isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,283 Commits 1 Branch 0 Tags
ce97ca28db2bc09b07d555895bceafac4b8418b3
Commit Graph

412 Commits

Author SHA1 Message Date
Todd C. Miller
ce97ca28db Use OpenBSD-compatible freezero() in place of explicit_bzero() + free() 2020-08-10 19:24:33 -06:00
Todd C. Miller
cef6e3687e Switch from memset_s() -> explicit_bzero(). 
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
 2020-08-10 19:24:32 -06:00
Todd C. Miller
fa5d44b8b5 Quiet some clang 10 analyzer warnings. 2020-08-07 14:22:56 -06:00
Todd C. Miller
03ad96e445 Use the fallthrough attribute instead of /* FALLTHROUGH */ comments. 2020-08-01 13:10:50 -06:00
Todd C. Miller
8ef5c4cf9d Set DEFAULT_TEXT_DOMAIN in lib/util's Makefile not individual .c files. 
We no longer need to include sudo_gettext.h before sudo_compat.h
 2020-05-18 11:19:58 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
aaea462277 Prefer SIGSYS if SIGUNUSED is defined to the same value. 
Fixes a regress failure on musl libc where SIGSYS and SIGUNUSED
share the same value.
 2020-05-15 19:25:30 -06:00
Todd C. Miller
83d1bee918 Rename sudo_parse_host_port -> iolog_parse_host_port and mv to lib/iolog 
It is not used outside of the I/O log client and server and the
host:port syntax may change in the future.
 2020-05-11 08:47:54 -06:00
Todd C. Miller
0cf2e09e0c Apply spelling fixes. 
Fixes from PR #30 (ka7) and Bug #925 (fossies.org codespell)
 2020-05-06 09:27:43 -06:00
Todd C. Miller
b5a317aeb9 Add support for a tls flag in sudo_parse_host_port(). 
If the string "(tls)" appears at the end, the tls flag is set to true
and the default tls port is used if necessary.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
0460008c5b Handle EAGAIN like we do ENOMEM from poll() and select(). 
On some systems, poll() and select() can return EAGAIN instead
of ENOMEM if there is a kernel resource shortage.  In this case
we just re-enter the event loop and retry.
 2020-05-04 11:23:35 -06:00
Todd C. Miller
2b1e986572 Do not call poll(2) or ppoll(2) with nfds > RLIMIT_NOFILE. 
Both poll(2) and ppoll(2) will return EINVAL if the nfds function
argument is larger than the max files per process resource limit.
Prevent this by limiting the max number entries in the pfds[] array
to the RLIMIT_NOFILE soft limit.
 2020-04-30 15:54:34 -06:00
Todd C. Miller
85fe30e49b The timeout parameter of sudo_ev_add() should be const. 2020-04-29 11:27:30 -06:00
Todd C. Miller
99129ba41f Make gl_pathc, gl_matchc and gl_offs size_t in glob_t to match POSIX. 2020-04-21 11:05:29 -06:00
Todd C. Miller
3bf4172272 Explicitly include stdio.h for getdelim(3) 2020-04-08 12:42:58 -06:00
Todd C. Miller
3cd9cbbadf Add tests for the simple json parser. 2020-03-29 05:05:08 -06:00
Todd C. Miller
cffda82e20 Do not use JSON_ARRAY with sudo_json_add_value() 2020-03-29 05:05:08 -06:00
Todd C. Miller
5034ea91be Some new source files got created with my old email address. 2020-03-29 05:05:08 -06:00
Todd C. Miller
d83c09fb66 Add SUDO_EV_MASK to mask off invalid event values. 
Now used by sudo_ev_init() to avoid bogus events.
 2020-03-12 14:00:15 -06:00
Todd C. Miller
7e5641bc76 Fix unlocking of an entire file with lockf(). 
Since lockf() uses the files's current offset, we need to seek to
the start of the file to unlock the entire file.
 2020-02-22 16:09:59 -07:00
Todd C. Miller
1b930b585d Add sudo_json_free_v1 to symbol exports file too. 2020-02-20 12:21:09 -07:00
Todd C. Miller
4b4db9694a Regenerate dependencies to match the recent JSON changes. 2020-02-20 11:35:28 -07:00
Todd C. Miller
982c003b8d Add support for JSON structured logging using syslog. 
Note that depending on the system, the default syslog buffer
may not be large enough to store all the logging data.
 2020-02-17 16:25:18 -07:00
Todd C. Miller
8ef5b734c4 Rework the JSON API to write to a memory buffer, not a stdio stream. 2020-02-17 16:10:55 -07:00
Todd C. Miller
0e4c3c47d1 Move duplicated code to parse plugin debug flags to libsudo_util. 
There's no need for four copies of sudo_debug_parse_flags().
 2020-02-11 15:15:36 -07:00
Todd C. Miller
ac61b5655d Use EXIT_SUCCESS and EXIT_FAILURE more consistently. 2020-02-08 12:43:00 -07:00
Todd C. Miller
c92f39ed3d Use json functions from libsudo_util in cvtsudoers. 2020-02-08 09:11:02 -07:00
Todd C. Miller
2fe127d108 Move some scripts from the top level src dir to a scripts dir. 2020-02-06 14:30:26 -07:00
Todd C. Miller
88f9f2ba9a Add a simple API for writing JSON records. 
To be used by the upcoming JSON audit module.
 2020-01-30 13:12:25 -07:00
Todd C. Miller
ed294b8283 Add code to generate universally unique identifiers. 
We create type 4, variant 1 uuids (random).
 2020-01-30 13:12:25 -07:00
Todd C. Miller
dc45c4d4ea Add tests for arc4random_buf() and an implementation for those without. 2020-01-30 13:12:25 -07:00
Todd C. Miller
9d69c4a022 Allow getentropy.c to compile when MAP_ANON is unavailable. 2020-01-28 06:59:16 -07:00
Todd C. Miller
13cc65038f Remove multi-thread support from arc4random. 
Sudo is not multi-threaded so we don't need the added complexity.
 2020-01-28 06:41:42 -07:00
Todd C. Miller
aa7ea419f0 Backed out changeset 9dce3ebb2c37 
MAP_SGI_ANYADDR cannot be used in place of MAP_ANON
 2020-01-28 05:49:41 -07:00
Todd C. Miller
1fd82e1499 Fix compilation on IRIX; Bug #915 
IRIX lacks MAP_ANON (and MAP_ANONYMOUS) but we can use the IRIX-specific
flag MAP_SGI_ANYADDR instead.  From Kazuo Kuroi
 2020-01-27 16:14:57 -07:00
Todd C. Miller
36fbdc48ff Add siglist.c and signame.c as dependencies for depend target. 
Fixes running "make depend" in lib/util dir when siglist.c or
signame.c are not already present.
 2020-01-20 10:45:20 -07:00
Todd C. Miller
5913c63642 Add abs_top_srcdir and abs_top_builddir and use them. 
Configure provides absolution versions of srcdir, builddir, top_srcdir
and top_builddir.  We can use these instead of calling pwd.
 2020-01-20 06:37:42 -07:00
Todd C. Miller
d2b7148b6c Using "libtool --clean" to remove regular files is slow. 
We only need to use libtool's clean mode to remove files created by libtool.
 2020-01-18 05:53:55 -07:00
Todd C. Miller
161750fc56 Really fix flushing of data in client_close(). 
Now that we call fmt_exit_message() from client_close() we do not
need to try to determine whether the read or write events were
pending in the old base.

