isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,626 Commits 1 Branch 0 Tags
e90fa482f917100d46b0534b5b36d8a9e8abeb8c
Commit Graph

4626 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
ebcf3cf399 Use TCSAFLUSH when restoring terminal settings (and echo) to guarantee that any pending output is discarded 2008-01-16 18:03:08 +00:00
Todd C. Miller
fb4b049788 no longer need to specify SETENV when user has sudo ALL 2008-01-15 22:18:11 +00:00
Todd C. Miller
18d42bf8b4 sync user_args size calculation with sudo.c 
Add -g group option, renaming old -g to -G
Add set_runasgr() and set_runaspw() and use them
 2008-01-15 14:40:48 +00:00
Todd C. Miller
7f05a4ff6f Make set_runaspw static void 2008-01-15 14:23:58 +00:00
Todd C. Miller
6c1ef6839c g/c set_runaspw stub 2008-01-15 14:17:31 +00:00
Todd C. Miller
63f224f045 Don't add -llber twice. 2008-01-15 12:28:33 +00:00
Todd C. Miller
6131e9f36e fix typo 2008-01-14 11:40:08 +00:00
Todd C. Miller
2ff13a2403 regen 2008-01-13 20:39:54 +00:00
Todd C. Miller
dde5143f08 Fix check that determines whether -llber is required. 2008-01-13 19:57:34 +00:00
Todd C. Miller
9a07c1a7f1 For netscape-based LDAP, use ldapssl_set_strength() to implement 
the checkpeer ldap.conf option.
 2008-01-13 19:22:11 +00:00
Todd C. Miller
0851d77f10 Delay krb5_cc_initialize() until we actually need to use the cred cache, 
which is what krb5_verify_user() does.
Better cleanup on failure.
 2008-01-13 14:49:43 +00:00
Todd C. Miller
584ab252d7 Rewrite verify_krb_v5_tgt() based on what heimdal's krb5_verify_user() does. 2008-01-12 17:40:43 +00:00
Todd C. Miller
7a110f08ce The U suffix on constants is an ANSI feature 2008-01-09 19:58:39 +00:00
Todd C. Miller
1df9ca2dc1 Add check for ber_set_option() in -llber 2008-01-09 17:08:30 +00:00
Todd C. Miller
8db7b8e590 default if no nsswitch.conf is files only 2008-01-07 00:02:58 +00:00
Todd C. Miller
1b6275a694 don't tell people to mail aaron about LDAP stuff 2008-01-06 22:28:03 +00:00
Todd C. Miller
0b11b7e717 timelimit and bind_timelimit 2008-01-06 17:32:59 +00:00
Todd C. Miller
a9615943f6 sync 2008-01-06 13:54:03 +00:00
Todd C. Miller
00030b9ad2 Move ldap.secret reading into a separate function. 2008-01-06 12:56:46 +00:00
Todd C. Miller
43f7408607 user_runas -> runas_pw 2008-01-06 00:09:18 +00:00
Todd C. Miller
9909106656 sync 2008-01-05 23:59:50 +00:00
Todd C. Miller
0fc0e3c86d Add and document the %p escape in the password prompt. 
Based on a patch from Patrick Schoenfeld.
 2008-01-05 23:59:28 +00:00
Todd C. Miller
9998419d7a Check strlcpy() return values. 2008-01-05 23:25:58 +00:00
Todd C. Miller
4bb2167453 refactor ldap binding code into sudo_ldap_bind_s() 2008-01-05 23:12:19 +00:00
Todd C. Miller
77d841e0e6 Make it clear that host and uri can take multiple parameters. 
URI is now supported for more than just openldap
nsswitch.conf does't accept "compat"
 2008-01-05 21:35:25 +00:00
Todd C. Miller
055bda6261 comment cleanup and update (c) year 2008-01-05 21:27:02 +00:00
Todd C. Miller
fb01648878 Move display_privs() and display_cmnd() from parse.c to sudo_nss.c. 
