Todd C. Miller
cebd92a88e
Fix a potential crash when getpwnam() of the running user fails
...
and we don't replace the negative cached entry with a faked up one.
From Stephane Chazelas
2015-02-05 11:17:26 -07:00
Todd C. Miller
b727d4309c
Handle sudo_get_grlist() returning NULL which can happen if
...
getgrouplist() fails even after allocating the appropriate amount
of memory. From Stephane Chazelas
2015-02-05 11:17:24 -07:00
Todd C. Miller
a3435e7d12
Require POSIX regular expression support for sudoreplay.
2015-02-05 11:16:06 -07:00
Todd C. Miller
1e30824a1a
The plugin no longer needs to call initprogname() now that it links
...
with the same libsudo_util as sudo.
2015-02-05 11:08:55 -07:00
Todd C. Miller
ed4ffa6265
Don't send mail about pseudo-command failure unless it is an
...
authentication failure.
2015-02-02 15:01:06 -07:00
Todd C. Miller
dfb369198a
Sync with translationproject.org
2015-02-04 06:28:31 -07:00
Todd C. Miller
d1ce08369a
Sync with translationproject.org
2015-02-04 06:23:57 -07:00
Todd C. Miller
2033be83c6
Regen with yacc skeleton that the clang analyzer doesn't complain about.
2015-02-03 15:58:09 -07:00
Todd C. Miller
a9bf105eda
Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX
...
systems doesn't include stdint.h itself.
2015-02-03 10:00:30 -07:00
Todd C. Miller
536c83cec3
Solaris uses sysinfo(SI_SRPC_DOMAIN) instead of getdomainname() to
...
get the host's NIS domain.
2015-02-03 07:33:24 -07:00
Todd C. Miller
15717c518e
Actually use the check for prior initialization in sudo_getdomainname().
2015-02-02 15:38:03 -07:00
Todd C. Miller
fde8776d54
regen
2015-02-02 13:53:44 -07:00
Todd C. Miller
59ab26dbcc
Go back to a 2 args debug_decl and just use the "default" instance,
...
now renamed "active".
2015-02-01 08:24:49 -07:00
Todd C. Miller
7ec9cfb493
When querying LDAP netgroups, use the NIS domain if it is sent but
...
also match nisNetgroupTriple entries that have no domain.
2015-01-30 14:45:22 -07:00
Todd C. Miller
97469c243c
Avoid setting the tty to non-blocking mode so "sudoreplay | cat"
...
(for example) works as expected. We only read a single byte from
the keyboard and only when interactive anyway so this should be fine.
2015-01-30 13:07:21 -07:00
Todd C. Miller
00e7dbd645
regen
2015-01-30 12:57:27 -07:00
Todd C. Miller
0ac881ba4b
Avoid a cppcheck warning about undefined behavior (using the address
...
of a stack buffer - 1) and fix a memory leak of the iov when
doing nl->crnl conversion.
2015-01-30 10:45:15 -07:00
Todd C. Miller
770e6ca190
Fix handling of partial writes from writev() which can occur with
...
large output buffers.
2015-01-30 09:23:30 -07:00
Todd C. Miller
4dd2a3c6b8
Add support for querying netgroups directly via LDAP since there
...
is no other way to look up all the netgroups for a user (unlike
regular groups). This introduces netgroup_base and netgroup_search_filter
options to ldap.conf. Based on a diff from Steven Soulen.
2015-01-29 14:08:30 -07:00
Todd C. Miller
741bb8ec79
Add macros to ease the checking of strlcpy, strlcat and
...
sudo_ldap_value_cat return values.
2015-01-22 11:42:32 -07:00
Todd C. Miller
57553fffdd
Rename VALIDATE_OK -> VALIDATE_SUCCESS
...
Rename VALIDATE_NOT_OK -> VALIDATE_FAILURE
2015-01-21 11:03:48 -07:00
Todd C. Miller
399d364a90
Remove now-unused VALIDATE_ERROR define.
2015-01-21 10:36:55 -07:00
Todd C. Miller
5415b3d2af
should_mail() now returns bool.
2015-01-21 10:33:56 -07:00
Todd C. Miller
cb09010da5
Use standard CIDR -> netmask conversion and disallow 0-bit CIDRs.