We can't tell anyway because the active flag in the event was cleared
when the old sudo event base was destroyed.  It is correct to enable
both the read and write events after formatting the ExitMessage.
 2020-01-15 14:47:42 -07:00
Todd C. Miller
41242e121f FreeBSD is missing SIGLWP (aka SIGTHR) in sys_signame[]. 
Don't test SIGLWP on FreeBSD where it is reserved for the thread
library and is not listed in sys_signame[].
 2020-01-15 10:27:54 -07:00
Todd C. Miller
8aa815643f Remove POD-style C<> markup (typewriter font) from sudo.conf 2020-01-02 13:12:27 -07:00
Todd C. Miller
4347ed90d4 Fix compilation on systems with SIGRTMIN/SIGRTMAX but not _SC_RTSIG_MAX. 2019-12-25 11:19:58 -07:00
Todd C. Miller
4690d3ecf6 Add cfmakeraw() for systems without it. 2019-12-23 13:15:34 -07:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Robert Manner
c0d53d75eb src/load_plugins, plugins/sudoers: added developer_mode sudo.conf option 
It can be used to disable the enforcement that a plugin (shared object or
an imported python module) must be owned by root and not modifiable by
others.
This can make plugin development easier.
 2019-12-14 12:55:42 -07:00
Robert Manner
6710048c8d lib/util/sudo_debug.c: add a function for querying if debugging is needed 
for a level.
Rationale: this way we can avoid computing details for the log which will
not happen at all if the computation is slow.
 2019-12-14 12:55:42 -07:00
Todd C. Miller
3ec23ad5e1 Minor style cleanups. 
Remove extraneous break after return statement.
Convert two old K&R function declarations.
 2019-12-13 19:27:38 -07:00
Todd C. Miller
b14d633ec6 Add runas_check_shell flag to require a runas user to have a valid shell. 
Not enabled by default.
 2019-12-09 19:29:45 -07:00
Todd C. Miller
d7b4f88658 Use cfmakeraw() in sudo_term_raw() instead of doing it manually. 2019-12-07 12:25:51 -07:00