This should make it possible to build an LDAP-only sudo binary.
 2008-01-05 21:25:28 +00:00
Todd C. Miller
28ed51b441 Improve chaining of multiple sudoers sources by passing in the previous return value to the next in the chain 2008-01-05 18:27:18 +00:00
Todd C. Miller
56d193b29b Free up parser data structures in sudo_file_close(). 2008-01-05 18:26:42 +00:00
Todd C. Miller
53aec6601e Free up parser data structures in sudo_file_close(). 2008-01-05 13:13:06 +00:00
Todd C. Miller
e4370acaa4 Parse uri ourself if no ldap_initialize() is present 
Use ldap_create() instead of deprecated ldap_init()
Use ldap_sasl_bind_s() instead of deprecated ldap_simple_bind_s()
 2008-01-05 12:59:05 +00:00
Todd C. Miller
f1377429a1 Add check for ldap_sasl_bind_s() 
Remove -DLDAP_DEPRECATED from CFLAGS
 2008-01-05 12:56:39 +00:00
Todd C. Miller
b564d51861 add check for ldap_create 2008-01-04 14:56:10 +00:00
Todd C. Miller
86bd55fc6d Add sudo_ldap_get_first_rdn() to return the first rdn of an entry's dn 
using the mechanism appropriate for the LDAP SDK in use.
Use ldap_unbind_ext_s() instead of deprecated ldap_unbind_s().
Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's without them.
 2008-01-03 21:11:33 +00:00
Todd C. Miller
179ec68f86 include unistd.h 2008-01-03 21:02:51 +00:00
Todd C. Miller
27efa3d257 fix typo in mtim_getnsec 2008-01-03 16:05:04 +00:00
Todd C. Miller
32e4a98a69 add check for st__tim in struct stat as used by SCO 2008-01-02 20:29:48 +00:00
Todd C. Miller
e238133159 use ldap_search_ext_s instead of deprecated ldap_search_s 2008-01-02 16:05:50 +00:00
Todd C. Miller
915fc493cf add sudo_nss.h to HDRS 2008-01-02 15:09:20 +00:00
Todd C. Miller
5173bbb95d Replace deprecated ldap_explode_dn() with calls to ldap_str2dn() 
and ldap_rdn2str().
 2008-01-02 00:04:50 +00:00
Todd C. Miller
8a2db8bd08 Use ldap_get_values_len()/ldap_value_free_len() instead of the 
deprecated ldap_get_values()/ldap_value_free().
 2008-01-01 23:37:51 +00:00
Todd C. Miller
6771b36175 sync 2008-01-01 22:08:53 +00:00
Todd C. Miller
f738ef46fa sync 2008-01-01 22:07:16 +00:00
Todd C. Miller
5a6ad03e59 Remove some already fixed XXXs 2008-01-01 22:06:33 +00:00
Todd C. Miller
aa562c8f69 Same return value as non-existent sudoers if LDAP was unable to connect. 2008-01-01 22:03:54 +00:00
Todd C. Miller
ab14071ec9 mention /etc/environment 2008-01-01 21:52:45 +00:00
Todd C. Miller
685d9d2dab Update to reflect recent developments. 2008-01-01 21:43:26 +00:00
Todd C. Miller
156c949750 Print nsswitch.conf, ldap.conf and ldap.secret paths in -V output. 2008-01-01 21:42:28 +00:00
Todd C. Miller
a7fb2f3e36 When building up a query don't list groups in the aux group vector 
that are the same as the passwd file group.  On most systems the
first gid in the group vector is the same as the passwd entry gid.
 2008-01-01 21:25:23 +00:00
Todd C. Miller
cd30e84743 Define LDAPNOINIT before calling ldap_init(), etc. to disable user 
ldaprc and system defaults that could affect how LDAP works.
 2008-01-01 19:01:42 +00:00