULL.  This means the accessors can always be
present.

Use RTLD_PRELOAD_VAR instead of _PATH_SUDO_NOEXEC to tell when
noexec is available.

Add ENABLE_SUDO_PLUGIN_API and use it instead of _PATH_SUDO_PLUGIN_DIR
to tell when the plugin API is available.

Add sudo_conf_clear_paths() to clear the path values so the
regress tests are not affected by compile-time settings.
 2016-11-16 10:13:26 -07:00
Todd C. Miller
541ffbeec8 Bump plugin minor version to 10 for sudo_mode, sudo_group and sudo_user. 2016-11-08 20:34:46 -07:00
Todd C. Miller
8133cdfdf6 Use sys/stat.h defines instead of bare octal values. 2016-11-07 13:36:05 -07:00
Todd C. Miller
19c96da44d add vsyslog() for systems without it. 2016-10-19 11:32:36 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
5b86d2d298 Make sudo_parseln() flags hex to make it more obvious that they are 
bit flags.
 2016-09-01 14:36:24 -06:00
Todd C. Miller
2a4ba64c84 Add flag to sudo_parseln() to disable line continuation support. 2016-09-01 10:50:39 -06:00
Todd C. Miller
17ad75d50b Add a flags option to sudo_parseln() and a flag to only mach comments 
at the beginning of the line.  Use the flag when parsing ldap.conf.
 2016-09-01 09:19:20 -06:00
Todd C. Miller
e147ba1fec Use W_EXITCODE to construct the wait status if sudo could not execute 
the command.  Fixes the sudo exit value for exec(3) failure.
 2016-08-31 08:39:26 -06:00
Todd C. Miller
f683cbd582 Add definition of nitems for those without it and use it throughout. 2016-06-23 10:58:07 -06:00
Todd C. Miller
6cbba7d665 Add an administrative domain to the passwd/group cache key for 
AIX which can have different name <-> ID mappings depending
on whether the database is local, LDAP, etc.
 2016-02-01 11:08:58 -07:00
Todd C. Miller
f4e5b135bb Update copyright year 2016-01-20 15:40:51 -07:00
Todd C. Miller
4bcef637f8 Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using 
pread64() on that platform.
 2016-01-13 11:10:33 -07:00
Todd C. Miller
68c1073fe5 Rewritten sudoedit_checkdir support that checks all the dirs in the 
path and refuses to follow symlinks in writable directories.
This is a better fix for CVE-2015-5602.
Adapted from a diff by Ben Hutchings.  Bug #707
 2016-01-10 18:31:29 -07:00
Todd C. Miller
b20977d445 Add support for using fexecve() if supported on commands that are 
checksummed.
 2016-01-04 10:35:18 -07:00
Todd C. Miller
8b12390abf Add debug_return_ssize_t 2015-11-01 15:13:28 -07:00
Todd C. Miller
2c7ff33ea8 Explicitly mark large hex constants unsigned. 2015-09-24 11:23:02 -06:00
Todd C. Miller
edfeee6a7a No need to have version macros for hooks, callbacks and the sudoers 
group plugin.  We can just use the main sudo API macros.  The sudoers
group plugin macros are preserved for source compatibility but are
not documented.
 2015-09-09 14:56:52 -06:00
Todd C. Miller
67183d74f4 Remove include/compat/timespec.h. Systems old enough to lack struct 
timespec are too old to build a modern sudo.
 2015-09-09 11:13:22 -06:00
Todd C. Miller
00142c91fa Lock individual records in the timestamp file instead of the entire 
file.  This will make it possible for multiple sudo processes using
the same tty to serialize their timestamp lookups.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
98a15d9879 Add a struct sudo_conv_callback that contains on_suspend and on_resume 
function pointer args plus a closure pointer and at it to the
conversation function.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
af47293800 Make hook_version and hook_type unsigned. 2015-09-02 08:00:27 -06:00
Todd C. Miller
3354d27a17 Do not follow symbolic links in sudoedit by default. This behavior 
can be controlled by the sudoedit_follow Defaults flag as well as
the FOLLOW/NOFOLLOW tags.
 2015-08-06 13:20:01 -06:00
Todd C. Miller
540b09b32c Remove some compatibilty defines that should no longer be needed. 2015-07-02 09:07:15 -06:00
Todd C. Miller
8f9aa5af25 Need to include stddef.h to get rsize_t on Mac OS X for sudo_memset_s() 
prototype.
 2015-06-30 14:11:53 -06:00
Todd C. Miller
105f199f6b Fix build on compilers w/o __func__ or __FUNCTION__ 2015-06-30 10:41:14 -06:00
Todd C. Miller
54f9de6cce Add an error flag to the lbuf struct to simplify error checking. 
Callers of the lbuf functions now check the error flag to tell if
a memory allocation error ocurred.
 2015-06-26 15:58:04 -06:00
Todd C. Miller
a76b93e23a Use our own bitmap macros instead of borrowing the ones from select. 2015-06-23 16:37:00 -06:00
Todd C. Miller
f6627e70b0 No longer need __malloc_like 2015-06-20 16:56:57 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4be97a6c4e Remove now-unused sudo_alloc.h and alloc.c 2015-06-17 17:00:55 -06:00
Todd C. Miller
5ce50a885c Use non-exiting allocators in libsudo_util. 2015-06-17 17:00:53 -06:00
Todd C. Miller
8d1708434f Add sudo_strsplit(), similar to strtok_r() but non-destructive and 
operates on non-C strings (requires a length parameter).
 2015-05-26 15:46:41 -06:00
Todd C. Miller
11840308c4 Fix sudo_strnlen() prototype. 2015-05-26 14:14:06 -06:00