2014-12-31 15:47:33 -07:00
Todd C. Miller
e0d927a98a
sync
2014-11-20 13:34:17 -07:00
Todd C. Miller
c287419788
Require that a digest be specified with a real command, not an alias
...
or pseudo-command. Found via a crash by afl.
2014-11-19 17:07:24 -07:00
Todd C. Miller
02b3fa2fdd
French translation for sudoers from translationproject.org.
2014-11-19 15:20:11 -07:00
Todd C. Miller
bc6269e58b
Prevent cppcheck from getting confused by our compat definition of
...
the va_copy macro for pre-C99.
2014-11-15 06:32:39 -07:00
Todd C. Miller
3870fdf622
Fix potential NULL pointer deref found by cppcheck.
2014-11-14 16:31:56 -07:00
Todd C. Miller
0c88ecd3bc
Quiet a cppcheck false positive.
2014-11-14 16:31:30 -07:00
Todd C. Miller
b4432df5e2
Sync with translationproject.org
2014-11-10 12:37:58 -07:00
Todd C. Miller
832a4dee6b
In set_fqdn() we neeed to set user_runhost/user_srunhost at the
...
same time we set user_host/user_shost since that is what
hostlist_matches() uses. Bug #678
2014-11-12 20:33:41 -07:00
Todd C. Miller
5c13889f26
Use sudoers.so args from sudo.conf to set sudoers_file, sudoers_uid,
...
sudoers_gid, and sudoers_mode in visudo.
2014-11-10 20:12:47 -07:00
Todd C. Miller
9d4589abd0
Use sudoers_file, sudoers_uid, sudoers_gid, and sudoers_mode
...
symbols from toke.l instead of the upper case defines.
2014-11-10 15:23:51 -07:00
Todd C. Miller
04d803c79c
Use SSP_LDFLAGS when creating shared objects.
2014-11-10 14:58:46 -07:00
Todd C. Miller
9d6e1a57d5
Add sudoers_debug_deregister() and use it instead of calling
...
sudo_debug_deregister() directly.
2014-10-27 16:06:20 -06:00
Todd C. Miller
0982f7838b
Use AC_PROG_AWK
2014-10-27 14:54:13 -06:00
Todd C. Miller
6b1b734ffa
Add a flag argument to sudo_conf_read() so we can decide which
...
bits get parsed. This lets us parse Debug statements first and
init the debug subsystem early.
2014-10-26 08:33:08 -06:00
Todd C. Miller
34d9cfe1cf
Initialize the debug subsystem in sudoers early. Currently this
...
means iterating over the settings list twice.
2014-10-24 12:50:12 -06:00
Todd C. Miller
4bf641df69
In the plugin registers with the debug framework at open time, the
...
sudo front-end will now set the default debug instance appropriately
before calling into the plugin. This means the plugin no longer needs
to do the sudo_debug_set_default_instance() dance.
2014-10-24 11:17:48 -06:00
Todd C. Miller
6c6f502835
Older shells don't support unset.
2014-10-23 16:23:37 -06:00
Todd C. Miller
17a2a27e46
Use generic bitmap macros instead of select-style fd_set.
2014-10-23 14:37:27 -06:00
Todd C. Miller
935e48c6e4
Don't call into the debug subsystem after we've deregistered the
...
plugin's instance.
2014-10-23 13:42:50 -06:00
Todd C. Miller
3860552713
Fix typo in unset.
2014-10-23 09:50:29 -06:00
Todd C. Miller
fe9e035ccf
Set debug instance for standalone programs.
2014-10-23 09:40:36 -06:00
Todd C. Miller
1ca52382a4
Fix compilation issues, fallout from the debug changes.
2014-10-23 09:26:13 -06:00
Todd C. Miller
6d2be1fd62
regen
2014-10-23 07:57:37 -06:00
Todd C. Miller
5270ebf1f2
When registering with the debug subsystem, the caller now passes
...
in an arrary of ints that gets filled in with the subsytem IDs to
be used in debug_decl.
2014-10-23 06:36:50 -06:00
Todd C. Miller
8db5f29398
sudoers_debug_instance is now included in libparsesudoers so we don't
...
need to declare it here.
2014-10-23 06:19:30 -06:00
Todd C. Miller
e9914a91b1
The sudoers plugin now defines its own list of debugging subsystem names
...
and defines.
2014-10-22 13:30:52 -06:00